Message ID | 20200820124248.GA2500@suse.de |
---|---|
State | New |
Headers | show |
Series | nss: remove obsolete code | expand |
Hi, Since I haven't seen any reaction, I would like to commit this. Thorsten On Thu, Aug 20, Thorsten Kukuk wrote: > > Hi, > > glibc still ships with the /etc/default/nss configuration file > and the defines for it, but the code reading and using it got > completly removed. So the config file and the defines should be > removed, too. > > Ok to commit? > > Thorsten > -- > Thorsten Kukuk, Distinguished Engineer, Senior Architect SLES & MicroOS > SUSE Software Solutions Germany GmbH, Maxfeldstr. 5, 90409 Nuernberg, Germany > Managing Director: Felix Imendoerffer (HRB 36809, AG Nürnberg) > >From d2b96c651900fec532fd2ecb0d755b4adb458b77 Mon Sep 17 00:00:00 2001 > From: Thorsten Kukuk <kukuk@suse.com> > Date: Thu, 20 Aug 2020 14:36:52 +0200 > Subject: [PATCH 1/1] Remove obsolete default/nss code > > All code reading /etc/default/nss and using the internal > defines got removed, so the config file should be removed, too. > --- > nis/libnsl.h | 6 ------ > nis/nss | 37 ------------------------------------- > 2 files changed, 43 deletions(-) > delete mode 100644 nis/nss > > diff --git a/nis/libnsl.h b/nis/libnsl.h > index 64ca262579..d9235ef604 100644 > --- a/nis/libnsl.h > +++ b/nis/libnsl.h > @@ -17,12 +17,6 @@ > > #include <rpcsvc/nis.h> > > -#define NSS_FLAG_NETID_AUTHORITATIVE 1 > -#define NSS_FLAG_SERVICES_AUTHORITATIVE 2 > -#define NSS_FLAG_SETENT_BATCH_READ 4 > -#define NSS_FLAG_ADJUNCT_AS_SHADOW 8 > - > - > /* Set up everything for a call to __do_niscall3. */ > extern nis_error __prepare_niscall (const_nis_name name, directory_obj **dirp, > dir_binding *bptrp, unsigned int flags); > diff --git a/nis/nss b/nis/nss > deleted file mode 100644 > index 0ac6774a1f..0000000000 > --- a/nis/nss > +++ /dev/null > @@ -1,37 +0,0 @@ > -# /etc/default/nss > -# This file can theoretically contain a bunch of customization variables > -# for Name Service Switch in the GNU C library. For now there are only > -# four variables: > -# > -# NETID_AUTHORITATIVE > -# If set to TRUE, the initgroups() function will accept the information > -# from the netid.byname NIS map as authoritative. This can speed up the > -# function significantly if the group.byname map is large. The content > -# of the netid.byname map is used AS IS. The system administrator has > -# to make sure it is correctly generated. > -#NETID_AUTHORITATIVE=TRUE > -# > -# SERVICES_AUTHORITATIVE > -# If set to TRUE, the getservbyname{,_r}() function will assume > -# services.byservicename NIS map exists and is authoritative, particularly > -# that it contains both keys with /proto and without /proto for both > -# primary service names and service aliases. The system administrator > -# has to make sure it is correctly generated. > -#SERVICES_AUTHORITATIVE=TRUE > -# > -# SETENT_BATCH_READ > -# If set to TRUE, various setXXent() functions will read the entire > -# database at once and then hand out the requests one by one from > -# memory with every getXXent() call. Otherwise each getXXent() call > -# might result into a network communication with the server to get > -# the next entry. > -#SETENT_BATCH_READ=TRUE > -# > -# ADJUNCT_AS_SHADOW > -# If set to TRUE, the passwd routines in the NIS NSS module will not > -# use the passwd.adjunct.byname tables to fill in the password data > -# in the passwd structure. This is a security problem if the NIS > -# server cannot be trusted to send the passwd.adjuct table only to > -# privileged clients. Instead the passwd.adjunct.byname table is > -# used to synthesize the shadow.byname table if it does not exist. > -#ADJUNCT_AS_SHADOW=TRUE > -- > 2.26.2 >
On Aug 20 2020, Thorsten Kukuk wrote: > Hi, > > glibc still ships with the /etc/default/nss configuration file > and the defines for it, but the code reading and using it got > completly removed. So the config file and the defines should be > removed, too. > > Ok to commit? Ok. Andreas.
From d2b96c651900fec532fd2ecb0d755b4adb458b77 Mon Sep 17 00:00:00 2001 From: Thorsten Kukuk <kukuk@suse.com> Date: Thu, 20 Aug 2020 14:36:52 +0200 Subject: [PATCH 1/1] Remove obsolete default/nss code All code reading /etc/default/nss and using the internal defines got removed, so the config file should be removed, too. --- nis/libnsl.h | 6 ------ nis/nss | 37 ------------------------------------- 2 files changed, 43 deletions(-) delete mode 100644 nis/nss diff --git a/nis/libnsl.h b/nis/libnsl.h index 64ca262579..d9235ef604 100644 --- a/nis/libnsl.h +++ b/nis/libnsl.h @@ -17,12 +17,6 @@ #include <rpcsvc/nis.h> -#define NSS_FLAG_NETID_AUTHORITATIVE 1 -#define NSS_FLAG_SERVICES_AUTHORITATIVE 2 -#define NSS_FLAG_SETENT_BATCH_READ 4 -#define NSS_FLAG_ADJUNCT_AS_SHADOW 8 - - /* Set up everything for a call to __do_niscall3. */ extern nis_error __prepare_niscall (const_nis_name name, directory_obj **dirp, dir_binding *bptrp, unsigned int flags); diff --git a/nis/nss b/nis/nss deleted file mode 100644 index 0ac6774a1f..0000000000 --- a/nis/nss +++ /dev/null @@ -1,37 +0,0 @@ -# /etc/default/nss -# This file can theoretically contain a bunch of customization variables -# for Name Service Switch in the GNU C library. For now there are only -# four variables: -# -# NETID_AUTHORITATIVE -# If set to TRUE, the initgroups() function will accept the information -# from the netid.byname NIS map as authoritative. This can speed up the -# function significantly if the group.byname map is large. The content -# of the netid.byname map is used AS IS. The system administrator has -# to make sure it is correctly generated. -#NETID_AUTHORITATIVE=TRUE -# -# SERVICES_AUTHORITATIVE -# If set to TRUE, the getservbyname{,_r}() function will assume -# services.byservicename NIS map exists and is authoritative, particularly -# that it contains both keys with /proto and without /proto for both -# primary service names and service aliases. The system administrator -# has to make sure it is correctly generated. -#SERVICES_AUTHORITATIVE=TRUE -# -# SETENT_BATCH_READ -# If set to TRUE, various setXXent() functions will read the entire -# database at once and then hand out the requests one by one from -# memory with every getXXent() call. Otherwise each getXXent() call -# might result into a network communication with the server to get -# the next entry. -#SETENT_BATCH_READ=TRUE -# -# ADJUNCT_AS_SHADOW -# If set to TRUE, the passwd routines in the NIS NSS module will not -# use the passwd.adjunct.byname tables to fill in the password data -# in the passwd structure. This is a security problem if the NIS -# server cannot be trusted to send the passwd.adjuct table only to -# privileged clients. Instead the passwd.adjunct.byname table is -# used to synthesize the shadow.byname table if it does not exist. -#ADJUNCT_AS_SHADOW=TRUE -- 2.26.2