bin/119695: pw(8) does not interact with nscd(8)

Sven Berkvens-Matthijsse sven at berkvens.net
Tue Jan 15 19:20:02 UTC 2008 

>Number:         119695
>Category:       bin
>Synopsis:       pw(8) does not interact with nscd(8)
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue Jan 15 19:20:01 UTC 2008
>Closed-Date:
>Last-Modified:
>Originator:     Sven Berkvens-Matthijsse
>Release:        FreeBSD 7.0-PRERELEASE #5: Thu Jan 10 18:27:04 CET 2008 amd64
>Organization:
De Kattenfabriek
>Environment:
FreeBSD paws.berkvens.net 7.0-PRERELEASE FreeBSD 7.0-PRERELEASE #5: Thu Jan 10 18:27:04 CET 2008     sven at paws.berkvens.net:/usr/obj/usr/src/sys/PAWS  amd64

>Description:
I was installing the print/cups port when the portupgrade failed because the group 'cups' disappeared after it was added.

This happened because I have a /etc/nsswitch.conf with the following in it:

#
# nsswitch.conf(5) - name service switch configuration file
# $FreeBSD: src/etc/nsswitch.conf,v 1.1 2006/05/03 15:14:47 ume Exp $
#
group: cache compat
group_compat: nis
hosts: cache files dns
networks: cache files
passwd: cache compat
passwd_compat: nis
shells: files
services: cache compat
services_compat: nis
protocols: cache files
rpc: cache files

This causes the following line, which the port tried to do:

    if ! pw groupshow cups ; then pw groupadd cups -g 193 ; fi

to fail, because the groupshow command causes the nscd to cache a negative lookup entry. The groupadd command then adds the user to the /etc/group file, but FAILS to inform the nscd(8) daemon that all cached entries in the group file should be purged from memory. Next, the port checks whether the group 'cups' now exists, but gets a 'NO' because the negative answer is still in the cache.

I'm not sure whether the vipw(8) utility or similar other utilities exhibit the same problems.
>How-To-Repeat:
Set up the /etc/nsswitch.conf file as above (or similar, at least adding 'cache' to the passwd or group lines). Make sure the nscd daemon is running. Then try something similar to the command above.
>Fix:
The pw(8) utility should inform the nscd(8) daemon of the changes that it makes. So should any system utilities that edit the password or group files in any way.

>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-bugs mailing list