mirror of
https://github.com/freebsd/freebsd-src
synced 2024-10-15 12:54:27 +00:00
Modify yp_mkdb so that it only checks for bogus '+' and '-' characters
in source input if the -f flag is used, and modify Makefile.yp to only use -f for the passwd, master.passwd and group maps. These should be the only ones for which the + and - characters have special meaning that make it important for us to avoid letting them into any of the map databases. In some cases (namely the automounter maps) we have to allow at least the - character through in order to create the map properly. This closes PR #8699.
This commit is contained in:
parent
f26bc0d7c0
commit
b22e036ea0
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=50159
|
@ -28,7 +28,7 @@
|
|||
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
.\" SUCH DAMAGE.
|
||||
.\"
|
||||
.\" $Id: yp_mkdb.8,v 1.7 1997/10/27 12:29:24 charnier Exp $
|
||||
.\" $Id: yp_mkdb.8,v 1.8 1998/03/23 08:30:19 charnier Exp $
|
||||
.\"
|
||||
.Dd March 12, 1996
|
||||
.Dt YP_MKDB 8
|
||||
|
@ -45,6 +45,7 @@
|
|||
.Op Fl c
|
||||
.Op Fl b
|
||||
.Op Fl s
|
||||
.Op Fl f
|
||||
.Op Fl i Ar inputfile
|
||||
.Op Fl o Ar outputfile
|
||||
.Op Fl d Ar domainname
|
||||
|
@ -129,6 +130,22 @@ will deny access to the map to any client that is not using a
|
|||
reserved port for its query. This is used mainly for the
|
||||
.Em master.passwd
|
||||
maps, which should be restricted to privileged access only.
|
||||
.It Fl f
|
||||
This flag is used to turn on filtering of lines in the source file
|
||||
input that start with ``+'' or ``-'' characters. These characters
|
||||
have special meaning for the
|
||||
.Pa group ,
|
||||
.Pa passwd
|
||||
and
|
||||
.Pa master.passwd
|
||||
maps and hence should not be allowed to appear in them as the first
|
||||
character of a key or datum. If the
|
||||
.Fl f
|
||||
flag is used,
|
||||
.Nm
|
||||
will reject any source line that starts with a ``+'' or ``-''
|
||||
character and issue a warning message displaying the line that
|
||||
was dropped.
|
||||
.It Fl u Ar dbname
|
||||
Dump (or 'unwind') an NIS database. This option can be used to
|
||||
inspect the contents of an existing NIS database.
|
||||
|
|
|
@ -32,7 +32,7 @@
|
|||
|
||||
#ifndef lint
|
||||
static const char rcsid[] =
|
||||
"$Id$";
|
||||
"$Id: yp_mkdb.c,v 1.8 1997/10/27 12:29:25 charnier Exp $";
|
||||
#endif /* not lint */
|
||||
|
||||
#include <err.h>
|
||||
|
@ -60,7 +60,7 @@ static void usage()
|
|||
fprintf(stderr, "%s\n%s\n%s\n%s\n",
|
||||
"usage: yp_mkdb -c",
|
||||
" yp_mkdb -u dbname",
|
||||
" yp_mkdb [-c] [-b] [-s] [-i inputfile] [-o outputfile]",
|
||||
" yp_mkdb [-c] [-b] [-s] [-f] [-i inputfile] [-o outputfile]",
|
||||
" [-d domainname ] [-m mastername] inputfile dbname");
|
||||
exit(1);
|
||||
}
|
||||
|
@ -102,6 +102,7 @@ int main (argc, argv)
|
|||
int ch;
|
||||
int un = 0;
|
||||
int clear = 0;
|
||||
int filter_plusminus = 0;
|
||||
char *infile = NULL;
|
||||
char *map = NULL;
|
||||
char *domain = NULL;
|
||||
|
@ -117,8 +118,11 @@ int main (argc, argv)
|
|||
FILE *ifp;
|
||||
char hname[MAXHOSTNAMELEN + 2];
|
||||
|
||||
while ((ch = getopt(argc, argv, "uhcbsd:i:o:m:")) != -1) {
|
||||
while ((ch = getopt(argc, argv, "uhcbsdf:i:o:m:")) != -1) {
|
||||
switch(ch) {
|
||||
case 'f':
|
||||
filter_plusminus++;
|
||||
break;
|
||||
case 'u':
|
||||
un++;
|
||||
break;
|
||||
|
@ -278,10 +282,13 @@ int main (argc, argv)
|
|||
datbuf++;
|
||||
|
||||
/* Check for silliness. */
|
||||
if (*keybuf == '+' || *keybuf == '-' ||
|
||||
*datbuf == '+' || *datbuf == '-') {
|
||||
warnx("bad character at start of line: %s", buf);
|
||||
continue;
|
||||
if (filter_plusminus) {
|
||||
if (*keybuf == '+' || *keybuf == '-' ||
|
||||
*datbuf == '+' || *datbuf == '-') {
|
||||
warnx("bad character at "
|
||||
"start of line: %s", buf);
|
||||
continue;
|
||||
}
|
||||
}
|
||||
|
||||
if (strlen(keybuf) > YPMAXRECORD) {
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
#
|
||||
# Makefile for the NIS databases
|
||||
#
|
||||
# $Id: Makefile.yp,v 1.25 1998/07/22 06:01:13 phk Exp $
|
||||
# $Id: Makefile.yp,v 1.26 1999/06/24 17:19:35 n_hibma Exp $
|
||||
#
|
||||
# This Makefile should only be run on the NIS master server of a domain.
|
||||
# All updated maps will be pushed to all NIS slave servers listed in the
|
||||
|
@ -479,7 +479,7 @@ passwd.byname: $(PASSWD)
|
|||
@echo "Updating $@..."
|
||||
$(CAT) $(PASSWD) | \
|
||||
$(AWK) -F: '{ if ($$1 != "+") print $$1"\t"$$0 }' $^ \
|
||||
| $(DBLOAD) -i $(PASSWD) -o $(YPMAPDIR)/$@ - $(TMP); \
|
||||
| $(DBLOAD) -f -i $(PASSWD) -o $(YPMAPDIR)/$@ - $(TMP); \
|
||||
$(RMV) $(TMP) $@
|
||||
@$(DBLOAD) -c
|
||||
@if [ ! $(NOPUSH) ]; then $(YPPUSH) -d $(DOMAIN) $@; fi
|
||||
|
@ -490,7 +490,7 @@ passwd.byuid: $(PASSWD)
|
|||
@echo "Updating $@..."
|
||||
$(CAT) $(PASSWD) | \
|
||||
$(AWK) -F: '{ if ($$1 != "+") print $$3"\t"$$0 }' $^ \
|
||||
| $(DBLOAD) -i $(PASSWD) -o $(YPMAPDIR)/$@ - $(TMP); \
|
||||
| $(DBLOAD) -f -i $(PASSWD) -o $(YPMAPDIR)/$@ - $(TMP); \
|
||||
$(RMV) $(TMP) $@
|
||||
@$(DBLOAD) -c
|
||||
@if [ ! $(NOPUSH) ]; then $(YPPUSH) -d $(DOMAIN) $@; fi
|
||||
|
@ -502,7 +502,7 @@ group.byname: $(GROUP)
|
|||
@echo "Updating $@..."
|
||||
$(CAT) $(GROUP) | \
|
||||
$(AWK) -F: '{ if ($$1 != "+") print $$1"\t"$$0 }' $^ \
|
||||
| $(DBLOAD) -i $(GROUP) -o $(YPMAPDIR)/$@ - $(TMP); \
|
||||
| $(DBLOAD) -f -i $(GROUP) -o $(YPMAPDIR)/$@ - $(TMP); \
|
||||
$(RMV) $(TMP) $@
|
||||
@$(DBLOAD) -c
|
||||
@if [ ! $(NOPUSH) ]; then $(YPPUSH) -d $(DOMAIN) $@; fi
|
||||
|
@ -513,7 +513,7 @@ group.bygid: $(GROUP)
|
|||
@echo "Updating $@..."
|
||||
$(CAT) $(GROUP) | \
|
||||
$(AWK) -F: '{ if ($$1 != "+") print $$3"\t"$$0 }' $^ \
|
||||
| $(DBLOAD) -i $(GROUP) -o $(YPMAPDIR)/$@ - $(TMP); \
|
||||
| $(DBLOAD) -f -i $(GROUP) -o $(YPMAPDIR)/$@ - $(TMP); \
|
||||
$(RMV) $(TMP) $@
|
||||
@$(DBLOAD) -c
|
||||
@if [ ! $(NOPUSH) ]; then $(YPPUSH) -d $(DOMAIN) $@; fi
|
||||
|
@ -538,7 +538,7 @@ master.passwd.byname: $(MASTER)
|
|||
.else
|
||||
$(CAT) $(MASTER) | \
|
||||
$(AWK) -F: '{ if ($$1 != "+") print $$1"\t"$$0 }' $^ \
|
||||
| $(DBLOAD) ${S} -i $(MASTER) -o $(YPMAPDIR)/$@ - $(TMP); \
|
||||
| $(DBLOAD) ${S} -f -i $(MASTER) -o $(YPMAPDIR)/$@ - $(TMP); \
|
||||
$(RMV) $(TMP) $@
|
||||
@$(DBLOAD) -c
|
||||
@if [ ! $(NOPUSH) ]; then $(YPPUSH) -d $(DOMAIN) $@; fi
|
||||
|
@ -553,7 +553,7 @@ master.passwd.byuid: $(MASTER)
|
|||
.else
|
||||
$(CAT) $(MASTER) | \
|
||||
$(AWK) -F: '{ if ($$1 != "+") print $$3"\t"$$0 }' $^ \
|
||||
| $(DBLOAD) ${S} -i $(MASTER) -o $(YPMAPDIR)/$@ - $(TMP); \
|
||||
| $(DBLOAD) ${S} -f -i $(MASTER) -o $(YPMAPDIR)/$@ - $(TMP); \
|
||||
$(RMV) $(TMP) $@
|
||||
@$(DBLOAD) -c
|
||||
@if [ ! $(NOPUSH) ]; then $(YPPUSH) -d $(DOMAIN) $@; fi
|
||||
|
|
Loading…
Reference in a new issue