Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

This makes Linux-PAM compile able with uClibc or on embedded systems
without full libc/libnsl.

2009-06-29  Thorsten Kukuk  <kukuk@thkukuk.de>

        * modules/pam_unix/yppasswd_xdr.c: Remove unnecessary header files.

        * modules/pam_unix/support.c (_unix_getpwnam): Only compile in NIS
        support if all necessary functions exist.

        * modules/pam_unix/pam_unix_passwd.c (getNISserver): Add debug
        option, handle correct if OS has no NIS support.

        * modules/pam_access/pam_access.c (netgroup_match): Check if
        yp_get_default_domain and innetgr are available at compile time.

        * configure.in: Check for functions: innetgr, getdomainname
        check for headers: rpcsvc/ypclnt.h, rpcsvc/yp_prot.h.

1 files changed, 34 insertions, 2 deletions

diff --git a/modules/pam_unix/pam_unix_passwd.c b/modules/pam_unix/pam_unix_passwd.c
index 29b9c67d..2792a4d5 100644
--- a/modules/pam_unix/pam_unix_passwd.c
+++ b/modules/pam_unix/pam_unix_passwd.c
@@ -55,8 +55,12 @@
 #include <sys/time.h>
 #include <sys/stat.h>
 #include <rpc/rpc.h>
+#ifdef HAVE_RPCSVC_YP_PROT_H
 #include <rpcsvc/yp_prot.h>
+#endif
+#ifdef HAVE_RPCSVC_YPCLNT_H
 #include <rpcsvc/ypclnt.h>
+#endif
 
 #include <signal.h>
 #include <errno.h>
@@ -98,17 +102,34 @@ extern int getrpcport(const char *host, unsigned long prognum,
 
 #define MAX_PASSWD_TRIES	3
 
-static char *getNISserver(pam_handle_t *pamh)
+static char *getNISserver(pam_handle_t *pamh, unsigned int ctrl)
 {
+#if (defined(HAVE_YP_GET_DEFAULT_DOMAIN) || defined(HAVE_GETDOMAINNAME)) && defined(HAVE_YP_MASTER)
 	char *master;
 	char *domainname;
 	int port, err;
 
+#ifdef HAVE_YP_GET_DEFAULT_DOMAIN
 	if ((err = yp_get_default_domain(&domainname)) != 0) {
 		pam_syslog(pamh, LOG_WARNING, "can't get local yp domain: %s",
 			 yperr_string(err));
 		return NULL;
 	}
+#elif defined(HAVE_GETDOMAINNAME)
+	char domainname_res[256];
+
+	if (getdomainname (domainname_res, sizeof (domainname_res)) == 0)
+	  {
+	    if (strcmp (domainname_res, "(none)") == 0)
+	      {
+		/* If domainname is not set, some systems will return "(none)" */
+		domainname_res[0] = '\0';
+	      }
+	    domainname = domainname_res;
+	  }
+	else domainname = NULL;
+#endif
+
 	if ((err = yp_master(domainname, "passwd.byname", &master)) != 0) {
 		pam_syslog(pamh, LOG_WARNING, "can't find the master ypserver: %s",
 			 yperr_string(err));
@@ -125,7 +146,18 @@ static char *getNISserver(pam_handle_t *pamh)
 		         "yppasswd daemon running on illegal port");
 		return NULL;
 	}
+	if (on(UNIX_DEBUG, ctrl)) {
+	  pam_syslog(pamh, LOG_DEBUG, "Use NIS server on %s with port %d",
+		     master, port);
+	}
 	return master;
+#else
+	if (on(UNIX_DEBUG, ctrl)) {
+	  pam_syslog(pamh, LOG_DEBUG, "getNISserver: No NIS support available");
+	}
+
+	return NULL;
+#endif
 }
 
 #ifdef WITH_SELINUX
@@ -294,7 +326,7 @@ static int _do_setpass(pam_handle_t* pamh, const char *forwho,
 	}
 
 	if (on(UNIX_NIS, ctrl) && _unix_comesfromsource(pamh, forwho, 0, 1)) {
-	    if ((master=getNISserver(pamh)) != NULL) {
+	  if ((master=getNISserver(pamh, ctrl)) != NULL) {
 		struct timeval timeout;
 		struct yppasswd yppwd;
 		CLIENT *clnt;