Red Hat Bugzilla – Bug 23726
libnss_hesiod in glibc-2.2 fails for class HS records
Last modified: 2016-11-24 09:49:38 EST
username lookups against the Iowa State University hesiod
servers fails. ISU uses HS class records in its database, rather
than the more common IN records.
libnss_hesiod apparently only successfully resolves for class IN
To reproduce, use a hesiod.conf file containing the following
Do 'hesinfo deejoe password' with stand-alone hesiod (from MIT
for example, or the hesiod-3.0.2 rpm that is available via
rpmfind) the try 'id deejoe' with nsswitch.conf set to query
hesiod (assuming the username deejoe is not resolveable by some
other method specified in nsswitch.conf). If stand-alone
hesinfo works, but id (using libnss_hesiod.so) doesn't, then
you've reproduced the problem.
This bug is preventing the incorporation of Mandrake 7.2 system
into the unified login scheme available to any of the ~40,000
users at ISU.
For a more detailed discussion, read down into this email from our
user's group archive. Ignore the "I haven't tried this with
glibc-2.2" at the top of the message. Later down in the same message,
Langasek indicates the results of trying it with glibc-2.2.
That command for the first type of lookup should be
hesinfo deejoe passwd
hesinfo deejoe password
Duh. Such are the perils of copy and paste. Not only is it
preventing the incorporation of Mandrake systems, it is also
preventing the incorporation of RedHat systems.
We use both :-)
This should be fixed in glibc-2.2.1-7, please check rawhide.