[Mono-dev] [PATCH] Bug in Mono.Posix handling '+::::::' entry in /etc/passwd
Jonathan Pryor
jonpryor at vt.edu
Mon Apr 27 19:58:14 EDT 2009
On Mon, 2009-04-27 at 23:41 +0200, Robert Jordan wrote:
> Jonathan Pryor wrote:
> > So why do you have '+::::::' in your /etc/passwd to begin with? That's
> > not a valid entry anyway (no user id)!
>
> It's for NIS.
>
> '+::::::' -> include all users returned by the NIS passwd map.
> '-::::::' -> allow only local users.
> '+robertj::::::' -> include only 'robertj'
> '-robertj::::::' -> exclude robertj.
This may be wrong, but [0] implies differently, saying that an entry of
'+:*:0:0:::' to include all users returned by NIS.
> The question is: why are those entries returned in the first
> place by getpwent on the machine of the OP?
Good question, as the LDP getpwent(3) man page suggests that NIS entries
should be returned "inline":
The getpwent() function returns a pointer to a structure
containing the broken-out fields of a record from the
password database (e.g., the local password file /etc/passwd,
NIS, and LDAP).
Perhaps I'm mis-reading that, but it implies to me that if NIS is
configured properly getpwent(3) should actually return NIS entries, not
return the '+:...' record from /etc/passwd directly. (Does anybody have
NIS setup to see what getpwent(3) actually does?)
In any event, I believe it's a Bad Idea (TM) for
UnixUserInfo.GetLocalUsers() to start skipping entries that getpwent(3)
is returning. If a user should be skipped, then the code calling
UnixUserInfo.GetLocalUsers() should skip it, otherwise we're silently
dropping data in a difficult-to-debug manner.
- Jon
[0] http://userpages.umbc.edu/~jack/ifsm498d/llb-nis.html
More information about the Mono-devel-list
mailing list