diff mbox series

nss: remove obsolete code

Message ID 20200820124248.GA2500@suse.de
State New
Headers show
Series nss: remove obsolete code | expand

Commit Message

Thorsten Kukuk Aug. 20, 2020, 12:42 p.m. UTC
Hi,

glibc still ships with the /etc/default/nss configuration file
and the defines for it, but the code reading and using it got
completly removed. So the config file and the defines should be
removed, too.

Ok to commit?

  Thorsten

Comments

Thorsten Kukuk Aug. 26, 2020, 8:12 a.m. UTC | #1
Hi,

Since I haven't seen any reaction, I would like to commit this.

  Thorsten

On Thu, Aug 20, Thorsten Kukuk wrote:

> 
> Hi,
> 
> glibc still ships with the /etc/default/nss configuration file
> and the defines for it, but the code reading and using it got
> completly removed. So the config file and the defines should be
> removed, too.
> 
> Ok to commit?
> 
>   Thorsten
> -- 
> Thorsten Kukuk, Distinguished Engineer, Senior Architect SLES & MicroOS
> SUSE Software Solutions Germany GmbH, Maxfeldstr. 5, 90409 Nuernberg, Germany
> Managing Director: Felix Imendoerffer (HRB 36809, AG N├╝rnberg)

> >From d2b96c651900fec532fd2ecb0d755b4adb458b77 Mon Sep 17 00:00:00 2001
> From: Thorsten Kukuk <kukuk@suse.com>
> Date: Thu, 20 Aug 2020 14:36:52 +0200
> Subject: [PATCH 1/1] Remove obsolete default/nss code
> 
> All code reading /etc/default/nss and using the internal
> defines got removed, so the config file should be removed, too.
> ---
>  nis/libnsl.h |  6 ------
>  nis/nss      | 37 -------------------------------------
>  2 files changed, 43 deletions(-)
>  delete mode 100644 nis/nss
> 
> diff --git a/nis/libnsl.h b/nis/libnsl.h
> index 64ca262579..d9235ef604 100644
> --- a/nis/libnsl.h
> +++ b/nis/libnsl.h
> @@ -17,12 +17,6 @@
>  
>  #include <rpcsvc/nis.h>
>  
> -#define NSS_FLAG_NETID_AUTHORITATIVE	1
> -#define NSS_FLAG_SERVICES_AUTHORITATIVE	2
> -#define NSS_FLAG_SETENT_BATCH_READ	4
> -#define NSS_FLAG_ADJUNCT_AS_SHADOW	8
> -
> -
>  /* Set up everything for a call to __do_niscall3.  */
>  extern nis_error __prepare_niscall (const_nis_name name, directory_obj **dirp,
>  				    dir_binding *bptrp, unsigned int flags);
> diff --git a/nis/nss b/nis/nss
> deleted file mode 100644
> index 0ac6774a1f..0000000000
> --- a/nis/nss
> +++ /dev/null
> @@ -1,37 +0,0 @@
> -# /etc/default/nss
> -# This file can theoretically contain a bunch of customization variables
> -# for Name Service Switch in the GNU C library.  For now there are only
> -# four variables:
> -#
> -# NETID_AUTHORITATIVE
> -#   If set to TRUE, the initgroups() function will accept the information
> -#   from the netid.byname NIS map as authoritative.  This can speed up the
> -#   function significantly if the group.byname map is large.  The content
> -#   of the netid.byname map is used AS IS.  The system administrator has
> -#   to make sure it is correctly generated.
> -#NETID_AUTHORITATIVE=TRUE
> -#
> -# SERVICES_AUTHORITATIVE
> -#   If set to TRUE, the getservbyname{,_r}() function will assume
> -#   services.byservicename NIS map exists and is authoritative, particularly
> -#   that it contains both keys with /proto and without /proto for both
> -#   primary service names and service aliases.  The system administrator
> -#   has to make sure it is correctly generated.
> -#SERVICES_AUTHORITATIVE=TRUE
> -#
> -# SETENT_BATCH_READ
> -#  If set to TRUE, various setXXent() functions will read the entire
> -#  database at once and then hand out the requests one by one from
> -#  memory with every getXXent() call.  Otherwise each getXXent() call
> -#  might result into a network communication with the server to get
> -#  the next entry.
> -#SETENT_BATCH_READ=TRUE
> -#
> -# ADJUNCT_AS_SHADOW
> -#  If set to TRUE, the passwd routines in the NIS NSS module will not
> -#  use the passwd.adjunct.byname tables to fill in the password data
> -#  in the passwd structure.  This is a security problem if the NIS
> -#  server cannot be trusted to send the passwd.adjuct table only to
> -#  privileged clients.  Instead the passwd.adjunct.byname table is
> -#  used to synthesize the shadow.byname table if it does not exist.
> -#ADJUNCT_AS_SHADOW=TRUE
> -- 
> 2.26.2
>
Andreas Schwab Aug. 26, 2020, 9:15 a.m. UTC | #2
On Aug 20 2020, Thorsten Kukuk wrote:

> Hi,
>
> glibc still ships with the /etc/default/nss configuration file
> and the defines for it, but the code reading and using it got
> completly removed. So the config file and the defines should be
> removed, too.
>
> Ok to commit?

Ok.

Andreas.
diff mbox series

Patch

From d2b96c651900fec532fd2ecb0d755b4adb458b77 Mon Sep 17 00:00:00 2001
From: Thorsten Kukuk <kukuk@suse.com>
Date: Thu, 20 Aug 2020 14:36:52 +0200
Subject: [PATCH 1/1] Remove obsolete default/nss code

All code reading /etc/default/nss and using the internal
defines got removed, so the config file should be removed, too.
---
 nis/libnsl.h |  6 ------
 nis/nss      | 37 -------------------------------------
 2 files changed, 43 deletions(-)
 delete mode 100644 nis/nss

diff --git a/nis/libnsl.h b/nis/libnsl.h
index 64ca262579..d9235ef604 100644
--- a/nis/libnsl.h
+++ b/nis/libnsl.h
@@ -17,12 +17,6 @@ 
 
 #include <rpcsvc/nis.h>
 
-#define NSS_FLAG_NETID_AUTHORITATIVE	1
-#define NSS_FLAG_SERVICES_AUTHORITATIVE	2
-#define NSS_FLAG_SETENT_BATCH_READ	4
-#define NSS_FLAG_ADJUNCT_AS_SHADOW	8
-
-
 /* Set up everything for a call to __do_niscall3.  */
 extern nis_error __prepare_niscall (const_nis_name name, directory_obj **dirp,
 				    dir_binding *bptrp, unsigned int flags);
diff --git a/nis/nss b/nis/nss
deleted file mode 100644
index 0ac6774a1f..0000000000
--- a/nis/nss
+++ /dev/null
@@ -1,37 +0,0 @@ 
-# /etc/default/nss
-# This file can theoretically contain a bunch of customization variables
-# for Name Service Switch in the GNU C library.  For now there are only
-# four variables:
-#
-# NETID_AUTHORITATIVE
-#   If set to TRUE, the initgroups() function will accept the information
-#   from the netid.byname NIS map as authoritative.  This can speed up the
-#   function significantly if the group.byname map is large.  The content
-#   of the netid.byname map is used AS IS.  The system administrator has
-#   to make sure it is correctly generated.
-#NETID_AUTHORITATIVE=TRUE
-#
-# SERVICES_AUTHORITATIVE
-#   If set to TRUE, the getservbyname{,_r}() function will assume
-#   services.byservicename NIS map exists and is authoritative, particularly
-#   that it contains both keys with /proto and without /proto for both
-#   primary service names and service aliases.  The system administrator
-#   has to make sure it is correctly generated.
-#SERVICES_AUTHORITATIVE=TRUE
-#
-# SETENT_BATCH_READ
-#  If set to TRUE, various setXXent() functions will read the entire
-#  database at once and then hand out the requests one by one from
-#  memory with every getXXent() call.  Otherwise each getXXent() call
-#  might result into a network communication with the server to get
-#  the next entry.
-#SETENT_BATCH_READ=TRUE
-#
-# ADJUNCT_AS_SHADOW
-#  If set to TRUE, the passwd routines in the NIS NSS module will not
-#  use the passwd.adjunct.byname tables to fill in the password data
-#  in the passwd structure.  This is a security problem if the NIS
-#  server cannot be trusted to send the passwd.adjuct table only to
-#  privileged clients.  Instead the passwd.adjunct.byname table is
-#  used to synthesize the shadow.byname table if it does not exist.
-#ADJUNCT_AS_SHADOW=TRUE
-- 
2.26.2