RHBA-2015:1332 - Bug Fix Advisory

Topic

Updated ypbind packages that fix several bugs and add one enhancement are now
available for Red Hat Enterprise Linux 6.

Description

The ypbind packages provide the ypbind daemon to bind NIS clients to an NIS
domain. The ypbind daemon must be running on any machines that run NIS client
programs.

This update fixes the following bugs:

• Previously, the localhost was not treated specifically in the domains list of

the ypbind program. Consequently, when the network connection was not
established the ypbind did not bind to the ypserv utility on the localhost. With
this update, a check for the localhost has been added, and now ypbind works even
if the network connection is off. (BZ#829487)

• Prior to this update, the SIGPIPE signal was not in the proper signal set.

Consequently, when a loss of network connectivity occurred, the ypbind utility
terminated unexpectedly. Adding SIGPIPE to the proper signal set fixes this bug,
and ypbind no longer crashes. (BZ#842228)

• Previously, the ypbind program's init script did not check for the presence of

the ypbind line in the /etc/rpc file. As a consequence, if the ypbind line was
not present, ypbind failed to start. This update adds a patch to check for the
presence of the ypbind line in /etc/rpc. As a result, ypbind provides a warning
message in the log files when its line is missing in /etc/rpc. (BZ#888778)

In addition, this update adds the following enhancement:

• This update adds a configurable option for setting the time interval which is

used by the ypbind program to retry rebinding. Previously, ypbind checked for
the fastest NIS server every 15 minutes. This in some cases led to intermittent
failures when the default timeout interval on a server firewall was set to 10
minutes. The added configurable option allows to set a specific time interval
after which ypbind performs a check for the fastest NIS server, and thus avoids
the intermittent failures during the rebinding process. (BZ#918276)

Users of ypbind are advised to upgrade to these updated packages, which fix
these bugs and add this enhancement.

Solution

Before applying this update, make sure all previously released errata relevant
to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

• Red Hat Enterprise Linux Server 6 x86_64
• Red Hat Enterprise Linux Server 6 i386
• Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 i386
• Red Hat Enterprise Linux Workstation 6 x86_64
• Red Hat Enterprise Linux Workstation 6 i386
• Red Hat Enterprise Linux Desktop 6 x86_64
• Red Hat Enterprise Linux Desktop 6 i386
• Red Hat Enterprise Linux for IBM z Systems 6 s390x
• Red Hat Enterprise Linux for Power, big endian 6 ppc64
• Red Hat Enterprise Linux for Scientific Computing 6 x86_64
• Red Hat Enterprise Linux Server from RHUI 6 x86_64
• Red Hat Enterprise Linux Server from RHUI 6 i386
• Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 x86_64
• Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 6 s390x
• Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension 6 x86_64
• Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension 6 i386
• Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension (for IBM z Systems) 6 s390x

Fixes

• BZ - 681134 - wrong nis.sh script and potential avc denial for dhclient-script and yp.conf
• BZ - 829487 - ypbind will not bind if network is off
• BZ - 842228 - nis ypbind crash because SIGPIPE is not caught
• BZ - 846080 - NIS user causes gdm autologin to fail, user isn't valid yet?

CVEs

(none)

References

(none)