The +@netgroup/-@netgroup NIS password overrides can fail in

some cases due to a subtle bug. Specifically, if you override
	an NIS user's shell, /usr/bin/login and /usr/bin/su (and probably
	other commands) can end up with bogus data for the pw_shell
	member of the passwd structure *if* the do an endpwent(),
	thereby preventing logins.

	This happpens because the text fields in the passwd structure
	(pw_name, pw_passwd, pw_gecos, pw_class, pw_dir and pw_shell)
	are returned to the calling program as pointers to dycamically
	allocated buffers, rather than pointers to static buffers as
	they should be. Once endpwent() is called, the dynamic buffers
	are free()ed, which invalidates the data returned by the
	library functions.

Note: Bill promises a more elegant solution in post-2.0.5R. This fix
	is only a work-around.

Submitted by:	Bill Paul

lib/libc/gen/getpwent.c

@@ -496,6 +496,15 @@ static void
 _pw_breakout_yp(struct passwd *pw, char *result, int master)
 {
 	char *s;
+	static char name[UT_NAMESIZE+2], passwd[_PASSWORD_LEN], class[1024];
+	static char gecos[1024], dir[MAXPATHLEN], shell[MAXPATHLEN];
+
+	strcpy(name, pw->pw_name); pw->pw_name = (char *)&name;
+	strcpy(passwd, pw->pw_passwd); pw->pw_passwd = (char *)&passwd;
+	strcpy(class, pw->pw_class); pw->pw_class = (char *)&class;
+	strcpy(gecos, pw->pw_gecos); pw->pw_gecos = (char *)&gecos;
+	strcpy(dir, pw->pw_dir); pw->pw_dir = (char *)&dir;
+	strcpy(shell, pw->pw_shell); pw->pw_shell = (char *)&shell;
 
 	s = strsep(&result, ":"); /* name */
 	if(!(pw->pw_fields & _PWF_NAME) || (pw->pw_name[0] == '+')) {