debian/0000755000000000000000000000000012301630311007154 5ustar debian/libnss-db.manpages0000644000000000000000000000001112033415355012551 0ustar makedb.1 debian/copyright0000644000000000000000000000162312033415724011124 0ustar This is a prepackaged version of NSS module for using Berkeley Databases as a naming service. It was Debianised by Piotr Roszatycki , using files obtained from . More information about NSS module for using Berkeley Databases as a naming service is available from http://www.gnu.org/software/libc/ Changes were made as follows: 010-db2_upgrade_code.patch 030-no_internal_libc.patch 050-initialize_all_fields.patch 060-errno.patch 070-selinux.patch 080-translations.patch 090-automake_AC_CANONICAL_HOST.patch 100-automake_libtool.patch 110-automake_install-data-local.patch Copyright and licence notice: Copyright (C) 2000, 2001 Free Software Foundation, Inc. On any Debian system, you can find the complete text of the GNU GPL (GNU General Public License) in the file /usr/share/common-licenses/GPL-2 debian/changelog0000644000000000000000000002477012301630231011041 0ustar libnss-db (2.2.3pre1-5build3) trusty; urgency=medium * Rebuild for glibc 2.19. -- Matthias Klose Fri, 21 Feb 2014 11:49:55 +0100 libnss-db (2.2.3pre1-5build2) trusty; urgency=medium * No change rebuild against glibc 2.18. -- Matthias Klose Mon, 16 Dec 2013 11:48:26 +0100 libnss-db (2.2.3pre1-5build1) trusty; urgency=low * No change rebuild against db 5.3. -- Dmitrijs Ledkovs Fri, 01 Nov 2013 23:40:47 +0000 libnss-db (2.2.3pre1-5) unstable; urgency=low * QA upload. * Remove old debian/packages file, unused since conversion from yada. * Convert to source format 3.0 (quilt) (closes: #679676). Add po/Makevars to 080-translations.patch. Refresh all patches. * Use dh_installman to install makedb.1. * Add debhelper token to libnss-db.postinst. * Link to a versioned copy of the GPL in debian/copyright. -- Colin Watson Fri, 05 Oct 2012 00:29:58 +0100 libnss-db (2.2.3pre1-4) unstable; urgency=low * QA upload. * Switch maintainer to Debian QA group (see #636733) * Switch from yada to dh (closes: #636891). -- Julien Cristau Sun, 19 Feb 2012 18:02:37 +0100 libnss-db (2.2.3pre1-3.2) unstable; urgency=medium * Non-maintainer upload. * Build depends on libdb-dev (>> 4.6) instead of libdb4.6-dev. Closes: #548484. * Fix security issue which allows to read arbitrary file contents (CVE-2010-0826), patch taken from Ubuntu. Closes: #577057. -- Aurelien Jarno Wed, 04 May 2011 07:31:48 +0200 libnss-db (2.2.3pre1-3.1) unstable; urgency=low * Porter NMU for GNU/kFreeBSD. * Update config.guess/sub from autotools-dev. Closes: #528325. -- Aurelien Jarno Thu, 30 Jul 2009 02:06:56 +0200 libnss-db (2.2.3pre1-3) unstable; urgency=low * Applied all NMU patches. Closes: #460339, #460851, #344277, #361464, #379621, #441624, #391517. * Fixed bad 010-db2_upgrade_code.patch which broke this package. Closes: #460963. * Add Swedish translation to 080-translations.patch. Closes: #386615. * Updated 070-selinux.patch based on the latest Fedora. -- Piotr Roszatycki Wed, 16 Jan 2008 17:22:21 +0100 libnss-db (2.2.3pre1-2.2) unstable; urgency=low * Non-maintainer upload to fix bugs introduced in the previous NMU. * Merge patch from Steve Langasek Closes: #460339 + Bump Standards-Version to 3.7.3. + Removed 020-db4.3_usage.patch: - Linking with -ldb works fine, and lets us switch to db4.6. + Use bash for install, not sh, so that the current pushd usage doesn't cause a build failure when /bin/sh isn't bash. Closes: #379621. + Modified 070-selinux.patch: - Comparing x$selinux to "xno" works better than comparing it to "no"; fixes build failures on non-Linux archs. Closes: #344277. + Modified 010-db2_upgrade_code.patch: - Only call db->upgrade if db->open return DB_OLD_VERSION. Thanks to Dann Frazier for the patch. Closes: #391517, #460851. - Merge 040-db4.3_api_change.patch into this one, since having multiple patches patching the same line is annoying. * debian/packages: use DEB_HOST_ARCH_OS instead of DEB_HOST_GNU_SYSTEM; needed to avoid accidental SELinux-less misbuilds if SELinux support is broken. -- Aurelien Jarno Tue, 15 Jan 2008 11:36:50 +0100 libnss-db (2.2.3pre1-2.1) unstable; urgency=low * Non-maintainer upload from the Zürich BSP. * Don't build-depends on libselinux1-dev on kfreebsd-amd64. Closes: #361464. * Apply patch by Steve Langasek to switch to db4.6 (Closes: #441624): - Replaced 040-db4.3_api_change.patch with 040-db4.patch, 020-db4.3_usage.patch with 020-db4.patch. * Add Swedish translation from Daniel Nylander (Closes: #386615). * Fix selinux detection in debian/patches/070-selinux.patch (Closes:    #344277). -- Aurelien Jarno Sun, 13 Jan 2008 13:16:01 +0100 libnss-db (2.2.3pre1-2) unstable; urgency=high * Renumbered Debian patches. * Modified 060-errno.patch: - Do not remove errnop variable. It causes fatal error on amd64. Just set errno to ENOENT by default. Closes: #341773. * Modified 070-selinux.patch: - Fix configure script for SELinux and fix FTBFS on hurd-i386. Closes: #322190. * Removed 120-gettextize.patch: - Call gettextize in build time with a little help of IPC::Run. -- Piotr Roszatycki Mon, 19 Dec 2005 11:45:15 +0100 libnss-db (2.2.3pre1-1) unstable; urgency=low * New maintainer release. Closes bugs fixed by previous NMUs. Closes: #146707, #165298, #168532, #173082, #284859, #309492. * New upstrem release. * The source package converted to yada. * The source is adapted to the latest automake. Closes: #114936. * debian/packages: - Build-Depends: autoconf, automake1.9, libtool, gettext, perl, libdb4.3-dev, libselinux1-dev - Install library into /usr/lib as far as it requires libdb4.3 from /usr/lib. - Detect _PATH_VARDB and install there db-Makefile. Closes: #316573. - Changed package description. Closes: #314909. * Removed 000_libtool_upgrade.diff: - Not necessary with new upstream. * Replaced 002_db3_usage.diff by 002-db4.3_usage.patch: - Compile against libdb4.3-dev. * Replaced 003_no_internal_libc.diff by 003-no_internal_libc.patch: - The patch from Fedora: doesn't get to use internal interfaces. * Added 004-db4.3_api_change.patch: - Use new interface for db->open() * Added 005-initialize_all_fields.patch: - The patch from Fedora: Initialize all of the fields of the key to zeroes, so that we don't pass garbage keys in to later versions of Berkeley DB. * Added 006-errno.patch: - The patch based on Fedora - set errno to ENOENT by default so that we don't leave stale errno values around in error cases - clear the entire key DBT before handing it to a get() function - set errno to ENOENT when returning NSS_STATUS_NOTFOUND * Added 007-selinux.patch: - Set the SELinux file creation context when opening databases for write access. Note that this does *not* change the context of existing files. * Added 008-translations.patch: - Missing translations for makedb. * Added 009-automake_AC_CANONICAL_HOST.patch: - Remove AC_CANONICAL_HOST for new automake. * Added 010-automake_libtool.patch: - Automake doesn't know how to compile a single file both with and without libtool. So fake it. * Added 011-automake_install-data-local.patch: - Call install-slibLTLIBRARIES before install-data-local. * Added 012-gettextize.patch: - Updated for the newer gettext. Generated by `gettextize --force --copy --no-changelog --intl && rm -f *~ intl/*~ m4/*.in' * debian/man/makedb.pod: - Better formatting. -- Piotr Roszatycki Mon, 18 Jul 2005 14:39:43 +0200 libnss-db (2.2-6.3) unstable; urgency=medium * NMU * debian/local/db-Makefile: - Set correct umask before creating files. Closes: #284859. * debian/packages.d/libnss-db.in: %postinst%: - Don't remove *.db files on upgrade. It can break the system if the files are not generated locally. Closes: #309492. - Use `invoke-rc.d nscd restart'. * debian/rules: - The symlink in /usr/lib should be absolute. -- Piotr Roszatycki Mon, 23 May 2005 15:37:00 +0200 libnss-db (2.2-6.2) unstable; urgency=low * NMU * debian/patches/003_no_internal_libc.diff: - Fix libc-lock.h to work on hppa (closes: #173082) - include errno.h in db-XXX.c (closes: #168532) * Remove duplicated "been" in description (closes: #146707) * Change automake build-depends to automake1.4 -- Ryan Murray Sun, 23 Feb 2003 20:23:16 -0800 libnss-db (2.2-6.1.1) unstable; urgency=low * BinNMU to compile against glibc 2.3.1 -- Othmar Pasteka Tue, 4 Feb 2003 11:07:21 +0100 libnss-db (2.2-6.1) unstable; urgency=low * NMU * Change autoconf build-dep to autoconf2.13 * Added 003_no_internal_libc.diff from Daniel Jacobowitz . closes: #165298 -- Randolph Chung Sun, 1 Dec 2002 09:31:44 -0800 libnss-db (2.2-6) unstable; urgency=low * Rebuild with newer libdb3 -- Ben Collins Fri, 12 Apr 2002 13:12:29 -0400 libnss-db (2.2-5) unstable; urgency=low * Remove libc6-dev build-dep. It was there to make sure it built with a newer libc. That's pretty moot now. closes: #108643 -- Ben Collins Mon, 13 Aug 2001 21:24:06 -0400 libnss-db (2.2-4) unstable; urgency=low * Call libtoolize before autoconf, closes: #101428 -- Ben Collins Fri, 10 Aug 2001 12:33:20 -0400 libnss-db (2.2-3) unstable; urgency=low * Urf, my db2->db3 upgrade code doesn't work for non-root in this case. Leave it, but don't let it fail. Also, make sure we rebuild the db's on upgrades. * Add manpage for makedb.1 * Created a etc/default/libnss-db to hold the configurable parts of the db Makefile. Make that new file a conffile, and not Makefile, #92283 -- Ben Collins Sun, 1 Apr 2001 22:29:26 -0400 libnss-db (2.2-2) unstable; urgency=low * Restart nscd if we move the db's, closes: #35844 * Added more build-depends, closes: #90207 * libdb2 is now in /lib, closes: #81212, #72647 * Update libtool, closes: #77950 * db-Makefile: set ETC to /etc, and use it throughout. closes: #78579 * Build-Dep on db3 now, and compile against that. * Make /var/lib/misc/Makefile a conffile, since the user may want to modify it. * Depend on make, it's needed to generate the .db's * Add patch to call DB->upgrade() after creating and before opening the .db, so it is automatically upgraded to the db3 on-disk format. -- Ben Collins Sun, 25 Mar 2001 09:47:06 -0500 libnss-db (2.2-1) unstable; urgency=low * New upstream version * Remove the Essential flag, instead we will allow libc6 to suggest us -- Ben Collins Wed, 15 Nov 2000 21:54:08 -0500 libnss-db (2.1.92-3) unstable; urgency=low * Make libnss-db essential -- Ben Collins Tue, 7 Nov 2000 19:03:39 -0500 libnss-db (2.1.92-2) unstable; urgency=low * Fix silly copyright problem -- Ben Collins Tue, 26 Sep 2000 16:17:09 -0400 libnss-db (2.1.92-1) unstable; urgency=low * Original packaging, split from glibc upstream (2.1.93) -- Ben Collins Mon, 11 Sep 2000 14:58:01 -0400 debian/libnss-db.postinst0000644000000000000000000000021412033415622012643 0ustar #!/bin/sh set -e if [ "$1" = "configure" ]; then if [ -x /etc/init.d/nscd ]; then invoke-rc.d nscd restart fi fi #DEBHELPER# exit 0 debian/conf/0000755000000000000000000000000012033414014010103 5ustar debian/conf/default0000644000000000000000000000041712033414014011454 0ustar # Default settings for libnss-db # Location of files ETC = /etc # Databases to generate DBS = passwd group ethers protocols rpc services shadow netgroup # Directory where the databases are kept VAR_DB = /var/lib/misc # Programs used AWK = awk MAKEDB = makedb --quiet debian/clean0000644000000000000000000000002712033414014010162 0ustar makedb.1 m4/* po/*.gmo debian/compat0000644000000000000000000000000212033414014010354 0ustar 8 debian/scripts/0000755000000000000000000000000012033414014010645 5ustar debian/scripts/db-Makefile0000644000000000000000000001115112033414014012667 0ustar # Makefile to (re-)generate db versions of system database files. # Copyright (C) 1996, 1997, 1998 Free Software Foundation, Inc. # This file is part of the GNU C Library. # Contributed by Ulrich Drepper , 1996. # # The GNU C Library is free software; you can redistribute it and/or # modify it under the terms of the GNU Library General Public License as # published by the Free Software Foundation; either version 2 of the # License, or (at your option) any later version. # The GNU C Library is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # Library General Public License for more details. # # You should have received a copy of the GNU Library General Public # License along with the GNU C Library; see the file COPYING.LIB. If not, # write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, # Boston, MA 02111-1307, USA. */ # XXX: Do not edit this file, it will be overwritten on upgrades. Instead # edit /etc/default/libnss-db. include /etc/default/libnss-db DATABASES = $(wildcard $(addprefix $(ETC)/,$(DBS))) all: $(patsubst %,$(VAR_DB)/%.db,$(notdir $(DATABASES))) $(VAR_DB)/passwd.db: $(ETC)/passwd @echo -n "$(patsubst %.db,%,$(@F))... " @$(AWK) 'BEGIN { FS=":"; OFS=":"; cnt=0 } \ /^[ \t]*$$/ { next } \ /^[ \t]*#/ { next } \ { printf "0%u ", cnt++; print } \ /^[^#]/ { printf ".%s ", $$1; print; \ printf "=%s ", $$3; print }' $^ | \ (umask 022 && $(MAKEDB) -o $@ -) @echo "done." $(VAR_DB)/group.db: $(ETC)/group @echo -n "$(patsubst %.db,%,$(@F))... " @$(AWK) 'BEGIN { FS=":"; OFS=":"; cnt=0 } \ /^[ \t]*$$/ { next } \ /^[ \t]*#/ { next } \ { printf "0%u ", cnt++; print } \ /^[^#]/ { printf ".%s ", $$1; print; \ printf "=%s ", $$3; print }' $^ | \ (umask 022 && $(MAKEDB) -o $@ -) @echo "done." $(VAR_DB)/ethers.db: $(ETC)/ethers @echo -n "$(patsubst %.db,%,$(@F))... " @$(AWK) 'BEGIN { cnt=0 } \ /^[ \t]*$$/ { next } \ /^[ \t]*#/ { next } \ { printf "0%u ", cnt++; print } \ /^[^#]/ { printf ".%s ", $$1; print; \ printf "=%s ", $$2; print }' $^ | \ (umask 022 && $(MAKEDB) -o $@ -) @echo "done." $(VAR_DB)/protocols.db: $(ETC)/protocols @echo -n "$(patsubst %.db,%,$(@F))... " @$(AWK) 'BEGIN { cnt=0 } \ /^[ \t]*$$/ { next } \ /^[ \t]*#/ { next } \ { printf "0%u ", cnt++; print } \ /^[^#]/ { printf ".%s ", $$1; print; \ printf "=%s ", $$2; print; \ for (i = 3; i <= NF && !($$i ~ /^#/); ++i) \ { printf ".%s ", $$i; print } }' $^ | \ (umask 022 && $(MAKEDB) -o $@ -) @echo "done." $(VAR_DB)/rpc.db: $(ETC)/rpc @echo -n "$(patsubst %.db,%,$(@F))... " @$(AWK) 'BEGIN { cnt=0 } \ /^[ \t]*$$/ { next } \ /^[ \t]*#/ { next } \ { printf "0%u ", cnt++; print } \ /^[^#]/ { printf ".%s ", $$1; print; \ printf "=%s ", $$2; print; \ for (i = 3; i <= NF && !($$i ~ /^#/); ++i) \ { printf ".%s ", $$i; print } }' $^ | \ (umask 022 && $(MAKEDB) -o $@ -) @echo "done." $(VAR_DB)/services.db: $(ETC)/services @echo -n "$(patsubst %.db,%,$(@F))... " @$(AWK) 'BEGIN { FS="[ \t/]+"; cnt=0 } \ /^[ \t]*$$/ { next } \ /^[ \t]*#/ { next } \ { printf "0%u ", cnt++; print } \ /^[^#]/ { printf ".%s/%s ", $$1, $$3; print; \ printf ".%s/ ", $$1; print; \ printf "=%s/%s ", $$2, $$3; print; \ printf "=%s/ ", $$2; print; \ for (i = 4; i <= NF && !($$i ~ /^#/); ++i) \ { printf ".%s/%s ", $$i, $$3; print; \ printf ".%s/ ", $$i; print } }' $^ | \ (umask 022 && $(MAKEDB) -o $@ -) @echo "done." $(VAR_DB)/shadow.db: $(ETC)/shadow @echo -n "$(patsubst %.db,%,$(@F))... " @$(AWK) 'BEGIN { FS=":"; OFS=":"; cnt=0 } \ /^[ \t]*$$/ { next } \ /^[ \t]*#/ { next } \ { printf "0%u ", cnt++; print } \ /^[^#]/ { printf ".%s ", $$1; print }' $^ | \ (umask 077 && $(MAKEDB) -o $@ -) @echo "done." @if chgrp shadow $@ 2>/dev/null; then \ chmod g+r $@; \ else \ chown 0 $@; chgrp 0 $@; chmod 600 $@; \ echo; \ echo "Warning: The shadow password database $@"; \ echo "has been set to be readable only by root. You may want"; \ echo "to make it readable by the \`shadow' group depending"; \ echo "on your configuration."; \ echo; \ fi $(VAR_DB)/netgroup.db: $(ETC)/netgroup @echo -n "$(patsubst %.db,%,$(@F))... " @$(AWK) 'BEGIN { cnt=0 } \ /^[ \t]*$$/ { next } \ /^[ \t]*#/ { next } \ { printf "0%u ", cnt++; print } \ /^[^#]/ { end=sub(/\\/, " "); \ gsub(/[ \t]+/, " "); \ if(end == 1) printf "%s", $$0; else print }' $^ | \ (umask 022 && $(MAKEDB) -o $@ -) @echo "done." debian/patches/0000755000000000000000000000000012033415155010614 5ustar debian/patches/070-selinux.patch0000644000000000000000000001053712033414564013641 0ustar Set the SELinux file creation context when opening databases for write access. Note that this does *not* change the context of existing files. Index: b/configure.in =================================================================== --- a/configure.in +++ b/configure.in @@ -73,6 +73,43 @@ *** Unsupported Berkeley DB version detected.]) fi +AC_ARG_WITH(selinux,AC_HELP_STRING(--with-selinux,[enable SELinux support [[default=auto]]]), +selinux=$withval, +selinux=auto) + +libsave="$LIBS" +if test x$selinux != xno ; then + AC_CHECK_HEADERS(selinux/selinux.h) + if test x$ac_cv_header_selinux_selinux_h = xno ; then + if test x$selinux = xyes ; then + AC_MSG_ERROR([SELinux not detected]) + else + AC_MSG_WARN([SELinux not detected]) + selinux=no + fi + fi +fi + +if test x$selinux != xno ; then + AC_CHECK_FUNC(setfscreatecon,,[AC_CHECK_LIB(selinux,setfscreatecon)]) + if test x$ac_cv_func_setfscreatecon = xno ; then + if test x$ac_cv_lib_selinux_setfscreatecon = xno ; then + if test x$selinux = xyes ; then + AC_MSG_ERROR([SELinux not detected]) + else + AC_MSG_WARN([SELinux not detected]) + selinux=no + fi + fi + fi +fi +if test x$selinux != xno ; then + AC_DEFINE(SELINUX,1,[Define to have makedb set SELinux file contexts on created files.]) +fi + +SELINUX_LIBS="$LIBS" +LIBS="$libsave" + AC_CANONICAL_HOST slibdir=NONE case "$host" in @@ -100,6 +137,7 @@ AC_SUBST(DB_CFLAGS) AC_SUBST(DB_LIBS) +AC_SUBST(SELINUX_LIBS) AC_SUBST(slibdir) dnl Internationalization macros. Index: b/src/Makefile.am =================================================================== --- a/src/Makefile.am +++ b/src/Makefile.am @@ -29,7 +29,7 @@ bin_PROGRAMS = makedb makedb_SOURCES = makedb.c db-compat.c -makedb_LDADD = @DB_LIBS@ @INTLLIBS@ +makedb_LDADD = @DB_LIBS@ @INTLLIBS@ @SELINUX_LIBS@ # To mimmick the old glibc installation as closely as possible, we # shuffle the installed library and the links to it around a bit, Index: b/src/makedb.c =================================================================== --- a/src/makedb.c +++ b/src/makedb.c @@ -36,6 +36,10 @@ #include #include +#ifdef SELINUX +#include +#endif + #include "db-compat.h" #define N_(Text) Text @@ -99,6 +103,12 @@ int to_lowercase, int be_quiet); static int print_database (DB *db); +#ifdef SELINUX +/* Set the SELinux file creation context for the given file. */ +static void set_file_creation_context (const char *outname, mode_t mode); +#else +#define set_file_creation_context(_outname,_mode) +#endif int main (int argc, char *argv[]) @@ -181,8 +191,10 @@ /* Open output file. This must not be standard output so we don't handle "-" and "/dev/stdout" special. */ + set_file_creation_context (output_name, mode); status = db_open (output_name, DB_BTREE, DB_CREATE | DB_TRUNCATE, mode, NULL, NULL, &db_file); + set_file_creation_context (NULL, 0); if (status) error (EXIT_FAILURE, 0, gettext ("cannot open output file `%s': %s"), output_name, db_strerror (status)); @@ -393,3 +405,55 @@ return EXIT_SUCCESS; } + + +#ifdef SELINUX +static void +set_file_creation_context (const char *outname, mode_t mode) +{ + static int enabled = -1, enforcing = -1; + security_context_t ctx; + /* Handle the "reset the context" case. */ + if (outname == NULL) + { + setfscreatecon (NULL); + return; + } + /* Check if SELinux is enabled, and remember. */ + if (enabled == -1) + { + enabled = is_selinux_enabled (); + } + if (enabled == 0) + { + return; + } + /* Check if SELinux is enforcing, and remember. */ + if (enforcing == -1) + { + enforcing = security_getenforce(); + } + /* Determine the context which the file should have. */ + ctx = NULL; + if ((matchpathcon (outname, S_IFREG | mode, &ctx) == 0) && + (ctx != NULL)) + { + if (setfscreatecon (ctx) != 0) + { + if (enforcing) + { + error (EXIT_FAILURE, 0, + gettext ("cannot set file creation context for `%s'"), + outname); + } + else + { + error (0, 0, + gettext ("cannot set file creation context for `%s'"), + outname); + } + } + freecon (ctx); + } +} +#endif debian/patches/100-automake_libtool.patch0000644000000000000000000000122712033414565015473 0ustar Automake doesn't know how to compile a single file both with and without libtool. So fake it. Index: b/src/Makefile.am =================================================================== --- a/src/Makefile.am +++ b/src/Makefile.am @@ -28,8 +28,11 @@ libnss_db_la_LIBADD = @DB_LIBS@ -lnss_files bin_PROGRAMS = makedb -makedb_SOURCES = makedb.c db-compat.c +makedb_SOURCES = makedb.c db-compat-copy-makedb.c makedb_LDADD = @DB_LIBS@ @LIBINTL@ @SELINUX_LIBS@ +db-compat-copy-makedb.c: db-compat.c + cp $^ $@ + chmod -w $@ # To mimmick the old glibc installation as closely as possible, we # shuffle the installed library and the links to it around a bit, debian/patches/050-initialize_all_fields.patch0000644000000000000000000000105512033414563016461 0ustar Initialize all of the fields of the key to zeroes, so that we don't pass garbage keys in to later versions of Berkeley DB. Index: b/src/db-XXX.c =================================================================== --- a/src/db-XXX.c +++ b/src/db-XXX.c @@ -223,6 +223,7 @@ DBT key; \ enum nss_status status; \ const size_t size = (keysize) + 1; \ + memset(&key, 0, sizeof(key)); \ key.data = alloca (size); \ key.size = KEYPRINTF keypattern; \ key.flags = 0; \ debian/patches/060-errno.patch0000644000000000000000000000064312033414563013272 0ustar - set errno to ENOENT by default so that we don't leave stale errno values around in error cases Index: b/src/db-XXX.c =================================================================== --- a/src/db-XXX.c +++ b/src/db-XXX.c @@ -122,6 +122,7 @@ } /* Succeed iff it matches a value that parses correctly. */ + *errnop = ENOENT; value.flags = 0; err = db->get (db, NULL, key, &value, 0); if (err) debian/patches/090-automake_AC_CANONICAL_HOST.patch0000644000000000000000000000044512033414564016526 0ustar Remove AC_CANONICAL_HOST for new automake Index: b/configure.in =================================================================== --- a/configure.in +++ b/configure.in @@ -110,7 +110,6 @@ SELINUX_LIBS="$LIBS" LIBS="$libsave" -AC_CANONICAL_HOST slibdir=NONE case "$host" in *-linux*) debian/patches/080-translations.patch0000644000000000000000000002254012033415146014666 0ustar Missing translations for makedb Index: b/configure.in =================================================================== --- a/configure.in +++ b/configure.in @@ -4,7 +4,7 @@ AM_CONFIG_HEADER(config.h) dnl Set of available languages. -ALL_LINGUAS="de nl" +ALL_LINGUAS="de nl pl sv" # Check for a --with-db argument. AC_ARG_WITH(db, dnl Index: b/src/Makefile.am =================================================================== --- a/src/Makefile.am +++ b/src/Makefile.am @@ -29,7 +29,7 @@ bin_PROGRAMS = makedb makedb_SOURCES = makedb.c db-compat.c -makedb_LDADD = @DB_LIBS@ @INTLLIBS@ @SELINUX_LIBS@ +makedb_LDADD = @DB_LIBS@ @LIBINTL@ @SELINUX_LIBS@ # To mimmick the old glibc installation as closely as possible, we # shuffle the installed library and the links to it around a bit, Index: b/po/Makevars =================================================================== --- /dev/null +++ b/po/Makevars @@ -0,0 +1,41 @@ +# Makefile variables for PO directory in any package using GNU gettext. + +# Usually the message domain is the same as the package name. +DOMAIN = $(PACKAGE) + +# These two variables depend on the location of this directory. +subdir = po +top_builddir = .. + +# These options get passed to xgettext. +XGETTEXT_OPTIONS = --keyword=_ --keyword=N_ + +# This is the copyright holder that gets inserted into the header of the +# $(DOMAIN).pot file. Set this to the copyright holder of the surrounding +# package. (Note that the msgstr strings, extracted from the package's +# sources, belong to the copyright holder of the package.) Translators are +# expected to transfer the copyright for their translations to this person +# or entity, or to disclaim their copyright. The empty string stands for +# the public domain; in this case the translators are expected to disclaim +# their copyright. +COPYRIGHT_HOLDER = Free Software Foundation, Inc. + +# This is the email address or URL to which the translators shall report +# bugs in the untranslated strings: +# - Strings which are not entire sentences, see the maintainer guidelines +# in the GNU gettext documentation, section 'Preparing Strings'. +# - Strings which use unclear terms or require additional context to be +# understood. +# - Strings which make invalid assumptions about notation of date, time or +# money. +# - Pluralisation problems. +# - Incorrect English spelling. +# - Incorrect formatting. +# It can be your email address, or a mailing list address where translators +# can write to without being subscribed, or the URL of a web page through +# which the translators can contact you. +MSGID_BUGS_ADDRESS = + +# This is the list of locale categories, beyond LC_MESSAGES, for which the +# message catalogs shall be used. It is usually empty. +EXTRA_LOCALE_CATEGORIES = Index: b/po/pl.po =================================================================== --- /dev/null +++ b/po/pl.po @@ -0,0 +1,112 @@ +# Polish messages for GNU nss_db. +# Copyright (C) 2000 Free Software Foundation, Inc. +# Piotr Roszatycki , 2005. +# +msgid "" +msgstr "" +"Project-Id-Version: nss_db 2.2.3pre1\n" +"POT-Creation-Date: 2000-09-10 16:37+0200\n" +"PO-Revision-Date: 2005-07-09 13:59+0200\n" +"Last-Translator: Piotr Roszatycki \n" +"Language-Team: Polish \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=ISO-8859-2\n" +"Content-Transfer-Encoding: 8-bit\n" + +#: src/makedb.c:68 +msgid "Convert key to lower case" +msgstr "Zamiana klucza z wielkich na ma³e litery" + +#: src/makedb.c:69 +msgid "NAME" +msgstr "PLIK" + +#: src/makedb.c:69 +msgid "Write output to file NAME" +msgstr "Zapisywanie rezultatu do PLIKu" + +#: src/makedb.c:71 +msgid "Do not print messages while building database" +msgstr "Omijanie komunikatów podczas tworzenia bazy danych" + +#: src/makedb.c:73 +msgid "Print content of database file, one entry a line" +msgstr "Wydruk zawarto¶ci pliku bazy danych; jedna linia na pozycjê" + +#. Short description of program. +#: src/makedb.c:78 +msgid "Create simple DB database from textual input." +msgstr "Utworzenie pliku bazy danych DB na podstawie danych tekstowych." + +#. Strings for arguments in help texts. +#: src/makedb.c:81 +msgid "" +"INPUT-FILE OUTPUT-FILE\n" +"-o OUTPUT-FILE INPUT-FILE\n" +"-u INPUT-FILE" +msgstr "" +"PLIK-WEJ¦CIOWY PLIK-WYJ¦CIOWY\n" +"-o PLIK-WYJ¦CIOWY PLIK-WEJ¦CIOWY\n" +"-u PLIK-WEJ¦CIOWY" + +#: src/makedb.c:132 +msgid "wrong number of arguments" +msgstr "z³a ilo¶æ argumentów" + +#: src/makedb.c:154 +#, c-format +msgid "cannot open database file `%s': %s" +msgstr "nie mo¿na otworzyæ pliku bazy danych `%s': %s" + +#: src/makedb.c:173 +#, c-format +msgid "cannot open input file `%s'" +msgstr "nie mo¿na otworzyæ pliku wej¶ciowego `%s'" + +#: src/makedb.c:187 +#, c-format +msgid "cannot open output file `%s': %s" +msgstr "nie mo¿na otworzyæ pliku wyj¶ciowego `%s': %s" + +#. We print some extra information. +#: src/makedb.c:235 +msgid "Report bugs using the `glibcbug' script to .\n" +msgstr "" +"Ewentualne b³êdy prosimy zg³aszaæ wykorzystuj±c program `glibcbug'\n" +"wysy³aj±c na adres .\n" + +#: src/makedb.c:248 +#, c-format +msgid "" +"Copyright (C) %s Free Software Foundation, Inc.\n" +"This is free software; see the source for copying conditions. There is NO\n" +"warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.\n" +msgstr "" +"Copyright (C) %s Free Software Foundation, Inc.\n" +"Ten program jest darmowy; warunki kopiowania s± opisane w ¼ród³ach.\n" +"Autorzy nie daj± ¯ADNYCH gwarancji, w tym nawet gwarancji SPRZEDAWALNO¦CI\n" +"lub PRZYDATNO¦CI DO KONKRETNYCH CELÓW.\n" + +#: src/makedb.c:253 +#, c-format +msgid "Written by %s.\n" +msgstr "Napisane przez %s.\n" + +#: src/makedb.c:330 +msgid "duplicate key" +msgstr "powtórzony klucz" + +#: src/makedb.c:336 +#, c-format +msgid "while writing database file: %s" +msgstr "podczas zapisu pliku bazy danych: %s" + +#: src/makedb.c:348 +#, c-format +msgid "problems while reading `%s'" +msgstr "problem podczas czytania `%s'" + +#: src/makedb.c:371 src/makedb.c:389 +#, c-format +msgid "while reading database: %s" +msgstr "podczas odczytu bazy danych: %s" Index: b/po/sv.po =================================================================== --- /dev/null +++ b/po/sv.po @@ -0,0 +1,113 @@ +# Swedish translation for libnss-db +# Copyright (c) 2006 Free Software Foundation, Inc. +# This file is distributed under the same license as the libnss-db package. +# Daniel Nylander , 2006. +# +#, fuzzy +msgid "" +msgstr "" +"Project-Id-Version: libnss-db\n" +"Report-Msgid-Bugs-To: FULL NAME \n" +"POT-Creation-Date: 2000-09-10 16:37+0200\n" +"PO-Revision-Date: 2006-09-08 20:27+0000\n" +"Last-Translator: Daniel Nylander \n" +"Language-Team: Swedish \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#: src/makedb.c:68 +msgid "Convert key to lower case" +msgstr "Konvertera nyckel till gemen" + +#: src/makedb.c:69 +msgid "NAME" +msgstr "NAMN" + +#: src/makedb.c:69 +msgid "Write output to file NAME" +msgstr "Skriv utdata till filen NAMN" + +#: src/makedb.c:71 +msgid "Do not print messages while building database" +msgstr "Visa inte meddelanden när databasen byggs" + +#: src/makedb.c:73 +msgid "Print content of database file, one entry a line" +msgstr "Skriv ut innehÃ¥ller i databasfilen, en post per rad" + +#: src/makedb.c:78 +msgid "Create simple DB database from textual input." +msgstr "Skapa en enkelt DB-databas frÃ¥n textinmatning." + +#: src/makedb.c:81 +msgid "" +"INPUT-FILE OUTPUT-FILE\n" +"-o OUTPUT-FILE INPUT-FILE\n" +"-u INPUT-FILE" +msgstr "" +"INDATAFIL UTDATAFIL\n" +"-o UTDATAFIL INDATAFIL\n" +"-u INDATAFIL" + +#: src/makedb.c:132 +msgid "wrong number of arguments" +msgstr "fel antal argument" + +#: src/makedb.c:154 +#, c-format +msgid "cannot open database file `%s': %s" +msgstr "kan inte öppna databasfilen \"%s\": %s" + +#: src/makedb.c:173 +#, c-format +msgid "cannot open input file `%s'" +msgstr "kan inte öppna indatafilen \"%s\"" + +#: src/makedb.c:187 +#, c-format +msgid "cannot open output file `%s': %s" +msgstr "kan inte öppna utdatafilen \"%s\": %s" + +#: src/makedb.c:235 +msgid "Report bugs using the `glibcbug' script to .\n" +msgstr "" +"Rapportera fel med skriptet \"glibcbug\" till .\n" +"Skicka synpunkter pÃ¥ översättningen till .\n" + +#: src/makedb.c:248 +#, c-format +msgid "" +"Copyright (C) %s Free Software Foundation, Inc.\n" +"This is free software; see the source for copying conditions. There is NO\n" +"warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.\n" +msgstr "" +"Copyright © %s Free Software Foundation, Inc.\n" +"Detta är fri programvara; se källkoden för kopieringsvillkor. Det finns " +"INGEN\n" +"garanti; inte ens för SÄLJBARHET eller LÄMPLIGHET FÖR ETT SPECIFIKT " +"ÄNDAMÃ…L.\n" + +#: src/makedb.c:253 +#, c-format +msgid "Written by %s.\n" +msgstr "Skrivet av %s.\n" + +#: src/makedb.c:330 +msgid "duplicate key" +msgstr "dubblettnyckel" + +#: src/makedb.c:336 +#, c-format +msgid "while writing database file: %s" +msgstr "vid skrivning av databasfil: %s" + +#: src/makedb.c:348 +#, c-format +msgid "problems while reading `%s'" +msgstr "problem vid inläsning av \"%s\"" + +#: src/makedb.c:371 src/makedb.c:389 +#, c-format +msgid "while reading database: %s" +msgstr "vid inläsning av databas: %s" debian/patches/intl.patch0000644000000000000000000000123112033414566012605 0ustar Index: b/configure.in =================================================================== --- a/configure.in +++ b/configure.in @@ -140,6 +140,7 @@ AC_SUBST(slibdir) dnl Internationalization macros. -AM_GNU_GETTEXT +AM_GNU_GETTEXT([external]) +AM_GNU_GETTEXT_VERSION(0.18.1) -AC_OUTPUT([Makefile src/Makefile intl/Makefile po/Makefile.in]) +AC_OUTPUT([Makefile src/Makefile po/Makefile.in]) Index: b/Makefile.am =================================================================== --- a/Makefile.am +++ b/Makefile.am @@ -4,4 +4,6 @@ EXTRA_DIST = COPYING.LIB README db-Makefile rellns-sh -SUBDIRS = intl po src +SUBDIRS = po src + +ACLOCAL_AMFLAGS = -I m4 debian/patches/200-set-db-environment.dpatch0000644000000000000000000001525712033414565016036 0ustar #! /bin/sh /usr/share/dpatch/dpatch-run ## 200-set-db-environment.dpatch by Kees Cook ## ## All lines beginning with `## DP:' are a description of the patch. # Description: fix file content leak when using db (CVE-2010-0826). # Author: Kees Cook # Bug-Ubuntu: https://launchpad.net/bugs/531976 @DPATCH@ Index: b/src/db-XXX.c =================================================================== --- a/src/db-XXX.c +++ b/src/db-XXX.c @@ -56,6 +56,7 @@ /* Maintenance of the shared handle open on the database. */ +static DB_ENV *dbenv; static DB *db; static int keep_db; static int entidx; @@ -69,7 +70,7 @@ pthread_mutex_lock (&lock); - status = internal_setent (DBFILE, &db); + status = internal_setent (DBFILE, &db, &dbenv); /* Remember STAYOPEN flag. */ if (db != NULL) @@ -89,7 +90,7 @@ { pthread_mutex_lock (&lock); - internal_endent (&db); + internal_endent (&db, &dbenv); /* Reset STAYOPEN flag. */ keep_db = 0; @@ -112,7 +113,7 @@ /* Open the database. */ if (db == NULL) { - status = internal_setent (DBFILE, &db); + status = internal_setent (DBFILE, &db, &dbenv); if (status != NSS_STATUS_SUCCESS) { *errnop = errno; @@ -194,7 +195,7 @@ } if (! keep_db) - internal_endent (&db); + internal_endent (&db, &dbenv); return status; } Index: b/src/db-alias.c =================================================================== --- a/src/db-alias.c +++ b/src/db-alias.c @@ -34,6 +34,7 @@ /* Maintenance of the shared handle open on the database. */ +static DB_ENV *dbenv; static DB *db; static int keep_db; static unsigned int entidx; /* Index for `getaliasent_r'. */ @@ -47,7 +48,7 @@ pthread_mutex_lock (&lock); - status = internal_setent (_PATH_VARDB "aliases.db", &db); + status = internal_setent (_PATH_VARDB "aliases.db", &db, &dbenv); /* Remember STAYOPEN flag. */ if (db != NULL) @@ -68,7 +69,7 @@ { pthread_mutex_lock (&lock); - internal_endent (&db); + internal_endent (&db, &dbenv); /* Reset STAYOPEN flag. */ keep_db = 0; @@ -92,7 +93,7 @@ /* Open the database. */ if (db == NULL) { - status = internal_setent (_PATH_VARDB "aliases.db", &db); + status = internal_setent (_PATH_VARDB "aliases.db", &db, &dbenv); if (status != NSS_STATUS_SUCCESS) { *errnop = errno; @@ -165,7 +166,7 @@ status = NSS_STATUS_NOTFOUND; if (! keep_db) - internal_endent (&db); + internal_endent (&db, &dbenv); return status; } Index: b/src/db-compat.c =================================================================== --- a/src/db-compat.c +++ b/src/db-compat.c @@ -27,15 +27,14 @@ int db_open (const char *file, DBTYPE type, u_int32_t flags, int mode, - void *dbenv, void *dbinfo, DB **dbp) + DB_ENV *dbenv, void *dbinfo, DB **dbp) { DB *db; int err; - assert (dbenv == NULL); assert (dbinfo == NULL); - err = db_create (&db, NULL, 0); + err = db_create (&db, dbenv, 0); if (err) return err; Index: b/src/db-compat.h =================================================================== --- a/src/db-compat.h +++ b/src/db-compat.h @@ -2,5 +2,5 @@ #if DB_VERSION_MAJOR > 2 extern int db_open (const char *__file, DBTYPE __type, u_int32_t __flags, - int __mode, void *__dbenv, void *__dbinfo, DB **__dbp); + int __mode, DB_ENV *dbenv, void *__dbinfo, DB **__dbp); #endif Index: b/src/db-netgrp.c =================================================================== --- a/src/db-netgrp.c +++ b/src/db-netgrp.c @@ -35,6 +35,7 @@ static pthread_mutex_t lock = PTHREAD_MUTEX_INITIALIZER; /* Maintenance of the shared handle open on the database. */ +static DB_ENV *dbenv; static DB *db; static char *entry; static char *cursor; @@ -46,7 +47,7 @@ pthread_mutex_lock (&lock); - status = internal_setent (DBFILE, &db); + status = internal_setent (DBFILE, &db, &dbenv); if (status == NSS_STATUS_SUCCESS) { @@ -72,7 +73,7 @@ { pthread_mutex_lock (&lock); - internal_endent (&db); + internal_endent (&db, &dbenv); pthread_mutex_unlock (&lock); Index: b/src/db-open.c =================================================================== --- a/src/db-open.c +++ b/src/db-open.c @@ -21,6 +21,9 @@ #include #include #include +#include +#include +#include #include "db-compat.h" @@ -45,35 +48,46 @@ handle in *DBP and return NSS_STATUS_SUCCESS. On failure, return the appropriate lookup status. */ enum nss_status -internal_setent (const char *file, DB **dbp) +internal_setent (const char *file, DB **dbp, DB_ENV **dbenvp) { - DB *db; + char *filecopy = NULL, *home; + DB_ENV *dbenv = NULL; + DB *db = NULL; int err; int fd; if (*dbp) return NSS_STATUS_SUCCESS; - err = db_open (file, DB_BTREE, DB_RDONLY, 0, NULL, NULL, &db); + err = db_env_create(&dbenv, 0); if (err != 0) - { - if (err > 0) - errno = err; - return NSS_STATUS_UNAVAIL; - } + goto fail; + filecopy = strdup(file); + home = dirname(filecopy); + err = dbenv->open(dbenv, home, DB_INIT_MPOOL | DB_CREATE | DB_PRIVATE, 0); + if (err != 0) + goto fail_env; + err = db_open (file, DB_BTREE, DB_RDONLY, 0, dbenv, NULL, &db); + if (err != 0) + goto fail_env; /* We have to make sure the file is `closed on exec'. */ err = db->fd (db, &fd); if (err) - goto fail; + goto fail_db; if (set_cloexec_flag (fd) < 0) - goto fail; + goto fail_db; + *dbenvp = dbenv; *dbp = db; return NSS_STATUS_SUCCESS; - fail: + fail_db: db->close (db, 0); + fail_env: + dbenv->close (dbenv, 0); + fail: + if (filecopy) free(filecopy); if (err > 0) errno = err; return NSS_STATUS_UNAVAIL; @@ -81,8 +95,9 @@ /* Close the database *DBP. */ void -internal_endent (DB **dbp) +internal_endent (DB **dbp, DB_ENV **dbenvp) { + DB_ENV *dbenv = *dbenvp; DB *db = *dbp; if (db != NULL) @@ -90,4 +105,9 @@ db->close (db, 0); *dbp = NULL; } + if (dbenv != NULL) + { + dbenv->close (dbenv, 0); + *dbenvp = NULL; + } } Index: b/src/nss_db.h =================================================================== --- a/src/nss_db.h +++ b/src/nss_db.h @@ -26,9 +26,9 @@ /* Open the database stored in FILE. If succesful, store the database handle in *DBP and return NSS_STATUS_SUCCESS. On failure, return the appropriate lookup status. */ -extern enum nss_status internal_setent (const char *file, DB **dbp); +extern enum nss_status internal_setent (const char *file, DB **dbp, DB_ENV **dbenvp); /* Close the database *DBP. */ -extern void internal_endent (DB **dbp); +extern void internal_endent (DB **dbp, DB_ENV **dbenvp); #endif /* nss_db.h */ debian/patches/110-automake_install-data-local.patch0000644000000000000000000000110512033414565017470 0ustar Call install-slibLTLIBRARIES before install-data-local Index: b/src/Makefile.am =================================================================== --- a/src/Makefile.am +++ b/src/Makefile.am @@ -37,7 +37,7 @@ # To mimmick the old glibc installation as closely as possible, we # shuffle the installed library and the links to it around a bit, # removing all traces from libtool in the process. -install-data-local: +install-data-local: install-slibLTLIBRARIES $(mkinstalldirs) $(DESTDIR)$(libdir) rm $(DESTDIR)$(slibdir)/libnss_db.la rm $(DESTDIR)$(slibdir)/libnss_db.so debian/patches/series0000644000000000000000000000043612033414014012025 0ustar 010-db2_upgrade_code.patch 030-no_internal_libc.patch 050-initialize_all_fields.patch 060-errno.patch 070-selinux.patch 080-translations.patch 090-automake_AC_CANONICAL_HOST.patch 100-automake_libtool.patch 110-automake_install-data-local.patch 200-set-db-environment.dpatch intl.patch debian/patches/030-no_internal_libc.patch0000644000000000000000000001435112033414563015444 0ustar nss_db is now external to libc, so it doesn't get to use internal interfaces. Index: b/src/db-alias.c =================================================================== --- a/src/db-alias.c +++ b/src/db-alias.c @@ -23,15 +23,14 @@ #include #include #include +#include #include #include -#include - #include "nss_db.h" /* Locks the static variables in this file. */ -__libc_lock_define_initialized (static, lock) +static pthread_mutex_t lock = PTHREAD_MUTEX_INITIALIZER; /* Maintenance of the shared handle open on the database. */ @@ -46,7 +45,7 @@ { enum nss_status status; - __libc_lock_lock (lock); + pthread_mutex_lock (&lock); status = internal_setent (_PATH_VARDB "aliases.db", &db); @@ -57,7 +56,7 @@ /* Reset the sequential index. */ entidx = 0; - __libc_lock_unlock (lock); + pthread_mutex_unlock (&lock); return status; } @@ -67,14 +66,14 @@ enum nss_status _nss_db_endaliasent (void) { - __libc_lock_lock (lock); + pthread_mutex_lock (&lock); internal_endent (&db); /* Reset STAYOPEN flag. */ keep_db = 0; - __libc_lock_unlock (lock); + pthread_mutex_unlock (&lock); return NSS_STATUS_SUCCESS; } @@ -180,14 +179,14 @@ char buf[20]; DBT key; - __libc_lock_lock (lock); + pthread_mutex_lock (&lock); key.size = snprintf (key.data = buf, sizeof buf, "0%u", entidx++); key.flags = 0; status = lookup (&key, result, buffer, buflen, errnop); if (status == NSS_STATUS_TRYAGAIN && *errnop == ERANGE) /* Give the user a chance to get the same entry with a larger buffer. */ --entidx; - __libc_lock_unlock (lock); + pthread_mutex_unlock (&lock); return status; } @@ -207,9 +206,9 @@ memcpy (&((char *) key.data)[1], name, key.size - 1); key.flags = 0; - __libc_lock_lock (lock); + pthread_mutex_lock (&lock); status = lookup (&key, result, buffer, buflen, errnop); - __libc_lock_unlock (lock); + pthread_mutex_unlock (&lock); return status; } Index: b/src/db-netgrp.c =================================================================== --- a/src/db-netgrp.c +++ b/src/db-netgrp.c @@ -21,8 +21,8 @@ #include #include #include +#include #include -#include #include #include "nss_db.h" @@ -32,7 +32,7 @@ /* Locks the static variables in this file. */ -__libc_lock_define_initialized (static, lock) +static pthread_mutex_t lock = PTHREAD_MUTEX_INITIALIZER; /* Maintenance of the shared handle open on the database. */ static DB *db; @@ -44,7 +44,7 @@ { enum nss_status status; - __libc_lock_lock (lock); + pthread_mutex_lock (&lock); status = internal_setent (DBFILE, &db); @@ -60,7 +60,7 @@ cursor = entry = value.data; } - __libc_lock_unlock (lock); + pthread_mutex_unlock (&lock); return status; @@ -70,11 +70,11 @@ enum nss_status _nss_db_endnetgrent (void) { - __libc_lock_lock (lock); + pthread_mutex_lock (&lock); internal_endent (&db); - __libc_lock_unlock (lock); + pthread_mutex_unlock (&lock); return NSS_STATUS_SUCCESS; } @@ -91,11 +91,11 @@ { int status; - __libc_lock_lock (lock); + pthread_mutex_lock (&lock); status = _nss_netgroup_parseline (&cursor, result, buffer, buflen, errnop); - __libc_lock_unlock (lock); + pthread_mutex_unlock (&lock); return status; } Index: b/src/db-open.c =================================================================== --- a/src/db-open.c +++ b/src/db-open.c @@ -58,7 +58,7 @@ if (err != 0) { if (err > 0) - __set_errno (err); + errno = err; return NSS_STATUS_UNAVAIL; } @@ -75,7 +75,7 @@ fail: db->close (db, 0); if (err > 0) - __set_errno (err); + errno = err; return NSS_STATUS_UNAVAIL; } Index: b/src/db-XXX.c =================================================================== --- a/src/db-XXX.c +++ b/src/db-XXX.c @@ -21,11 +21,10 @@ #include #include #include +#include #include #include -#include - #include "nss_db.h" /* These symbols are defined by the including source file: @@ -53,7 +52,7 @@ #endif /* Locks the static variables in this file. */ -__libc_lock_define_initialized (static, lock) +static pthread_mutex_t lock = PTHREAD_MUTEX_INITIALIZER; /* Maintenance of the shared handle open on the database. */ @@ -68,7 +67,7 @@ { enum nss_status status; - __libc_lock_lock (lock); + pthread_mutex_lock (&lock); status = internal_setent (DBFILE, &db); @@ -78,7 +77,7 @@ /* Reset the sequential index. */ entidx = 0; - __libc_lock_unlock (lock); + pthread_mutex_unlock (&lock); return status; } @@ -88,14 +87,14 @@ enum nss_status CONCAT(_nss_db_end,ENTNAME) (void) { - __libc_lock_lock (lock); + pthread_mutex_lock (&lock); internal_endent (&db); /* Reset STAYOPEN flag. */ keep_db = 0; - __libc_lock_unlock (lock); + pthread_mutex_unlock (&lock); return NSS_STATUS_SUCCESS; } @@ -227,10 +226,10 @@ key.data = alloca (size); \ key.size = KEYPRINTF keypattern; \ key.flags = 0; \ - __libc_lock_lock (lock); \ + pthread_mutex_lock (&lock); \ status = lookup (&key, result, buffer, buflen, errnop H_ERRNO_ARG \ EXTRA_ARGS_VALUE); \ - __libc_lock_unlock (lock); \ + pthread_mutex_unlock (&lock); \ return status; \ } @@ -249,7 +248,7 @@ char buf[20]; DBT key; - __libc_lock_lock (lock); + pthread_mutex_lock (&lock); /* Loop until we find a valid entry or hit EOF. See above for the special meaning of the status value. */ @@ -270,7 +269,7 @@ } while (status == NSS_STATUS_RETURN); - __libc_lock_unlock (lock); + pthread_mutex_unlock (&lock); return status; } Index: b/src/Makefile.am =================================================================== --- a/src/Makefile.am +++ b/src/Makefile.am @@ -11,7 +11,7 @@ noinst_HEADERS = db-compat.h netgroup.h nss_db.h -INCLUDES = @DB_CFLAGS@ -D_LIBC -D_GNU_SOURCE \ +INCLUDES = @DB_CFLAGS@ -D_GNU_SOURCE \ -I../intl -DLOCALEDIR=\"$(localedir)\" EXTRA_DIST = libnss_db.map debian/patches/010-db2_upgrade_code.patch0000644000000000000000000000131212033414562015301 0ustar Make sure we upgrade, in case this is an older database; and handle the DB4.3 API change for DB->open(). Index: b/src/db-compat.c =================================================================== --- a/src/db-compat.c +++ b/src/db-compat.c @@ -39,7 +39,15 @@ if (err) return err; - err = db->open (db, file, NULL, type, flags, mode); + err = db->open (db, NULL, file, NULL, type, flags, mode); + /* Make sure we upgrade, in case this is an older database */ + if (err == DB_OLD_VERSION) { + db->close (db, 0); + err = db->upgrade(db, file, 0); + if (err) + return err; + err = db->open (db, NULL, file, NULL, type, flags, mode); + } if (err) { db->close (db, 0); debian/libnss-db.docs0000644000000000000000000000001412033414014011700 0ustar README NEWS debian/control0000644000000000000000000000203412235035777010603 0ustar Source: libnss-db Maintainer: Ubuntu Developers XSBC-Original-Maintainer: Debian QA Group Section: admin Priority: standard Standards-Version: 3.7.3 Build-Depends: autoconf, automake, autotools-dev, libtool, gettext, autopoint, libdb-dev (>> 4.6), libselinux1-dev [linux-any], debhelper (>> 8), dh-autoreconf, Homepage: http://www.gnu.org/software/libc/ Vcs-Browser: http://svn.debian.org/wsvn/cvsdebuild/libnss-db/ Vcs-Svn: svn://svn.debian.org/cvsdebuild/libnss-db Package: libnss-db Architecture: any Depends: make, ${shlibs:Depends}, ${misc:Depends}, Description: NSS module for using Berkeley Databases as a naming service nss_db is a set of C library extensions which allow Berkeley Databases to be used as a primary source of aliases, ethers, groups, hosts, networks, protocol, users, RPCs, services, and shadow passwords (instead of or in addition to using flat files or NIS). Install nss_db if your flat name service files are too large and lookups are slow. debian/rules0000755000000000000000000000141012033415363010242 0ustar #!/usr/bin/make -f DEB_HOST_ARCH_OS ?= $(shell dpkg-architecture -qDEB_HOST_ARCH_OS) ifeq ($(DEB_HOST_ARCH_OS), linux) selinux = --with-selinux endif %: dh $@ --with autoreconf --builddirectory=build override_dh_auto_configure: dh_auto_configure --builddirectory=build -- $(selinux) override_dh_auto_build: dh_auto_build --builddirectory=build pod2man debian/man/makedb.pod makedb.1 DESTDIR = debian/libnss-db override_dh_auto_install: dh_auto_install --builddirectory=build -- slibdir=/usr/lib rm -f $(DESTDIR)/usr/lib/libnss_db.so install -d -m 755 $(DESTDIR)/etc/default install -m 644 debian/conf/default $(DESTDIR)/etc/default/libnss-db install -d -m 755 $(DESTDIR)/var/lib/misc install -m 644 debian/scripts/db-Makefile $(DESTDIR)/var/lib/misc/Makefile debian/source/0000755000000000000000000000000012033414324010462 5ustar debian/source/format0000644000000000000000000000001412033414324011670 0ustar 3.0 (quilt) debian/man/0000755000000000000000000000000012033414642007740 5ustar debian/man/makedb.pod0000644000000000000000000000201512033414014011656 0ustar =head1 NAME makedb - Create simple DB database from textual input. =head1 SYNOPSIS B B<[> I B<]> I I B B<[> I B<]> B<-o> I I B B<[> I B<]> B<-u> I =head1 DESCRIPTION This program is mainly used to generate database files for the libnss_db.so module for the Name Service Switch. =head1 OPTIONS =over 8 =item B<-f>, B<--fold-case> Convert key to lower case. =item B<-o>, B<--output> I Write output to file I =item B<-q>, B<--quiet> Do not print messages while building database. =item B<-u>, B<--undo> Print content of database file, one entry a line =item B<-?>, B<--help> Give help message. =item B<--usage> Give a short usage message. =item B<-V>, B<--version> Print program version. =back =head1 AUTHOR I was written by Ulrich Drepper for the GNU C Library. This manpage was written by Ben Collins Ebcollins@debian.orgE for the Debian GNU/Linux system.