Red Hat Bugzilla – Bug 23726
libnss_hesiod in glibc-2.2 fails for class HS records
Last modified: 2016-11-24 09:49:38 EST
username lookups against the Iowa State University hesiod servers fails. ISU uses HS class records in its database, rather than the more common IN records. libnss_hesiod apparently only successfully resolves for class IN records. To reproduce, use a hesiod.conf file containing the following lines: rhs=.IASTATE.EDU lhs=.ns #and alternately classes=HS,IN Do 'hesinfo deejoe password' with stand-alone hesiod (from MIT for example, or the hesiod-3.0.2 rpm that is available via rpmfind) the try 'id deejoe' with nsswitch.conf set to query hesiod (assuming the username deejoe is not resolveable by some other method specified in nsswitch.conf). If stand-alone hesinfo works, but id (using libnss_hesiod.so) doesn't, then you've reproduced the problem. This bug is preventing the incorporation of Mandrake 7.2 system into the unified login scheme available to any of the ~40,000 users at ISU. For a more detailed discussion, read down into this email from our user's group archive. Ignore the "I haven't tried this with glibc-2.2" at the top of the message. Later down in the same message, Langasek indicates the results of trying it with glibc-2.2. http://aafugit.cc.iastate.edu/lists/aafugit/read.php3?id=8371 (xref https://qa.mandrakesoft.com/dimension/cgi-bin/show_bug.cgi?id=1923)
Oops. That command for the first type of lookup should be hesinfo deejoe passwd and not hesinfo deejoe password
Duh. Such are the perils of copy and paste. Not only is it preventing the incorporation of Mandrake systems, it is also preventing the incorporation of RedHat systems. We use both :-)
This should be fixed in glibc-2.2.1-7, please check rawhide.