Return failure in getnetgrent only when all netgroups have been searched (#17363)

The netgroups lookup code fails when one of the groups in the search tree is empty. In such a case it only returns the leaves of the tree after the blank netgroup. This is because the line parser returns a NOTFOUND status when the netgroup exists but is empty. The __getnetgrent_internal implementation needs to be fixed to try remaining groups if the current group is entry. This patch implements this fix. Tested on x86_64. [BZ #17363] * inet/getnetgrent_r.c (__internal_getnetgrent_r): Try next group if the current group is empty.
author: Siddhesh Poyarekar <siddhesh@redhat.com> 2014-09-10 21:51:50 +0530
committer: Siddhesh Poyarekar <siddhesh@redhat.com> 2014-09-10 21:51:50 +0530
commit: 58b930ae216bfa98cd60212b954b07b9963d6d04 (patch)
tree: 138f7c7f93f4fb99d0c61dd03c5f1d78c3135f40 /inet
parent: 71ae86478edc7b21872464f43fb29ff650c1681a (diff)
1 files changed, 4 insertions, 1 deletions
diff --git a/inet/getnetgrent_r.c b/inet/getnetgrent_r.c
index f6d064dbb5..e1015377e6 100644
--- a/inet/getnetgrent_r.c
+++ b/inet/getnetgrent_r.c
@@ -297,7 +297,10 @@ __internal_getnetgrent_r (char **hostp, char **userp, char **domainp,
     {
       status = DL_CALL_FCT (*fct, (datap, buffer, buflen, &errno));
 
-      if (status == NSS_STATUS_RETURN)
+      if (status == NSS_STATUS_RETURN
+	  /* The service returned a NOTFOUND, but there are more groups that we
+	     need to resolve before we give up.  */
+	  || (status == NSS_STATUS_NOTFOUND && datap->needed_groups != NULL))
 	{
 	  /* This was the last one for this group.  Look at next group
 	     if available.  */
author	Siddhesh Poyarekar <siddhesh@redhat.com>	2014-09-10 21:51:50 +0530
committer	Siddhesh Poyarekar <siddhesh@redhat.com>	2014-09-10 21:51:50 +0530
commit	58b930ae216bfa98cd60212b954b07b9963d6d04 (patch)
tree	138f7c7f93f4fb99d0c61dd03c5f1d78c3135f40 /inet
parent	71ae86478edc7b21872464f43fb29ff650c1681a (diff)