1
0
mirror of https://git.FreeBSD.org/src.git synced 2025-01-03 12:35:02 +00:00

Add -b and -s flags for adding YP_INTERDOMAIN and YP_SECURE entries to

map databases. Also document said flags in the man page.

Adding YP_INTERDOMAIN to a map causes ypserv(8) to do a DNS lookup
when a yp_match() on the map fails. (This affects only the hosts.by*
maps; for all other maps it's ignored.) The YP_SECURE entry causes
ypserv(8) to restrict access to the map so that only clients making
requests from reserved ports can get at it.

Our ypserv doesn't currently support these features so they're silently
ignored for the moment, but this will change. :)
This commit is contained in:
Bill Paul 1996-10-24 14:52:50 +00:00
parent 0ee48eaae9
commit 21c2d66cd6
Notes: svn2git 2020-12-20 02:59:44 +00:00
svn path=/head/; revision=19155
2 changed files with 67 additions and 11 deletions

View File

@ -43,6 +43,8 @@
.Fl u Ar dbname
.Nm yp_mkdb
.Op Fl c
.Op Fl b
.Op Fl s
.Op Fl i Ar inputfile
.Op Fl o Ar outputfile
.Op Fl m Ar mastername
@ -96,6 +98,36 @@ of a database creation command,
.Nm yp_mkdb
will send the signal only after the new database has been successfully
created.
.It Fl b
This flag causes
.Nm yp_mkdb
to add a special entry to the database with a key of
.Em YP_INTERDOMAIN
and an empty data field. If this key is present in a map, it alters the
behavior of the 'match' procedure in
.Xr ypserv 8
slightly. If a match query fails (because the server couldn't find
a record that matched the supplied key), and the
.Em YP_INTERDOMAIN
key exists within the queried may,
.Xr ypserv 8
will try to match the entry again using a DNS lookup. Note that this
special behavior only applies to the
.Em hosts
maps. Using the
.Fl b
flag for other maps has no effect.
.Pp
.It Fl s
This flag is used to add a special entry to the database with a key of
.Em YP_SECURE
and an empty data field. If this key is present in a map,
.Xr ypserv 8
will deny access to the map to any client that is not using a
reserved port for its query. This is used mainly for the
.Em master.passwd
maps, which should be restricted to privileged access only.
.Pp
.It Fl u Ar dbname
.Pp
Dump (or 'unwind') an NIS database. This option can be used to
@ -104,22 +136,22 @@ inspect the contents of an existing NIS database.
.Pp
When generating an NIS map, encode
.Nm inputfile
as a special entry in the database with called
.Nm YP_INPUT_FILE.
as a special entry in the database with a key of
.Em YP_INPUT_FILE.
.Pp
.It Op Fl o Ar outputfile
.Pp
When generating an NIS map, encode
.Nm outputfile
as a special entry in the database with called
.Nm YP_OUTPUT_FILE .
as a special entry in the database with a key of
.Em YP_OUTPUT_FILE .
.Pp
.It Op Fl m Ar mastername
.Pp
When generating an NIS map encode
.Nm mastername
as a special entry in the database with called
.Nm YP_MASTER_NAME .
as a special entry in the database with a key of
.Em YP_MASTER_NAME .
This entry in the database is frequently used by various NIS utilities
to determine the name of an NIS master server for a domain. By default,
.Nm yp_mkdb

View File

@ -29,7 +29,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $Id: yp_mkdb.c,v 1.5 1996/06/03 03:12:32 wpaul Exp $
* $Id: yp_mkdb.c,v 1.5 1996/06/03 03:12:32 wpaul Exp wpaul $
*/
#include <stdio.h>
@ -50,7 +50,7 @@
#include "ypxfr_extern.h"
#ifndef lint
static const char rcsid[] = "$Id: yp_mkdb.c,v 1.5 1996/06/03 03:12:32 wpaul Exp $";
static const char rcsid[] = "$Id: yp_mkdb.c,v 1.5 1996/06/03 03:12:32 wpaul Exp wpaul $";
#endif
char *yp_dir = ""; /* No particular default needed. */
@ -62,8 +62,8 @@ static void usage()
{
fprintf(stderr, "usage: %s -c\n", progname);
fprintf(stderr, "usage: %s -u dbname\n", progname);
fprintf(stderr, "usage: %s [-c] [-i inputfile] [-o outputfile]\n",
progname);
fprintf(stderr, "usage: %s [-c] [-b] [-s] [-i inputfile] \
[-o outputfile]\n", progname);
fprintf(stderr, " [-d domainname ] [-m mastername] \
inputfile dbname\n");
exit(1);
@ -112,6 +112,8 @@ main (argc, argv)
char *infilename = NULL;
char *outfilename = NULL;
char *mastername = NULL;
int interdom = 0;
int secure = 0;
DB *dbp;
DBT key, data;
char buf[10240];
@ -119,7 +121,7 @@ main (argc, argv)
FILE *ifp;
char hname[MAXHOSTNAMELEN + 2];
while ((ch = getopt(argc, argv, "uhcd:i:o:m:")) != EOF) {
while ((ch = getopt(argc, argv, "uhcbsd:i:o:m:")) != EOF) {
switch(ch) {
case 'u':
un++;
@ -127,6 +129,12 @@ main (argc, argv)
case 'c':
clear++;
break;
case 'b':
interdom++;
break;
case 's':
secure++;
break;
case 'd':
domain = optarg;
break;
@ -189,6 +197,22 @@ main (argc, argv)
if ((dbp = open_db(map, O_RDWR|O_EXLOCK|O_EXCL|O_CREAT)) == NULL)
err(1, "open_db(%s) failed", map);
if (interdom) {
key.data = "YP_INTERDOMAIN";
key.size = sizeof("YP_INTERDOMAIN") - 1;
data.data = "";
data.size = 0;
yp_put_record(dbp, &key, &data, 0);
}
if (secure) {
key.data = "YP_SECURE";
key.size = sizeof("YP_SECURE") - 1;
data.data = "";
data.size = 0;
yp_put_record(dbp, &key, &data, 0);
}
key.data = "YP_MASTER_NAME";
key.size = sizeof("YP_MASTER_NAME") - 1;
data.data = mastername;