Bug 23726

Summary: libnss_hesiod in glibc-2.2 fails for class HS records
Product: [Retired] Red Hat Linux Reporter: deejoe2k
Component: glibcAssignee: Jakub Jelinek <jakub>
Status: CLOSED RAWHIDE QA Contact: Aaron Brown <abrown>
Severity: medium Docs Contact:
Priority: medium    
Version: 7.0CC: deejoe2k, fweimer
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2001-02-12 09:36:40 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description deejoe2k 2001-01-10 20:10:45 UTC 
username lookups against the Iowa State University hesiod
servers fails.  ISU uses HS class records in its database, rather
than the more common IN records.

libnss_hesiod apparently only successfully resolves for class IN
records.

To reproduce, use a hesiod.conf file containing the following
lines:

rhs=.IASTATE.EDU
lhs=.ns
#and alternately

classes=HS,IN

Do 'hesinfo deejoe password' with stand-alone hesiod (from MIT
for example, or the hesiod-3.0.2 rpm that is available via
rpmfind) the try 'id deejoe' with nsswitch.conf set to query
hesiod (assuming the username deejoe is not resolveable by some
other method specified in nsswitch.conf).  If stand-alone
hesinfo works, but id (using libnss_hesiod.so) doesn't, then
you've reproduced the problem.

This bug is preventing the incorporation of Mandrake 7.2 system
into the unified login scheme available to any of the ~40,000
users at ISU.

For a more detailed discussion, read down into this email from our
user's group archive.  Ignore the "I haven't tried this with
glibc-2.2" at the top of the message.  Later down in the same message,
Langasek indicates the results of trying it with glibc-2.2.

http://aafugit.cc.iastate.edu/lists/aafugit/read.php3?id=8371

(xref https://qa.mandrakesoft.com/dimension/cgi-bin/show_bug.cgi?id=1923)
Comment 1 deejoe2k 2001-01-10 20:14:13 UTC 
Oops.

That command for the first type of lookup should be

hesinfo deejoe passwd

and not

hesinfo deejoe password
Comment 2 deejoe2k 2001-01-10 20:25:23 UTC 
Duh.  Such are the perils of copy and paste.  Not only is it
preventing the incorporation of Mandrake systems, it is also
preventing the incorporation of RedHat systems.

We use both :-)
Comment 3 Jakub Jelinek 2001-02-12 09:36:21 UTC 
This should be fixed in glibc-2.2.1-7, please check rawhide.