about summary refs log tree commit diff
path: root/nis/nss_compat
diff options
context:
space:
mode:
authorUlrich Drepper <drepper@redhat.com>1997-11-12 00:06:02 +0000
committerUlrich Drepper <drepper@redhat.com>1997-11-12 00:06:02 +0000
commitcc3fa755128c70f8afc2d604936f33e4d7d652d8 (patch)
tree0c68c1298140e1524078e8bfdf5154fb6129b680 /nis/nss_compat
parent86187531d302de284b67ac162cf76c60c86bd7da (diff)
downloadglibc-cc3fa755128c70f8afc2d604936f33e4d7d652d8.tar.gz
glibc-cc3fa755128c70f8afc2d604936f33e4d7d652d8.tar.xz
glibc-cc3fa755128c70f8afc2d604936f33e4d7d652d8.zip
1997-11-11 21:30  Ulrich Drepper  <drepper@cygnus.com>

	* include/sys/stat.h: Define stat, fstat, lstat and *64 variants
	as macros so the the library compiles correctly even without
	optimization.
	* io/fstat.c: Undef fstat.
	* io/fstat64.c: Undef fstat64
	* io/lstat.c: Undef lstat.
	* io/lstat64.c: Undef lstat64
	* io/stat.c: Undef stat.
	* io/stat64.c: Undef stat64
	* io/fts.c: Include <include/sys/stat.h> to get macro definitions.
	* io/ftw.c: Likewise.
	* io/getdirname.c: Likewise.

	* Makefile (install): Run test-installation.pl if possible.

	* db2/Makefile: Update from db-2.3.12.
	* db2/db.h: Likewise.
	* db2/db_int.h: Likewise.
	* db2/btree/bt_cursor.c: Likewise.
	* db2/btree/bt_delete.c: Likewise.
	* db2/btree/bt_open.c: Likewise.
	* db2/btree/bt_put.c: Likewise.
	* db2/btree/bt_rec.c: Likewise.
	* db2/btree/bt_recno.c: Likewise.
	* db2/btree/bt_search.c: Likewise.
	* db2/btree/bt_split.c: Likewise.
	* db2/btree/bt_stat.c: Likewise.
	* db2/btree/btree.src: Likewise.
	* db2/btree/btree_auto.c: Likewise.
	* db2/btree/bt_cursor.c: Likewise.
	* db2/btree/bt_delete.c: Likewise.
	* db2/btree/bt_open.c: Likewise.
	* db2/btree/bt_put.c: Likewise.
	* db2/btree/bt_rec.c: Likewise.
	* db2/btree/bt_recno.c: Likewise.
	* db2/btree/bt_search.c: Likewise.
	* db2/btree/bt_split.c: Likewise.
	* db2/btree/bt_stat.c: Likewise.
	* db2/btree/btree.src: Likewise.
	* db2/btree/btree_auto.c: Likewise.
	* db2/common/db_appinit.c: Likewise.
	* db2/common/db_apprec.c: Likewise.
	* db2/common/db_byteorder.c: Likewise.
	* db2/common/db_region.c: Likewise.
	* db2/db/db.c: Likewise
	* db2/db/db.src: Likewise
	* db2/db/db_auto.c: Likewise
	* db2/db/db_dispatch.c: Likewise
	* db2/db/db_dup.c: Likewise
	* db2/db/db_overflow.c: Likewise
	* db2/db/db_pr.c: Likewise
	* db2/db/db_rec.c: Likewise
	* db2/db/db_ret.c: Likewise
	* db2/db/db_thread.c: Likewise
	* db2/db185/db185.c: Likewise.
	* db2/hash/hash.c: Likewise.
	* db2/hash/hash.src: Likewise.
	* db2/hash/hash_auto.c: Likewise.
	* db2/hash/hash_dup.c: Likewise.
	* db2/hash/hash_page.c: Likewise.
	* db2/hash/hash_rec.c: Likewise.
	* db2/include/btree_auto.h: Likewise.
	* db2/include/btree_ext.h: Likewise.
	* db2/include/clib_ext.h: Likewise.
	* db2/include/common_ext.h: Likewise.
	* db2/include/db.h.src: Likewise.
	* db2/include/db_am.h: Likewise.
	* db2/include/db_auto.h: Likewise.
	* db2/include/db_cxx.h: Likewise.
	* db2/include/db_ext.h: Likewise.
	* db2/include/db_int.h.src: Likewise.
	* db2/include/hash.h: Likewise.
	* db2/include/hash_auto.h: Likewise.
	* db2/include/hash_ext.h: Likewise.
	* db2/include/lock.h: Likewise.
	* db2/include/lock_ext.h: Likewise.
	* db2/include/log.h: Likewise.
	* db2/include/log_ext.h: Likewise.
	* db2/include/mp.h: Likewise.
	* db2/include/mp_ext.h: Likewise.
	* db2/include/mutex_ext.h: Likewise.
	* db2/include/os_ext.h: Likewise.
	* db2/include/os_func.h: Likewise.
	* db2/include/txn.h: Likewise.
	* db2/include/txn_ext.h: Likewise.
	* db2/lock/lock.c: Likewise.
	* db2/lock/lock_deadlock.c: Likewise.
	* db2/log/log.c: Likewise.
	* db2/log/log_archive.c: Likewise.
	* db2/log/log_auto.c: Likewise.
	* db2/log/log_findckp.c: Likewise.
	* db2/log/log_get.c: Likewise.
	* db2/log/log_put.c: Likewise.
	* db2/log/log_rec.c: Likewise.
	* db2/log/log_register.c: Likewise.
	* db2/mp/mp_bh.c: Likewise.
	* db2/mp/mp_fget.c: Likewise.
	* db2/mp/mp_fopen.c: Likewise.
	* db2/mp/mp_fput.c: Likewise.
	* db2/mp/mp_fset.c: Likewise.
	* db2/mp/mp_open.c: Likewise.
	* db2/mp/mp_pr.c: Likewise.
	* db2/mp/mp_region.c: Likewise.
	* db2/mp/mp_sync.c: Likewise.
	* db2/mutex/mutex.c: Likewise.
	* db2/os/os_abs.c: Likewise.
	* db2/os/os_dir.c: Likewise.
	* db2/os/os_fid.c: Likewise.
	* db2/os/os_fsync.c: Likewise.
	* db2/os/os_func.c: Likewise.
	* db2/os/os_map.c: Likewise.
	* db2/os/os_oflags.c: Likewise.
	* db2/os/os_open.c: Likewise.
	* db2/os/os_rpath.c: Likewise.
	* db2/os/os_rw.c: Likewise.
	* db2/os/os_seek.c: Likewise.
	* db2/os/os_sleep.c: Likewise.
	* db2/os/os_stat.c: Likewise.
	* db2/os/os_unlink.c: Likewise.
	* db2/progs/db_deadlock/db_deadlock.c: Likewise.
	* db2/progs/db_dump/db_dump.c: Likewise.
	* db2/progs/db_load/db_load.c: Likewise.
	* db2/progs/db_recover/db_recover.c: Likewise.
	* db2/progs/db_stat/db_stat.c: Likewise.
	* db2/txn/txn.c: Likewise.
	* db2/txn/txn_auto.c: Likewise.
	* db2/txn/txn_rec.c: Likewise.
	* db2/os/db_os_abs.c: Removed.
	* db2/os/db_os_dir.c: Removed.
	* db2/os/db_os_fid.c: Removed.
	* db2/os/db_os_lseek.c: Removed.
	* db2/os/db_os_mmap.c: Removed.
	* db2/os/db_os_open.c: Removed.
	* db2/os/db_os_rw.c: Removed.
	* db2/os/db_os_sleep.c: Removed.
	* db2/os/db_os_stat.c: Removed.
	* db2/os/db_os_unlink.c: Removed.

	* libio/stdio.h (fopen): Add __restrict to parameters.

	* manual/process.texi (system): Describe behaviour for NULL argument.

	* stdio-common/printf-parse.h: Parse hh modifier.
	* stdio-common/vfprintf.c: Handle hh modifier.
	* stdio-common/vfscanf.c: Likewise.
	* manual/stdio.texi: Describe hh modifier for scanf/printf.

	* math/complex.h: Don't define _Imaginary_I, but instead _Complex_I.
	gcc does no yet know the `imaginary' keyword.

	* math/test-math.c: Add little test for know gcc bug.

	* math/tgmath.h: Make complex versions of log10() only available
	if __USE_GNU.

	* stdlib/test-canon.c: Fix typo.

	* sysdeps/generic/setenv.c: Avoid compilation warnings.
	Reported by Jim Meyering.

	* sysdeps/generic/bits/errno.h: EILSEQ is an ISO C error number.
	* sysdeps/mach/hurd/bits/errno.h: Likewise.
	* sysdeps/standalone/bits/errno.h: Likewise.
	* sysdeps/unix/sysv/linux/bits/errno.h: Likewise.

	* sysdeps/i386/i586/memcpy.S: New file.
	* sysdeps/i386/i586/mempcpy.S: New file.

	* sysdeps/i386/i586/memset.S: Fix typo.

	* sysdeps/posix/getcwd.c: Define HAVE_MEMPCPY for _LIBC.  Add casts.

	* sysdeps/posix/system.c: Add comment to explain code.

	* sysdeps/wordsize-32/inttypes.h: Include <stddef.h> for wchar_t.
	Define PTRDIFF_{MIN,MAX}, SIG_ATOMIC_{MIN,MAX}, SIZE_MAX,
	WCHAR_{MIN,MAX}, WINT_{MIN,MAX}.
	Define wcstoimax, wcstoumax.
	* sysdeps/wordsize-64/inttypes.h: Likewise.

	* wcsmbs/wchar.h: Define WCHAR_{MIN,MAX} if not already defined.
	Declare __wcsto{l,ul,ll,ull}_internal only if not already done.

	* time/Makefile (routines): Add strfxtime.
	* time/strftime.c: Implement %F and %f format.
	* time/strfxtime.c: New file.
	* time/time.h: Define new types and symbols from ISO C 9X.

	* time/mktime.c: Little comment correction.

1997-11-10  Andreas Jaeger  <aj@arthur.rhein-neckar.de>

	* sysdeps/libm-ieee754/s_sincosl.c: Fix typo.

	* sysdeps/libm-ieee754/s_tanl.c: Fix typo.

	* sysdeps/libm-ieee754/s_floorl.c: Correct typos.

	* sysdeps/libm-ieee754/e_remainderl.c: Replace
	EXTRACT_LDOUBLE_WORDS by GET_LDOUBLE_WORDS.

	* sysdeps/libm-ieee754/e_atan2l.c: Replace EXTRACT_LDOUBLE_WORDS
	by GET_LDOUBLE_WORDS.

	* sysdeps/libm-ieee754/s_scalbnl.c: Replace ";" by "," for correct
	variable declaration.
	* sysdeps/libm-ieee754/s_scalblnl.c: Likewise.

	* sysdeps/libm-ieee754/s_lrint.c (__lrint): Correct function.

	* math/libm-test.c (sqrt_test): Add test for sqrt (0.25).
	(asin_test): Add more test.

1997-11-10 23:34  Ulrich Drepper  <drepper@cygnus.com>

	* sysdeps/libm-ieee754/e_asin.c: Add braces to make code clearer
	and to not confuse the poor compiler.
	* sysdeps/libm-ieee754/e_asinf.c: Likewise.
	Reported by vertex@cagent.com.

1997-11-09  Andreas Schwab  <schwab@issan.informatik.uni-dortmund.de>

	* elf/dl-lookup.c (do_lookup): Don't accept the base version if we
	require a specific one.

	* libio/oldfreopen.c: Bind old symbols to version GLIBC_2.0.
	* libio/oldiofopen.c: Likewise.
	* libio/oldstdfiles.c: Likewise.
	* libc.map: Export them.

1997-11-10 07:40  H.J. Lu  <hjl@gnu.ai.mit.edu>

	* stdlib/exit.c (exit): Handle recursive calls to exit ().

1997-11-09  Andreas Schwab  <schwab@issan.informatik.uni-dortmund.de>

	* sysdeps/m68k/fpu/s_llrint.c: Fixed to take double argument
	instead of long double.
	* sysdeps/m68k/fpu/s_llrintf.c: New file.
	* sysdeps/m68k/fpu/s_llrintl.c: New file.

	* sysdeps/libm-ieee754/s_llrint.c: Make compilable and fix
	overflow condition.
	* sysdeps/libm-ieee754/s_llrintf.c: Fix overflow condition.
	* sysdeps/libm-ieee754/s_llrintl.c: Likewise.
	* sysdeps/libm-ieee754/s_llround.c: Likewise.
	* sysdeps/libm-ieee754/s_llroundf.c: Likewise.
	* sysdeps/libm-ieee754/s_llroundl.c: Likewise.
	* sysdeps/libm-ieee754/s_lrint.c: Likewise.
	* sysdeps/libm-ieee754/s_lrintf.c: Likewise.
	* sysdeps/libm-ieee754/s_lrintl.c: Likewise.
	* sysdeps/libm-ieee754/s_lround.c: Likewise.
	* sysdeps/libm-ieee754/s_lroundf.c: Likewise.
	* sysdeps/libm-ieee754/s_lroundl.c: Likewise.

	* math/libm-test.c: Test all three variants of lrint and llrint.
	Fix typos in lround and llround tests.  Add tests for boundary
	cases for lrint and llround.

1997-11-08  Andreas Schwab  <schwab@issan.informatik.uni-dortmund.de>

	* manual/arith.texi: Misc doc fixes.
	* manual/ctype.texi: Likewise.
	* manual/pattern.texi: Likewise.
	* manual/terminal.texi: Likewise.

1997-11-08  Andreas Schwab  <schwab@issan.informatik.uni-dortmund.de>

	* sysdeps/unix/sysv/linux/xstatconv.c: Use struct assignment
	instead of memcpy to let the compiler use whatever it regards as
	optimal.
	* sysdeps/unix/sysv/linux/alpha/xstatconv.c: Likewise.

1997-11-08  Andreas Schwab  <schwab@issan.informatik.uni-dortmund.de>

	* sysdeps/unix/sysv/linux/Makefile (sysdep_headers)
	[$(subdir)=misc]: Add sys/prctl.h.
	* sysdeps/unix/sysv/linux/Dist: Distribute it.

1997-11-08  Andreas Schwab  <schwab@issan.informatik.uni-dortmund.de>

	* io/ftwtest-sh: Don't use the unknown which command, instead try
	pwd as /bin/pwd and /usr/bin/pwd.

1997-11-08  Andreas Schwab  <schwab@issan.informatik.uni-dortmund.de>

	* manual/maint.texi (Tools for Installation): Don't recommend
	broken version 3.76.1 of make.
	(Porting): Fix wording.

1997-11-06 06:13  H.J. Lu  <hjl@gnu.ai.mit.edu>

	* config.make.in (build-pic-default): New, defined with
	pic_default.

	* configure.in (pic_default): New, set to yes if PIC is
	default.

	* Makeconfig (CPPFLAGS-.o, CPPFLAGS-.op, CPPFLAGS-.og,
	CPPFLAGS-.ob): Add -DPIC if $(build-pic-default) is yes.

1997-11-09 18:15  Ulrich Drepper  <drepper@cygnus.com>

	* Makerules (libc.so): Fix typo.

	* csu/Makefile (CFLAGS-initfini.s): Correctly fix moving function
	definition.  Patch by Zack Weinberg <zack@rabi.phys.columbia.edu>.

	* stdlib/strtod.c: Handle numbers like 0.0e10000 correctly which
	produce ±0.0.  Reported by Joe Keane <jgk@jgk.org>.

	* sysdeps/libm-ieee754/s_ceill.c: Fix typos.
	* sysdeps/libm-ieee754/s_llrint.c: Correct code, it never worked.

1997-11-06 07:00  H.J. Lu  <hjl@gnu.ai.mit.edu>

	* sysdeps/unix/sysv/i386/i686/time.S: Removed.

1997-11-08 14:07  Thorsten Kukuk  <kukuk@vt.uni-paderborn.de>

	* nis/libnsl.map: Add __do_niscall2 for nis_cachemgr.

	* nis/nis_call.c: Set UDP resend timeout correct.

	* nis/nss_compat/compat-grp.c: Rewritten to make it faster.
	* nis/nss_compat/compat-pwd.c: Likewise.
	* nis/nss_compat/compat-spwd.c: Likewise.
	* nis/ypclnt.c: Fix UDP resend timeout, fix yp_bind/do_ypcall
	interaction.

	* inet/protocols/routed.h: Include sys/socket.h.
	* inet/protocols/talkd.h: Likewise.
	* inet/protocols/timed.h: Include rpc/types.h.
	* sunrpc/rpc/pmap_clnt.h: Include rpc/clnt.h.

1997-11-06 01:39  Ulrich Drepper  <drepper@cygnus.com>

	* Makerules (libc.so): Add missing closing brace.

1997-11-05  Brendan Kehoe  <brendan@lisa.cygnus.com>

	* libio.h (__P): Name its arg `p' instead of `params'.
	This was added solely to work around problems with
	the definition of __P in the Solaris math.h header.
Diffstat (limited to 'nis/nss_compat')
-rw-r--r--nis/nss_compat/compat-grp.c314
-rw-r--r--nis/nss_compat/compat-pwd.c526
-rw-r--r--nis/nss_compat/compat-spwd.c280
3 files changed, 987 insertions, 133 deletions
diff --git a/nis/nss_compat/compat-grp.c b/nis/nss_compat/compat-grp.c
index c0ddbdffdf..a460d8a8ef 100644
--- a/nis/nss_compat/compat-grp.c
+++ b/nis/nss_compat/compat-grp.c
@@ -29,6 +29,10 @@
 #include <rpcsvc/nis.h>
 #include <nsswitch.h>
 
+/* Comment out the following line for the production version.  */
+/* #define NDEBUG 1 */
+#include <assert.h>
+
 #include "nss-nisplus.h"
 #include "nisplus-parser.h"
 
@@ -41,7 +45,7 @@ static size_t grptablelen = 0;
 #define ENTNAME grent
 #define STRUCTURE group
 #define EXTERN_PARSER
-#include "../../nss/nss_files/files-parse.c"
+#include <nss/nss_files/files-parse.c>
 
 /* Structure for remembering -group members ... */
 #define BLACKLIST_INITIAL_SIZE 512
@@ -85,15 +89,22 @@ _nss_first_init (void)
 
   if (grptable == NULL)
     {
-      char buf [20 + strlen (nis_local_directory ())];
-      char *p;
+      static const char key[] = "group.org_dir.";
+      const char *local_dir = nis_local_directory ();
+      size_t len_local_dir = strlen (local_dir);
 
-      p = stpcpy (buf, "group.org_dir.");
-      p = stpcpy (p, nis_local_directory ());
-      grptable = strdup (buf);
+      grptable = malloc (sizeof (key) + len_local_dir);
       if (grptable == NULL)
         return NSS_STATUS_TRYAGAIN;
-      grptablelen = strlen (grptable);
+
+      grptablelen = ((char *) mempcpy (mempcpy (grptable,
+						key, sizeof (key) - 1),
+				       local_dir, len_local_dir + 1)
+		     - grptable) - 1;
+
+      /* *Maybe* (I'm no NIS expert) we have to duplicate the `local_dir'
+	 value since it might change during our work.  So add a test here.  */
+      assert (grptablelen == sizeof (key) + len_local_dir);
     }
 
   return NSS_STATUS_SUCCESS;
@@ -370,8 +381,8 @@ getgrent_next_nisplus (struct group *result, ent_t *ent, char *buffer,
 
 /* This function handle the +group entrys in /etc/group */
 static enum nss_status
-getgrent_next_file_plusgroup (struct group *result, char *buffer,
-			      size_t buflen)
+getgrnam_plusgroup (const char *name, struct group *result, char *buffer,
+		    size_t buflen)
 {
   struct parser_data *data = (void *) buffer;
   int parse_res;
@@ -379,9 +390,9 @@ getgrent_next_file_plusgroup (struct group *result, char *buffer,
   if (use_nisplus) /* Do the NIS+ query here */
     {
       nis_result *res;
-      char buf[strlen (result->gr_name) + 24 + grptablelen];
+      char buf[strlen (name) + 24 + grptablelen];
 
-      sprintf(buf, "[name=%s],%s", &result->gr_name[1], grptable);
+      sprintf(buf, "[name=%s],%s", name, grptable);
       res = nis_list(buf, FOLLOW_PATH | FOLLOW_LINKS, NULL, NULL);
       if (niserr2nss (res->status) != NSS_STATUS_SUCCESS)
         {
@@ -407,9 +418,8 @@ getgrent_next_file_plusgroup (struct group *result, char *buffer,
       if (yp_get_default_domain (&domain) != YPERR_SUCCESS)
         return NSS_STATUS_TRYAGAIN;
 
-      if (yp_match (domain, "group.byname", &result->gr_name[1],
-                    strlen (result->gr_name) - 1, &outval, &outvallen)
-          != YPERR_SUCCESS)
+      if (yp_match (domain, "group.byname", name, strlen (name),
+		    &outval, &outvallen) != YPERR_SUCCESS)
         return NSS_STATUS_TRYAGAIN;
       p = strncpy (buffer, outval,
                    buflen < (size_t) outvallen ? buflen : (size_t) outvallen);
@@ -430,7 +440,6 @@ getgrent_next_file_plusgroup (struct group *result, char *buffer,
     return NSS_STATUS_RETURN;
 }
 
-
 static enum nss_status
 getgrent_next_file (struct group *result, ent_t *ent,
 		    char *buffer, size_t buflen)
@@ -495,7 +504,11 @@ getgrent_next_file (struct group *result, ent_t *ent,
 	{
           enum nss_status status;
 
-          status = getgrent_next_file_plusgroup (result, buffer, buflen);
+ 	  /* Store the group in the blacklist for the "+" at the end of
+	     /etc/group */
+	  blacklist_store_name (&result->gr_name[1], ent);
+	  status = getgrnam_plusgroup (&result->gr_name[1], result, buffer,
+				       buflen);
           if (status == NSS_STATUS_SUCCESS) /* We found the entry. */
             break;
           else
@@ -556,6 +569,104 @@ _nss_compat_getgrent_r (struct group *grp, char *buffer, size_t buflen)
   return status;
 }
 
+/* Searches in /etc/group and the NIS/NIS+ map for a special group */
+static enum nss_status
+internal_getgrnam_r (const char *name, struct group *result, ent_t *ent,
+		     char *buffer, size_t buflen)
+{
+  struct parser_data *data = (void *) buffer;
+  while (1)
+    {
+      fpos_t pos;
+      int parse_res = 0;
+      char *p;
+
+      do
+	{
+	  fgetpos (ent->stream, &pos);
+	  p = fgets (buffer, buflen, ent->stream);
+	  if (p == NULL)
+	    {
+	      if (feof (ent->stream))
+		return NSS_STATUS_NOTFOUND;
+	      else
+		{
+		  __set_errno (ERANGE);
+		  return NSS_STATUS_TRYAGAIN;
+		}
+	    }
+
+	  /* Terminate the line for any case.  */
+	  buffer[buflen - 1] = '\0';
+
+	  /* Skip leading blanks.  */
+	  while (isspace (*p))
+	    ++p;
+	}
+      while (*p == '\0' || *p == '#' || /* Ignore empty and comment lines. */
+      /* Parse the line.  If it is invalid, loop to
+         get the next line of the file to parse.  */
+	     !(parse_res = _nss_files_parse_grent (p, result, data, buflen)));
+
+      if (parse_res == -1)
+	{
+	  /* The parser ran out of space.  */
+	  fsetpos (ent->stream, &pos);
+	  __set_errno (ERANGE);
+	  return NSS_STATUS_TRYAGAIN;
+	}
+
+      /* This is a real entry.  */
+      if (result->gr_name[0] != '+' && result->gr_name[0] != '-')
+	{
+	  if (strcmp (result->gr_name, name) == 0)
+	    return NSS_STATUS_SUCCESS;
+	  else
+	    continue;
+	}
+
+      /* -group */
+      if (result->gr_name[0] == '-' && result->gr_name[1] != '\0'
+	  && result->gr_name[1] != '@')
+	{
+	  if (strcmp (&result->gr_name[1], name) == 0)
+	    return NSS_STATUS_NOTFOUND;
+	  else
+	    continue;
+	}
+
+      /* +group */
+      if (result->gr_name[0] == '+' && result->gr_name[1] != '\0'
+	  && result->gr_name[1] != '@')
+	{
+	  if (strcmp (name, &result->gr_name[1]) == 0)
+	    {
+	      enum nss_status status;
+
+	      status = getgrnam_plusgroup (name, result, buffer, buflen);
+	      if (status == NSS_STATUS_RETURN)
+		/* We couldn't parse the entry */
+		continue;
+	      else
+		return status;
+	    }
+	}
+      /* +:... */
+      if (result->gr_name[0] == '+' && result->gr_name[1] == '\0')
+	{
+	  enum nss_status status;
+
+	  status = getgrnam_plusgroup (name, result, buffer, buflen);
+	  if (status == NSS_STATUS_RETURN)
+	    /* We couldn't parse the entry */
+	    continue;
+	  else
+	    return status;
+	}
+    }
+
+  return NSS_STATUS_SUCCESS;
+}
 
 enum nss_status
 _nss_compat_getgrnam_r (const char *name, struct group *grp,
@@ -576,15 +687,172 @@ _nss_compat_getgrnam_r (const char *name, struct group *grp,
   if (status != NSS_STATUS_SUCCESS)
     return status;
 
-  while ((status = internal_getgrent_r (grp, &ent, buffer, buflen))
-	 == NSS_STATUS_SUCCESS)
-    if (strcmp (grp->gr_name, name) == 0)
-      break;
+  status = internal_getgrnam_r (name, grp, &ent, buffer, buflen);
 
   internal_endgrent (&ent);
+
   return status;
 }
 
+/* This function handle the + entry in /etc/group */
+static enum nss_status
+getgrgid_plusgroup (gid_t gid, struct group *result, char *buffer,
+		    size_t buflen)
+{
+  struct parser_data *data = (void *) buffer;
+  int parse_res;
+
+  if (use_nisplus) /* Do the NIS+ query here */
+    {
+      nis_result *res;
+      char buf[1024 + grptablelen];
+
+      sprintf(buf, "[gid=%d],%s", gid, grptable);
+      res = nis_list(buf, FOLLOW_PATH | FOLLOW_LINKS, NULL, NULL);
+      if (niserr2nss (res->status) != NSS_STATUS_SUCCESS)
+        {
+          enum nss_status status =  niserr2nss (res->status);
+
+          nis_freeresult (res);
+          return status;
+        }
+      if ((parse_res = _nss_nisplus_parse_grent (res, 0, result, buffer,
+						 buflen)) == -1)
+	{
+	  __set_errno (ERANGE);
+	  nis_freeresult (res);
+	  return NSS_STATUS_TRYAGAIN;
+	}
+      nis_freeresult (res);
+    }
+  else /* Use NIS */
+    {
+      char buf[1024];
+      char *domain, *outval, *p;
+      int outvallen;
+
+      if (yp_get_default_domain (&domain) != YPERR_SUCCESS)
+        return NSS_STATUS_TRYAGAIN;
+
+      snprintf (buf, sizeof (buf), "%d", gid);
+
+      if (yp_match (domain, "group.bygid", buf, strlen (buf),
+		    &outval, &outvallen) != YPERR_SUCCESS)
+        return NSS_STATUS_TRYAGAIN;
+      p = strncpy (buffer, outval,
+                   buflen < (size_t) outvallen ? buflen : (size_t) outvallen);
+      free (outval);
+      while (isspace (*p))
+        p++;
+      if ((parse_res = _nss_files_parse_grent (p, result, data, buflen)) == -1)
+	{
+	  __set_errno (ERANGE);
+	  return NSS_STATUS_TRYAGAIN;
+	}
+    }
+
+  if (parse_res)
+    /* We found the entry.  */
+    return NSS_STATUS_SUCCESS;
+  else
+    return NSS_STATUS_RETURN;
+}
+
+/* Searches in /etc/group and the NIS/NIS+ map for a special group id */
+static enum nss_status
+internal_getgrgid_r (gid_t gid, struct group *result, ent_t *ent,
+		     char *buffer, size_t buflen)
+{
+  struct parser_data *data = (void *) buffer;
+  while (1)
+    {
+      fpos_t pos;
+      int parse_res = 0;
+      char *p;
+
+      do
+	{
+	  fgetpos (ent->stream, &pos);
+	  p = fgets (buffer, buflen, ent->stream);
+	  if (p == NULL)
+	    {
+	      if (feof (ent->stream))
+		return NSS_STATUS_NOTFOUND;
+	      else
+		{
+		  __set_errno (ERANGE);
+		  return NSS_STATUS_TRYAGAIN;
+		}
+	    }
+
+	  /* Terminate the line for any case.  */
+	  buffer[buflen - 1] = '\0';
+
+	  /* Skip leading blanks.  */
+	  while (isspace (*p))
+	    ++p;
+	}
+      while (*p == '\0' || *p == '#' || /* Ignore empty and comment lines. */
+      /* Parse the line.  If it is invalid, loop to
+         get the next line of the file to parse.  */
+	     !(parse_res = _nss_files_parse_grent (p, result, data, buflen)));
+
+      if (parse_res == -1)
+	{
+	  /* The parser ran out of space.  */
+	  fsetpos (ent->stream, &pos);
+	  __set_errno (ERANGE);
+	  return NSS_STATUS_TRYAGAIN;
+	}
+
+      /* This is a real entry.  */
+      if (result->gr_name[0] != '+' && result->gr_name[0] != '-')
+	{
+	  if (result->gr_gid == gid)
+	    return NSS_STATUS_SUCCESS;
+	  else
+	    continue;
+	}
+
+      /* -group */
+      if (result->gr_name[0] == '-' && result->gr_name[1] != '\0'
+	  && result->gr_name[1] != '@')
+	{
+          blacklist_store_name (&result->gr_name[1], ent);
+          continue;
+	}
+
+      /* +group */
+      if (result->gr_name[0] == '+' && result->gr_name[1] != '\0'
+	  && result->gr_name[1] != '@')
+	{
+	  enum nss_status status;
+
+	  /* Store the group in the blacklist for the "+" at the end of
+             /etc/group */
+          blacklist_store_name (&result->gr_name[1], ent);
+	  status = getgrnam_plusgroup (&result->gr_name[1], result, buffer,
+				      buflen);
+	  if (status == NSS_STATUS_SUCCESS && result->gr_gid == gid)
+	    break;
+	  else
+	    continue;
+	}
+      /* +:... */
+      if (result->gr_name[0] == '+' && result->gr_name[1] == '\0')
+	{
+	  enum nss_status status;
+
+	  status = getgrgid_plusgroup (gid, result, buffer, buflen);
+	  if (status == NSS_STATUS_RETURN) /* We couldn't parse the entry */
+	    return NSS_STATUS_NOTFOUND;
+	  else
+	    return status;
+	}
+    }
+
+  return NSS_STATUS_SUCCESS;
+}
 
 enum nss_status
 _nss_compat_getgrgid_r (gid_t gid, struct group *grp,
@@ -602,12 +870,10 @@ _nss_compat_getgrgid_r (gid_t gid, struct group *grp,
   if (status != NSS_STATUS_SUCCESS)
     return status;
 
-  while ((status = internal_getgrent_r (grp, &ent, buffer, buflen))
-	 == NSS_STATUS_SUCCESS)
-    if (grp->gr_gid == gid && grp->gr_name[0] != '+' && grp->gr_name[0] != '-')
-      break;
+  status = internal_getgrgid_r (gid, grp, &ent, buffer, buflen);
 
   internal_endgrent (&ent);
+
   return status;
 }
 
diff --git a/nis/nss_compat/compat-pwd.c b/nis/nss_compat/compat-pwd.c
index 681258d2e6..0216522d36 100644
--- a/nis/nss_compat/compat-pwd.c
+++ b/nis/nss_compat/compat-pwd.c
@@ -30,6 +30,10 @@
 #include <rpcsvc/nis.h>
 #include <nsswitch.h>
 
+/* Comment out the following line for the production version.  */
+/* #define NDEBUG 1 */
+#include <assert.h>
+
 #include "netgroup.h"
 #include "nss-nisplus.h"
 #include "nisplus-parser.h"
@@ -43,7 +47,7 @@ static size_t pwdtablelen = 0;
 #define ENTNAME pwent
 #define STRUCTURE passwd
 #define EXTERN_PARSER
-#include "../../nss/nss_files/files-parse.c"
+#include <nss/nss_files/files-parse.c>
 
 /* Structure for remembering -@netgroup and -user members ... */
 #define BLACKLIST_INITIAL_SIZE 512
@@ -211,15 +215,22 @@ internal_setpwent (ent_t *ent)
 
   if (pwdtable == NULL)
     {
-      char buf [20 + strlen (nis_local_directory ())];
-      char *p;
+      static const char key[] = "passwd.org_dir.";
+      const char *local_dir = nis_local_directory ();
+      size_t len_local_dir = strlen (local_dir);
 
-      p = stpcpy (buf, "passwd.org_dir.");
-      p = stpcpy (p, nis_local_directory ());
-      pwdtable = strdup (buf);
+      pwdtable = malloc (sizeof (key) + len_local_dir);
       if (pwdtable == NULL)
-	return NSS_STATUS_TRYAGAIN;
-      pwdtablelen = strlen (pwdtable);
+        return NSS_STATUS_TRYAGAIN;
+
+      pwdtablelen = ((char *) mempcpy (mempcpy (pwdtable,
+						key, sizeof (key) - 1),
+				       local_dir, len_local_dir + 1)
+		     - pwdtable) - 1;
+
+      /* *Maybe* (I'm no NIS expert) we have to duplicate the `local_dir'
+	 value since it might change during our work.  So add a test here.  */
+      assert (pwdtablelen == sizeof (key) + len_local_dir);
     }
 
   ent->blacklist.current = 0;
@@ -334,8 +345,8 @@ _nss_compat_endpwent (void)
 }
 
 static enum nss_status
-getpwent_next_nis_netgr (struct passwd *result, ent_t *ent, char *group,
-			 char *buffer, size_t buflen)
+getpwent_next_nis_netgr (const char *name, struct passwd *result, ent_t *ent,
+			 char *group, char *buffer, size_t buflen)
 {
   struct parser_data *data = (void *) buffer;
   char *ypdomain, *host, *user, *domain, *outval, *p, *p2;
@@ -379,6 +390,11 @@ getpwent_next_nis_netgr (struct passwd *result, ent_t *ent, char *group,
       if (domain != NULL && strcmp (ypdomain, domain) != 0)
 	continue;
 
+      /* If name != NULL, we are called from getpwnam */
+      if (name != NULL)
+	if (strcmp (user, name) != 0)
+	  continue;
+
       if (yp_match (ypdomain, "passwd.byname", user,
 		    strlen (user), &outval, &outvallen)
 	  != YPERR_SUCCESS)
@@ -404,6 +420,9 @@ getpwent_next_nis_netgr (struct passwd *result, ent_t *ent, char *group,
 
       if (parse_res)
 	{
+	  /* Store the User in the blacklist for the "+" at the end of
+	     /etc/passwd */
+	  blacklist_store_name (result->pw_name, ent);
 	  copy_pwd_changes (result, &ent->pwd, p2, p2len);
 	  break;
 	}
@@ -413,8 +432,9 @@ getpwent_next_nis_netgr (struct passwd *result, ent_t *ent, char *group,
 }
 
 static enum nss_status
-getpwent_next_nisplus_netgr (struct passwd *result, ent_t *ent, char *group,
-			     char *buffer, size_t buflen)
+getpwent_next_nisplus_netgr (const char *name, struct passwd *result,
+			     ent_t *ent, char *group, char *buffer,
+			     size_t buflen)
 {
   char *ypdomain, *host, *user, *domain, *p2;
   int status, parse_res;
@@ -459,6 +479,11 @@ getpwent_next_nisplus_netgr (struct passwd *result, ent_t *ent, char *group,
       if (domain != NULL && strcmp (ypdomain, domain) != 0)
 	continue;
 
+      /* If name != NULL, we are called from getpwnam */
+      if (name != NULL)
+	if (strcmp (user, name) != 0)
+	  continue;
+
       p2len = pwd_need_buflen (&ent->pwd);
       if (p2len > buflen)
 	{
@@ -488,6 +513,9 @@ getpwent_next_nisplus_netgr (struct passwd *result, ent_t *ent, char *group,
 
       if (parse_res)
 	{
+	  /* Store the User in the blacklist for the "+" at the end of
+	     /etc/passwd */
+	  blacklist_store_name (result->pw_name, ent);
 	  copy_pwd_changes (result, &ent->pwd, p2, p2len);
 	  break;
 	}
@@ -497,16 +525,6 @@ getpwent_next_nisplus_netgr (struct passwd *result, ent_t *ent, char *group,
 }
 
 static enum nss_status
-getpwent_next_netgr (struct passwd *result, ent_t *ent, char *group,
-		     char *buffer, size_t buflen)
-{
-  if (use_nisplus)
-    return getpwent_next_nisplus_netgr (result, ent, group, buffer, buflen);
-  else
-    return getpwent_next_nis_netgr (result, ent, group, buffer, buflen);
-}
-
-static enum nss_status
 getpwent_next_nisplus (struct passwd *result, ent_t *ent, char *buffer,
 		       size_t buflen)
 {
@@ -683,8 +701,8 @@ getpwent_next_nis (struct passwd *result, ent_t *ent, char *buffer,
 
 /* This function handle the +user entrys in /etc/passwd */
 static enum nss_status
-getpwent_next_file_plususer (struct passwd *result, char *buffer,
-			     size_t buflen)
+getpwnam_plususer (const char *name, struct passwd *result, char *buffer,
+		   size_t buflen)
 {
   struct parser_data *data = (void *) buffer;
   struct passwd pwd;
@@ -708,9 +726,9 @@ getpwent_next_file_plususer (struct passwd *result, char *buffer,
   if (use_nisplus) /* Do the NIS+ query here */
     {
       nis_result *res;
-      char buf[strlen (result->pw_name) + 24 + pwdtablelen];
+      char buf[strlen (name) + 24 + pwdtablelen];
 
-      sprintf(buf, "[name=%s],%s", &result->pw_name[1], pwdtable);
+      sprintf(buf, "[name=%s],%s", name, pwdtable);
       res = nis_list(buf, FOLLOW_PATH | FOLLOW_LINKS, NULL, NULL);
       if (niserr2nss (res->status) != NSS_STATUS_SUCCESS)
 	{
@@ -730,23 +748,24 @@ getpwent_next_file_plususer (struct passwd *result, char *buffer,
     }
   else /* Use NIS */
     {
-      char *domain;
-      char *outval;
+      char *domain, *outval, *ptr;
       int outvallen;
 
       if (yp_get_default_domain (&domain) != YPERR_SUCCESS)
 	return NSS_STATUS_TRYAGAIN;
 
-      if (yp_match (domain, "passwd.byname", &result->pw_name[1],
-		    strlen (result->pw_name) - 1, &outval, &outvallen)
+      if (yp_match (domain, "passwd.byname", name, strlen (name),
+		    &outval, &outvallen)
 	  != YPERR_SUCCESS)
 	return NSS_STATUS_TRYAGAIN;
-      p = strncpy (buffer, outval,
-		   buflen < (size_t) outvallen ? buflen : (size_t) outvallen);
+      ptr = strncpy (buffer, outval, buflen < (size_t) outvallen ?
+		     buflen : (size_t) outvallen);
+      buffer[buflen < (size_t) outvallen ? buflen : (size_t) outvallen] = '\0';
       free (outval);
-      while (isspace (*p))
-	p++;
-      if ((parse_res = _nss_files_parse_pwent (p, result, data, buflen)) == -1)
+      while (isspace (*ptr))
+	ptr++;
+      if ((parse_res = _nss_files_parse_pwent (ptr, result, data, buflen))
+	  == -1)
 	{
 	  __set_errno (ERANGE);
 	  return NSS_STATUS_TRYAGAIN;
@@ -841,8 +860,14 @@ getpwent_next_file (struct passwd *result, ent_t *ent,
 	  ent->first = TRUE;
 	  copy_pwd_changes (&ent->pwd, result, NULL, 0);
 
-	  status = getpwent_next_netgr (result, ent, &result->pw_name[2],
-					buffer, buflen);
+	  if (use_nisplus)
+	    status =  getpwent_next_nisplus_netgr (NULL, result, ent,
+						   &result->pw_name[2],
+						   buffer, buflen);
+	  else
+	    status =  getpwent_next_nis_netgr (NULL, result, ent,
+					       &result->pw_name[2],
+					       buffer, buflen);
 	  if (status == NSS_STATUS_RETURN)
 	    continue;
 	  else
@@ -863,7 +888,11 @@ getpwent_next_file (struct passwd *result, ent_t *ent,
 	{
 	  enum nss_status status;
 
-	  status = getpwent_next_file_plususer (result, buffer, buflen);
+	  /* Store the User in the blacklist for the "+" at the end of
+	     /etc/passwd */
+	  blacklist_store_name (&result->pw_name[1], ent);
+	  status = getpwnam_plususer (&result->pw_name[1], result, buffer,
+				      buflen);
 	  if (status == NSS_STATUS_SUCCESS) /* We found the entry. */
 	    break;
 	  else
@@ -901,26 +930,30 @@ internal_getpwent_r (struct passwd *pw, ent_t *ent, char *buffer,
 
       /* We are searching members in a netgroup */
       /* Since this is not the first call, we don't need the group name */
-      status = getpwent_next_netgr (pw, ent, NULL, buffer, buflen);
+      if (use_nisplus)
+	status = getpwent_next_nisplus_netgr (NULL, pw, ent, NULL, buffer,
+					      buflen);
+      else
+	status = getpwent_next_nis_netgr (NULL, pw, ent, NULL, buffer, buflen);
       if (status == NSS_STATUS_RETURN)
 	return getpwent_next_file (pw, ent, buffer, buflen);
       else
 	return status;
     }
-  else if (ent->nis)
-    {
-      if (use_nisplus)
-	return getpwent_next_nisplus (pw, ent, buffer, buflen);
-      else
-	return getpwent_next_nis (pw, ent, buffer, buflen);
-    }
   else
-    return getpwent_next_file (pw, ent, buffer, buflen);
+    if (ent->nis)
+      {
+	if (use_nisplus)
+	  return getpwent_next_nisplus (pw, ent, buffer, buflen);
+	else
+	  return getpwent_next_nis (pw, ent, buffer, buflen);
+      }
+    else
+      return getpwent_next_file (pw, ent, buffer, buflen);
 }
 
 enum nss_status
-_nss_compat_getpwent_r (struct passwd *pwd, char *buffer,
-			size_t buflen)
+_nss_compat_getpwent_r (struct passwd *pwd, char *buffer, size_t buflen)
 {
   enum nss_status status = NSS_STATUS_SUCCESS;
 
@@ -944,6 +977,158 @@ _nss_compat_getpwent_r (struct passwd *pwd, char *buffer,
   return status;
 }
 
+/* Searches in /etc/passwd and the NIS/NIS+ map for a special user */
+static enum nss_status
+internal_getpwnam_r (const char *name, struct passwd *result, ent_t *ent,
+		     char *buffer, size_t buflen)
+{
+  struct parser_data *data = (void *) buffer;
+
+  while (1)
+    {
+      fpos_t pos;
+      char *p;
+      int parse_res;
+
+      do
+	{
+	  fgetpos (ent->stream, &pos);
+	  p = fgets (buffer, buflen, ent->stream);
+	  if (p == NULL)
+	    {
+	      if (feof (ent->stream))
+		return NSS_STATUS_NOTFOUND;
+	      else
+		{
+		  __set_errno (ERANGE);
+		  return NSS_STATUS_TRYAGAIN;
+		}
+	    }
+
+	  /* Terminate the line for any case.  */
+	  buffer[buflen - 1] = '\0';
+
+	  /* Skip leading blanks.  */
+	  while (isspace (*p))
+	    ++p;
+	}
+      while (*p == '\0' || *p == '#' || /* Ignore empty and comment lines.  */
+	     /* Parse the line.  If it is invalid, loop to
+		get the next line of the file to parse.  */
+	     !(parse_res = _nss_files_parse_pwent (p, result, data, buflen)));
+
+      if (parse_res == -1)
+	{
+	  /* The parser ran out of space.  */
+	  fsetpos (ent->stream, &pos);
+	  __set_errno (ERANGE);
+	  return NSS_STATUS_TRYAGAIN;
+	}
+
+      /* This is a real entry.  */
+      if (result->pw_name[0] != '+' && result->pw_name[0] != '-')
+	{
+	  if (strcmp (result->pw_name, name) == 0)
+	    return NSS_STATUS_SUCCESS;
+	  else
+	    continue;
+	}
+
+      /* -@netgroup */
+      if (result->pw_name[0] == '-' && result->pw_name[1] == '@'
+	  && result->pw_name[2] != '\0')
+	{
+	  char buf2[1024];
+	  char *user, *host, *domain;
+	  struct __netgrent netgrdata;
+
+	  bzero (&netgrdata, sizeof (struct __netgrent));
+	  __internal_setnetgrent (&result->pw_name[2], &netgrdata);
+	  while (__internal_getnetgrent_r (&host, &user, &domain,
+					   &netgrdata, buf2, sizeof (buf2)))
+	    {
+	      if (user != NULL && user[0] != '-')
+		if (strcmp (user, name) == 0)
+		  return NSS_STATUS_NOTFOUND;
+	    }
+	  __internal_endnetgrent (&netgrdata);
+	  continue;
+	}
+
+      /* +@netgroup */
+      if (result->pw_name[0] == '+' && result->pw_name[1] == '@'
+	  && result->pw_name[2] != '\0')
+	{
+	  char buf[strlen (result->pw_name)];
+	  int status;
+
+	  strcpy (buf, &result->pw_name[2]);
+	  ent->netgroup = TRUE;
+	  ent->first = TRUE;
+	  copy_pwd_changes (&ent->pwd, result, NULL, 0);
+
+	  do
+	    {
+	      if (use_nisplus)
+		status = getpwent_next_nisplus_netgr (name, result, ent, buf,
+						      buffer, buflen);
+	      else
+		status = getpwent_next_nis_netgr (name, result, ent, buf,
+						  buffer, buflen);
+	      if (status == NSS_STATUS_RETURN)
+		continue;
+
+	      if (status == NSS_STATUS_SUCCESS &&
+		  strcmp (result->pw_name, name) == 0)
+		return NSS_STATUS_SUCCESS;
+	    } while (status == NSS_STATUS_SUCCESS);
+	  continue;
+	}
+
+      /* -user */
+      if (result->pw_name[0] == '-' && result->pw_name[1] != '\0'
+	  && result->pw_name[1] != '@')
+	{
+	  if (strcmp (&result->pw_name[1], name) == 0)
+	    return NSS_STATUS_NOTFOUND;
+	  else
+	    continue;
+	}
+
+      /* +user */
+      if (result->pw_name[0] == '+' && result->pw_name[1] != '\0'
+	  && result->pw_name[1] != '@')
+	{
+	  if (strcmp (name, &result->pw_name[1]) == 0)
+	    {
+	      enum nss_status status;
+
+	      status = getpwnam_plususer (name, result, buffer, buflen);
+	      if (status == NSS_STATUS_RETURN)
+		/* We couldn't parse the entry */
+		return NSS_STATUS_NOTFOUND;
+	      else
+		return status;
+	    }
+	}
+
+      /* +:... */
+      if (result->pw_name[0] == '+' && result->pw_name[1] == '\0')
+	{
+	  enum nss_status status;
+
+	  status = getpwnam_plususer (name, result, buffer, buflen);
+	  if (status == NSS_STATUS_SUCCESS) /* We found the entry. */
+	    break;
+	  else
+	    if (status == NSS_STATUS_RETURN) /* We couldn't parse the entry */
+	      return NSS_STATUS_NOTFOUND;
+	    else
+	      return status;
+	}
+    }
+  return NSS_STATUS_SUCCESS;
+}
 
 enum nss_status
 _nss_compat_getpwnam_r (const char *name, struct passwd *pwd,
@@ -970,15 +1155,244 @@ _nss_compat_getpwnam_r (const char *name, struct passwd *pwd,
   if (status != NSS_STATUS_SUCCESS)
     return status;
 
-  while ((status = internal_getpwent_r (pwd, &ent, buffer, buflen))
-	 == NSS_STATUS_SUCCESS)
-    if (strcmp (pwd->pw_name, name) == 0)
-      break;
+  status = internal_getpwnam_r (name, pwd, &ent, buffer, buflen);
 
   internal_endpwent (&ent);
+
   return status;
 }
 
+/* This function handle the + entry in /etc/passwd for getpwuid */
+static enum nss_status
+getpwuid_plususer (uid_t uid, struct passwd *result, char *buffer,
+		   size_t buflen)
+{
+  struct parser_data *data = (void *) buffer;
+  struct passwd pwd;
+  int parse_res;
+  char *p;
+  size_t plen;
+
+  memset (&pwd, '\0', sizeof (struct passwd));
+
+  copy_pwd_changes (&pwd, result, NULL, 0);
+
+  plen = pwd_need_buflen (&pwd);
+  if (plen > buflen)
+    {
+      __set_errno (ERANGE);
+      return NSS_STATUS_TRYAGAIN;
+    }
+  p = buffer + (buflen - plen);
+  buflen -= plen;
+
+  if (use_nisplus) /* Do the NIS+ query here */
+    {
+      nis_result *res;
+      char buf[1024 + pwdtablelen];
+
+      sprintf(buf, "[uid=%d],%s", uid, pwdtable);
+      res = nis_list(buf, FOLLOW_PATH | FOLLOW_LINKS, NULL, NULL);
+      if (niserr2nss (res->status) != NSS_STATUS_SUCCESS)
+	{
+	  enum nss_status status =  niserr2nss (res->status);
+
+	  nis_freeresult (res);
+	  return status;
+	}
+      if ((parse_res = _nss_nisplus_parse_pwent (res, result, buffer,
+						 buflen)) == -1)
+	{
+	  nis_freeresult (res);
+	  __set_errno (ERANGE);
+	  return NSS_STATUS_TRYAGAIN;
+	}
+      nis_freeresult (res);
+    }
+  else /* Use NIS */
+    {
+      char buf[1024];
+      char *domain, *outval, *ptr;
+      int outvallen;
+
+      if (yp_get_default_domain (&domain) != YPERR_SUCCESS)
+	return NSS_STATUS_TRYAGAIN;
+
+      sprintf (buf, "%d", uid);
+      if (yp_match (domain, "passwd.byuid", buf, strlen (buf),
+		    &outval, &outvallen)
+	  != YPERR_SUCCESS)
+	return NSS_STATUS_TRYAGAIN;
+      ptr = strncpy (buffer, outval, buflen < (size_t) outvallen ?
+		     buflen : (size_t) outvallen);
+      buffer[buflen < (size_t) outvallen ? buflen : (size_t) outvallen] = '\0';
+      free (outval);
+      while (isspace (*ptr))
+	ptr++;
+      if ((parse_res = _nss_files_parse_pwent (ptr, result, data, buflen))
+	  == -1)
+	{
+	  __set_errno (ERANGE);
+	  return NSS_STATUS_TRYAGAIN;
+	}
+    }
+
+  if (parse_res > 0)
+    {
+      copy_pwd_changes (result, &pwd, p, plen);
+      give_pwd_free (&pwd);
+      /* We found the entry.  */
+      return NSS_STATUS_SUCCESS;
+    }
+  else
+    {
+      /* Give buffer the old len back */
+      buflen += plen;
+      give_pwd_free (&pwd);
+    }
+  return NSS_STATUS_RETURN;
+}
+
+/* Searches in /etc/passwd and the NIS/NIS+ map for a special user id */
+static enum nss_status
+internal_getpwuid_r (uid_t uid, struct passwd *result, ent_t *ent,
+		     char *buffer, size_t buflen)
+{
+  struct parser_data *data = (void *) buffer;
+
+  while (1)
+    {
+      fpos_t pos;
+      char *p;
+      int parse_res;
+
+      do
+	{
+	  fgetpos (ent->stream, &pos);
+	  p = fgets (buffer, buflen, ent->stream);
+	  if (p == NULL)
+	    return NSS_STATUS_NOTFOUND;
+
+	  /* Terminate the line for any case.  */
+	  buffer[buflen - 1] = '\0';
+
+	  /* Skip leading blanks.  */
+	  while (isspace (*p))
+	    ++p;
+	}
+      while (*p == '\0' || *p == '#' || /* Ignore empty and comment lines.  */
+	     /* Parse the line.  If it is invalid, loop to
+		get the next line of the file to parse.  */
+	     !(parse_res = _nss_files_parse_pwent (p, result, data, buflen)));
+
+      if (parse_res == -1)
+	{
+	  /* The parser ran out of space.  */
+	  fsetpos (ent->stream, &pos);
+	  __set_errno (ERANGE);
+	  return NSS_STATUS_TRYAGAIN;
+	}
+
+      /* This is a real entry.  */
+      if (result->pw_name[0] != '+' && result->pw_name[0] != '-')
+	{
+	  if (result->pw_uid == uid)
+	    return NSS_STATUS_SUCCESS;
+	  else
+	    continue;
+	}
+
+      /* -@netgroup */
+      if (result->pw_name[0] == '-' && result->pw_name[1] == '@'
+	  && result->pw_name[2] != '\0')
+	{
+	  char buf2[1024];
+	  char *user, *host, *domain;
+	  struct __netgrent netgrdata;
+
+	  bzero (&netgrdata, sizeof (struct __netgrent));
+	  __internal_setnetgrent (&result->pw_name[2], &netgrdata);
+	  while (__internal_getnetgrent_r (&host, &user, &domain,
+					   &netgrdata, buf2, sizeof (buf2)))
+	    {
+              if (user != NULL && user[0] != '-')
+                blacklist_store_name (user, ent);
+	    }
+	  __internal_endnetgrent (&netgrdata);
+	  continue;
+	}
+
+      /* +@netgroup */
+      if (result->pw_name[0] == '+' && result->pw_name[1] == '@'
+	  && result->pw_name[2] != '\0')
+	{
+	  char buf[strlen (result->pw_name)];
+	  int status;
+
+	  strcpy (buf, &result->pw_name[2]);
+	  ent->netgroup = TRUE;
+	  ent->first = TRUE;
+	  copy_pwd_changes (&ent->pwd, result, NULL, 0);
+
+	  do
+	    {
+	      if (use_nisplus)
+		status = getpwent_next_nisplus_netgr (NULL, result, ent, buf,
+						      buffer, buflen);
+	      else
+		status = getpwent_next_nis_netgr (NULL, result, ent, buf,
+						  buffer, buflen);
+	      if (status == NSS_STATUS_RETURN)
+		continue;
+
+	      if (status == NSS_STATUS_SUCCESS && uid == result->pw_uid)
+		return NSS_STATUS_SUCCESS;
+	    } while (status == NSS_STATUS_SUCCESS);
+	  continue;
+	}
+
+      /* -user */
+      if (result->pw_name[0] == '-' && result->pw_name[1] != '\0'
+	  && result->pw_name[1] != '@')
+	{
+          blacklist_store_name (&result->pw_name[1], ent);
+          continue;
+	}
+
+      /* +user */
+      if (result->pw_name[0] == '+' && result->pw_name[1] != '\0'
+	  && result->pw_name[1] != '@')
+	{
+	  enum nss_status status;
+
+	  /* Store the User in the blacklist for the "+" at the end of
+             /etc/passwd */
+          blacklist_store_name (&result->pw_name[1], ent);
+	  status = getpwnam_plususer (&result->pw_name[1], result, buffer,
+				      buflen);
+	  if (status == NSS_STATUS_SUCCESS && result->pw_uid == uid)
+	    break;
+	  else
+	    continue;
+	}
+
+      /* +:... */
+      if (result->pw_name[0] == '+' && result->pw_name[1] == '\0')
+	{
+	  enum nss_status status;
+
+	  status = getpwuid_plususer (uid, result, buffer, buflen);
+	  if (status == NSS_STATUS_SUCCESS) /* We found the entry. */
+	    break;
+	  else
+	    if (status == NSS_STATUS_RETURN) /* We couldn't parse the entry */
+	      return NSS_STATUS_NOTFOUND;
+	    else
+	      return status;
+	}
+    }
+  return NSS_STATUS_SUCCESS;
+}
 
 enum nss_status
 _nss_compat_getpwuid_r (uid_t uid, struct passwd *pwd,
@@ -1002,12 +1416,10 @@ _nss_compat_getpwuid_r (uid_t uid, struct passwd *pwd,
   if (status != NSS_STATUS_SUCCESS)
     return status;
 
-  while ((status = internal_getpwent_r (pwd, &ent, buffer, buflen))
-	 == NSS_STATUS_SUCCESS)
-    if (pwd->pw_uid == uid && pwd->pw_name[0] != '+' && pwd->pw_name[0] != '-')
-      break;
+  status = internal_getpwuid_r (uid, pwd, &ent, buffer, buflen);
 
   internal_endpwent (&ent);
+
   return status;
 }
 
diff --git a/nis/nss_compat/compat-spwd.c b/nis/nss_compat/compat-spwd.c
index 431380dac6..c33d5aa339 100644
--- a/nis/nss_compat/compat-spwd.c
+++ b/nis/nss_compat/compat-spwd.c
@@ -30,6 +30,10 @@
 #include <rpcsvc/nis.h>
 #include <nsswitch.h>
 
+/* Comment out the following line for the production version.  */
+/* #define NDEBUG 1 */
+#include <assert.h>
+
 #include "netgroup.h"
 #include "nss-nisplus.h"
 #include "nisplus-parser.h"
@@ -43,7 +47,7 @@ static size_t pwdtablelen = 0;
 #define ENTNAME spent
 #define STRUCTURE spwd
 #define EXTERN_PARSER
-#include "../../nss/nss_files/files-parse.c"
+#include <nss/nss_files/files-parse.c>
 
 /* Structure for remembering -@netgroup and -user members ... */
 #define BLACKLIST_INITIAL_SIZE 512
@@ -163,15 +167,22 @@ internal_setspent (ent_t *ent)
 
   if (pwdtable == NULL)
     {
-      char buf [20 + strlen (nis_local_directory ())];
-      char *p;
+      static const char key[] = "passwd.org_dir.";
+      const char *local_dir = nis_local_directory ();
+      size_t len_local_dir = strlen (local_dir);
 
-      p = stpcpy (buf, "passwd.org_dir.");
-      p = stpcpy (p, nis_local_directory ());
-      pwdtable = strdup (buf);
+      pwdtable = malloc (sizeof (key) + len_local_dir);
       if (pwdtable == NULL)
         return NSS_STATUS_TRYAGAIN;
-      pwdtablelen = strlen (pwdtable);
+
+      pwdtablelen = ((char *) mempcpy (mempcpy (pwdtable,
+						key, sizeof (key) - 1),
+				       local_dir, len_local_dir + 1)
+		     - pwdtable) - 1;
+
+      /* *Maybe* (I'm no NIS expert) we have to duplicate the `local_dir'
+	 value since it might change during our work.  So add a test here.  */
+      assert (pwdtablelen == sizeof (key) + len_local_dir);
     }
 
   ent->blacklist.current = 0;
@@ -287,8 +298,8 @@ _nss_compat_endspent (void)
 
 
 static enum nss_status
-getspent_next_nis_netgr (struct spwd *result, ent_t *ent, char *group,
-			 char *buffer, size_t buflen)
+getspent_next_nis_netgr (const char *name, struct spwd *result, ent_t *ent,
+			 char *group, char *buffer, size_t buflen)
 {
   struct parser_data *data = (void *) buffer;
   char *ypdomain, *host, *user, *domain, *outval, *p, *p2;
@@ -332,6 +343,11 @@ getspent_next_nis_netgr (struct spwd *result, ent_t *ent, char *group,
       if (domain != NULL && strcmp (ypdomain, domain) != 0)
 	continue;
 
+      /* If name != NULL, we are called from getpwnam */
+      if (name != NULL)
+	if (strcmp (user, name) != 0)
+	  continue;
+
       if (yp_match (ypdomain, "shadow.byname", user,
 		    strlen (user), &outval, &outvallen)
 	  != YPERR_SUCCESS)
@@ -357,6 +373,9 @@ getspent_next_nis_netgr (struct spwd *result, ent_t *ent, char *group,
 
       if (parse_res)
 	{
+	  /* Store the User in the blacklist for the "+" at the end of
+	     /etc/passwd */
+	  blacklist_store_name (result->sp_namp, ent);
 	  copy_spwd_changes (result, &ent->pwd, p2, p2len);
 	  break;
 	}
@@ -366,8 +385,9 @@ getspent_next_nis_netgr (struct spwd *result, ent_t *ent, char *group,
 }
 
 static enum nss_status
-getspent_next_nisplus_netgr (struct spwd *result, ent_t *ent, char *group,
-                             char *buffer, size_t buflen)
+getspent_next_nisplus_netgr (const char *name, struct spwd *result,
+			     ent_t *ent, char *group, char *buffer,
+			     size_t buflen)
 {
   char *ypdomain, *host, *user, *domain, *p2;
   int status, parse_res;
@@ -412,6 +432,11 @@ getspent_next_nisplus_netgr (struct spwd *result, ent_t *ent, char *group,
       if (domain != NULL && strcmp (ypdomain, domain) != 0)
         continue;
 
+      /* If name != NULL, we are called from getpwnam */
+      if (name != NULL)
+	if (strcmp (user, name) != 0)
+	  continue;
+
       p2len = spwd_need_buflen (&ent->pwd);
       if (p2len > buflen)
         {
@@ -440,7 +465,10 @@ getspent_next_nisplus_netgr (struct spwd *result, ent_t *ent, char *group,
 
       if (parse_res)
         {
-          copy_spwd_changes (result, &ent->pwd, p2, p2len);
+ 	  /* Store the User in the blacklist for the "+" at the end of
+	     /etc/passwd */
+	  blacklist_store_name (result->sp_namp, ent);
+	  copy_spwd_changes (result, &ent->pwd, p2, p2len);
           break;
         }
     }
@@ -449,16 +477,6 @@ getspent_next_nisplus_netgr (struct spwd *result, ent_t *ent, char *group,
 }
 
 static enum nss_status
-getspent_next_netgr (struct spwd *result, ent_t *ent, char *group,
-                     char *buffer, size_t buflen)
-{
-  if (use_nisplus)
-    return getspent_next_nisplus_netgr (result, ent, group, buffer, buflen);
-  else
-    return getspent_next_nis_netgr (result, ent, group, buffer, buflen);
-}
-
-static enum nss_status
 getspent_next_nisplus (struct spwd *result, ent_t *ent, char *buffer,
                        size_t buflen)
 {
@@ -635,8 +653,8 @@ getspent_next_nis (struct spwd *result, ent_t *ent,
 
 /* This function handle the +user entrys in /etc/shadow */
 static enum nss_status
-getspent_next_file_plususer (struct spwd *result, char *buffer,
-                             size_t buflen)
+getspnam_plususer (const char *name, struct spwd *result, char *buffer,
+		   size_t buflen)
 {
   struct parser_data *data = (void *) buffer;
   struct spwd pwd;
@@ -660,9 +678,9 @@ getspent_next_file_plususer (struct spwd *result, char *buffer,
   if (use_nisplus) /* Do the NIS+ query here */
     {
       nis_result *res;
-      char buf[strlen (result->sp_namp) + 24 + pwdtablelen];
+      char buf[strlen (name) + 24 + pwdtablelen];
 
-      sprintf(buf, "[name=%s],%s", &result->sp_namp[1], pwdtable);
+      sprintf(buf, "[name=%s],%s", name, pwdtable);
       res = nis_list(buf, 0, NULL, NULL);
       if (niserr2nss (res->status) != NSS_STATUS_SUCCESS)
         {
@@ -681,24 +699,28 @@ getspent_next_file_plususer (struct spwd *result, char *buffer,
     }
   else /* Use NIS */
     {
-      char *domain;
-      char *outval;
+      char *domain, *outval, *ptr;
       int outvallen;
 
       if (yp_get_default_domain (&domain) != YPERR_SUCCESS)
         return NSS_STATUS_TRYAGAIN;
 
-      if (yp_match (domain, "passwd.byname", &result->sp_namp[1],
-                    strlen (result->sp_namp) - 1, &outval, &outvallen)
+      if (yp_match (domain, "shadow.byname", name, strlen (name),
+		    &outval, &outvallen)
           != YPERR_SUCCESS)
         return NSS_STATUS_TRYAGAIN;
-      p = strncpy (buffer, outval,
-                   buflen < (size_t) outvallen ? buflen : (size_t) outvallen);
+      ptr = strncpy (buffer, outval, buflen < (size_t) outvallen ?
+		     buflen : (size_t) outvallen);
+      buffer[buflen < (size_t) outvallen ? buflen : (size_t) outvallen] = '\0';
       free (outval);
-      while (isspace (*p))
-        p++;
-      if ((parse_res = _nss_files_parse_spent (p, result, data, buflen)) == -1)
-	return NSS_STATUS_TRYAGAIN;
+      while (isspace (*ptr))
+        ptr++;
+      if ((parse_res = _nss_files_parse_spent (ptr, result, data, buflen))
+	  == -1)
+	{
+	  __set_errno (ERANGE);
+	  return NSS_STATUS_TRYAGAIN;
+	}
     }
 
   if (parse_res)
@@ -790,8 +812,14 @@ getspent_next_file (struct spwd *result, ent_t *ent,
 	  ent->first = TRUE;
 	  copy_spwd_changes (&ent->pwd, result, NULL, 0);
 
-	  status = getspent_next_netgr (result, ent, &result->sp_namp[2],
-					buffer, buflen);
+	  if (use_nisplus)
+	    status = getspent_next_nisplus_netgr (NULL, result, ent,
+						  &result->sp_namp[2],
+						  buffer, buflen);
+	  else
+	    status = getspent_next_nis_netgr (NULL, result, ent,
+					      &result->sp_namp[2],
+					      buffer, buflen);
 	  if (status == NSS_STATUS_RETURN)
 	    continue;
 	  else
@@ -812,7 +840,11 @@ getspent_next_file (struct spwd *result, ent_t *ent,
 	{
           enum nss_status status;
 
-          status = getspent_next_file_plususer (result, buffer, buflen);
+	  /* Store the User in the blacklist for the "+" at the end of
+	     /etc/passwd */
+	  blacklist_store_name (&result->sp_namp[1], ent);
+          status = getspnam_plususer (&result->sp_namp[1], result, buffer,
+				      buflen);
           if (status == NSS_STATUS_SUCCESS) /* We found the entry. */
             break;
           else
@@ -850,21 +882,26 @@ internal_getspent_r (struct spwd *pw, ent_t *ent,
 
       /* We are searching members in a netgroup */
       /* Since this is not the first call, we don't need the group name */
-      status = getspent_next_netgr (pw, ent, NULL, buffer, buflen);
+      if (use_nisplus)
+	status = getspent_next_nisplus_netgr (NULL, pw, ent, NULL, buffer,
+					      buflen);
+      else
+	status = getspent_next_nis_netgr (NULL, pw, ent, NULL, buffer, buflen);
       if (status == NSS_STATUS_RETURN)
 	return getspent_next_file (pw, ent, buffer, buflen);
       else
 	return status;
     }
-  else if (ent->nis)
-    {
-      if (use_nisplus)
-	return getspent_next_nisplus (pw, ent, buffer, buflen);
-      else
-	return getspent_next_nis (pw, ent, buffer, buflen);
-    }
   else
-    return getspent_next_file (pw, ent, buffer, buflen);
+    if (ent->nis)
+      {
+	if (use_nisplus)
+	  return getspent_next_nisplus (pw, ent, buffer, buflen);
+	else
+	  return getspent_next_nis (pw, ent, buffer, buflen);
+      }
+    else
+      return getspent_next_file (pw, ent, buffer, buflen);
 }
 
 enum nss_status
@@ -892,6 +929,147 @@ _nss_compat_getspent_r (struct spwd *pwd, char *buffer, size_t buflen)
   return status;
 }
 
+/* Searches in /etc/passwd and the NIS/NIS+ map for a special user */
+static enum nss_status
+internal_getspnam_r (const char *name, struct spwd *result, ent_t *ent,
+		     char *buffer, size_t buflen)
+{
+  struct parser_data *data = (void *) buffer;
+
+  while (1)
+    {
+      fpos_t pos;
+      char *p;
+      int parse_res;
+
+      do
+	{
+	  fgetpos (ent->stream, &pos);
+	  p = fgets (buffer, buflen, ent->stream);
+	  if (p == NULL)
+	    return NSS_STATUS_NOTFOUND;
+
+	  /* Terminate the line for any case.  */
+	  buffer[buflen - 1] = '\0';
+
+	  /* Skip leading blanks.  */
+	  while (isspace (*p))
+	    ++p;
+	}
+      while (*p == '\0' || *p == '#' || /* Ignore empty and comment lines.  */
+	     /* Parse the line.  If it is invalid, loop to
+		get the next line of the file to parse.  */
+	     !(parse_res = _nss_files_parse_spent (p, result, data, buflen)));
+
+      if (parse_res == -1)
+	{
+	  /* The parser ran out of space.  */
+	  fsetpos (ent->stream, &pos);
+	  __set_errno (ERANGE);
+	  return NSS_STATUS_TRYAGAIN;
+	}
+
+      /* This is a real entry.  */
+      if (result->sp_namp[0] != '+' && result->sp_namp[0] != '-')
+	{
+	  if (strcmp (result->sp_namp, name) == 0)
+	    return NSS_STATUS_SUCCESS;
+	  else
+	    continue;
+	}
+
+      /* -@netgroup */
+      if (result->sp_namp[0] == '-' && result->sp_namp[1] == '@'
+	  && result->sp_namp[2] != '\0')
+	{
+	  char buf2[1024];
+	  char *user, *host, *domain;
+	  struct __netgrent netgrdata;
+
+	  bzero (&netgrdata, sizeof (struct __netgrent));
+	  __internal_setnetgrent (&result->sp_namp[2], &netgrdata);
+	  while (__internal_getnetgrent_r (&host, &user, &domain,
+					   &netgrdata, buf2, sizeof (buf2)))
+	    {
+	      if (user != NULL && user[0] != '-')
+		if (strcmp (user, name) == 0)
+		  return NSS_STATUS_NOTFOUND;
+	    }
+	  __internal_endnetgrent (&netgrdata);
+	  continue;
+	}
+
+      /* +@netgroup */
+      if (result->sp_namp[0] == '+' && result->sp_namp[1] == '@'
+	  && result->sp_namp[2] != '\0')
+	{
+	  char buf[strlen (result->sp_namp)];
+	  int status;
+
+	  strcpy (buf, &result->sp_namp[2]);
+	  ent->netgroup = TRUE;
+	  ent->first = TRUE;
+	  copy_spwd_changes (&ent->pwd, result, NULL, 0);
+
+	  do
+	    {
+	      if (use_nisplus)
+		status = getspent_next_nisplus_netgr (name, result, ent, buf,
+						      buffer, buflen);
+	      else
+		status = getspent_next_nis_netgr (name, result, ent, buf,
+						  buffer, buflen);
+	      if (status == NSS_STATUS_RETURN)
+		continue;
+
+	      if (status == NSS_STATUS_SUCCESS &&
+		  strcmp (result->sp_namp, name) == 0)
+		return NSS_STATUS_SUCCESS;
+	    } while (status == NSS_STATUS_SUCCESS);
+	  continue;
+	}
+
+      /* -user */
+      if (result->sp_namp[0] == '-' && result->sp_namp[1] != '\0'
+	  && result->sp_namp[1] != '@')
+	{
+	  if (strcmp (&result->sp_namp[1], name) == 0)
+	    return NSS_STATUS_NOTFOUND;
+	  else
+	    continue;
+	}
+
+      /* +user */
+      if (result->sp_namp[0] == '+' && result->sp_namp[1] != '\0'
+	  && result->sp_namp[1] != '@')
+	{
+	  if (strcmp (name, &result->sp_namp[1]) == 0)
+	    {
+	      enum nss_status status;
+
+	      status = getspnam_plususer (name, result, buffer, buflen);
+	      if (status == NSS_STATUS_RETURN)
+		/* We couldn't parse the entry */
+		return NSS_STATUS_NOTFOUND;
+	      else
+		return status;
+	    }
+	}
+
+      /* +:... */
+      if (result->sp_namp[0] == '+' && result->sp_namp[1] == '\0')
+	{
+	  enum nss_status status;
+
+	  status = getspnam_plususer (name, result, buffer, buflen);
+	  if (status == NSS_STATUS_RETURN) /* We couldn't parse the entry */
+	    return NSS_STATUS_NOTFOUND;
+	  else
+	    return status;
+	}
+    }
+  return NSS_STATUS_SUCCESS;
+}
 
 enum nss_status
 _nss_compat_getspnam_r (const char *name, struct spwd *pwd,
@@ -914,12 +1092,10 @@ _nss_compat_getspnam_r (const char *name, struct spwd *pwd,
   if (status != NSS_STATUS_SUCCESS)
     return status;
 
-  while ((status = internal_getspent_r (pwd, &ent, buffer, buflen))
-	 == NSS_STATUS_SUCCESS)
-    if (strcmp (pwd->sp_namp, name) == 0)
-      break;
+  status = internal_getspnam_r (name, pwd, &ent, buffer, buflen);
 
   internal_endspent (&ent);
+
   return status;
 }