On Thu, 6 Feb 2014, Todd C. Miller wrote: > I don't particularly like all the errno clearing but I suppose we > either need to clear it or restore it so the user can distinguish > between error and not found conditions.
Yep. Since linux and solaris zero it on success/no match, I think we should too to avoid porting headaches. > I do think we need some errno handling in the YP code. For example, the > db get in __has_yppw() needs the same handling as __hashpw(). I'm sure > there's more. For example, should we clear errno when _yp_check fails > and we fall back on the passwd file? Oof. If YP is enabled but an error occurs when trying to do the lookup (yp_match() returns an error other than YPERR_KEY) then we should set errno even when the later passwd file lookup return no match. So my patch is wrong as it would zero errno in that case, giving an authoritative "no such user" instead of "error during lookup". That's bad, as for things like sendmail it would mean temporary YP failures would result in permanent failure responses. This will tkae more thought. Philip