rpms/rpcbind/F-9 rpcbind-0.1.5-nss-config.patch, NONE, 1.1 rpcbind.spec, 1.26, 1.27

Fri Jun 27 17:49:02 UTC 2008

Author: steved

Update of /cvs/pkgs/rpms/rpcbind/F-9
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv21420

Modified Files:
	rpcbind.spec 
Added Files:
	rpcbind-0.1.5-nss-config.patch 
Log Message:
Set password and service lookups to be local (bz 447092)


rpcbind-0.1.5-nss-config.patch:

--- NEW FILE rpcbind-0.1.5-nss-config.patch ---
commit 77f7556878d1fe03dc3e285c97dd822db38f618c
Author: Ulrich Drepper <drepper at redhat.com>
Date:   Fri Jun 27 13:29:20 2008 -0400

    Due to an installation mistake (somehow rpm messed up) I ended up with an passwd
    file which didn't have a rpc entry.  This meant that during startup the
    getpwnam() call to determine the details for user rpc caused the normal process
    for passwd lookups to be followed.  For me this meant after looking at
    /etc/passwd the lookup tried to use NIS.  This of course deadlocked since as
    part of the NIS lookup rpcbind has to be contacted.
    
    The workaround is quite simple: use __nss_configure_lookup() to restrict
    the lookup.
    
    Signed-off-by: Ulrich Drepper <drepper at redhat.com>
    Signed-off-by: Steve Dickson <steved at redhat.com>

diff --git a/src/rpcbind.c b/src/rpcbind.c
index fb75517..550fefd 100644
--- a/src/rpcbind.c
+++ b/src/rpcbind.c
@@ -155,6 +155,13 @@ main(int argc, char *argv[])
 		fprintf(stderr, "Sorry. You are not superuser\n");
 		exit(1);
 	}
+
+	/*
+	 * Make sure we use the local service file 
+	 * for service lookkups
+	 */
+	__nss_configure_lookup("services", "files");
+
 	nc_handle = setnetconfig(); 	/* open netconfig file */
 	if (nc_handle == NULL) {
 		syslog(LOG_ERR, "could not read /etc/netconfig");
@@ -212,6 +219,12 @@ main(int argc, char *argv[])
 		struct passwd *p;
 		char *id = runasdaemon ? RUN_AS : rpcbinduser;
 
+		/*
+		 * Make sure we use the local password file
+		 * for these lookups.
+		 */
+		__nss_configure_lookup("passwd", "files");
+
 		if((p = getpwnam(id)) == NULL) {
 			syslog(LOG_ERR, "cannot get uid of '%s': %m", id);
 			exit(1);


Index: rpcbind.spec
===================================================================
RCS file: /cvs/pkgs/rpms/rpcbind/F-9/rpcbind.spec,v
retrieving revision 1.26
retrieving revision 1.27
diff -u -r1.26 -r1.27
--- rpcbind.spec	11 Feb 2008 16:06:13 -0000	1.26
+++ rpcbind.spec	27 Jun 2008 17:48:14 -0000	1.27
@@ -2,7 +2,7 @@
 
 Name:           rpcbind
 Version:        0.1.4
-Release: 		14%{?dist}
+Release: 		15%{?dist}
 Summary:        Universal Addresses to RPC Program Number Mapper
 Group:          System Environment/Daemons
 License:        GPL
@@ -34,6 +34,7 @@
 Patch7: rpcbind-0.1.4-localaddr.patch
 Patch8: rpcbind-0.1.4-recvfrom-fix.patch
 Patch9: rpcbind-0.1.4-warmstarts-cleanup.patch
+Patch10: rpcbind-0.1.5-nss-config.patch
 
 %description
 The rpcbind utility is a server that converts RPC program numbers into
@@ -57,6 +58,8 @@
 %patch8 -p1
 #428496: rpcbind-0.1.4-12.fc8.x86_64.rpm does not update properly
 %patch9 -p1
+#447092: restrict passwd database search to local files
+%patch10 -p1
 
 %build
 %ifarch s390 s390x
@@ -136,6 +139,9 @@
 %dir %attr(700,rpc,rpc) /var/lib/rpcbind
 
 %changelog
+* Fri Jun 27 2008 Steve Dickson <steved at redhat.com> 0.1.4-15
+- Set password and service lookups to be local (bz 447092)
+
 * Mon Feb 11 2008 Steve Dickson <steved at redhat.com> 0.1.4-14
 - Fixed a warning in pmap_svc.c
 - Cleaned up warmstarts so uid are longer needed, also


