From nobody@FreeBSD.org  Fri Dec 10 10:52:18 2010
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 8588A1065673
	for <freebsd-gnats-submit@FreeBSD.org>; Fri, 10 Dec 2010 10:52:18 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from red.freebsd.org (unknown [IPv6:2001:4f8:fff6::22])
	by mx1.freebsd.org (Postfix) with ESMTP id 6A0C28FC0C
	for <freebsd-gnats-submit@FreeBSD.org>; Fri, 10 Dec 2010 10:52:18 +0000 (UTC)
Received: from red.freebsd.org (localhost [127.0.0.1])
	by red.freebsd.org (8.14.4/8.14.4) with ESMTP id oBAAqHus015811
	for <freebsd-gnats-submit@FreeBSD.org>; Fri, 10 Dec 2010 10:52:17 GMT
	(envelope-from nobody@red.freebsd.org)
Received: (from nobody@localhost)
	by red.freebsd.org (8.14.4/8.14.4/Submit) id oBAAqHgS015810;
	Fri, 10 Dec 2010 10:52:17 GMT
	(envelope-from nobody)
Message-Id: <201012101052.oBAAqHgS015810@red.freebsd.org>
Date: Fri, 10 Dec 2010 10:52:17 GMT
From: Konstantin Menshikov <kmenshikov@peterhost.ru>
To: freebsd-gnats-submit@FreeBSD.org
Subject: [patch] net/nss_ldap, ignore option nss_initgroups_ignoreusers
X-Send-Pr-Version: www-3.1
X-GNATS-Notify: mikeg@bsd-box.net

>Number:         152982
>Category:       ports
>Synopsis:       [patch] net/nss_ldap, ignore option nss_initgroups_ignoreusers
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    scheidell
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Fri Dec 10 11:00:17 UTC 2010
>Closed-Date:    Sat Dec 03 18:43:10 UTC 2011
>Last-Modified:  Wed Dec 28 16:50:10 UTC 2011
>Originator:     Konstantin Menshikov
>Release:        FreeBSD 8.1-RELEASE amd64
>Organization:
>Environment:
FreeBSD nscd.kmenshikov.devel.hostcomm.ru 8.1-RELEASE FreeBSD 8.1-RELEASE #0: Thu Sep  2 02:56:24 UTC 2010     root@tinderbox.infra.hc.ru:/usr/obj/usr/src/sys/GENERIC  amd64
>Description:
Option nss_initgroups_ignoreusers for nss_ldap not working for function getgrouplist(), getgrouplist() called from initgroups().
Call getgroplist() on freebsd used nss_ldap function __nss_compat_getgrent_r(),
because not realized function for "getgroupmembership",
option nss_initgroups_ignoreusers checked in _nss_ldap_initgroups_dyn().
Therefore option not working.

I`m found patch http://lists.freebsd.org/pipermail/freebsd-current/2007-July/075131.html (for bsdnss.c) and corrected it. 
This implemented special function for getgroupmembership search.
Run and testing on my freebsd box, option nss_initgroups_ignoreusers works fine. 
>How-To-Repeat:
Configure Freebsd for authentication on LDAP server http://www.freebsd.org/doc/en_US.ISO8859-1/articles/ldap-auth/index.html
        
Add in /usr/local/etc/nss_ldap.conf "nss_initgroups_ignoreusers nobody". Call function getgrouplist() for user nobody or  run "id nobody".

Look ldap server logs (you see lookup for get list of group),
also you can add to /etc/make.conf  CFLAGS+=-DDEBUG, rebuld nss_ldap and look debug trace.

>Fix:
Need apply patch to bsdnss.c and rebuild nss_ldap.

Patch attached with submission follows:

--- bsdnss.c.old	2010-12-09 13:04:25.000000000 +0000
+++ bsdnss.c	2010-12-09 13:02:37.000000000 +0000
@@ -1,9 +1,11 @@
 #include <errno.h>
+#include <stdlib.h>
 #include <sys/param.h>
 #include <netinet/in.h>
 #include <pwd.h>
 #include <grp.h>
 #include <nss.h>
+#include <nsswitch.h>
 #include <netdb.h>
 
 extern enum nss_status _nss_ldap_getgrent_r(struct group *, char *, size_t,
@@ -14,6 +16,8 @@
     size_t, int *);
 extern enum nss_status _nss_ldap_setgrent(void);
 extern enum nss_status _nss_ldap_endgrent(void);
+extern enum nss_status _nss_ldap_initgroups_dyn(const char *, gid_t, long int *,
+			   long int *, gid_t **, long int, int *);
 
 extern enum nss_status _nss_ldap_getpwent_r(struct passwd *, char *, size_t,
     int *);
@@ -40,6 +44,7 @@
 NSS_METHOD_PROTOTYPE(__nss_compat_getgrent_r);
 NSS_METHOD_PROTOTYPE(__nss_compat_setgrent);
 NSS_METHOD_PROTOTYPE(__nss_compat_endgrent);
+static NSS_METHOD_PROTOTYPE(__freebsd_getgroupmembership);
 
 NSS_METHOD_PROTOTYPE(__nss_compat_getpwnam_r);
 NSS_METHOD_PROTOTYPE(__nss_compat_getpwuid_r);
@@ -57,6 +62,7 @@
 { NSDB_GROUP, "getgrent_r", __nss_compat_getgrent_r, _nss_ldap_getgrent_r },
 { NSDB_GROUP, "setgrent",   __nss_compat_setgrent,   _nss_ldap_setgrent },
 { NSDB_GROUP, "endgrent",   __nss_compat_endgrent,   _nss_ldap_endgrent },
+{ NSDB_GROUP, "getgroupmembership",  __freebsd_getgroupmembership, NULL },
 
 { NSDB_PASSWD, "getpwnam_r", __nss_compat_getpwnam_r, _nss_ldap_getpwnam_r },
 { NSDB_PASSWD, "getpwuid_r", __nss_compat_getpwuid_r, _nss_ldap_getpwuid_r },
@@ -156,3 +162,58 @@
 	h_errno = h_errnop;
 	return (status);
 }
+
+static int
+__gr_addgid(gid_t gid, gid_t *groups, int maxgrp, int *groupc)
+{
+	int	ret, dupc;
+
+	/* skip duplicates */
+	for (dupc = 0; dupc < MIN(maxgrp, *groupc); dupc++) {
+		if (groups[dupc] == gid)
+			return 1;
+	}
+
+	ret = 1;
+	if (*groupc < maxgrp)			/* add this gid */
+		groups[*groupc] = gid;
+	else
+		ret = 0;
+	(*groupc)++;
+	return ret;
+}
+
+static int __freebsd_getgroupmembership(void *retval, void *mdata, va_list ap)
+{
+	int err;
+	enum nss_status s;
+	const char *user 	= va_arg(ap, const char *);
+	gid_t group 		= va_arg(ap, gid_t);
+	gid_t *groups 		= va_arg(ap, gid_t *);
+	int limit 		= va_arg(ap, int);
+	int *size 		= va_arg(ap, int*);
+	gid_t *tmpgroups;
+	long int lstart, lsize;
+	int i;
+
+	tmpgroups = malloc(limit * sizeof(gid_t));
+	if (tmpgroups == NULL)
+		return NS_TRYAGAIN;
+
+	/* insert primary membership */
+	__gr_addgid(group, groups, limit, size);
+
+	lstart = 0;
+	lsize = limit;
+	s = _nss_ldap_initgroups_dyn(user, group, &lstart, &lsize,
+		&tmpgroups, 0, &err);
+	if (s == NSS_STATUS_SUCCESS) {
+		for (i = 0; i < lstart; i++)
+			 __gr_addgid(tmpgroups[i], groups, limit, size);
+		s = NSS_STATUS_NOTFOUND;
+	}
+
+	free(tmpgroups);
+
+	return __nss_compat_result(s, err);
+}


>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-ports-bugs->pgollucci 
Responsible-Changed-By: edwin 
Responsible-Changed-When: Fri Dec 10 11:00:48 UTC 2010 
Responsible-Changed-Why:  
pgollucci@ wants his PRs (via the GNATS Auto Assign Tool) 

http://www.freebsd.org/cgi/query-pr.cgi?pr=152982 
State-Changed-From-To: open->feedback 
State-Changed-By: edwin 
State-Changed-When: Fri Dec 10 11:00:55 UTC 2010 
State-Changed-Why:  
Awaiting maintainers feedback (via the GNATS Auto Assign Tool) 

http://www.freebsd.org/cgi/query-pr.cgi?pr=152982 

From: Edwin Groothuis <edwin@FreeBSD.org>
To: mikeg@bsd-box.net
Cc: bug-followup@FreeBSD.org
Subject: Re: ports/152982: [patch] net/nss_ldap, ignore option nss_initgroups_ignoreusers
Date: Fri, 10 Dec 2010 11:00:52 UT

 Maintainer of net/nss_ldap,
 
 Please note that PR ports/152982 has just been submitted.
 
 If it contains a patch for an upgrade, an enhancement or a bug fix
 you agree on, reply to this email stating that you approve the patch
 and a committer will take care of it.
 
 The full text of the PR can be found at:
     http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/152982
 
 -- 
 Edwin Groothuis via the GNATS Auto Assign Tool
 edwin@FreeBSD.org
State-Changed-From-To: feedback->open 
State-Changed-By: pgollucci 
State-Changed-When: Fri Dec 24 07:36:11 UTC 2010 
State-Changed-Why:  
maintainer timeout (mikeg@bsd-box.net ; 14 days) 

http://www.freebsd.org/cgi/query-pr.cgi?pr=152982 
Responsible-Changed-From-To: pgollucci->freebsd-ports-bugs 
Responsible-Changed-By: pgollucci 
Responsible-Changed-When: Wed Jan 12 00:59:26 UTC 2011 
Responsible-Changed-Why:  
E-NO-TIME right now, back to pool 

http://www.freebsd.org/cgi/query-pr.cgi?pr=152982 

From: Menshikov Konstantin <k.menshikov@peterhost.ru>
To: bug-followup@FreeBSD.org, kmenshikov@peterhost.ru
Cc:  
Subject: Re: ports/152982: [patch] net/nss_ldap, ignore option nss_initgroups_ignoreusers
Date: Mon, 30 May 2011 16:27:58 +0400

 This is a cryptographically signed message in MIME format.
 
 --------------ms090309070601020206090102
 Content-Type: text/plain; charset=UTF-8; format=flowed
 Content-Transfer-Encoding: base64
 
 SGkuCgpUaGlzIFBSIGV4cGVjdCBvdmVyIDUgbW9udGguClBsZWFzZSwgcmVzb2x2ZSBpdC4K
 Ci0tIArQnNC10L3RjNGI0LjQutC+0LIg0JrQvtC90YHRgtCw0L3RgtC40L0KCg==
 
 --------------ms090309070601020206090102
 Content-Type: application/x-pkcs7-signature; name="smime.p7s"
 Content-Transfer-Encoding: base64
 Content-Disposition: attachment; filename="smime.p7s"
 Content-Description: S/MIME Cryptographic Signature
 
 MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIPlDCC
 BIowggNyoAMCAQICECf06hH0eobEbp27bqkXBwcwDQYJKoZIhvcNAQEFBQAwbzELMAkGA1UE
 BhMCU0UxFDASBgNVBAoTC0FkZFRydXN0IEFCMSYwJAYDVQQLEx1BZGRUcnVzdCBFeHRlcm5h
 bCBUVFAgTmV0d29yazEiMCAGA1UEAxMZQWRkVHJ1c3QgRXh0ZXJuYWwgQ0EgUm9vdDAeFw0w
 NTA2MDcwODA5MTBaFw0yMDA1MzAxMDQ4MzhaMIGuMQswCQYDVQQGEwJVUzELMAkGA1UECBMC
 VVQxFzAVBgNVBAcTDlNhbHQgTGFrZSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5l
 dHdvcmsxITAfBgNVBAsTGGh0dHA6Ly93d3cudXNlcnRydXN0LmNvbTE2MDQGA1UEAxMtVVRO
 LVVTRVJGaXJzdC1DbGllbnQgQXV0aGVudGljYXRpb24gYW5kIEVtYWlsMIIBIjANBgkqhkiG
 9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjmFpPJ9q0E7YkY3rs3BYHW8OWX5ShpHornMSMxqmNVN
 NRm5pELlzkniii8efNIxB8dOtINknS4p1aJkxIW9hVE1eaROaJB7HHqkkqgX8pgV8pPMyaQy
 lbsMTzC9mKALi+VuG6JG+ni8om+rWV6lL8/K2m2qL+usobNqqrcuZzWLeeEeaYji5kbNoKXq
 vgvOdjp6Dpvq/NonWz1zHyLmSGHGTPNpsaguG7bUMSAsvIKKjqQOpdeJQ/wWWq8dcdcRWdq6
 hw2v+vPhwvCkxWeM1tZUOt4KpLoDd7NlyP0e03RiqhjKaJMeoYV+9Udly/hNVyh00jT/MLbu
 9mIwFIws6wIDAQABo4HhMIHeMB8GA1UdIwQYMBaAFK29mHo0tCb3+sQmVO8DveAky1QaMB0G
 A1UdDgQWBBSJgmd9xJ0mcABLtFBIfN49rgRufTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/
 BAUwAwEB/zB7BgNVHR8EdDByMDigNqA0hjJodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9BZGRU
 cnVzdEV4dGVybmFsQ0FSb290LmNybDA2oDSgMoYwaHR0cDovL2NybC5jb21vZG8ubmV0L0Fk
 ZFRydXN0RXh0ZXJuYWxDQVJvb3QuY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQAZ2IkRbyispgCi
 54fBm5AD236hEv0e8+LwAamUVEJrmgnEoG3XkJIEA2Z5Q3H8+G+v23ZF4jcaPd3kWQR4rBz0
 g0bzes9bhHIt5UbBuhgRKfPLSXmHPLptBZ2kbWhPrXIUNqi5sf2/z3/wpGqUNVCPz4FtVbHd
 WTBK322gnGQfSXzvNrv042n0+DmPWq1LhTq3Du3Tzw1EovsEv+QvcI4l+1pUBrPQxLxtjftz
 Mizpm4QkLdZ/kXpoAlAfDj9N6cz1u2fo3BwuO/xOzf4CjuOoEwqlJkRl6RDyTVKnrtw+ymsy
 XEFs/vVdoOr/0fqbhlhtPZZH5f4ulQTCAMyOofK7MIIFfzCCBGegAwIBAgIRAL3od7DYc3Ay
 /8YK1tD55TUwDQYJKoZIhvcNAQEFBQAwga4xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJVVDEX
 MBUGA1UEBxMOU2FsdCBMYWtlIENpdHkxHjAcBgNVBAoTFVRoZSBVU0VSVFJVU1QgTmV0d29y
 azEhMB8GA1UECxMYaHR0cDovL3d3dy51c2VydHJ1c3QuY29tMTYwNAYDVQQDEy1VVE4tVVNF
 UkZpcnN0LUNsaWVudCBBdXRoZW50aWNhdGlvbiBhbmQgRW1haWwwHhcNMTAxMTI2MDAwMDAw
 WhcNMTExMTI2MjM1OTU5WjApMScwJQYJKoZIhvcNAQkBFhhrLm1lbnNoaWtvdkBwZXRlcmhv
 c3QucnUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgLg/9HFovY74tWwoS9tpp
 RauaguHLMbmZgjbujOolulzornpXUUmIccQxRHTogpzaw2u+XyU51HD1zGxPi/gV7RDQH47M
 /wPv3UsqP+RysaRw3/wqeSDmj7rYMKQpRo+FaE2nOd+IVKAK5l0r2f7XymjL3k75ZNthpWra
 KKkESNd28t6Q/MRhh/3ABUSFU1run+DWH4CJeOIoePPaaB5yhSg6PdR6tWs4H10nvk98JzFz
 1TK+pLMPKpqxZQf5z6kXQGyyHd3ra+8tAnBd4fpMsIKF2VkzMvnbXxrWGO5symDfKUJ+lPIW
 7XXp6AXv0zTKwZ6vVaZ7GD6PUlN12qMZAgMBAAGjggIaMIICFjAfBgNVHSMEGDAWgBSJgmd9
 xJ0mcABLtFBIfN49rgRufTAdBgNVHQ4EFgQURts0y+ilmIzJaDXuCa/a7KrY6bgwDgYDVR0P
 AQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwIAYDVR0lBBkwFwYIKwYBBQUHAwQGCysGAQQBsjEB
 AwUCMBEGCWCGSAGG+EIBAQQEAwIFIDBGBgNVHSAEPzA9MDsGDCsGAQQBsjEBAgEBATArMCkG
 CCsGAQUFBwIBFh1odHRwczovL3NlY3VyZS5jb21vZG8ubmV0L0NQUzCBpQYDVR0fBIGdMIGa
 MEygSqBIhkZodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9VVE4tVVNFUkZpcnN0LUNsaWVudEF1
 dGhlbnRpY2F0aW9uYW5kRW1haWwuY3JsMEqgSKBGhkRodHRwOi8vY3JsLmNvbW9kby5uZXQv
 VVROLVVTRVJGaXJzdC1DbGllbnRBdXRoZW50aWNhdGlvbmFuZEVtYWlsLmNybDBsBggrBgEF
 BQcBAQRgMF4wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQuY29tb2RvY2EuY29tL1VUTkFBQUNs
 aWVudENBLmNydDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29tMCMGA1Ud
 EQQcMBqBGGsubWVuc2hpa292QHBldGVyaG9zdC5ydTANBgkqhkiG9w0BAQUFAAOCAQEADQ2u
 jsTO69dhYQALvkukDorEf+fbUaqbGz+KdITeDKOLDE1Wel26DR8krbPeTdw5NT50iMU3yCtb
 z7b+JYsKsJblldhRtbILassjOWzCNYRovBCxfdXDQNaKLvMp2KZtCetikL5zbmIlvYAy8Tdg
 /9C6kwxk4xZg0nXkuzrMQxEu+ENybqJPuB3F90a2hMxk7Z2WQfiERcFfP/WVHcmSNPDvWqLY
 kzXCkqZYyJ5JR5auZcIvK6XJlvzrQc7p9T+Gi6UF2Bg+MjEpU8Rr+hxR7sKxjYi+TnutvXIp
 B/i4+t5yTLVAYJSK6oCmbs+1iTYKdBzLQTiu4Vd2MxIw6gCdfTCCBX8wggRnoAMCAQICEQC9
 6Hew2HNwMv/GCtbQ+eU1MA0GCSqGSIb3DQEBBQUAMIGuMQswCQYDVQQGEwJVUzELMAkGA1UE
 CBMCVVQxFzAVBgNVBAcTDlNhbHQgTGFrZSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNU
 IE5ldHdvcmsxITAfBgNVBAsTGGh0dHA6Ly93d3cudXNlcnRydXN0LmNvbTE2MDQGA1UEAxMt
 VVROLVVTRVJGaXJzdC1DbGllbnQgQXV0aGVudGljYXRpb24gYW5kIEVtYWlsMB4XDTEwMTEy
 NjAwMDAwMFoXDTExMTEyNjIzNTk1OVowKTEnMCUGCSqGSIb3DQEJARYYay5tZW5zaGlrb3ZA
 cGV0ZXJob3N0LnJ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4C4P/RxaL2O+
 LVsKEvbaaUWrmoLhyzG5mYI27ozqJbpc6K56V1FJiHHEMUR06IKc2sNrvl8lOdRw9cxsT4v4
 Fe0Q0B+OzP8D791LKj/kcrGkcN/8Knkg5o+62DCkKUaPhWhNpznfiFSgCuZdK9n+18poy95O
 +WTbYaVq2iipBEjXdvLekPzEYYf9wAVEhVNa7p/g1h+AiXjiKHjz2mgecoUoOj3UerVrOB9d
 J75PfCcxc9UyvqSzDyqasWUH+c+pF0Bssh3d62vvLQJwXeH6TLCChdlZMzL5218a1hjubMpg
 3ylCfpTyFu116egF79M0ysGer1Wmexg+j1JTddqjGQIDAQABo4ICGjCCAhYwHwYDVR0jBBgw
 FoAUiYJnfcSdJnAAS7RQSHzePa4Ebn0wHQYDVR0OBBYEFEbbNMvopZiMyWg17gmv2uyq2Om4
 MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMCAGA1UdJQQZMBcGCCsGAQUFBwMEBgsr
 BgEEAbIxAQMFAjARBglghkgBhvhCAQEEBAMCBSAwRgYDVR0gBD8wPTA7BgwrBgEEAbIxAQIB
 AQEwKzApBggrBgEFBQcCARYdaHR0cHM6Ly9zZWN1cmUuY29tb2RvLm5ldC9DUFMwgaUGA1Ud
 HwSBnTCBmjBMoEqgSIZGaHR0cDovL2NybC5jb21vZG9jYS5jb20vVVROLVVTRVJGaXJzdC1D
 bGllbnRBdXRoZW50aWNhdGlvbmFuZEVtYWlsLmNybDBKoEigRoZEaHR0cDovL2NybC5jb21v
 ZG8ubmV0L1VUTi1VU0VSRmlyc3QtQ2xpZW50QXV0aGVudGljYXRpb25hbmRFbWFpbC5jcmww
 bAYIKwYBBQUHAQEEYDBeMDYGCCsGAQUFBzAChipodHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9V
 VE5BQUFDbGllbnRDQS5jcnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNv
 bTAjBgNVHREEHDAagRhrLm1lbnNoaWtvdkBwZXRlcmhvc3QucnUwDQYJKoZIhvcNAQEFBQAD
 ggEBAA0Nro7EzuvXYWEAC75LpA6KxH/n21Gqmxs/inSE3gyjiwxNVnpdug0fJK2z3k3cOTU+
 dIjFN8grW8+2/iWLCrCW5ZXYUbWyC2rLIzlswjWEaLwQsX3Vw0DWii7zKdimbQnrYpC+c25i
 Jb2AMvE3YP/QupMMZOMWYNJ15Ls6zEMRLvhDcm6iT7gdxfdGtoTMZO2dlkH4hEXBXz/1lR3J
 kjTw71qi2JM1wpKmWMieSUeWrmXCLyulyZb860HO6fU/houlBdgYPjIxKVPEa/ocUe7CsY2I
 vk57rb1yKQf4uPrecky1QGCUiuqApm7PtYk2CnQcy0E4ruFXdjMSMOoAnX0xggRgMIIEXAIB
 ATCBxDCBrjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug
 Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExhodHRwOi8v
 d3d3LnVzZXJ0cnVzdC5jb20xNjA0BgNVBAMTLVVUTi1VU0VSRmlyc3QtQ2xpZW50IEF1dGhl
 bnRpY2F0aW9uIGFuZCBFbWFpbAIRAL3od7DYc3Ay/8YK1tD55TUwCQYFKw4DAhoFAKCCAnAw
 GAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMTEwNTMwMTIyNzU4
 WjAjBgkqhkiG9w0BCQQxFgQUXvCDIKFZh74RLQJSQl4PSgFsH84wXwYJKoZIhvcNAQkPMVIw
 UDALBglghkgBZQMEAQIwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCAMA0GCCqGSIb3DQMC
 AgFAMAcGBSsOAwIHMA0GCCqGSIb3DQMCAgEoMIHVBgkrBgEEAYI3EAQxgccwgcQwga4xCzAJ
 BgNVBAYTAlVTMQswCQYDVQQIEwJVVDEXMBUGA1UEBxMOU2FsdCBMYWtlIENpdHkxHjAcBgNV
 BAoTFVRoZSBVU0VSVFJVU1QgTmV0d29yazEhMB8GA1UECxMYaHR0cDovL3d3dy51c2VydHJ1
 c3QuY29tMTYwNAYDVQQDEy1VVE4tVVNFUkZpcnN0LUNsaWVudCBBdXRoZW50aWNhdGlvbiBh
 bmQgRW1haWwCEQC96Hew2HNwMv/GCtbQ+eU1MIHXBgsqhkiG9w0BCRACCzGBx6CBxDCBrjEL
 MAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2UgQ2l0eTEeMBwG
 A1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExhodHRwOi8vd3d3LnVzZXJ0
 cnVzdC5jb20xNjA0BgNVBAMTLVVUTi1VU0VSRmlyc3QtQ2xpZW50IEF1dGhlbnRpY2F0aW9u
 IGFuZCBFbWFpbAIRAL3od7DYc3Ay/8YK1tD55TUwDQYJKoZIhvcNAQEBBQAEggEAq+j1JZK5
 p/DOkBjZ2WeQOoPHGKODntpfyFNbAlNU1znqzcGf+uSR1wqfoHyl3kkpV5u8sgtOjiEJ8LM9
 5wrdbgUVPbjm+3nT8gCd/tqeQZ6iCZp5JwB2NfGK0/8QmY7BkiYpFGDfZQKXQo2pBXrzYjpr
 ut21mo/cxh5EyloI8jAoiSm3LoO7LAp3bwWrZwYBUK7ETsdjkiJUNw/O14taJm6GJDYO/OS8
 GS6CMXi4xJ00eFzidsbikecjl6KhkWN6HnqgIMxVFa7cOCwJ3TgPzScwq5PSRE1lHO2d9dGl
 rTab+oCL8IWFMWaOE0pnCQ0utrcDHgNrqHMe1qMH4AbjjQAAAAAAAA==
 --------------ms090309070601020206090102--
Responsible-Changed-From-To: freebsd-ports-bugs->scheidell  
Responsible-Changed-By: scheidell 
Responsible-Changed-When: Fri Dec 2 22:25:07 UTC 2011 
Responsible-Changed-Why:  
ill take it 

http://www.freebsd.org/cgi/query-pr.cgi?pr=152982 
State-Changed-From-To: open->closed  
State-Changed-By: scheidell 
State-Changed-When: Sat Dec 3 18:41:52 UTC 2011 
State-Changed-Why:  
Patch committed, portsrev bumped 

http://www.freebsd.org/cgi/query-pr.cgi?pr=152982 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: ports/152982: commit references a PR
Date: Sat,  3 Dec 2011 18:45:52 +0000 (UTC)

 scheidell    2011-12-03 18:45:42 UTC
 
   FreeBSD ports repository
 
   Modified files:
     net/nss_ldap         Makefile 
     net/nss_ldap/files   bsdnss.c 
   Log:
   -Fix nss_initgroups_ignoreusers (add patch to bsdnss.c)
   
   PR:             152982
   Submitted by:   kmenshikov@peterhost.ru
   Approved by:    mentor (timeout), gabor (mentor)
   Obtained from:  http://lists.freebsd.org/pipermail/freebsd-current/2007-July/075131.html
   Feature safe:   yes
   
   Revision  Changes    Path
   1.42      +1 -1      ports/net/nss_ldap/Makefile
   1.5       +61 -0     ports/net/nss_ldap/files/bsdnss.c
 _______________________________________________
 cvs-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/cvs-all
 To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
 

From: Yuri Khotyaintsev <yuri@irfu.se>
To: bug-followup@FreeBSD.org, kmenshikov@peterhost.ru
Cc:  
Subject: Re: ports/152982: [patch] net/nss_ldap, ignore option nss_initgroups_ignoreusers
Date: Wed, 28 Dec 2011 17:20:01 +0100

 Unfortunately upgrading nss_ldap from 1.265_6 to 1.265_7 breaks my
 nss_ldap setup which was working without changes for many years. The
 problem is that only the primary group being returned with 1.265_7.
 Please revert this change.
 
 Example:
 
 nss_ldap 1.265_6:
 
 [root@hem /usr/local/etc]# groups ko
 phisp cluster
 
 nss_ldap 1.265_7:
 
 [root@hem /usr/local/etc]# groups ko
 phisp
 
 Debug output is included below.
 
 Cheers,
 Yuri
 
 nss_ldap 1.265_6:
 
 [root@hem /usr/local/etc]# groups ko
 nss_ldap: =3D=3D> _nss_ldap_enter
 nss_ldap: <=3D=3D _nss_ldap_enter
 nss_ldap: =3D=3D> _nss_ldap_getbyname
 nss_ldap: =3D=3D> _nss_ldap_search_s
 nss_ldap: =3D=3D> do_init
 nss_ldap: =3D=3D> do_close
 nss_ldap: <=3D=3D do_close
 nss_ldap: =3D=3D> do_close_no_unbind
 nss_ldap: <=3D=3D do_close_no_unbind (connection was not open)
 nss_ldap: =3D=3D> _nss_ldap_add_uri
 nss_ldap: <=3D=3D _nss_ldap_add_uri: added URI ldapi:///var/run/openldap/ld=
 api
 nss_ldap: =3D=3D> _nss_ldap_add_uri
 nss_ldap: <=3D=3D _nss_ldap_add_uri: added URI ldaps://XXXX.irfu.se
 nss_ldap: <=3D=3D do_init (initialized session)
 nss_ldap: =3D=3D> do_filter
 nss_ldap: :=3D=3D do_filter: (&(objectClass=3DposixAccount)(uid=3Dko))
 nss_ldap: <=3D=3D do_filter
 nss_ldap: =3D=3D> do_with_reconnect
 nss_ldap: =3D=3D> do_open
 nss_ldap: =3D=3D> do_init
 nss_ldap: <=3D=3D do_init (initialized session)
 nss_ldap: =3D=3D> do_bind
 nss_ldap: <=3D=3D do_bind
 nss_ldap: =3D=3D> do_set_sockopts
 nss_ldap: <=3D=3D do_set_sockopts
 nss_ldap: <=3D=3D do_open (session connected to DSA)
 nss_ldap: =3D=3D> do_search_s
 nss_ldap: <=3D=3D do_search_s
 nss_ldap: <=3D=3D do_with_reconnect
 nss_ldap: <=3D=3D _nss_ldap_search_s
 nss_ldap: =3D=3D> do_parse_s
 nss_ldap: =3D=3D> _nss_ldap_assign_userpassword
 nss_ldap: <=3D=3D _nss_ldap_assign_userpassword
 nss_ldap: <=3D=3D do_parse_s
 nss_ldap: =3D=3D> _nss_ldap_leave
 nss_ldap: <=3D=3D _nss_ldap_leave
 nss_ldap: <=3D=3D _nss_ldap_getbyname
 nss_ldap: =3D=3D> _nss_ldap_enter
 nss_ldap: <=3D=3D _nss_ldap_enter
 nss_ldap: =3D=3D> _nss_ldap_ent_context_init_locked
 nss_ldap: <=3D=3D _nss_ldap_ent_context_init_locked
 nss_ldap: =3D=3D> _nss_ldap_leave
 nss_ldap: <=3D=3D _nss_ldap_leave
 nss_ldap: =3D=3D> _nss_ldap_enter
 nss_ldap: <=3D=3D _nss_ldap_enter
 nss_ldap: =3D=3D> _nss_ldap_getent_ex
 nss_ldap: =3D=3D> _nss_ldap_ent_context_init_locked
 nss_ldap: <=3D=3D _nss_ldap_ent_context_init_locked
 nss_ldap: =3D=3D> _nss_ldap_search
 nss_ldap: =3D=3D> do_init
 nss_ldap: :=3D=3D do_init (stolen socket detected)
 nss_ldap: <=3D=3D do_init (initialized session)
 nss_ldap: =3D=3D> do_filter
 nss_ldap: :=3D=3D do_filter: (&(objectClass=3DposixGroup))
 nss_ldap: <=3D=3D do_filter
 nss_ldap: =3D=3D> do_with_reconnect
 nss_ldap: =3D=3D> do_open
 nss_ldap: =3D=3D> do_init
 nss_ldap: <=3D=3D do_init (initialized session)
 nss_ldap: =3D=3D> do_bind
 nss_ldap: <=3D=3D do_bind
 nss_ldap: =3D=3D> do_set_sockopts
 nss_ldap: <=3D=3D do_set_sockopts
 nss_ldap: <=3D=3D do_open (session connected to DSA)
 nss_ldap: =3D=3D> do_search
 nss_ldap: <=3D=3D do_search
 nss_ldap: <=3D=3D do_with_reconnect
 nss_ldap: <=3D=3D _nss_ldap_search
 nss_ldap: =3D=3D> do_parse
 nss_ldap: =3D=3D> do_result
 nss_ldap: <=3D=3D do_result
 nss_ldap: =3D=3D> _nss_ldap_assign_userpassword
 nss_ldap: <=3D=3D _nss_ldap_assign_userpassword
 nss_ldap: =3D=3D> _nss_ldap_namelist_find
 nss_ldap: <=3D=3D _nss_ldap_namelist_find
 nss_ldap: =3D=3D> _nss_ldap_namelist_push (cn=3Dcassini,ou=3DGroup,dc=3Dirf=
 u,dc=3Dse)
 nss_ldap: <=3D=3D _nss_ldap_namelist_push
 nss_ldap: =3D=3D> _nss_ldap_namelist_destroy
 nss_ldap: <=3D=3D _nss_ldap_namelist_destroy
 nss_ldap: <=3D=3D do_parse
 nss_ldap: <=3D=3D _nss_ldap_getent_ex
 nss_ldap: =3D=3D> _nss_ldap_leave
 nss_ldap: <=3D=3D _nss_ldap_leave
 nss_ldap: =3D=3D> _nss_ldap_enter
 nss_ldap: <=3D=3D _nss_ldap_enter
 nss_ldap: =3D=3D> _nss_ldap_getent_ex
 nss_ldap: =3D=3D> do_parse
 nss_ldap: =3D=3D> do_result
 nss_ldap: <=3D=3D do_result
 nss_ldap: =3D=3D> _nss_ldap_assign_userpassword
 nss_ldap: <=3D=3D _nss_ldap_assign_userpassword
 nss_ldap: =3D=3D> _nss_ldap_namelist_find
 nss_ldap: <=3D=3D _nss_ldap_namelist_find
 nss_ldap: =3D=3D> _nss_ldap_namelist_push (cn=3Dsat,ou=3DGroup,dc=3Dirfu,dc=
 =3Dse)
 nss_ldap: <=3D=3D _nss_ldap_namelist_push
 nss_ldap: =3D=3D> _nss_ldap_namelist_destroy
 nss_ldap: <=3D=3D _nss_ldap_namelist_destroy
 nss_ldap: <=3D=3D do_parse
 nss_ldap: <=3D=3D _nss_ldap_getent_ex
 nss_ldap: =3D=3D> _nss_ldap_leave
 nss_ldap: <=3D=3D _nss_ldap_leave
 nss_ldap: =3D=3D> _nss_ldap_enter
 nss_ldap: <=3D=3D _nss_ldap_enter
 nss_ldap: =3D=3D> _nss_ldap_getent_ex
 nss_ldap: =3D=3D> do_parse
 nss_ldap: =3D=3D> do_result
 nss_ldap: <=3D=3D do_result
 nss_ldap: =3D=3D> _nss_ldap_assign_userpassword
 nss_ldap: <=3D=3D _nss_ldap_assign_userpassword
 nss_ldap: =3D=3D> _nss_ldap_namelist_find
 nss_ldap: <=3D=3D _nss_ldap_namelist_find
 nss_ldap: =3D=3D> _nss_ldap_namelist_push (cn=3Dphisp,ou=3DGroup,dc=3Dirfu,=
 dc=3Dse)
 nss_ldap: <=3D=3D _nss_ldap_namelist_push
 nss_ldap: =3D=3D> _nss_ldap_namelist_destroy
 nss_ldap: <=3D=3D _nss_ldap_namelist_destroy
 nss_ldap: <=3D=3D do_parse
 nss_ldap: <=3D=3D _nss_ldap_getent_ex
 nss_ldap: =3D=3D> _nss_ldap_leave
 nss_ldap: <=3D=3D _nss_ldap_leave
 nss_ldap: =3D=3D> _nss_ldap_enter
 nss_ldap: <=3D=3D _nss_ldap_enter
 nss_ldap: =3D=3D> _nss_ldap_getent_ex
 nss_ldap: =3D=3D> do_parse
 nss_ldap: =3D=3D> do_result
 nss_ldap: <=3D=3D do_result
 nss_ldap: =3D=3D> _nss_ldap_assign_userpassword
 nss_ldap: <=3D=3D _nss_ldap_assign_userpassword
 nss_ldap: =3D=3D> _nss_ldap_namelist_find
 nss_ldap: <=3D=3D _nss_ldap_namelist_find
 nss_ldap: =3D=3D> _nss_ldap_namelist_push (cn=3Dadmin,ou=3DGroup,dc=3Dirfu,=
 dc=3Dse)
 nss_ldap: <=3D=3D _nss_ldap_namelist_push
 nss_ldap: =3D=3D> _nss_ldap_namelist_destroy
 nss_ldap: <=3D=3D _nss_ldap_namelist_destroy
 nss_ldap: <=3D=3D do_parse
 nss_ldap: <=3D=3D _nss_ldap_getent_ex
 nss_ldap: =3D=3D> _nss_ldap_leave
 nss_ldap: <=3D=3D _nss_ldap_leave
 nss_ldap: =3D=3D> _nss_ldap_enter
 nss_ldap: <=3D=3D _nss_ldap_enter
 nss_ldap: =3D=3D> _nss_ldap_getent_ex
 nss_ldap: =3D=3D> do_parse
 nss_ldap: =3D=3D> do_result
 nss_ldap: <=3D=3D do_result
 nss_ldap: =3D=3D> _nss_ldap_assign_userpassword
 nss_ldap: <=3D=3D _nss_ldap_assign_userpassword
 nss_ldap: =3D=3D> _nss_ldap_namelist_find
 nss_ldap: <=3D=3D _nss_ldap_namelist_find
 nss_ldap: =3D=3D> _nss_ldap_namelist_push (cn=3Dirfu,ou=3DGroup,dc=3Dirfu,d=
 c=3Dse)
 nss_ldap: <=3D=3D _nss_ldap_namelist_push
 nss_ldap: =3D=3D> _nss_ldap_namelist_destroy
 nss_ldap: <=3D=3D _nss_ldap_namelist_destroy
 nss_ldap: <=3D=3D do_parse
 nss_ldap: <=3D=3D _nss_ldap_getent_ex
 nss_ldap: =3D=3D> _nss_ldap_leave
 nss_ldap: <=3D=3D _nss_ldap_leave
 nss_ldap: =3D=3D> _nss_ldap_enter
 nss_ldap: <=3D=3D _nss_ldap_enter
 nss_ldap: =3D=3D> _nss_ldap_getent_ex
 nss_ldap: =3D=3D> do_parse
 nss_ldap: =3D=3D> do_result
 nss_ldap: <=3D=3D do_result
 nss_ldap: =3D=3D> _nss_ldap_assign_userpassword
 nss_ldap: <=3D=3D _nss_ldap_assign_userpassword
 nss_ldap: =3D=3D> _nss_ldap_namelist_find
 nss_ldap: <=3D=3D _nss_ldap_namelist_find
 nss_ldap: =3D=3D> _nss_ldap_namelist_push (cn=3Doldies,ou=3DGroup,dc=3Dirfu=
 ,dc=3Dse)
 nss_ldap: <=3D=3D _nss_ldap_namelist_push
 nss_ldap: =3D=3D> _nss_ldap_namelist_destroy
 nss_ldap: <=3D=3D _nss_ldap_namelist_destroy
 nss_ldap: <=3D=3D do_parse
 nss_ldap: <=3D=3D _nss_ldap_getent_ex
 nss_ldap: =3D=3D> _nss_ldap_leave
 nss_ldap: <=3D=3D _nss_ldap_leave
 nss_ldap: =3D=3D> _nss_ldap_enter
 nss_ldap: <=3D=3D _nss_ldap_enter
 nss_ldap: =3D=3D> _nss_ldap_getent_ex
 nss_ldap: =3D=3D> do_parse
 nss_ldap: =3D=3D> do_result
 nss_ldap: <=3D=3D do_result
 nss_ldap: =3D=3D> _nss_ldap_assign_userpassword
 nss_ldap: <=3D=3D _nss_ldap_assign_userpassword
 nss_ldap: =3D=3D> _nss_ldap_namelist_find
 nss_ldap: <=3D=3D _nss_ldap_namelist_find
 nss_ldap: =3D=3D> _nss_ldap_namelist_push (cn=3Dextern,ou=3DGroup,dc=3Dirfu=
 ,dc=3Dse)
 nss_ldap: <=3D=3D _nss_ldap_namelist_push
 nss_ldap: =3D=3D> _nss_ldap_namelist_destroy
 nss_ldap: <=3D=3D _nss_ldap_namelist_destroy
 nss_ldap: <=3D=3D do_parse
 nss_ldap: <=3D=3D _nss_ldap_getent_ex
 nss_ldap: =3D=3D> _nss_ldap_leave
 nss_ldap: <=3D=3D _nss_ldap_leave
 nss_ldap: =3D=3D> _nss_ldap_enter
 nss_ldap: <=3D=3D _nss_ldap_enter
 nss_ldap: =3D=3D> _nss_ldap_getent_ex
 nss_ldap: =3D=3D> do_parse
 nss_ldap: =3D=3D> do_result
 nss_ldap: <=3D=3D do_result
 nss_ldap: =3D=3D> _nss_ldap_assign_userpassword
 nss_ldap: <=3D=3D _nss_ldap_assign_userpassword
 nss_ldap: =3D=3D> _nss_ldap_namelist_find
 nss_ldap: <=3D=3D _nss_ldap_namelist_find
 nss_ldap: =3D=3D> _nss_ldap_namelist_push (cn=3Dcluster,ou=3DGroup,dc=3Dirf=
 u,dc=3Dse)
 nss_ldap: <=3D=3D _nss_ldap_namelist_push
 nss_ldap: =3D=3D> _nss_ldap_namelist_destroy
 nss_ldap: <=3D=3D _nss_ldap_namelist_destroy
 nss_ldap: <=3D=3D do_parse
 nss_ldap: <=3D=3D _nss_ldap_getent_ex
 nss_ldap: =3D=3D> _nss_ldap_leave
 nss_ldap: <=3D=3D _nss_ldap_leave
 nss_ldap: =3D=3D> _nss_ldap_enter
 nss_ldap: <=3D=3D _nss_ldap_enter
 nss_ldap: =3D=3D> _nss_ldap_getent_ex
 nss_ldap: =3D=3D> do_parse
 nss_ldap: =3D=3D> do_result
 nss_ldap: <=3D=3D do_result
 nss_ldap: =3D=3D> _nss_ldap_assign_userpassword
 nss_ldap: <=3D=3D _nss_ldap_assign_userpassword
 nss_ldap: =3D=3D> _nss_ldap_namelist_find
 nss_ldap: <=3D=3D _nss_ldap_namelist_find
 nss_ldap: =3D=3D> _nss_ldap_namelist_push (cn=3Drosetta,ou=3DGroup,dc=3Dirf=
 u,dc=3Dse)
 nss_ldap: <=3D=3D _nss_ldap_namelist_push
 nss_ldap: =3D=3D> _nss_ldap_namelist_destroy
 nss_ldap: <=3D=3D _nss_ldap_namelist_destroy
 nss_ldap: <=3D=3D do_parse
 nss_ldap: <=3D=3D _nss_ldap_getent_ex
 nss_ldap: =3D=3D> _nss_ldap_leave
 nss_ldap: <=3D=3D _nss_ldap_leave
 nss_ldap: =3D=3D> _nss_ldap_enter
 nss_ldap: <=3D=3D _nss_ldap_enter
 nss_ldap: =3D=3D> _nss_ldap_getent_ex
 nss_ldap: =3D=3D> do_parse
 nss_ldap: =3D=3D> do_result
 nss_ldap: <=3D=3D do_result
 nss_ldap: =3D=3D> _nss_ldap_assign_userpassword
 nss_ldap: <=3D=3D _nss_ldap_assign_userpassword
 nss_ldap: =3D=3D> _nss_ldap_namelist_find
 nss_ldap: <=3D=3D _nss_ldap_namelist_find
 nss_ldap: =3D=3D> _nss_ldap_namelist_push (cn=3Dastrid2,ou=3DGroup,dc=3Dirf=
 u,dc=3Dse)
 nss_ldap: <=3D=3D _nss_ldap_namelist_push
 nss_ldap: =3D=3D> _nss_ldap_namelist_destroy
 nss_ldap: <=3D=3D _nss_ldap_namelist_destroy
 nss_ldap: <=3D=3D do_parse
 nss_ldap: <=3D=3D _nss_ldap_getent_ex
 nss_ldap: =3D=3D> _nss_ldap_leave
 nss_ldap: <=3D=3D _nss_ldap_leave
 nss_ldap: =3D=3D> _nss_ldap_enter
 nss_ldap: <=3D=3D _nss_ldap_enter
 nss_ldap: =3D=3D> _nss_ldap_getent_ex
 nss_ldap: =3D=3D> do_parse
 nss_ldap: =3D=3D> do_result
 nss_ldap: <=3D=3D do_result
 nss_ldap: <=3D=3D do_parse
 nss_ldap: =3D=3D> _nss_ldap_search
 nss_ldap: =3D=3D> do_init
 nss_ldap: :=3D=3D do_init (stolen socket detected)
 nss_ldap: <=3D=3D do_init (initialized session)
 nss_ldap: <=3D=3D _nss_ldap_getent_ex
 nss_ldap: =3D=3D> _nss_ldap_leave
 nss_ldap: <=3D=3D _nss_ldap_leave
 nss_ldap: =3D=3D> _nss_ldap_enter
 nss_ldap: <=3D=3D _nss_ldap_enter
 nss_ldap: =3D=3D> _nss_ldap_ent_context_release
 nss_ldap: <=3D=3D _nss_ldap_ent_context_release
 nss_ldap: =3D=3D> _nss_ldap_leave
 nss_ldap: <=3D=3D _nss_ldap_leave
 nss_ldap: =3D=3D> _nss_ldap_enter
 nss_ldap: <=3D=3D _nss_ldap_enter
 nss_ldap: =3D=3D> _nss_ldap_getbyname
 nss_ldap: =3D=3D> _nss_ldap_search_s
 nss_ldap: =3D=3D> do_init
 nss_ldap: <=3D=3D do_init (initialized session)
 nss_ldap: =3D=3D> do_filter
 nss_ldap: :=3D=3D do_filter: (&(objectClass=3DposixGroup)(gidNumber=3D206))
 nss_ldap: <=3D=3D do_filter
 nss_ldap: =3D=3D> do_with_reconnect
 nss_ldap: =3D=3D> do_open
 nss_ldap: =3D=3D> do_init
 nss_ldap: <=3D=3D do_init (initialized session)
 nss_ldap: =3D=3D> do_bind
 nss_ldap: <=3D=3D do_bind
 nss_ldap: =3D=3D> do_set_sockopts
 nss_ldap: <=3D=3D do_set_sockopts
 nss_ldap: <=3D=3D do_open (session connected to DSA)
 nss_ldap: =3D=3D> do_search_s
 nss_ldap: <=3D=3D do_search_s
 nss_ldap: <=3D=3D do_with_reconnect
 nss_ldap: <=3D=3D _nss_ldap_search_s
 nss_ldap: =3D=3D> do_parse_s
 nss_ldap: =3D=3D> _nss_ldap_assign_userpassword
 nss_ldap: <=3D=3D _nss_ldap_assign_userpassword
 nss_ldap: =3D=3D> _nss_ldap_namelist_find
 nss_ldap: <=3D=3D _nss_ldap_namelist_find
 nss_ldap: =3D=3D> _nss_ldap_namelist_push (cn=3Dphisp,ou=3DGroup,dc=3Dirfu,=
 dc=3Dse)
 nss_ldap: <=3D=3D _nss_ldap_namelist_push
 nss_ldap: =3D=3D> _nss_ldap_namelist_destroy
 nss_ldap: <=3D=3D _nss_ldap_namelist_destroy
 nss_ldap: <=3D=3D do_parse_s
 nss_ldap: =3D=3D> _nss_ldap_leave
 nss_ldap: <=3D=3D _nss_ldap_leave
 nss_ldap: <=3D=3D _nss_ldap_getbyname
 nss_ldap: =3D=3D> _nss_ldap_enter
 nss_ldap: <=3D=3D _nss_ldap_enter
 nss_ldap: =3D=3D> _nss_ldap_getbyname
 nss_ldap: =3D=3D> _nss_ldap_search_s
 nss_ldap: =3D=3D> do_init
 nss_ldap: :=3D=3D do_init (stolen socket detected)
 nss_ldap: <=3D=3D do_init (initialized session)
 nss_ldap: =3D=3D> do_filter
 nss_ldap: :=3D=3D do_filter: (&(objectClass=3DposixGroup)(gidNumber=3D158))
 nss_ldap: <=3D=3D do_filter
 nss_ldap: =3D=3D> do_with_reconnect
 nss_ldap: =3D=3D> do_open
 nss_ldap: =3D=3D> do_init
 nss_ldap: <=3D=3D do_init (initialized session)
 nss_ldap: =3D=3D> do_bind
 nss_ldap: <=3D=3D do_bind
 nss_ldap: =3D=3D> do_set_sockopts
 nss_ldap: <=3D=3D do_set_sockopts
 nss_ldap: <=3D=3D do_open (session connected to DSA)
 nss_ldap: =3D=3D> do_search_s
 nss_ldap: <=3D=3D do_search_s
 nss_ldap: <=3D=3D do_with_reconnect
 nss_ldap: <=3D=3D _nss_ldap_search_s
 nss_ldap: =3D=3D> do_parse_s
 nss_ldap: =3D=3D> _nss_ldap_assign_userpassword
 nss_ldap: <=3D=3D _nss_ldap_assign_userpassword
 nss_ldap: =3D=3D> _nss_ldap_namelist_find
 nss_ldap: <=3D=3D _nss_ldap_namelist_find
 nss_ldap: =3D=3D> _nss_ldap_namelist_push (cn=3Dcluster,ou=3DGroup,dc=3Dirf=
 u,dc=3Dse)
 nss_ldap: <=3D=3D _nss_ldap_namelist_push
 nss_ldap: =3D=3D> _nss_ldap_namelist_destroy
 nss_ldap: <=3D=3D _nss_ldap_namelist_destroy
 nss_ldap: <=3D=3D do_parse_s
 nss_ldap: =3D=3D> _nss_ldap_leave
 nss_ldap: <=3D=3D _nss_ldap_leave
 nss_ldap: <=3D=3D _nss_ldap_getbyname
 phisp cluster
 
 nss_ldap 1.265_7:
 
 [root@hem /usr/local/etc]# groups ko
 nss_ldap: =3D=3D> _nss_ldap_enter
 nss_ldap: <=3D=3D _nss_ldap_enter
 nss_ldap: =3D=3D> _nss_ldap_getbyname
 nss_ldap: =3D=3D> _nss_ldap_search_s
 nss_ldap: =3D=3D> do_init
 nss_ldap: =3D=3D> do_close
 nss_ldap: <=3D=3D do_close
 nss_ldap: =3D=3D> do_close_no_unbind
 nss_ldap: <=3D=3D do_close_no_unbind (connection was not open)
 nss_ldap: =3D=3D> _nss_ldap_add_uri
 nss_ldap: <=3D=3D _nss_ldap_add_uri: added URI ldapi:///var/run/openldap/ld=
 api
 nss_ldap: =3D=3D> _nss_ldap_add_uri
 nss_ldap: <=3D=3D _nss_ldap_add_uri: added URI ldaps://XXXX.irfu.se
 nss_ldap: <=3D=3D do_init (initialized session)
 nss_ldap: =3D=3D> do_filter
 nss_ldap: :=3D=3D do_filter: (&(objectClass=3DposixAccount)(uid=3Dko))
 nss_ldap: <=3D=3D do_filter
 nss_ldap: =3D=3D> do_with_reconnect
 nss_ldap: =3D=3D> do_open
 nss_ldap: =3D=3D> do_init
 nss_ldap: <=3D=3D do_init (initialized session)
 nss_ldap: =3D=3D> do_bind
 nss_ldap: <=3D=3D do_bind
 nss_ldap: =3D=3D> do_set_sockopts
 nss_ldap: <=3D=3D do_set_sockopts
 nss_ldap: <=3D=3D do_open (session connected to DSA)
 nss_ldap: =3D=3D> do_search_s
 nss_ldap: <=3D=3D do_search_s
 nss_ldap: <=3D=3D do_with_reconnect
 nss_ldap: <=3D=3D _nss_ldap_search_s
 nss_ldap: =3D=3D> do_parse_s
 nss_ldap: =3D=3D> _nss_ldap_assign_userpassword
 nss_ldap: <=3D=3D _nss_ldap_assign_userpassword
 nss_ldap: <=3D=3D do_parse_s
 nss_ldap: =3D=3D> _nss_ldap_leave
 nss_ldap: <=3D=3D _nss_ldap_leave
 nss_ldap: <=3D=3D _nss_ldap_getbyname
 nss_ldap: =3D=3D> _nss_ldap_initgroups_dyn (user=3Dko)
 nss_ldap: =3D=3D> _nss_ldap_enter
 nss_ldap: <=3D=3D _nss_ldap_enter
 nss_ldap: =3D=3D> do_init
 nss_ldap: :=3D=3D do_init (stolen socket detected)
 nss_ldap: <=3D=3D do_init (initialized session)
 nss_ldap: =3D=3D> _nss_ldap_search_s
 nss_ldap: =3D=3D> do_init
 nss_ldap: <=3D=3D do_init (initialized session)
 nss_ldap: =3D=3D> do_filter
 nss_ldap: :=3D=3D do_filter: (&(objectClass=3DposixAccount)(uid=3Dko))
 nss_ldap: <=3D=3D do_filter
 nss_ldap: =3D=3D> do_with_reconnect
 nss_ldap: =3D=3D> do_open
 nss_ldap: =3D=3D> do_init
 nss_ldap: <=3D=3D do_init (initialized session)
 nss_ldap: =3D=3D> do_bind
 nss_ldap: <=3D=3D do_bind
 nss_ldap: =3D=3D> do_set_sockopts
 nss_ldap: <=3D=3D do_set_sockopts
 nss_ldap: <=3D=3D do_open (session connected to DSA)
 nss_ldap: =3D=3D> do_search_s
 nss_ldap: <=3D=3D do_search_s
 nss_ldap: <=3D=3D do_with_reconnect
 nss_ldap: <=3D=3D _nss_ldap_search_s
 nss_ldap: =3D=3D> _nss_ldap_ent_context_init_locked
 nss_ldap: <=3D=3D _nss_ldap_ent_context_init_locked
 nss_ldap: =3D=3D> _nss_ldap_getent_ex
 nss_ldap: =3D=3D> _nss_ldap_ent_context_init_locked
 nss_ldap: <=3D=3D _nss_ldap_ent_context_init_locked
 nss_ldap: =3D=3D> _nss_ldap_search
 nss_ldap: =3D=3D> do_init
 nss_ldap: :=3D=3D do_init (stolen socket detected)
 nss_ldap: <=3D=3D do_init (initialized session)
 nss_ldap: =3D=3D> do_filter
 nss_ldap: :=3D=3D do_filter:
 (&(objectClass=3DposixGroup)(|(memberUid=3Dko)(uniqueMember=3Duid=3Dko,ou=
 =3DPeople,dc=3Dirfu,dc=3Dse)))
 nss_ldap: <=3D=3D do_filter
 nss_ldap: =3D=3D> do_with_reconnect
 nss_ldap: =3D=3D> do_open
 nss_ldap: =3D=3D> do_init
 nss_ldap: <=3D=3D do_init (initialized session)
 nss_ldap: =3D=3D> do_bind
 nss_ldap: <=3D=3D do_bind
 nss_ldap: =3D=3D> do_set_sockopts
 nss_ldap: <=3D=3D do_set_sockopts
 nss_ldap: <=3D=3D do_open (session connected to DSA)
 nss_ldap: =3D=3D> do_search
 nss_ldap: <=3D=3D do_search
 nss_ldap: <=3D=3D do_with_reconnect
 nss_ldap: <=3D=3D _nss_ldap_search
 nss_ldap: =3D=3D> do_parse
 nss_ldap: =3D=3D> do_result
 nss_ldap: <=3D=3D do_result
 nss_ldap: =3D=3D> _nss_ldap_namelist_find
 nss_ldap: <=3D=3D _nss_ldap_namelist_find
 nss_ldap: =3D=3D> _nss_ldap_ent_context_init_locked
 nss_ldap: <=3D=3D _nss_ldap_ent_context_init_locked
 nss_ldap: =3D=3D> _nss_ldap_getent_ex
 nss_ldap: =3D=3D> _nss_ldap_ent_context_init_locked
 nss_ldap: <=3D=3D _nss_ldap_ent_context_init_locked
 nss_ldap: =3D=3D> _nss_ldap_search
 nss_ldap: =3D=3D> do_init
 nss_ldap: :=3D=3D do_init (stolen socket detected)
 nss_ldap: <=3D=3D do_init (initialized session)
 nss_ldap: =3D=3D> do_filter
 nss_ldap: :=3D=3D do_filter:
 (&(objectClass=3DposixGroup)(uniqueMember=3Dcn=3Dcluster,ou=3DGroup,dc=3Dir=
 fu,dc=3Dse))
 nss_ldap: <=3D=3D do_filter
 nss_ldap: =3D=3D> do_with_reconnect
 nss_ldap: =3D=3D> do_open
 nss_ldap: =3D=3D> do_init
 nss_ldap: <=3D=3D do_init (initialized session)
 nss_ldap: =3D=3D> do_bind
 nss_ldap: <=3D=3D do_bind
 nss_ldap: =3D=3D> do_set_sockopts
 nss_ldap: <=3D=3D do_set_sockopts
 nss_ldap: <=3D=3D do_open (session connected to DSA)
 nss_ldap: =3D=3D> do_search
 nss_ldap: <=3D=3D do_search
 nss_ldap: <=3D=3D do_with_reconnect
 nss_ldap: <=3D=3D _nss_ldap_search
 nss_ldap: =3D=3D> do_parse
 nss_ldap: =3D=3D> do_result
 nss_ldap: <=3D=3D do_result
 nss_ldap: <=3D=3D do_parse
 nss_ldap: =3D=3D> _nss_ldap_search
 nss_ldap: =3D=3D> do_init
 nss_ldap: :=3D=3D do_init (stolen socket detected)
 nss_ldap: <=3D=3D do_init (initialized session)
 nss_ldap: <=3D=3D _nss_ldap_getent_ex
 nss_ldap: =3D=3D> _nss_ldap_ent_context_release
 nss_ldap: <=3D=3D _nss_ldap_ent_context_release
 nss_ldap: =3D=3D> do_result
 nss_ldap: <=3D=3D do_result
 nss_ldap: <=3D=3D do_parse
 nss_ldap: <=3D=3D _nss_ldap_getent_ex
 nss_ldap: =3D=3D> _nss_ldap_namelist_destroy
 nss_ldap: <=3D=3D _nss_ldap_namelist_destroy
 nss_ldap: =3D=3D> _nss_ldap_ent_context_release
 nss_ldap: =3D=3D> do_result
 nss_ldap: <=3D=3D do_result
 nss_ldap: <=3D=3D _nss_ldap_ent_context_release
 nss_ldap: =3D=3D> _nss_ldap_leave
 nss_ldap: <=3D=3D _nss_ldap_leave
 nss_ldap: <=3D=3D _nss_ldap_initgroups_dyn (not found)
 nss_ldap: =3D=3D> _nss_ldap_enter
 nss_ldap: <=3D=3D _nss_ldap_enter
 nss_ldap: =3D=3D> _nss_ldap_getbyname
 nss_ldap: =3D=3D> _nss_ldap_search_s
 nss_ldap: =3D=3D> do_init
 nss_ldap: <=3D=3D do_init (initialized session)
 nss_ldap: =3D=3D> do_filter
 nss_ldap: :=3D=3D do_filter: (&(objectClass=3DposixGroup)(gidNumber=3D206))
 nss_ldap: <=3D=3D do_filter
 nss_ldap: =3D=3D> do_with_reconnect
 nss_ldap: =3D=3D> do_open
 nss_ldap: =3D=3D> do_init
 nss_ldap: <=3D=3D do_init (initialized session)
 nss_ldap: =3D=3D> do_bind
 nss_ldap: <=3D=3D do_bind
 nss_ldap: =3D=3D> do_set_sockopts
 nss_ldap: <=3D=3D do_set_sockopts
 nss_ldap: <=3D=3D do_open (session connected to DSA)
 nss_ldap: =3D=3D> do_search_s
 nss_ldap: <=3D=3D do_search_s
 nss_ldap: <=3D=3D do_with_reconnect
 nss_ldap: <=3D=3D _nss_ldap_search_s
 nss_ldap: =3D=3D> do_parse_s
 nss_ldap: =3D=3D> _nss_ldap_assign_userpassword
 nss_ldap: <=3D=3D _nss_ldap_assign_userpassword
 nss_ldap: =3D=3D> _nss_ldap_namelist_find
 nss_ldap: <=3D=3D _nss_ldap_namelist_find
 nss_ldap: =3D=3D> _nss_ldap_namelist_push (cn=3Dphisp,ou=3DGroup,dc=3Dirfu,=
 dc=3Dse)
 nss_ldap: <=3D=3D _nss_ldap_namelist_push
 nss_ldap: =3D=3D> _nss_ldap_namelist_destroy
 nss_ldap: <=3D=3D _nss_ldap_namelist_destroy
 nss_ldap: <=3D=3D do_parse_s
 nss_ldap: =3D=3D> _nss_ldap_leave
 nss_ldap: <=3D=3D _nss_ldap_leave
 nss_ldap: <=3D=3D _nss_ldap_getbyname
 phisp
 
 --=20
 Dr. Yuri Khotyaintsev
 Institutet f=C3=B6r rymdfysik (IRF), Uppsala
 tel: +46 18 471 59 29
 fax: +46 18 471 59 05
>Unformatted:
