http://defect.opensolaris.org/bz/show_bug.cgi?id=12567
--- Comment #17 from amaguire <alan.maguire at sun.com> 2009-11-13 09:53:46 UTC
---
a bit more on the group stuff - startd calls initgroups() with the gid of
netadm (65 in decimal == 41 in hex). There's a comment above this that says:
3160 /* Ok if cip->gid == -1 */
3161 if (initgroups(cip->pwd.pw_name, cip->gid) != 0) {
..which may be a bit suspect, since in this case cip->gid == 0x41 (for netadm).
We're basically looking up supplemental group membership for the user "netadm"
including the base gid of the netadm gid on behalf of the refresh method for
nwamd. The problem is we only stop when we've got NGROUPS_MAX groups, so it
seems like a call like this is destined to fall back to NIS. We can add
specific users to the /etc/group entry for the netadm group, but even after
doing that we seem to fall back to NIS - I'm not sure why.
The (sort of) good news is that this issue seems to be the only one we need to
address wrt name service issues at least - if we remove the nis entry from the
group line in nsswitch.conf for the User location, all appears well.
So I think we need to establish
1) is calling initgroups() with a gid != -1 a bug in startd?
2) is there a way to prevent supplemental group lookup falling back to nis?
I'm looking into 1, and if that's a dead end I'll investigate 2.
--
Configure bugmail: http://defect.opensolaris.org/bz/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.
