Description of problem: When switching NIS domains as described in comment 0 of 449126, if a negative entry exists in the cache, prior to switching, nscd will segfault when it removes the entry. Version-Release number of selected component (if applicable): glibc-2.8-3 How reproducible: 100% Steps to Reproduce: Start bound to the "old" NIS server. clear out nscd's cache, start fresh: service nscd stop; rm /var/db/nscd/*; service nscd start populate with a negative entry: getent passwd nosuchuser switch to new NIS domain: domainname $NEWDOMAIN; pkill -HUP ypbind; ypwhich watch nscd segfault in 20 seconds (note I have debug=9 & logging enabled): strace -ttfp `pgrep nscd` [pid 791] 13:48:28.170192 <... futex resumed> ) = -1 ETIMEDOUT (Connection timed out) [pid 791] 13:48:28.170246 stat("/etc/passwd", {st_mode=S_IFREG|0644, st_size=2327, ...}) = 0 [pid 791] 13:48:28.170396 write(3, "789: pruning passwd cache; time "..., 43) = 43 [pid 791] 13:48:28.170500 write(3, "789: considering GETPWBYNAME ent"..., 68) = 68 [pid 791] 13:48:28.170602 futex(0x7f1dc7f06108, FUTEX_WAKE_PRIVATE, 1) = 0 [pid 791] 13:48:28.170691 futex(0x7f1dc7f060dc, FUTEX_WAIT_PRIVATE, 7, {14, 999910935}) = -1 ETIMEDOUT (Connection timed out) [pid 791] 13:48:43.170709 stat("/etc/passwd", {st_mode=S_IFREG|0644, st_size=2327, ...}) = 0 [pid 791] 13:48:43.170852 write(3, "789: pruning passwd cache; time "..., 43) = 43 [pid 791] 13:48:43.170948 write(3, "789: considering GETPWBYNAME ent"..., 68) = 68 [pid 791] 13:48:43.171063 msync(0x7f1dc110a000, 1064, MS_ASYNC) = 0 [pid 791] 13:48:43.171155 write(3, "789: remove GETPWBYNAME entry \"n"..., 43) = 43 [pid 791] 13:48:43.171258 --- SIGSEGV (Segmentation fault) @ 0 (0) --- Process 791 detached [pid 798] 13:48:43.171444 +++ killed by SIGSEGV +++ [pid 797] 13:48:43.171472 +++ killed by SIGSEGV +++ [pid 795] 13:48:43.171497 +++ killed by SIGSEGV +++ [pid 794] 13:48:43.171514 +++ killed by SIGSEGV +++ [pid 793] 13:48:43.171531 +++ killed by SIGSEGV +++ [pid 792] 13:48:43.171663 +++ killed by SIGSEGV +++ [pid 796] 13:48:43.171855 +++ killed by SIGSEGV +++ 13:48:43.171882 +++ killed by SIGSEGV +++ On a positive note, with nscd out of the way, 'getent' queries to the new NIS domain actually return data from the new domain, unlike in 449126. :-) If there are no negative passwd cache entries, nscd won't segfault (tested by turning down positive-time-to-live=60 from 600). However, it does not use the new domain server data, as described in 449126 on EL5, and visible in the strace as (replace $OLDDOMAIN with actual old domain name, but it should be NEWDOMAINAME): open("/var/yp/binding/$OLDDOMAIN.2", O_RDONLY) = 14. I'll file a separate bug if requested (or can 449126 be linked to apply to Fedora 9?).
Might be fixed upstream. We will have to backport a number of changes to F9.
Should work nicely in current F9 version.