The +@netgroup/-@netgroup NIS password overrides can fail in some cases due to a subtle bug. Specifically, if you override an NIS user's shell, /usr/bin/login and /usr/bin/su (and probably other commands) can end up with bogus data for the pw_shell member of the passwd structure *if* the do an endpwent(), thereby preventing logins. This happpens because the text fields in the passwd structure (pw_name, pw_passwd, pw_gecos, pw_class, pw_dir and pw_shell) are returned to the calling program as pointers to dycamically allocated buffers, rather than pointers to static buffers as they should be. Once endpwent() is called, the dynamic buffers are free()ed, which invalidates the data returned by the library functions. Fix: This is a context diff for /usr/src/lib/libc/gen/getpwent.c that fixes the problem. A more elegant solution would be preferable, and I intend implement one for 2.1 just as soon as the code lockout for 2.0.5 is lifted. How-To-Repeat: 1) enable NIS 2) put an entry in the master.passwd file that overrides the shell field for a user in the NIS database, like this: +testuser:::::::::/bin/csh 3) attempt to login as user 'testuser'. The result will be that /usr/bin/login will end up with some random value for pw_shell and the login will fail.
State Changed From-To: open->closed Fixed in rev 1.23.2.1 by applying Bill's suggested fix.