Defect report from : Petter Reinholdtsen , The Hungry Programmers
(Please direct followup comments direct to yyyyyyyyyyyyyy@xxxxxxxxxxxxx)
@ page 0 line 0 section setnetgrent()/innetgr() objection {0}
Problem:
Defect code : 2. Omission
Currently, several Unices include API to access netgroups.
Netgroups is as far as I know the only way to refere to
groups of machines in configuration files and access lists.
The netgroups are normally access from NIS, but can also
be accessed from local files or from LDAP. The normal API
seem to be these functions:
#include <netdb.h>
int getnetgrent(char **machinep, char **userp, char **domainp);
int getnetgrent_r(char **machinep, char **userp, char **domainp, char
*buffer, int buflen);
int setnetgrent(const char *netgroupm);
int endnetgrent(void);
int innetgr(const char *netgroup, const char *machine, const char *user,
const char *domain);
Some Unices do not have a return value from setnetgrent() (AIX, FreeBSD), but
this make it impossible to know the
the difference between a non-existand netgroup and an
empty netgroup. I've been unable to find any standard text
referencing this API. This API also have some missing features. It is
impossible to get a list of all netgroups,
and it is impossible to do reverse lookup, finding out
which netgroups a given host or user is a member of.
Action:
The austin group should standardize the netgroup access
API, possibly extending it to allow access to the list
of all netgroups, and also extend it to allow reverse
lookups.
|