Virgin import of AMD (am-utils) v6.0a16

6 files changed, 3013 insertions, 0 deletions

diff --git a/contrib/amd/hlfsd/hlfsd.8 b/contrib/amd/hlfsd/hlfsd.8
new file mode 100644
index 0000000..ecc7e3a
--- /dev/null
+++ b/contrib/amd/hlfsd/hlfsd.8
@@ -0,0 +1,310 @@
+.\"
+.\" Copyright (c) 1997-1998 Erez Zadok
+.\" Copyright (c) 1989 Jan-Simon Pendry
+.\" Copyright (c) 1989 Imperial College of Science, Technology & Medicine
+.\" Copyright (c) 1989 The Regents of the University of California.
+.\" All rights reserved.
+.\"
+.\" This code is derived from software contributed to Berkeley by
+.\" Jan-Simon Pendry at Imperial College, London.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. All advertising materials mentioning features or use of this software
+.\"    must display the following acknowledgment:
+.\"      This product includes software developed by the University of
+.\"      California, Berkeley and its contributors.
+.\" 4. Neither the name of the University nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" $Id: hlfsd.8,v 1.2 1993/09/14 22:29:10 ezk Exp ezk $
+.\"
+.\" HLFSD was written at Columbia University Computer Science Department, by
+.\" Erez Zadok <ezk@cs.columbia.edu> and Alexander Dupuy <dupuy@smarts.com>
+.\" It is distributed under the same terms and conditions as AMD.
+.\"
+.TH HLFSD 8 "14 September 1993"
+.SH NAME
+hlfsd \- home-link file system daemon
+.SH SYNOPSIS
+.B hlfsd
+[
+.B \-fhnpvC
+] [
+.BI \-a " alt_dir"
+] [
+.BI \-c " cache-interval"
+] [
+.BI \-g " group"
+] [
+.BI \-i " reload-interval"
+] [
+.BI \-l " logfile"
+] [
+.BI \-o " mount-options"
+] [
+.BI \-x " log-options"
+] [
+.BI \-D " debug-options"
+] [
+.BI \-P " password-file"
+]
+[
+.I linkname
+.RI [ " subdir " ]
+]
+.SH DESCRIPTION
+.B Hlfsd
+is a daemon which implements a filesystem containing a symbolic link to
+subdirectory within a user's home directory, depending on the user
+which accessed that link.  It was primarily designed to redirect
+incoming mail to users' home directories, so that it can read from
+anywhere.
+.LP
+.B Hlfsd
+operates by mounting itself as an
+.SM NFS
+server for the directory containing
+.IR linkname ,
+which defaults to
+.BR /hlfs/home .
+Lookups within that directory are handled by
+.BR hlfsd ,
+which uses the password map to determine how to resolve the lookup.
+The directory will be created if it doesn't already exist.  The symbolic link will be to the accessing user's home directory, with
+.I subdir
+appended to it.  If not specified,
+.I subdir
+defaults to 
+.BR .hlfsdir .
+This directory will also be created if it does not already exist.
+.LP
+A SIGTERM sent to
+.B hlfsd
+will cause it to shutdown.  A SIGHUP will flush the internal
+caches, and reload the password map.  It will also close and
+reopen the log file, to enable the original log file to be
+removed or rotated.  A SIGUSR1 will cause it to dump its internal
+table of user IDs and home directories to the file
+.BR /usr/tmp/hlfsd.dump.XXXXXX .
+.SH OPTIONS
+.TP
+.BI \-a " alt_dir"
+Alternate directory.  The name of the directory to which
+the symbolic link returned by
+.B hlfsd
+will point, if it cannot access the home directory of the user.  This
+defaults to
+.BR /var/hlfs .
+This directory will be created  if it doesn't exist.  It is expected
+that either users will read these files, or the system administrators
+will run a script to resend this "lost mail" to its owner.
+.TP
+.BI \-c " cache-interval"
+Caching interval.
+.B Hlfsd
+will cache the validity of home directories for this interval, in
+seconds.  Entries which have been verified within the last
+.I cache-interval
+seconds will not be verified again, since the operation could
+be expensive, and the entries are most likely still valid.
+After the interval has expired,
+.B hlfsd
+will re-verify the validity of the user's home directory, and
+reset the cache time-counter.  The default value for
+.I cache-interval
+is 300 seconds (5 minutes).
+.TP
+.B \-f
+Force fast startup.  This option tells
+.B hlfsd
+to skip startup-time consistency checks such as existence of mount
+directory, alternate spool directory, symlink to be hidden under the
+mount directory, their permissions and validity.
+.TP
+.BI \-g " group"
+Set the special group HLFS_GID to
+.IR group .
+Programs such as
+.B from
+or
+.BR comsat ,
+which access the mailboxes of other users) must be setgid HLFS_GID to
+work properly.  The default group is "hlfs".  If no group is provided,
+and there is no group "hlfs", this feature is disabled.
+.TP
+.B \-h
+Help.  Print a brief help message, and exit.
+.TP
+.BI \-i " reload-interval"
+Map-reloading interval.  Each
+.I reload-interval
+seconds,
+.B hlfsd
+will reload the password map.
+.B Hlfsd
+needs the password map for the UIDs and home directory pathnames.
+.B Hlfsd
+schedules a SIGALRM to reload the password maps.  A SIGHUP sent to
+.B hlfsd
+will force it to reload the maps immediately.   The default
+value for
+.I reload-interval
+is 900 seconds (15 minutes.)
+.TP
+.BI \-l " logfile"
+Specify a log file to which
+.B hlfsd
+will record events.  If
+.I logfile
+is the string
+.B syslog
+then the log messages will be sent to the system log daemon by
+.IR syslog (3),
+using the LOG_DAEMON facility.
+This is also the default.
+.TP
+.B \-n
+No verify.
+.B Hlfsd
+will not verify the validity of the symbolic link it will be
+returning, or that the user's home directory contains
+sufficient disk-space for spooling.  This can speed up
+.B hlfsd
+at the cost of possibly returning symbolic links to home
+directories which are not currently accessible or are full.
+By default,
+.B hlfsd
+validates the symbolic-link in the background.
+The
+.B \-n
+option overrides the meaning of the
+.B \-c
+option, since no caching is necessary.
+.TP
+.BI \-o " mount-options"
+Mount options.  Mount options which
+.B hlfsd
+will use to mount itself on top of
+.I dirname.
+By default,
+.IR mount-options
+is set to "ro".  If the system supports symbolic-link caching, default
+options are set to "ro,nocache".
+.TP
+.B \-p
+Print PID.
+Outputs the process-id of
+.B hlfsd
+to standard output where it can be saved into a file.
+.TP
+.B \-v
+Version.  Displays version information to standard error.
+.TP
+.BI \-x " log-options"
+Specify run-time logging options.  The options are a comma separated
+list chosen from: fatal, error, user, warn, info, map, stats, all.
+.TP
+.BI \-C
+Force
+.B hlfsd
+to run on systems that cannot turn off the NFS attribute-cache.  Use of
+this option on those systems is discouraged, as it may result in loss
+or misdelivery of mail.  The option is ignored on systems that can turn
+off the attribute-cache.
+.TP
+.BI \-D " log-options"
+Select from a variety of debugging options.  Prefixing an
+option with the string
+.B no
+reverses the effect of that option.  Options are cumulative.
+The most useful option is
+.BR all .
+Since this option is only used for debugging other options are not
+documented here.  A fuller description is available in the program
+source.  A SIGUSR1 sent to
+.B hlfsd
+will cause it to dump its internal password map to the file
+.BR /usr/tmp/hlfsd.dump.XXXXXX .
+.TP
+.BI \-P " password-file"
+Read the user-name, user-id, and home directory information from the file
+.I password-file.
+Normally,
+.B hlfsd
+will use
+.IR getpwent (3)
+to read the password database.  This option allows you to override the
+default database, and is useful if you want to map users' mail files to a
+directory other than their home directory.  Only the username, uid, and
+home-directory fields of the file
+.I password-file
+are read and checked.  All other fields are ignored.  The file
+.I password-file
+must otherwise be compliant with Unix System 7 colon-delimited format
+.IR passwd (4).
+.SH FILES
+.PD 0
+.TP 5
+.B /hlfs
+directory under which
+.B hlfsd
+mounts itself and manages the symbolic link
+.BR home .
+.TP 5
+.B .hlfsdir
+default sub-directory in the user's home directory, to which the
+.B home
+symbolic link returned by
+.B hlfsd
+points.
+.TP 5
+.B /var/hlfs
+directory to which
+.B home
+symbolic link returned by
+.B hlfsd
+points if it is unable to verify the that
+user's home directory is accessible.
+.SH "SEE ALSO"
+.BR amd (8),
+.BR automount (8),
+.BR cron(8),
+.BR getgrent (3),
+.BR getpwent (3),
+.BR mail(1),
+.BR mnttab (4),
+.BR mount (8),
+.BR mtab (5),
+.BR passwd (4),
+.BR sendmail (8),
+.BR umount (8).
+.LP
+.IR "HLFSD: Delivering Email to Your $HOME" ,
+in
+.IR "Proc. LISA-VII, The 7th Usenix System Administration Conference" ,
+November 1993.
+.SH AUTHORS
+Erez Zadok <ezk@cs.columbia.edu>, Computer Science Department,
+Columbia University, New York City, New York, USA, and
+Alexander Dupuy <dupuy@smarts.com>, System Management ARTS,
+White Plains, New York, USA.
diff --git a/contrib/amd/hlfsd/hlfsd.c b/contrib/amd/hlfsd/hlfsd.c
new file mode 100644
index 0000000..388c65b
--- /dev/null
+++ b/contrib/amd/hlfsd/hlfsd.c
@@ -0,0 +1,953 @@
+/*
+ * Copyright (c) 1997-1998 Erez Zadok
+ * Copyright (c) 1989 Jan-Simon Pendry
+ * Copyright (c) 1989 Imperial College of Science, Technology & Medicine
+ * Copyright (c) 1989 The Regents of the University of California.
+ * All rights reserved.
+ *
+ * This code is derived from software contributed to Berkeley by
+ * Jan-Simon Pendry at Imperial College, London.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *      This product includes software developed by the University of
+ *      California, Berkeley and its contributors.
+ * 4. Neither the name of the University nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ *      %W% (Berkeley) %G%
+ *
+ * $Id: hlfsd.c,v 1.11 1994/11/06 00:19:52 ezk Exp ezk $
+ *
+ * HLFSD was written at Columbia University Computer Science Department, by
+ * Erez Zadok <ezk@cs.columbia.edu> and Alexander Dupuy <dupuy@cs.columbia.edu>
+ * It is being distributed under the same terms and conditions as amd does.
+ */
+
+#ifdef HAVE_CONFIG_H
+# include <config.h>
+#endif /* HAVE_CONFIG_H */
+#include <am_defs.h>
+#include <hlfsd.h>
+
+/*
+ * STATIC VARIABLES:
+ */
+static RETSIGTYPE proceed(int);
+static RETSIGTYPE reaper(int);
+static RETSIGTYPE reload(int);
+static char *hlfs_group = DEFAULT_HLFS_GROUP;
+static char default_dir_name[] = DEFAULT_DIRNAME;
+static char *dir_name = default_dir_name;
+static int printpid = 0;
+static int stoplight = 0;
+static void hlfsd_init(void);
+static void usage(void);
+
+static struct itimerval reloadinterval = {
+  {DEFAULT_INTERVAL, 0},
+  {DEFAULT_INTERVAL, 0}
+};
+
+/*
+ * default mount options.
+ */
+static char default_mntopts[] = "ro,noac";
+
+/*
+ * GLOBALS:
+ */
+SVCXPRT *nfsxprt;
+char *alt_spooldir = ALT_SPOOLDIR;
+char *home_subdir = HOME_SUBDIR;
+char *logfile = DEFAULT_LOGFILE;
+char *passwdfile = NULL;	/* alternate passwd file to use */
+char *progname;
+char *slinkname = 0;
+char hostname[MAXHOSTNAMELEN] = "localhost";
+int cache_interval = DEFAULT_CACHE_INTERVAL;
+int foreground = 1;		/* This is the top-level server */
+gid_t hlfs_gid = (gid_t) INVALIDID;
+int masterpid = 0;
+int noverify = 0;
+int orig_umask;
+int serverpid = 0;
+nfstime startup;
+pid_t mypid;			/* Current process id */
+serv_state amd_state;
+u_short nfs_port;
+
+/* symbol must be available always */
+#ifdef MOUNT_TABLE_ON_FILE
+char *mnttab_file_name = MNTTAB_FILE_NAME;
+#else /* not MOUNT_TABLE_ON_FILE */
+char *mnttab_file_name = NULL;
+#endif /* not MOUNT_TABLE_ON_FILE */
+
+#ifdef DEBUG
+int debug_flags = 0;
+#endif /* DEBUG */
+
+/* forward declarations */
+void hlfsd_going_down(int rc);
+
+
+static void
+usage(void)
+{
+  fprintf(stderr,
+	  "Usage: %s [-Cfhnpv] [-a altdir] [-c cache-interval] [-g group]\n",
+	  progname);
+  fprintf(stderr, "\t[-i interval] [-l logfile] [-o mntopts] [-P passwdfile]\n");
+  show_opts('x', xlog_opt);
+#ifdef DEBUG
+  show_opts('D', dbg_opt);
+#endif /* DEBUG */
+  fprintf(stderr, "\t[dir_name [subdir]]\n");
+  exit(2);
+}
+
+
+int
+main(int argc, char *argv[])
+{
+  char *dot;
+  char *mntopts = (char *) NULL;
+  char hostpid_fs[MAXHOSTNAMELEN + 1 + 16];	/* room for ":(pid###)" */
+  char progpid_fs[PROGNAMESZ + 1 + 11];		/* room for ":pid" */
+  char preopts[128];
+  int forcecache = 0;
+  int forcefast = 0;
+  int genflags = 0;
+  int opt, ret;
+  int opterrs = 0;
+  int retry;
+  int soNFS;			/* NFS socket */
+  int s = -99;
+  mntent_t mnt;
+  nfs_args_t nfs_args;
+  am_nfs_handle_t anh;
+  struct dirent *direntry;
+  struct group *grp;
+  struct stat stmodes;
+  DIR *mountdir;
+  MTYPE_TYPE type = MOUNT_TYPE_NFS;
+
+#ifdef HAVE_SIGACTION
+  struct sigaction sa;
+#endif /* not HAVE_SIGACTION */
+
+#ifndef HAVE_TRANSPORT_TYPE_TLI
+  struct sockaddr_in localsocket;
+#endif /* not HAVE_TRANSPORT_TYPE_TLI */
+
+
+  /* get program name and truncate so we don't overflow progpid_fs */
+
+  if ((progname = strrchr(argv[0], '/')) != NULL)
+    progname++;
+  else
+    progname = argv[0];
+  if ((int) strlen(progname) > PROGNAMESZ) /* truncate to reasonable size */
+    progname[PROGNAMESZ] = '\0';
+
+  while ((opt = getopt(argc, argv, "a:c:CD:fg:hi:l:no:pP:x:v")) != EOF)
+    switch (opt) {
+
+    case 'a':
+      if (!optarg || optarg[0] != '/') {
+	printf("%s: invalid directory for -a: %s\n",
+	       progname, optarg);
+	exit(3);
+      }
+      alt_spooldir = optarg;
+      break;
+
+    case 'c':
+      if (!atoi(optarg)) {
+	printf("%s: invalid interval for -c: %s\n",
+	       progname, optarg);
+	exit(3);
+      }
+      cache_interval = atoi(optarg);
+      break;
+
+    case 'C':
+      forcecache++;
+      break;
+
+    case 'f':
+      forcefast++;
+      break;
+
+    case 'g':
+      hlfs_group = optarg;
+      break;
+
+    case 'i':
+      if (!atoi(optarg)) {
+	printf("%s: invalid interval for -i: %s\n",
+	       progname, optarg);
+	exit(3);
+      }
+      reloadinterval.it_interval.tv_sec = atoi(optarg);
+      reloadinterval.it_value.tv_sec = atoi(optarg);
+      break;
+
+    case 'l':
+      logfile = optarg;
+      break;
+
+    case 'n':
+      noverify++;
+      break;
+
+    case 'o':
+      mntopts = optarg;
+      break;
+
+    case 'p':
+      printpid++;
+      break;
+
+    case 'P':
+      passwdfile = optarg;
+      break;
+
+    case 'v':
+      fprintf(stderr, "%s\n", HLFSD_VERSION);
+      exit(0);
+
+    case 'x':
+      opterrs += switch_option(optarg);
+      break;
+
+    case 'D':
+#ifdef DEBUG
+      opterrs += debug_option(optarg);
+#else /* not DEBUG */
+      fprintf(stderr, "%s: not compiled with DEBUG -- sorry.\n", progname);
+#endif /* not DEBUG */
+      break;
+
+    case 'h':
+    case '?':
+      opterrs++;
+    }
+
+  /* set some default debugging options */
+  if (xlog_level_init == ~0)
+    switch_option("");
+  /* need my pid before any dlog/plog */
+  mypid = getpid();
+#ifdef DEBUG
+  switch_option("debug");
+#endif /* DEBUG */
+
+/*
+ * Terminate if did not ask to forcecache (-C) and hlfsd would not be able
+ * to set the minimum cache intervals.
+ */
+#if !defined(MNT2_NFS_OPT_ACREGMIN) && !defined(MNT2_NFS_OPT_NOAC) && !defined(HAVE_FIELD_NFS_ARGS_T_ACREGMIN)
+  if (!forcecache) {
+    fprintf(stderr, "%s: will not be able to turn off attribute caches.\n", progname);
+    exit(1);
+  }
+#endif /* !defined(MNT2_NFS_OPT_ACREGMIN) && !defined(MNT2_NFS_OPT_NOAC) && !defined(HAVE_FIELD_NFS_ARGS_T_ACREGMIN) */
+
+
+  switch (argc - optind) {
+  case 2:
+    home_subdir = argv[optind + 1];
+  case 1:
+    dir_name = argv[optind];
+  case 0:
+    break;
+  default:
+    opterrs++;
+  }
+
+  if (opterrs)
+    usage();
+
+  /* ensure that only root can run hlfsd */
+  if (geteuid()) {
+    fprintf(stderr, "hlfsd can only be run as root\n");
+    exit(1);
+  }
+  setbuf(stdout, (char *) NULL);
+  umask(0);
+
+  /* find gid for hlfs_group */
+  if ((grp = getgrnam(hlfs_group)) == (struct group *) NULL) {
+    fprintf(stderr, "%s: cannot get gid for group \"%s\".\n",
+	    progname, hlfs_group);
+  } else {
+    hlfs_gid = grp->gr_gid;
+  }
+
+  /* get hostname for logging and open log before we reset umask */
+  gethostname(hostname, MAXHOSTNAMELEN);
+  if ((dot = strchr(hostname, '.')) != NULL)
+    *dot = '\0';
+  if (logfile)
+    switch_to_logfile(logfile);
+  orig_umask = umask(0);
+
+#if defined(DEBUG) && !defined(MOUNT_TABLE_ON_FILE)
+  if (debug_flags & D_MTAB)
+    dlog("-D mtab option ignored");
+#endif /* defined(DEBUG) && !defined(MOUNT_TABLE_ON_FILE) */
+
+  /* avoid hanging on other NFS servers if started elsewhere */
+  if (chdir("/") < 0)
+    fatal("cannot chdir to /: %m");
+
+  if (geteuid() != 0)
+    fatal("must be root to mount filesystems");
+
+  /*
+   * dir_name must match "^(/.*)/([^/]+)$", and is split at last '/' with
+   * slinkname = `basename $dir_name` - requires dir_name be writable
+   */
+
+  if (dir_name[0] != '/'
+      || ((slinkname = strrchr(dir_name, '/')), *slinkname++ = '\0',
+	  (dir_name[0] == '\0' || slinkname[0] == '\0'))) {
+    if (slinkname)
+      *--slinkname = '/';
+    printf("%s: invalid mount directory/link %s\n",
+	   progname, dir_name);
+    exit(3);
+  }
+
+  clock_valid = 0;		/* invalidate logging clock */
+
+  if (!forcefast) {
+    /* make sure mount point exists and is at least mode 555 */
+    if (stat(dir_name, &stmodes) < 0)
+      if (errno != ENOENT || mkdirs(dir_name, 0555) < 0
+	  || stat(dir_name, &stmodes) < 0)
+	fatalerror(dir_name);
+
+    if ((stmodes.st_mode & 0555) != 0555) {
+      fprintf(stderr, "%s: directory %s not read/executable\n",
+	      progname, dir_name);
+      plog(XLOG_WARNING, "directory %s not read/executable",
+	   dir_name);
+    }
+
+    /* warn if extraneous stuff will be hidden by mount */
+    if ((mountdir = opendir(dir_name)) == NULL)
+      fatalerror(dir_name);
+
+    while ((direntry = readdir(mountdir)) != NULL) {
+      if (!NSTREQ(".", direntry->d_name, NAMLEN(direntry)) &&
+	  !NSTREQ("..", direntry->d_name, NAMLEN(direntry)) &&
+	  !NSTREQ(slinkname, direntry->d_name, NAMLEN(direntry)))
+	break;
+    }
+
+    if (direntry != NULL) {
+      fprintf(stderr, "%s: %s/%s will be hidden by mount\n",
+	      progname, dir_name, direntry->d_name);
+      plog(XLOG_WARNING, "%s/%s will be hidden by mount\n",
+	   dir_name, direntry->d_name);
+    }
+    closedir(mountdir);
+
+    /* make sure alternate spool dir exists */
+    if ((errno = mkdirs(alt_spooldir, OPEN_SPOOLMODE))) {
+      fprintf(stderr, "%s: cannot create alternate dir ",
+	      progname);
+      perror(alt_spooldir);
+      plog(XLOG_ERROR, "cannot create alternate dir %s: %m",
+	   alt_spooldir);
+    }
+    chmod(alt_spooldir, OPEN_SPOOLMODE);
+
+    /* create failsafe link to alternate spool directory */
+    slinkname[-1] = '/';	/* unsplit dir_name to include link */
+    if (lstat(dir_name, &stmodes) == 0 &&
+	(stmodes.st_mode & S_IFMT) != S_IFLNK) {
+      fprintf(stderr, "%s: failsafe %s not a symlink\n",
+	      progname, dir_name);
+      plog(XLOG_WARNING, "failsafe %s not a symlink\n",
+	   dir_name);
+    } else {
+      unlink(dir_name);
+
+      if (symlink(alt_spooldir, dir_name) < 0) {
+	fprintf(stderr,
+		"%s: cannot create failsafe symlink %s -> ",
+		progname, dir_name);
+	perror(alt_spooldir);
+	plog(XLOG_WARNING,
+	     "cannot create failsafe symlink %s -> %s: %m",
+	     dir_name, alt_spooldir);
+      }
+    }
+
+    slinkname[-1] = '\0';	/* resplit dir_name */
+  } /* end of "if (!forcefast) {" */
+
+  /*
+   * Register hlfsd as an nfs service with the portmapper.
+   */
+#ifdef HAVE_TRANSPORT_TYPE_TLI
+  ret = create_nfs_service(&soNFS, &nfs_port, &nfsxprt, nfs_program_2);
+#else /* not HAVE_TRANSPORT_TYPE_TLI */
+  ret = create_nfs_service(&soNFS, &nfs_port, &nfsxprt, nfs_program_2);
+#endif /* not HAVE_TRANSPORT_TYPE_TLI */
+  if (ret != 0)
+    fatal("cannot create NFS service");
+
+#ifdef HAVE_SIGACTION
+  sa.sa_handler = proceed;
+  sa.sa_flags = 0;
+  sigemptyset(&(sa.sa_mask));
+  sigaddset(&(sa.sa_mask), SIGUSR2);
+  sigaction(SIGUSR2, &sa, NULL);
+#else /* not HAVE_SIGACTION */
+  signal(SIGUSR2, proceed);
+#endif /* not HAVE_SIGACTION */
+
+  plog(XLOG_INFO, "Initializing hlfsd...");
+  hlfsd_init();			/* start up child (forking) to run svc_run */
+
+#ifdef HAVE_SIGACTION
+  sa.sa_handler = reaper;
+  sa.sa_flags = 0;
+  sigemptyset(&(sa.sa_mask));
+  sigaddset(&(sa.sa_mask), SIGCHLD);
+  sigaction(SIGCHLD, &sa, NULL);
+#else /* not HAVE_SIGACTION */
+  signal(SIGCHLD, reaper);
+#endif /* not HAVE_SIGACTION */
+
+#ifdef DEBUG
+  /*
+   * In the parent, if -D nodaemon (or -D daemon) , we don't need to
+   * set this signal handler.
+   */
+  amuDebug(D_DAEMON) {
+#endif /* DEBUG */
+    /* XXX: port to use pure svr4 signals */
+    s = -99;
+    while (stoplight != SIGUSR2) {
+      plog(XLOG_INFO, "parent waits for child to setup (stoplight=%d)", stoplight);
+      s = sigpause(0);		/* wait for child to set up */
+      sleep(1);
+    }
+#ifdef DEBUG
+  }
+#endif /* DEBUG */
+
+  /*
+   * setup options to mount table (/etc/{mtab,mnttab}) entry
+   */
+  sprintf(hostpid_fs, "%s:(pid%d)", hostname, masterpid);
+  memset((char *) &mnt, 0, sizeof(mnt));
+  mnt.mnt_dir = dir_name;	/* i.e., "/mail" */
+  mnt.mnt_fsname = hostpid_fs;
+  if (mntopts) {
+    mnt.mnt_opts = mntopts;
+  } else {
+    strcpy(preopts, default_mntopts);
+    /*
+     * Turn off all kinds of attribute and symlink caches as
+     * much as possible.  Also make sure that mount does not
+     * show up to df.
+     */
+#ifdef MNTTAB_OPT_INTR
+    strcat(preopts, ",");
+    strcat(preopts, MNTTAB_OPT_INTR);
+#endif /* MNTTAB_OPT_INTR */
+#ifdef MNTTAB_OPT_IGNORE
+    strcat(preopts, ",");
+    strcat(preopts, MNTTAB_OPT_IGNORE);
+#endif /* MNTTAB_OPT_IGNORE */
+#ifdef MNT2_GEN_OPT_CACHE
+    strcat(preopts, ",nocache");
+#endif /* MNT2_GEN_OPT_CACHE */
+#ifdef MNT2_NFS_OPT_SYMTTL
+    strcat(preopts, ",symttl=0");
+#endif /* MNT2_NFS_OPT_SYMTTL */
+    mnt.mnt_opts = preopts;
+  }
+
+  /*
+   * Make sure that amd's top-level NFS mounts are hidden by default
+   * from df.
+   * If they don't appear to support the either the "ignore" mnttab
+   * option entry, or the "auto" one, set the mount type to "nfs".
+   */
+  mnt.mnt_type = HIDE_MOUNT_TYPE;
+  /* some systems don't have a mount type, but a mount flag */
+
+#ifndef HAVE_TRANSPORT_TYPE_TLI
+  amu_get_myaddress(&localsocket.sin_addr);
+  localsocket.sin_family = AF_INET;
+  localsocket.sin_port = htons(nfsxprt->xp_port);
+#endif /* not HAVE_TRANSPORT_TYPE_TLI */
+
+  /*
+   * Update hostname field.
+   * Make some name prog:pid (i.e., hlfsd:174) for hostname
+   */
+  sprintf(progpid_fs, "%s:%d", progname, masterpid);
+
+  /* Most kernels have a name length restriction. */
+  if ((int) strlen(progpid_fs) >= (int) MAXHOSTNAMELEN)
+    strcpy(progpid_fs + MAXHOSTNAMELEN - 3, "..");
+
+  genflags = compute_mount_flags(&mnt);
+
+  retry = hasmntval(&mnt, MNTTAB_OPT_RETRY);
+  if (retry <= 0)
+    retry = 1;			/* XXX */
+
+  memmove(&anh.v2.fhs_fh, root_fhp, sizeof(*root_fhp));
+#ifdef HAVE_TRANSPORT_TYPE_TLI
+  compute_nfs_args(&nfs_args,
+		   &mnt,
+		   genflags,
+		   nfsncp,
+		   NULL,	/* remote host IP addr is set below */
+		   NFS_VERSION,	/* version 2 */
+		   "udp",	/* XXX: shouldn't this be "udp"? */
+		   &anh,
+		   progpid_fs,	/* host name for kernel */
+		   hostpid_fs); /* filesystem name for kernel */
+  /*
+   * IMPORTANT: set the correct IP address AFTERWARDS.  It cannot
+   * be done using the normal mechanism of compute_nfs_args(), because
+   * that one will allocate a new address and use NFS_SA_DREF() to copy
+   * parts to it, while assuming that the ip_addr passed is always
+   * a "struct sockaddr_in".  That assumption is incorrect on TLI systems,
+   * because they define a special macro HOST_SELF which is DIFFERENT
+   * than localhost (127.0.0.1)!
+   */
+  nfs_args.addr = &nfsxprt->xp_ltaddr;
+#else /* not HAVE_TRANSPORT_TYPE_TLI */
+  compute_nfs_args(&nfs_args,
+		   &mnt,
+		   genflags,
+		   &localsocket,
+		   NFS_VERSION, /* version 2 */
+		   "udp",	/* XXX: shouldn't this be "udp"? */
+		   &anh,
+		   progpid_fs,	/* host name for kernel */
+		   hostpid_fs); /* filesystem name for kernel */
+#endif /* not HAVE_TRANSPORT_TYPE_TLI */
+
+  /*************************************************************************
+   * NOTE: while compute_nfs_args() works ok for regular NFS mounts	   *
+   * the toplvl one is not, and so some options must be corrected by hand  *
+   * more carefully, *after* compute_nfs_args() runs.			   *
+   *************************************************************************/
+  compute_automounter_nfs_args(&nfs_args, &mnt);
+
+  clock_valid = 0;		/* invalidate logging clock */
+
+/*
+ * The following code could be cleverly ifdef-ed, but I duplicated the
+ * mount_fs call three times for simplicity and readability.
+ */
+#ifdef DEBUG
+/*
+ * For some reason, this mount may have to be done in the background, if I am
+ * using -D nodebug.  I suspect that the actual act of mounting requires
+ * calling to hlfsd itself to invoke one or more of its nfs calls, to stat
+ * /mail.  That means that even if you say -D nodaemon, at least the mount
+ * of hlfsd itself on top of /mail will be done in the background.
+ * The other alternative I have is to run svc_run, but set a special
+ * signal handler to perform the mount in N seconds via some alarm.
+ *      -Erez Zadok.
+ */
+  if (debug_flags & D_DAEMON) {	/* asked for -D daemon */
+    plog(XLOG_INFO, "parent NFS mounting hlfsd service points");
+    if (mount_fs(&mnt, genflags, (caddr_t) &nfs_args, retry, type, 0, NULL, mnttab_file_name) < 0)
+      fatal("nfsmount: %m");
+  } else {			/* asked for -D nodaemon */
+    if (fork() == 0) {		/* child runs mount */
+      mypid = getpid();
+      foreground = 0;
+      plog(XLOG_INFO, "child NFS mounting hlfsd service points");
+      if (mount_fs(&mnt, genflags, (caddr_t) &nfs_args, retry, type, 0, NULL, mnttab_file_name) < 0) {
+	fatal("nfsmount: %m");
+      }
+      exit(0);			/* all went well */
+    } else { /* fork failed or parent running */
+      plog(XLOG_INFO, "parent waiting 1sec for mount...");
+    }
+  }
+#else /* not DEBUG */
+  plog(XLOG_INFO, "normal NFS mounting hlfsd service points");
+  if (mount_fs(&mnt, genflags, (caddr_t) &nfs_args, retry, type, 2, "udp", mnttab_file_name) < 0)
+    fatal("nfsmount: %m");
+#endif /* not DEBUG */
+
+#ifdef HAVE_TRANSPORT_TYPE_TLI
+  /*
+   * XXX: this free_knetconfig() was not done for hlfsd before,
+   * and apparently there was a reason for it, but why? -Erez
+   */
+  free_knetconfig(nfs_args.knconf);
+  /*
+   * local automounter mounts do not allocate a special address, so
+   * no need to XFREE(nfs_args.addr) under TLI.
+   */
+#endif /* HAVE_TRANSPORT_TYPE_TLI */
+
+  if (printpid)
+    printf("%d\n", masterpid);
+
+  plog(XLOG_INFO, "hlfsd ready to serve");
+#ifdef DEBUG
+  /*
+   * If asked not to fork a daemon (-D nodaemon), then hlfsd_init()
+   * will not run svc_run.  We must start svc_run here.
+   */
+  dlog("starting no-daemon debugging svc_run");
+  amuDebugNo(D_DAEMON)
+    svc_run();
+#endif /* DEBUG */
+
+  cleanup(0);			/* should never happen here */
+  return (0);			/* everything went fine? */
+}
+
+
+static void
+hlfsd_init(void)
+{
+  int child = 0;
+#ifdef HAVE_SIGACTION
+  struct sigaction sa;
+#endif /* HAVE_SIGACTION */
+
+  clock_valid = 0;		/* invalidate logging clock */
+
+  /*
+   * Initialize file handles.
+   */
+  plog(XLOG_INFO, "initializing hlfsd file handles");
+  hlfsd_init_filehandles();
+
+#ifdef DEBUG
+  /*
+   * If -D daemon then we must fork.
+   */
+  amuDebug(D_DAEMON)
+#endif /* DEBUG */
+    child = fork();
+
+  if (child < 0)
+    fatal("fork: %m");
+
+  if (child != 0) {		/* parent process - save child pid */
+    masterpid = child;
+    mypid = getpid();		/* for logging routines */
+    return;
+  }
+
+  /*
+   * CHILD CODE:
+   * initialize server
+   */
+
+  plog(XLOG_INFO, "initializing home directory database");
+  plt_init();			/* initialize database */
+  plog(XLOG_INFO, "home directory database initialized");
+
+  masterpid = serverpid = mypid = getpid(); /* for logging routines */
+
+  /*
+   * SIGALRM/SIGHUP: reload password database if timer expired
+   * or user sent HUP signal.
+   */
+#ifdef HAVE_SIGACTION
+  sa.sa_handler = reload;
+  sa.sa_flags = 0;
+  sigemptyset(&(sa.sa_mask));
+  sigaddset(&(sa.sa_mask), SIGALRM);
+  sigaddset(&(sa.sa_mask), SIGHUP);
+  sigaction(SIGALRM, &sa, NULL);
+  sigaction(SIGHUP, &sa, NULL);
+#else /* not HAVE_SIGACTION */
+  signal(SIGALRM, reload);
+  signal(SIGHUP, reload);
+#endif /* not HAVE_SIGACTION */
+
+  /*
+   * SIGTERM: cleanup and exit.
+   */
+#ifdef HAVE_SIGACTION
+  sa.sa_handler = cleanup;
+  sa.sa_flags = 0;
+  sigemptyset(&(sa.sa_mask));
+  sigaddset(&(sa.sa_mask), SIGTERM);
+  sigaction(SIGTERM, &sa, NULL);
+#else /* not HAVE_SIGACTION */
+  signal(SIGTERM, cleanup);
+#endif /* not HAVE_SIGACTION */
+
+  /*
+   * SIGCHLD: interlock sycronization and testing
+   */
+#ifdef HAVE_SIGACTION
+  sa.sa_handler = interlock;
+  sa.sa_flags = 0;
+  sigemptyset(&(sa.sa_mask));
+  sigaddset(&(sa.sa_mask), SIGCHLD);
+  sigaction(SIGCHLD, &sa, NULL);
+#else /* not HAVE_SIGACTION */
+  signal(SIGCHLD, interlock);
+#endif /* not HAVE_SIGACTION */
+
+  /*
+   * SIGUSR1: dump internal hlfsd maps/cache to file
+   */
+#ifdef HAVE_SIGACTION
+# if defined(DEBUG) || defined(DEBUG_PRINT)
+  sa.sa_handler = plt_print;
+# else /* not defined(DEBUG) || defined(DEBUG_PRINT) */
+  sa.sa_handler = SIG_IGN;
+# endif /* not defined(DEBUG) || defined(DEBUG_PRINT) */
+  sa.sa_flags = 0;
+  sigemptyset(&(sa.sa_mask));
+  sigaddset(&(sa.sa_mask), SIGUSR1);
+  sigaction(SIGUSR1, &sa, NULL);
+#else /* not HAVE_SIGACTION */
+# if defined(DEBUG) || defined(DEBUG_PRINT)
+  signal(SIGUSR1, plt_print);
+# else /* not defined(DEBUG) || defined(DEBUG_PRINT) */
+  signal(SIGUSR1, SIG_IGN);
+# endif /* not defined(DEBUG) || defined(DEBUG_PRINT) */
+#endif /* not HAVE_SIGACTION */
+
+  if (setitimer(ITIMER_REAL, &reloadinterval, (struct itimerval *) 0) < 0)
+    fatal("setitimer: %m");
+
+  gettimeofday((struct timeval *) &startup, (struct timezone *) 0);
+
+#ifdef DEBUG
+  /*
+   * If -D daemon, then start serving here in the child,
+   * and the parent will exit.  But if -D nodaemon, then
+   * skip this code and make sure svc_run is entered elsewhere.
+   */
+  amuDebug(D_DAEMON) {
+#endif /* DEBUG */
+
+    /*
+     * Dissociate from the controlling terminal
+     */
+    amu_release_controlling_tty();
+
+    /*
+     * signal parent we are ready. parent should
+     * mount(2) and die.
+     */
+    if (kill(getppid(), SIGUSR2) < 0)
+      fatal("kill: %m");
+    plog(XLOG_INFO, "starting svc_run");
+    svc_run();
+    cleanup(0);		/* should never happen, just in case */
+#ifdef DEBUG
+  } /* end of code that runs iff hlfsd daemonizes */
+#endif /* DEBUG */
+
+}
+
+
+static RETSIGTYPE
+proceed(int signum)
+{
+  stoplight = signum;
+}
+
+
+static RETSIGTYPE
+reload(int signum)
+{
+  int child;
+  int status;
+
+  clock_valid = 0;		/* invalidate logging clock */
+
+  if (getpid() != masterpid)
+    return;
+
+  /*
+   * If received a SIGHUP, close and reopen the log file (so that it
+   * can be rotated)
+   */
+  if (signum == SIGHUP && logfile)
+    switch_to_logfile(logfile);
+
+  /*
+   * parent performs the reload, while the child continues to serve
+   * clients accessing the home dir link.
+   */
+  if ((child = fork()) > 0) {
+    serverpid = child;		/* parent runs here */
+    mypid = getpid();
+
+    plt_init();
+
+    if (kill(child, SIGKILL) < 0) {
+      plog(XLOG_ERROR, "kill child: %m");
+    } else {			/* wait for child to die before continue */
+      if (wait(&status) != child) {
+	/*
+	 * I took out this line because it generates annoying output.  It
+	 * indicates a very small bug in hlfsd which is totally harmless.
+	 * It causes hlfsd to work a bit harder than it should.
+	 * Nevertheless, I intend on fixing it in a future release.
+	 * -Erez Zadok <ezk@cs.columbia.edu>
+	 */
+	/* plog(XLOG_ERROR, "unknown child"); */
+      }
+    }
+    serverpid = masterpid;
+  } else if (child < 0) {
+    plog(XLOG_ERROR, "unable to fork: %m");
+  } else {
+    /* let child handle requests while we reload */
+    serverpid = getpid();
+    mypid = getpid();
+  }
+}
+
+
+RETSIGTYPE
+cleanup(int signum)
+{
+  struct stat stbuf;
+  int umount_result;
+
+  clock_valid = 0;		/* invalidate logging clock */
+
+#ifdef DEBUG
+  amuDebug(D_DAEMON)
+#endif /* DEBUG */
+    if (getpid() != masterpid)
+    return;
+
+#ifdef DEBUG
+  amuDebug(D_DAEMON)
+#endif /* DEBUG */
+    if (fork() != 0) {
+    masterpid = 0;
+    mypid = getpid();
+    return;
+  }
+  mypid = getpid();
+
+  for (;;) {
+    while ((umount_result = UMOUNT_FS(dir_name, mnttab_file_name)) == EBUSY) {
+#ifdef DEBUG
+      dlog("cleanup(): umount delaying for 10 seconds");
+#endif /* DEBUG */
+      sleep(10);
+    }
+    if (stat(dir_name, &stbuf) == 0 && stbuf.st_ino == ROOTID) {
+      plog(XLOG_ERROR, "unable to unmount %s", dir_name);
+      plog(XLOG_ERROR, "suspending, unmount before terminating");
+      kill(mypid, SIGSTOP);
+      continue;			/* retry unmount */
+    }
+    break;
+  }
+
+#ifdef DEBUG
+  dlog("cleanup(): killing processes and terminating");
+  amuDebug(D_DAEMON)
+#endif /* DEBUG */
+    kill(masterpid, SIGKILL);
+
+#ifdef DEBUG
+  amuDebug(D_DAEMON)
+#endif /* DEBUG */
+    kill(serverpid, SIGKILL);
+
+  plog(XLOG_INFO, "hlfsd terminating with status 0\n");
+  exit(0);
+}
+
+
+static RETSIGTYPE
+reaper(int signum)
+{
+  int result;
+
+  if (wait(&result) == masterpid) {
+    exit(4);
+  }
+}
+
+
+void
+hlfsd_going_down(int rc)
+{
+  int mypid = getpid();
+
+  if (mypid == masterpid)
+    cleanup(0);
+  else if (mypid == serverpid)
+    kill(masterpid, SIGTERM);
+
+  exit(rc);
+}
+
+
+void
+fatal(char *mess)
+{
+  if (logfile && !STREQ(logfile, "stderr")) {
+    char lessmess[128];
+    int messlen;
+
+    messlen = strlen(mess);
+
+    if (!STREQ(&mess[messlen + 1 - sizeof(ERRM)], ERRM))
+      fprintf(stderr, "%s: %s\n", progname, mess);
+    else {
+      strcpy(lessmess, mess);
+      lessmess[messlen - 4] = '\0';
+
+      if (errno < sys_nerr)
+	fprintf(stderr, "%s: %s: %s\n", progname,
+		lessmess, sys_errlist[errno]);
+      else
+	fprintf(stderr, "%s: %s: Error %d\n",
+		progname, lessmess, errno);
+    }
+  }
+  plog(XLOG_FATAL, mess);
+
+  hlfsd_going_down(1);
+}
diff --git a/contrib/amd/hlfsd/hlfsd.h b/contrib/amd/hlfsd/hlfsd.h
new file mode 100644
index 0000000..dec5d91
--- /dev/null
+++ b/contrib/amd/hlfsd/hlfsd.h
@@ -0,0 +1,171 @@
+/*
+ * Copyright (c) 1997-1998 Erez Zadok
+ * Copyright (c) 1989 Jan-Simon Pendry
+ * Copyright (c) 1989 Imperial College of Science, Technology & Medicine
+ * Copyright (c) 1989 The Regents of the University of California.
+ * All rights reserved.
+ *
+ * This code is derived from software contributed to Berkeley by
+ * Jan-Simon Pendry at Imperial College, London.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *      This product includes software developed by the University of
+ *      California, Berkeley and its contributors.
+ * 4. Neither the name of the University nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ *      %W% (Berkeley) %G%
+ *
+ * $Id: hlfs.h,v 1.9 1993/09/13 15:11:00 ezk Exp $
+ *
+ * HLFSD was written at Columbia University Computer Science Department, by
+ * Erez Zadok <ezk@cs.columbia.edu> and Alexander Dupuy <dupuy@cs.columbia.edu>
+ * It is being distributed under the same terms and conditions as amd does.
+ */
+
+#ifndef _HLFSD_HLFS_H
+#define _HLFSD_HLFS_H
+
+/*
+ * MACROS AND CONSTANTS:
+ */
+
+#define HLFSD_VERSION	"hlfsd 1.1 (March 4, 1997-1998)"
+#define PERS_SPOOLMODE	0755
+#define OPEN_SPOOLMODE	01777
+#define DOTSTRING	"."
+
+/*
+ * ROOTID and SLINKID are the fixed "faked" node IDs (inodes) for
+ * the '.' (also '..') and the one symlink within the hlfs.
+ * They must always be unique, and should never match what a UID
+ * could be.
+ * They used to be -1 and -2, respectively.
+ *
+ * I used to cast these to (uid_t) but it failed to compile
+ * with /opt/SUNWspro/bin/cc because uid_t is long, while struct fattr's
+ * uid field is u_int.  Then it failed to compile on some linux systems
+ * which define uid_t to be unsigned short, so I used the lowest common
+ * size which is unsigned short.
+ */
+#ifdef EXPERIMENTAL_UID_SIZE
+#define UID_SHIFT	30
+# define ROOTID		((1 << UID_SHIFT) - 1)
+# define SLINKID	((1 << UID_SHIFT) - 2)
+# define INVALIDID	((1 << UID_SHIFT) - 3)
+#else /* not EXPERIMENTAL_UID_SIZE */
+/*
+ * XXX: this will cause problems to systems with UIDs greater than
+ * MAX_UNSIGNED_SHORT-3.
+ */
+# define ROOTID		(((unsigned short) ~0) - 1)
+# define SLINKID	(((unsigned short) ~0) - 2)
+# define INVALIDID	(((unsigned short) ~0) - 3)
+#endif /* not EXPERIMENTAL_UID_SIZE */
+
+
+#define DOTCOOKIE	1
+#define DOTDOTCOOKIE	2
+#define SLINKCOOKIE	3
+
+#define ALT_SPOOLDIR "/var/hlfs" /* symlink to use if others fail */
+#define HOME_SUBDIR ".hlfsdir"	/* dirname in user's home dir */
+#define DEFAULT_DIRNAME "/hlfs/home"
+#define DEFAULT_INTERVAL 900	/* secs b/t re-reads of the password maps */
+#define DEFAULT_CACHE_INTERVAL 300 /* secs during which assume a link is up */
+#define DEFAULT_HLFS_GROUP	"hlfs"	/* Group name for special hlfs_gid */
+
+#define PROGNAMESZ	(MAXHOSTNAMELEN - 5)
+
+#ifdef HAVE_SYSLOG
+# define DEFAULT_LOGFILE "syslog"
+#else /* not HAVE)_SYSLOG */
+# define DEFAULT_LOGFILE 0
+#endif /* not HAVE)_SYSLOG */
+
+#define ERRM ": %m"
+#define fatalerror(str) \
+  (fatal (strcat (strnsave ((str), strlen ((str)) + sizeof (ERRM) - 1), ERRM)))
+
+/*
+ * TYPDEFS:
+ */
+typedef struct uid2home_t uid2home_t;
+typedef struct username2uid_t username2uid_t;
+
+
+/*
+ * STRUCTURES:
+ */
+struct uid2home_t {
+  uid_t uid;			/* XXX: with or without UID_OFFSET? */
+  pid_t child;
+  char *home;			/* really allocated */
+  char *uname;			/* an xref ptr to username2uid_t->username */
+  u_long last_access_time;
+  int last_status;		/* 0=used $HOME/.hlfsspool; !0=used alt dir */
+};
+
+struct username2uid_t {
+  char *username;		/* really allocated */
+  uid_t uid;			/* XXX: with or without UID_OFFSET? */
+  char *home;			/* an xref ptr to uid2home_t->home */
+};
+
+/*
+ * EXTERNALS:
+ */
+extern RETSIGTYPE cleanup(int);
+extern RETSIGTYPE interlock(int);
+extern SVCXPRT *nfs_program_2_transp;	/* For quick_reply() */
+extern SVCXPRT *nfsxprt;
+extern char *alt_spooldir;
+extern char *home_subdir;
+extern char *homedir(int);
+extern char *mailbox(int, char *);
+extern char *passwdfile;
+extern char *slinkname;
+extern char mboxfile[];
+extern gid_t hlfs_gid;
+extern int cache_interval;
+extern int noverify;
+extern int serverpid;
+extern int sys_nerr;
+extern int untab_index(char *username);
+extern am_nfs_fh *root_fhp;
+extern am_nfs_fh root;
+extern nfstime startup;
+extern uid2home_t *plt_search(int);
+extern username2uid_t *untab;	/* user name table */
+extern void fatal(char *);
+extern void plt_init(void);
+extern void hlfsd_init_filehandles(void);
+
+#if defined(DEBUG) || defined(DEBUG_PRINT)
+extern void plt_dump(uid2home_t *, pid_t);
+extern void plt_print(int);
+#endif /* defined(DEBUG) || defined(DEBUG_PRINT) */
+
+#endif /* _HLFSD_HLFS_H */
diff --git a/contrib/amd/hlfsd/homedir.c b/contrib/amd/hlfsd/homedir.c
new file mode 100644
index 0000000..d6df58e
--- /dev/null
+++ b/contrib/amd/hlfsd/homedir.c
@@ -0,0 +1,799 @@
+/*
+ * Copyright (c) 1997-1998 Erez Zadok
+ * Copyright (c) 1989 Jan-Simon Pendry
+ * Copyright (c) 1989 Imperial College of Science, Technology & Medicine
+ * Copyright (c) 1989 The Regents of the University of California.
+ * All rights reserved.
+ *
+ * This code is derived from software contributed to Berkeley by
+ * Jan-Simon Pendry at Imperial College, London.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *      This product includes software developed by the University of
+ *      California, Berkeley and its contributors.
+ * 4. Neither the name of the University nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ *      %W% (Berkeley) %G%
+ *
+ * $Id: homedir.c,v 1.16 1993/09/13 15:11:00 ezk Exp $
+ *
+ * HLFSD was written at Columbia University Computer Science Department, by
+ * Erez Zadok <ezk@cs.columbia.edu> and Alexander Dupuy <dupuy@cs.columbia.edu>
+ * It is being distributed under the same terms and conditions as amd does.
+ */
+
+#ifdef HAVE_CONFIG_H
+# include <config.h>
+#endif /* HAVE_CONFIG_H */
+#include <am_defs.h>
+#include <hlfsd.h>
+
+
+/*
+ * STATIC VARIABLES AND FUNCTIONS:
+ */
+static FILE *passwd_fp = NULL;
+static char pw_name[16], pw_dir[128];
+static int cur_pwtab_num = 0, max_pwtab_num = 0;
+static int hlfsd_diskspace(char *);
+static int hlfsd_stat(char *, struct stat *);
+static int passwd_line = 0;
+static int plt_reset(void);
+static struct passwd passwd_ent;
+static uid2home_t *lastchild;
+static uid2home_t *pwtab;
+static void delay(uid2home_t *, int);
+static void table_add(int, char *, char *);
+
+/* GLOBAL FUNCTIONS */
+char *homeof(char *username);
+int uidof(char *username);
+
+/* GLOBALS VARIABLES */
+char mboxfile[MAXPATHLEN];
+username2uid_t *untab;		/* user name table */
+
+
+/*
+ * Return the home directory pathname for the user with uid "userid".
+ */
+char *
+homedir(int userid)
+{
+  static char linkval[MAXPATHLEN + 1];
+  static struct timeval tp;
+  uid2home_t *found;
+  char *homename;
+  struct stat homestat;
+
+  clock_valid = 0;		/* invalidate logging clock */
+
+  if ((int) userid == 0) {	/* force superuser to use "/" as home */
+    sprintf(linkval, "/%s", home_subdir);
+    return linkval;
+  }
+  if ((found = plt_search(userid)) == (uid2home_t *) NULL) {
+    return alt_spooldir;	/* use alt spool for unknown uid */
+  }
+  homename = found->home;
+
+  if (homename[0] != '/' || homename[1] == '\0') {
+    found->last_status = 1;
+    return alt_spooldir;	/* use alt spool for / or rel. home */
+  }
+  sprintf(linkval, "%s/%s", homename, home_subdir);
+
+  if (noverify) {
+    found->last_status = 0;
+    return linkval;
+  }
+
+  /*
+   * To optimize hlfsd, we don't actually check the validity of the
+   * symlink if it has been in checked in the last N seconds.  It is
+   * very likely that the link, machine, and filesystem are still
+   * valid, as long as N is small.  But if N ls large, that may not be
+   * true.  That's why the default N is 5 minutes, but we allow the
+   * user to override this value via a command line option.  Note that
+   * we do not update the last_access_time each time it is accessed,
+   * but only once every N seconds.
+   */
+  if (gettimeofday(&tp, (struct timezone *) NULL) < 0) {
+    tp.tv_sec = 0;
+  } else {
+    if ((tp.tv_sec - found->last_access_time) < cache_interval) {
+      if (found->last_status == 0) {
+	return linkval;
+      } else {
+	return alt_spooldir;
+      }
+    } else {
+      found->last_access_time = tp.tv_sec;
+    }
+  }
+
+#ifdef DEBUG
+  /*
+   * only run this forking code if asked for -D fork
+   * or if did not ask for -D nofork
+   */
+  amuDebug(D_FORK) {
+#endif /* DEBUG */
+    /* fork child to process request if none in progress */
+    if (found->child && kill(found->child, 0))
+      found->child = 0;
+
+    if (found->child)
+      delay(found, 5);		/* wait a bit if in progress */
+    if (found->child) {		/* better safe than sorry - maybe */
+      found->last_status = 1;
+      return alt_spooldir;
+    }
+    if ((found->child = fork()) < 0) {
+      found->last_status = 1;
+      return alt_spooldir;
+    }
+    if (found->child) {		/* PARENT */
+#ifdef DEBUG
+      if (lastchild)
+	plog(XLOG_INFO, "cache spill uid = %d, pid = %d, home = %s",
+	     lastchild->uid, lastchild->child,
+	     lastchild->home);
+#endif /* DEBUG */
+      lastchild = found;
+      return (char *) NULL;	/* return NULL to parent, so it can continue */
+    }
+#ifdef DEBUG
+  }				/* end of Debug(D_FORK) */
+#endif /* DEBUG */
+
+  /*
+   * CHILD: (or parent if -D nofork)
+   *
+   * Check and create dir if needed.
+   * Check disk space and/or quotas too.
+   *
+   * We don't need to set the _last_status field of found after the fork
+   * in the child, b/c that information would be later determined in
+   * nfsproc_readlink_2() and the correct exit status would be returned
+   * to the parent upon SIGCHLD in interlock().
+   *
+   */
+  mypid = getpid();		/* for logging routines */
+  if (seteuid(userid) < 0) {
+    plog(XLOG_WARNING, "could not seteuid to %d: %m", userid);
+    return linkval;
+  }
+  if (hlfsd_stat(linkval, &homestat) < 0) {
+    if (errno == ENOENT) {	/* make the spool dir if possible */
+      /* don't use recursive mkdirs here */
+      if (mkdir(linkval, PERS_SPOOLMODE) < 0) {
+	seteuid(0);
+	plog(XLOG_WARNING, "can't make directory %s: %m", linkval);
+	return alt_spooldir;
+      }
+      /* fall through to testing the disk space / quota */
+    } else {			/* the home dir itself must not exist then */
+      seteuid(0);
+      plog(XLOG_WARNING, "bad link to %s: %m", linkval);
+      return alt_spooldir;
+    }
+  }
+
+  /*
+   * If gets here, then either the spool dir in the home dir exists,
+   * or it was just created.  In either case, we now need to
+   * test if we can create a small file and write at least one
+   * byte into it.  This will test that we have both enough inodes
+   * and disk blocks to spare, or they fall within the user's quotas too.
+   * We are still seteuid to the user at this point.
+   */
+  if (hlfsd_diskspace(linkval) < 0) {
+    seteuid(0);
+    plog(XLOG_WARNING, "no more space in %s: %m", linkval);
+    return alt_spooldir;
+  } else {
+    seteuid(0);
+    return linkval;
+  }
+}
+
+
+static int
+hlfsd_diskspace(char *path)
+{
+  char buf[MAXPATHLEN];
+  int fd, len;
+
+  clock_valid = 0;		/* invalidate logging clock */
+
+  sprintf(buf, "%s/._hlfstmp_%lu", path, (long) getpid());
+  if ((fd = open(buf, O_RDWR | O_CREAT, 0600)) < 0) {
+    plog(XLOG_ERROR, "cannot open %s: %m", buf);
+    return -1;
+  }
+  len = strlen(buf);
+  if (write(fd, buf, len) < len) {
+    plog(XLOG_ERROR, "cannot write \"%s\" (%d bytes) to %s : %m", buf, len, buf);
+    close(fd);
+    unlink(buf);		/* cleanup just in case */
+    return -1;
+  }
+  if (unlink(buf) < 0) {
+    plog(XLOG_ERROR, "cannot unlink %s : %m", buf);
+  }
+  close(fd);
+  return 0;
+}
+
+
+static int
+hlfsd_stat(char *path, struct stat *statp)
+{
+  if (stat(path, statp) < 0)
+    return -1;
+  else if (!S_ISDIR(statp->st_mode)) {
+    errno = ENOTDIR;
+    return -1;
+  }
+  return 0;
+}
+
+
+static void
+delay(uid2home_t *found, int secs)
+{
+  struct timeval tv;
+
+#ifdef DEBUG
+  if (found)
+    dlog("delaying on child %d for %d seconds", found->child, secs);
+#endif /* DEBUG */
+
+  tv.tv_usec = 0;
+
+  do {
+    tv.tv_sec = secs;
+    if (select(0, 0, 0, 0, &tv) == 0)
+      break;
+  } while (--secs && found->child);
+}
+
+
+/*
+ * This function is called when a child has terminated after
+ * servicing an nfs request.  We need to check the exit status and
+ * update the last_status field of the requesting user.
+ */
+RETSIGTYPE
+interlock(int signum)
+{
+  int child;
+  uid2home_t *lostchild;
+  int status;
+
+#ifdef HAVE_WAITPID
+  while ((child = waitpid((pid_t) -1, &status, WNOHANG)) > 0) {
+#else /* not HAVE_WAITPID */
+  while ((child = wait3(&status, WNOHANG, (struct rusage *) 0)) > 0) {
+#endif /* not HAVE_WAITPID */
+
+    /* high chances this was the last child forked */
+    if (lastchild && lastchild->child == child) {
+      lastchild->child = 0;
+
+      if (WIFEXITED(status))
+	lastchild->last_status = WEXITSTATUS(status);
+      lastchild = (uid2home_t *) NULL;
+    } else {
+      /* and if not, we have to search for it... */
+      for (lostchild = pwtab; lostchild < &pwtab[cur_pwtab_num]; lostchild++) {
+	if (lostchild->child == child) {
+	  if (WIFEXITED(status))
+	    lostchild->last_status = WEXITSTATUS(status);
+	  lostchild->child = 0;
+	  break;
+	}
+      }
+    }
+  }
+}
+
+
+/*
+ * PASSWORD AND USERNAME LOOKUP TABLES FUNCTIONS
+ */
+
+/*
+ * get index of UserName table entry which matches username.
+ * must not return uid_t because we want to return a negative number.
+ */
+int
+untab_index(char *username)
+{
+  int max, min, mid, cmp;
+
+  max = cur_pwtab_num - 1;
+  min = 0;
+
+  do {
+    mid = (max + min) / 2;
+    cmp = strcmp(untab[mid].username, username);
+    if (cmp == 0)		/* record found! */
+      return mid;
+    if (cmp > 0)
+      max = mid;
+    else
+      min = mid;
+  } while (max > min + 1);
+
+  if (STREQ(untab[max].username, username))
+    return max;
+  if (STREQ(untab[min].username, username))
+    return min;
+
+  /* if gets here then record was not found */
+  return -1;
+}
+
+
+/*
+ * Don't make this return a uid_t, because we need to return negative
+ * numbers as well (error codes.)
+ */
+int
+uidof(char *username)
+{
+  int idx;
+
+  if ((idx = untab_index(username)) < 0)	/* not found */
+    return INVALIDID;			/* an invalid user id */
+  return untab[idx].uid;
+}
+
+
+/*
+ * Don't make this return a uid_t, because we need to return negative
+ * numbers as well (error codes.)
+ */
+char *
+homeof(char *username)
+{
+  int idx;
+
+  if ((idx = untab_index(username)) < 0)	/* not found */
+    return (char *) NULL;	/* an invalid user id */
+  return untab[idx].home;
+}
+
+
+char *
+mailbox(int uid, char *username)
+{
+  char *home;
+
+  if (uid < 0)
+    return (char *) NULL;	/* not found */
+
+  if ((home = homeof(username)) == (char *) NULL)
+    return (char *) NULL;
+  if (STREQ(home, "/"))
+    sprintf(mboxfile, "/%s/%s", home_subdir, username);
+  else
+    sprintf(mboxfile, "%s/%s/%s", home, home_subdir, username);
+  return mboxfile;
+}
+
+
+static int
+plt_compare_fxn(const voidp x, const voidp y)
+
+{
+  uid2home_t *i = (uid2home_t *) x;
+  uid2home_t *j = (uid2home_t *) y;
+
+  return i->uid - j->uid;
+}
+
+
+static int
+unt_compare_fxn(const voidp x, const voidp y)
+{
+  username2uid_t *i = (username2uid_t *) x;
+  username2uid_t *j = (username2uid_t *) y;
+
+  return strcmp(i->username, j->username);
+}
+
+
+/* perform initialization of user passwd database */
+static void
+hlfsd_setpwent(void)
+{
+  if (!passwdfile) {
+    setpwent();
+    return;
+  }
+
+  passwd_fp = fopen(passwdfile, "r");
+  if (!passwd_fp) {
+    plog(XLOG_ERROR, "unable to read passwd file %s: %m", passwdfile);
+    return;
+  }
+  plog(XLOG_INFO, "reading password entries from file %s", passwdfile);
+
+  passwd_line = 0;
+  memset((char *) &passwd_ent, 0, sizeof(struct passwd));
+  passwd_ent.pw_name = (char *) &pw_name;
+  passwd_ent.pw_dir = (char *) &pw_dir;
+}
+
+
+/* perform de-initialization of user passwd database */
+static void
+hlfsd_endpwent(void)
+{
+  if (!passwdfile) {
+    /*
+     * Don't actually run this because we will be making more passwd calls
+     * afterwards.  On Solaris 2.5.1, making getpwent() calls after calling
+     * endpwent() results in a memory leak! (and no, even Purify didn't
+     * detect it...)
+     *
+     endpwent();
+     */
+    return;
+  }
+
+  if (passwd_fp) {
+    fclose(passwd_fp);
+  }
+}
+
+
+/* perform record reading/parsing of individual passwd database records */
+static struct passwd *
+hlfsd_getpwent(void)
+{
+  char buf[256], *cp;
+
+  /* check if to perform standard unix function */
+  if (!passwdfile) {
+    return getpwent();
+  }
+
+  clock_valid = 0;		/* invalidate logging clock */
+
+  /* return here to read another entry */
+readent:
+
+  /* return NULL if reached end of file */
+  if (feof(passwd_fp))
+    return NULL;
+
+  pw_name[0] = pw_dir[0] = '\0';
+
+  /* read records */
+  buf[0] = '\0';
+  fgets(buf, 256, passwd_fp);
+  passwd_line++;
+  if (!buf || buf[0] == '\0')
+    goto readent;
+
+  /* read user name */
+  cp = strtok(buf, ":");
+  if (!cp || cp[0] == '\0') {
+    plog(XLOG_ERROR, "no user name on line %d of %s", passwd_line, passwdfile);
+    goto readent;
+  }
+  strcpy(pw_name, cp);		/* will show up in passwd_ent.pw_name */
+
+  /* skip passwd */
+  strtok(NULL, ":");
+
+  /* read uid */
+  cp = strtok(NULL, ":");
+  if (!cp || cp[0] == '\0') {
+    plog(XLOG_ERROR, "no uid on line %d of %s", passwd_line, passwdfile);
+    goto readent;
+  }
+  passwd_ent.pw_uid = atoi(cp);
+
+  /* skip gid and gcos */
+  strtok(NULL, ":");
+  strtok(NULL, ":");
+
+  /* read home dir */
+  cp = strtok(NULL, ":");
+  if (!cp || cp[0] == '\0') {
+    plog(XLOG_ERROR, "no home dir on line %d of %s", passwd_line,  passwdfile);
+    goto readent;
+  }
+  strcpy(pw_dir, cp);	/* will show up in passwd_ent.pw_dir */
+
+  /* the rest of the fields are unimportant and not being considered */
+
+  plog(XLOG_USER, "hlfsd_getpwent: name=%s, uid=%d, dir=%s",
+       passwd_ent.pw_name, passwd_ent.pw_uid, passwd_ent.pw_dir);
+
+  return &passwd_ent;
+}
+
+
+/*
+ * read and hash the passwd file or NIS map
+ */
+void
+plt_init(void)
+{
+  struct passwd *pent_p;
+
+  if (plt_reset() < 0)		/* could not reset table. skip. */
+    return;
+
+  plog(XLOG_INFO, "reading password map");
+
+  hlfsd_setpwent();			/* prepare to read passwd entries */
+  while ((pent_p = hlfsd_getpwent()) != (struct passwd *) NULL) {
+    table_add(pent_p->pw_uid, pent_p->pw_dir, pent_p->pw_name);
+  }
+  hlfsd_endpwent();
+
+  qsort((char *) pwtab, cur_pwtab_num, sizeof(uid2home_t),
+	plt_compare_fxn);
+  qsort((char *) untab, cur_pwtab_num, sizeof(username2uid_t),
+	unt_compare_fxn);
+
+  plog(XLOG_INFO, "password map read and sorted");
+}
+
+
+/*
+ * This is essentially so that we don't reset known good lookup tables when a
+ * YP server goes down.
+ */
+static int
+plt_reset(void)
+{
+  int i;
+
+  clock_valid = 0;		/* invalidate logging clock */
+
+  hlfsd_setpwent();
+  if (hlfsd_getpwent() == (struct passwd *) NULL) {
+    hlfsd_endpwent();
+    return -1;			/* did not reset table */
+  }
+  hlfsd_endpwent();
+
+  lastchild = (uid2home_t *) NULL;
+
+  if (max_pwtab_num > 0)	/* was used already. cleanup old table */
+    for (i = 0; i < cur_pwtab_num; ++i) {
+      if (pwtab[i].home) {
+	XFREE(pwtab[i].home);
+	pwtab[i].home = (char *) NULL;
+      }
+      pwtab[i].uid = INVALIDID;	/* not a valid uid (yet...) */
+      pwtab[i].child = (pid_t) 0;
+      pwtab[i].uname = (char *) NULL;	/* only a ptr to untab[i].username */
+      if (untab[i].username) {
+	XFREE(untab[i].username);
+	untab[i].username = (char *) NULL;
+      }
+      untab[i].uid = INVALIDID;	/* invalid uid */
+      untab[i].home = (char *) NULL;	/* only a ptr to pwtab[i].home  */
+    }
+  cur_pwtab_num = 0;		/* zero current size */
+
+  return 0;			/* resetting ok */
+}
+
+
+/*
+ * u: uid number
+ * h: home directory
+ * n: user ID name
+ */
+static void
+table_add(int u, char *h, char *n)
+{
+  int i;
+
+  clock_valid = 0;		/* invalidate logging clock */
+
+  if (max_pwtab_num <= 0) {	/* was never initialized */
+    max_pwtab_num = 1;
+    pwtab = (uid2home_t *) xmalloc(max_pwtab_num *
+				   sizeof(uid2home_t));
+    memset((char *) &pwtab[0], 0, max_pwtab_num * sizeof(uid2home_t));
+    untab = (username2uid_t *) xmalloc(max_pwtab_num *
+				       sizeof(username2uid_t));
+    memset((char *) &untab[0], 0, max_pwtab_num * sizeof(username2uid_t));
+  }
+
+  /* check if need more space. */
+  if (cur_pwtab_num + 1 > max_pwtab_num) {
+    /* need more space in table */
+    max_pwtab_num *= 2;
+    plog(XLOG_INFO, "reallocating table spaces to %d entries", max_pwtab_num);
+    pwtab = (uid2home_t *) xrealloc(pwtab,
+				    sizeof(uid2home_t) * max_pwtab_num);
+    untab = (username2uid_t *) xrealloc(untab,
+					sizeof(username2uid_t) *
+					max_pwtab_num);
+    /* zero out newly added entries */
+    for (i=cur_pwtab_num; i<max_pwtab_num; ++i) {
+      memset((char *) &pwtab[i], 0, sizeof(uid2home_t));
+      memset((char *) &untab[i], 0, sizeof(username2uid_t));
+    }
+  }
+
+  /* do NOT add duplicate entries (this is an O(N^2) algorithm... */
+  for (i=0; i<cur_pwtab_num; ++i)
+    if (u == pwtab[i].uid  &&  u != 0 ) {
+#ifdef DEBUG
+      dlog("ignoring duplicate home %s for uid %d (already %s)",
+	   h, u, pwtab[i].home);
+#endif /* DEBUG */
+      return;
+    }
+
+  /* add new password entry */
+  pwtab[cur_pwtab_num].home = strdup(h);
+  pwtab[cur_pwtab_num].child = 0;
+  pwtab[cur_pwtab_num].last_access_time = 0;
+  pwtab[cur_pwtab_num].last_status = 0;	/* assume best: used homedir */
+  pwtab[cur_pwtab_num].uid = u;
+
+  /* add new userhome entry */
+  untab[cur_pwtab_num].username = strdup(n);
+
+  /* just a second pointer */
+  pwtab[cur_pwtab_num].uname = untab[cur_pwtab_num].username;
+  untab[cur_pwtab_num].uid = u;
+  untab[cur_pwtab_num].home = pwtab[cur_pwtab_num].home;	/* a ptr */
+
+  /* increment counter */
+  ++cur_pwtab_num;
+}
+
+
+/*
+ * return entry in lookup table
+ */
+uid2home_t *
+plt_search(int u)
+{
+  int max, min, mid;
+
+  /*
+   * empty table should not happen,
+   * but I have a bug with signals to trace...
+   */
+  if (pwtab == (uid2home_t *) NULL)
+    return (uid2home_t *) NULL;
+
+  max = cur_pwtab_num - 1;
+  min = 0;
+
+  do {
+    mid = (max + min) / 2;
+    if (pwtab[mid].uid == u)	/* record found! */
+      return &pwtab[mid];
+    if (pwtab[mid].uid > u)
+      max = mid;
+    else
+      min = mid;
+  } while (max > min + 1);
+
+  if (pwtab[max].uid == u)
+    return &pwtab[max];
+  if (pwtab[min].uid == u)
+    return &pwtab[min];
+
+  /* if gets here then record was not found */
+  return (uid2home_t *) NULL;
+}
+
+
+#if defined(DEBUG) || defined(DEBUG_PRINT)
+void
+plt_print(int signum)
+{
+  FILE *dumpfile;
+  int dumpfd;
+  char dumptmp[] = "/usr/tmp/hlfsd.dump.XXXXXX";
+  int i;
+
+#ifdef HAVE_MKSTEMP
+  dumpfd = mkstemp(dumptmp);
+#else /* not HAVE_MKSTEMP */
+  mktemp(dumptmp);
+  if (!dumptmp) {
+    plot(XLOG_ERROR, "cannot create temporary dump file");
+    return;
+  }
+  dumpfd = open(dumptmp, O_RDONLY);
+#endif /* not HAVE_MKSTEMP */
+  if (dumpfd < 0) {
+    plog(XLOG_ERROR, "cannot open temporary dump file");
+    return;
+  }
+  if ((dumpfile = fdopen(dumpfd, "a")) != NULL) {
+    plog(XLOG_INFO, "dumping internal state to file %s", dumptmp);
+    fprintf(dumpfile, "\n\nNew plt_dump():\n");
+    for (i = 0; i < cur_pwtab_num; ++i)
+      fprintf(dumpfile,
+	      "%4d %5lu %10lu %1d %4lu \"%s\" uname=\"%s\"\n",
+	      i,
+	      (long) pwtab[i].child,
+	      pwtab[i].last_access_time,
+	      pwtab[i].last_status,
+	      (long) pwtab[i].uid,
+	      pwtab[i].home,
+	      pwtab[i].uname);
+    fprintf(dumpfile, "\nUserName table by plt_print():\n");
+    for (i = 0; i < cur_pwtab_num; ++i)
+      fprintf(dumpfile, "%4d : \"%s\" %4lu \"%s\"\n", i,
+	      untab[i].username, (long) untab[i].uid, untab[i].home);
+    close(dumpfd);
+    fclose(dumpfile);
+  }
+}
+
+
+void
+plt_dump(uid2home_t *lastc, pid_t this)
+{
+  FILE *dumpfile;
+  int i;
+
+  if ((dumpfile = fopen("/var/tmp/hlfsdump", "a")) != NULL) {
+    fprintf(dumpfile, "\n\nNEW PLT_DUMP -- ");
+    fprintf(dumpfile, "lastchild->child=%d ",
+	    (int) (lastc ? lastc->child : -999));
+    fprintf(dumpfile, ", child from wait3=%lu:\n", (long) this);
+    for (i = 0; i < cur_pwtab_num; ++i)
+      fprintf(dumpfile, "%4d %5lu: %4lu \"%s\" uname=\"%s\"\n", i,
+	      (long) pwtab[i].child, (long) pwtab[i].uid,
+	      pwtab[i].home, pwtab[i].uname);
+    fprintf(dumpfile, "\nUserName table by plt_dump():\n");
+    for (i = 0; i < cur_pwtab_num; ++i)
+      fprintf(dumpfile, "%4d : \"%s\" %4lu \"%s\"\n", i,
+	      untab[i].username, (long) untab[i].uid, untab[i].home);
+    fprintf(dumpfile, "ezk: ent=%d, uid=%lu, home=\"%s\"\n",
+	    untab_index("ezk"),
+	    (long) untab[untab_index("ezk")].uid,
+	    pwtab[untab[untab_index("ezk")].uid].home);
+    fprintf(dumpfile, "rezk: ent=%d, uid=%lu, home=\"%s\"\n",
+	    untab_index("rezk"),
+	    (long) untab[untab_index("rezk")].uid,
+	    pwtab[untab[untab_index("rezk")].uid].home);
+    fclose(dumpfile);
+  }
+}
+#endif /* defined(DEBUG) || defined(DEBUG_PRINT) */
diff --git a/contrib/amd/hlfsd/nfs_prot_svc.c b/contrib/amd/hlfsd/nfs_prot_svc.c
new file mode 100644
index 0000000..fc2e663
--- /dev/null
+++ b/contrib/amd/hlfsd/nfs_prot_svc.c
@@ -0,0 +1,250 @@
+/*
+ * Copyright (c) 1997-1998 Erez Zadok
+ * Copyright (c) 1989 Jan-Simon Pendry
+ * Copyright (c) 1989 Imperial College of Science, Technology & Medicine
+ * Copyright (c) 1989 The Regents of the University of California.
+ * All rights reserved.
+ *
+ * This code is derived from software contributed to Berkeley by
+ * Jan-Simon Pendry at Imperial College, London.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *      This product includes software developed by the University of
+ *      California, Berkeley and its contributors.
+ * 4. Neither the name of the University nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ *      %W% (Berkeley) %G%
+ *
+ * $Id: nfs_prot_svc.c,v 5.2.2.1 1992/02/09 15:09:30 jsp beta $
+ *
+ */
+
+#ifdef HAVE_CONFIG_H
+# include <config.h>
+#endif /* HAVE_CONFIG_H */
+#include <am_defs.h>
+#include <hlfsd.h>
+
+/* EXTERNAL FUNCTIONS */
+extern voidp nfsproc_null_2_svc(voidp, struct svc_req *);
+extern nfsattrstat * nfsproc_getattr_2_svc(am_nfs_fh *, struct svc_req *);
+extern nfsattrstat * nfsproc_setattr_2_svc(nfssattrargs *, struct svc_req *);
+extern voidp nfsproc_root_2_svc(voidp, struct svc_req *);
+extern nfsdiropres * nfsproc_lookup_2_svc(nfsdiropargs *, struct svc_req *);
+extern nfsreadlinkres * nfsproc_readlink_2_svc(am_nfs_fh *, struct svc_req *);
+extern nfsreadres * nfsproc_read_2_svc(nfsreadargs *, struct svc_req *);
+extern voidp nfsproc_writecache_2_svc(voidp, struct svc_req *);
+extern nfsattrstat * nfsproc_write_2_svc(nfswriteargs *, struct svc_req *);
+extern nfsdiropres * nfsproc_create_2_svc(nfscreateargs *, struct svc_req *);
+extern nfsstat * nfsproc_remove_2_svc(nfsdiropargs *, struct svc_req *);
+extern nfsstat * nfsproc_rename_2_svc(nfsrenameargs *, struct svc_req *);
+extern nfsstat * nfsproc_link_2_svc(nfslinkargs *, struct svc_req *);
+extern nfsstat * nfsproc_symlink_2_svc(nfssymlinkargs *, struct svc_req *);
+extern nfsdiropres * nfsproc_mkdir_2_svc(nfscreateargs *, struct svc_req *);
+extern nfsstat * nfsproc_rmdir_2_svc(nfsdiropargs *, struct svc_req *);
+extern nfsreaddirres * nfsproc_readdir_2_svc(nfsreaddirargs *, struct svc_req *);
+extern nfsstatfsres * nfsproc_statfs_2_svc(am_nfs_fh *, struct svc_req *);
+
+/* GLOBALS */
+SVCXPRT *nfs_program_2_transp;
+
+/* TYPEDEFS */
+typedef char *(*nfssvcproc_t)(voidp, struct svc_req *);
+
+
+void
+nfs_program_2(struct svc_req *rqstp, SVCXPRT *transp)
+{
+  union {
+    am_nfs_fh		nfsproc_getattr_2_arg;
+    nfssattrargs	nfsproc_setattr_2_arg;
+    nfsdiropargs	nfsproc_lookup_2_arg;
+    am_nfs_fh		nfsproc_readlink_2_arg;
+    nfsreadargs		nfsproc_read_2_arg;
+    nfswriteargs	nfsproc_write_2_arg;
+    nfscreateargs	nfsproc_create_2_arg;
+    nfsdiropargs	nfsproc_remove_2_arg;
+    nfsrenameargs	nfsproc_rename_2_arg;
+    nfslinkargs		nfsproc_link_2_arg;
+    nfssymlinkargs	nfsproc_symlink_2_arg;
+    nfscreateargs	nfsproc_mkdir_2_arg;
+    nfsdiropargs	nfsproc_rmdir_2_arg;
+    nfsreaddirargs	nfsproc_readdir_2_arg;
+    am_nfs_fh		nfsproc_statfs_2_arg;
+  } argument;
+  char *result;
+  xdrproc_t xdr_argument, xdr_result;
+  nfssvcproc_t local;
+
+  nfs_program_2_transp = NULL;
+
+  switch (rqstp->rq_proc) {
+
+  case NFSPROC_NULL:
+    xdr_argument = (xdrproc_t) xdr_void;
+    xdr_result = (xdrproc_t) xdr_void;
+    local = (nfssvcproc_t) nfsproc_null_2_svc;
+    break;
+
+  case NFSPROC_GETATTR:
+    xdr_argument = (xdrproc_t) xdr_nfs_fh;
+    xdr_result = (xdrproc_t) xdr_attrstat;
+    local = (nfssvcproc_t) nfsproc_getattr_2_svc;
+    break;
+
+  case NFSPROC_SETATTR:
+    xdr_argument = (xdrproc_t) xdr_sattrargs;
+    xdr_result = (xdrproc_t) xdr_attrstat;
+    local = (nfssvcproc_t) nfsproc_setattr_2_svc;
+    break;
+
+  case NFSPROC_ROOT:
+    xdr_argument = (xdrproc_t) xdr_void;
+    xdr_result = (xdrproc_t) xdr_void;
+    local = (nfssvcproc_t) nfsproc_root_2_svc;
+    break;
+
+  case NFSPROC_LOOKUP:
+    xdr_argument = (xdrproc_t) xdr_diropargs;
+    xdr_result = (xdrproc_t) xdr_diropres;
+    local = (nfssvcproc_t) nfsproc_lookup_2_svc;
+    /*
+     * Cheap way to pass transp down to afs_lookuppn so it can
+     * be stored in the am_node structure and later used for
+     * quick_reply().
+     */
+    nfs_program_2_transp = transp;
+    break;
+
+  case NFSPROC_READLINK:
+    xdr_argument = (xdrproc_t) xdr_nfs_fh;
+    xdr_result = (xdrproc_t) xdr_readlinkres;
+    local = (nfssvcproc_t) nfsproc_readlink_2_svc;
+    break;
+
+  case NFSPROC_READ:
+    xdr_argument = (xdrproc_t) xdr_readargs;
+    xdr_result = (xdrproc_t) xdr_readres;
+    local = (nfssvcproc_t) nfsproc_read_2_svc;
+    break;
+
+  case NFSPROC_WRITECACHE:
+    xdr_argument = (xdrproc_t) xdr_void;
+    xdr_result = (xdrproc_t) xdr_void;
+    local = (nfssvcproc_t) nfsproc_writecache_2_svc;
+    break;
+
+  case NFSPROC_WRITE:
+    xdr_argument = (xdrproc_t) xdr_writeargs;
+    xdr_result = (xdrproc_t) xdr_attrstat;
+    local = (nfssvcproc_t) nfsproc_write_2_svc;
+    break;
+
+  case NFSPROC_CREATE:
+    xdr_argument = (xdrproc_t) xdr_createargs;
+    xdr_result = (xdrproc_t) xdr_diropres;
+    local = (nfssvcproc_t) nfsproc_create_2_svc;
+    break;
+
+  case NFSPROC_REMOVE:
+    xdr_argument = (xdrproc_t) xdr_diropargs;
+    xdr_result = (xdrproc_t) xdr_nfsstat;
+    local = (nfssvcproc_t) nfsproc_remove_2_svc;
+    break;
+
+  case NFSPROC_RENAME:
+    xdr_argument = (xdrproc_t) xdr_renameargs;
+    xdr_result = (xdrproc_t) xdr_nfsstat;
+    local = (nfssvcproc_t) nfsproc_rename_2_svc;
+    break;
+
+  case NFSPROC_LINK:
+    xdr_argument = (xdrproc_t) xdr_linkargs;
+    xdr_result = (xdrproc_t) xdr_nfsstat;
+    local = (nfssvcproc_t) nfsproc_link_2_svc;
+    break;
+
+  case NFSPROC_SYMLINK:
+    xdr_argument = (xdrproc_t) xdr_symlinkargs;
+    xdr_result = (xdrproc_t) xdr_nfsstat;
+    local = (nfssvcproc_t) nfsproc_symlink_2_svc;
+    break;
+
+  case NFSPROC_MKDIR:
+    xdr_argument = (xdrproc_t) xdr_createargs;
+    xdr_result = (xdrproc_t) xdr_diropres;
+    local = (nfssvcproc_t) nfsproc_mkdir_2_svc;
+    break;
+
+  case NFSPROC_RMDIR:
+    xdr_argument = (xdrproc_t) xdr_diropargs;
+    xdr_result = (xdrproc_t) xdr_nfsstat;
+    local = (nfssvcproc_t) nfsproc_rmdir_2_svc;
+    break;
+
+  case NFSPROC_READDIR:
+    xdr_argument = (xdrproc_t) xdr_readdirargs;
+    xdr_result = (xdrproc_t) xdr_readdirres;
+    local = (nfssvcproc_t) nfsproc_readdir_2_svc;
+    break;
+
+  case NFSPROC_STATFS:
+    xdr_argument = (xdrproc_t) xdr_nfs_fh;
+    xdr_result = (xdrproc_t) xdr_statfsres;
+    local = (nfssvcproc_t) nfsproc_statfs_2_svc;
+    break;
+
+  default:
+    svcerr_noproc(transp);
+    return;
+  }
+
+  memset((char *) &argument, 0, sizeof(argument));
+  if (!svc_getargs(transp,
+		   (XDRPROC_T_TYPE) xdr_argument,
+		   (SVC_IN_ARG_TYPE) &argument)) {
+    plog(XLOG_ERROR,
+	 "NFS xdr decode failed for %d %d %d",
+	 rqstp->rq_prog, rqstp->rq_vers, rqstp->rq_proc);
+    svcerr_decode(transp);
+    return;
+  }
+  result = (*local) (&argument, rqstp);
+
+  nfs_program_2_transp = NULL;
+
+  if (result != NULL && !svc_sendreply(transp,
+				       (XDRPROC_T_TYPE) xdr_result,
+				       result)) {
+    svcerr_systemerr(transp);
+  }
+  if (!svc_freeargs(transp,
+		    (XDRPROC_T_TYPE) xdr_argument,
+		    (SVC_IN_ARG_TYPE) & argument)) {
+    plog(XLOG_FATAL, "unable to free rpc arguments in nfs_program_2");
+    going_down(1);
+  }
+}
diff --git a/contrib/amd/hlfsd/stubs.c b/contrib/amd/hlfsd/stubs.c
new file mode 100644
index 0000000..2ead112
--- /dev/null
+++ b/contrib/amd/hlfsd/stubs.c
@@ -0,0 +1,530 @@
+/*
+ * Copyright (c) 1997-1998 Erez Zadok
+ * Copyright (c) 1989 Jan-Simon Pendry
+ * Copyright (c) 1989 Imperial College of Science, Technology & Medicine
+ * Copyright (c) 1989 The Regents of the University of California.
+ * All rights reserved.
+ *
+ * This code is derived from software contributed to Berkeley by
+ * Jan-Simon Pendry at Imperial College, London.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *      This product includes software developed by the University of
+ *      California, Berkeley and its contributors.
+ * 4. Neither the name of the University nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ *      %W% (Berkeley) %G%
+ *
+ * $Id: stubs.c,v 1.10 1993/09/13 15:11:00 ezk Exp $
+ *
+ * HLFSD was written at Columbia University Computer Science Department, by
+ * Erez Zadok <ezk@cs.columbia.edu> and Alexander Dupuy <dupuy@cs.columbia.edu>
+ * It is being distributed under the same terms and conditions as amd does.
+ */
+
+#ifdef HAVE_CONFIG_H
+# include <config.h>
+#endif /* HAVE_CONFIG_H */
+#include <am_defs.h>
+#include <hlfsd.h>
+
+/*
+ * STATIC VARIABLES:
+ */
+static nfsfattr rootfattr = {NFDIR, 0040555, 2, 0, 0, 512, 512, 0,
+			     1, 0, ROOTID};
+static nfsfattr slinkfattr = {NFLNK, 0120777, 1, 0, 0, NFS_MAXPATHLEN, 512, 0,
+			      (NFS_MAXPATHLEN + 1) / 512, 0, SLINKID};
+				/* user name file attributes */
+static nfsfattr un_fattr = {NFLNK, 0120777, 1, 0, 0, NFS_MAXPATHLEN, 512, 0,
+			    (NFS_MAXPATHLEN + 1) / 512, 0, INVALIDID};
+static int getcreds(struct svc_req *, uid_t *, gid_t *);
+static int started;
+static am_nfs_fh slink;
+static am_nfs_fh un_fhandle;
+
+/*
+ * GLOBALS:
+ */
+am_nfs_fh root;
+am_nfs_fh *root_fhp =		&root;
+
+
+/* initialize NFS file handles for hlfsd */
+void
+hlfsd_init_filehandles(void)
+{
+  u_int ui;
+
+  ui = ROOTID;
+  memcpy(root.fh_data, &ui, sizeof(ui));
+
+  ui = SLINKID;
+  memcpy(slink.fh_data, &ui, sizeof(ui));
+
+  ui = INVALIDID;
+  memcpy(un_fhandle.fh_data, &ui, sizeof(ui));
+}
+
+
+voidp
+nfsproc_null_2_svc(voidp argp, struct svc_req *rqstp)
+{
+  static char res;
+
+  return (voidp) &res;
+}
+
+
+/* compare if two filehandles are equal */
+static int
+eq_fh(const am_nfs_fh *fh1, const am_nfs_fh *fh2)
+{
+  return (!memcmp((char *) fh1, (char *) fh2, sizeof(am_nfs_fh)));
+}
+
+
+nfsattrstat *
+nfsproc_getattr_2_svc(am_nfs_fh *argp, struct svc_req *rqstp)
+{
+  static nfsattrstat res;
+  uid_t uid = (uid_t) INVALIDID;
+  gid_t gid = (gid_t) INVALIDID;
+
+  if (!started) {
+    started++;
+    rootfattr.na_ctime = startup;
+    rootfattr.na_mtime = startup;
+    slinkfattr.na_ctime = startup;
+    slinkfattr.na_mtime = startup;
+    un_fattr.na_ctime = startup;
+    un_fattr.na_mtime = startup;
+  }
+
+  if (eq_fh(argp, &root)) {
+    res.ns_status = NFS_OK;
+    res.ns_u.ns_attr_u = rootfattr;
+  } else if (eq_fh(argp, &slink)) {
+
+#ifndef MNT2_NFS_OPT_SYMTTL
+    /*
+     * This code is needed to defeat Solaris 2.4's (and newer) symlink
+     * values cache.  It forces the last-modifed time of the symlink to be
+     * current.  It is not needed if the O/S has an nfs flag to turn off the
+     * symlink-cache at mount time (such as Irix 5.x and 6.x). -Erez.
+     */
+    if (++slinkfattr.na_mtime.nt_useconds == 0)
+      ++slinkfattr.na_mtime.nt_seconds;
+#endif /* not MNT2_NFS_OPT_SYMTTL */
+
+    res.ns_status = NFS_OK;
+    res.ns_u.ns_attr_u = slinkfattr;
+  } else {
+
+    if (getcreds(rqstp, &uid, &gid) < 0) {
+      res.ns_status = NFSERR_STALE;
+      return &res;
+    }
+    if (gid != hlfs_gid) {
+      res.ns_status = NFSERR_STALE;
+    } else {
+      memset((char *) &uid, 0, sizeof(int));
+      uid = *(u_int *) argp->fh_data;
+      if (plt_search(uid) != (uid2home_t *) NULL) {
+	res.ns_status = NFS_OK;
+	un_fattr.na_fileid = uid;
+	res.ns_u.ns_attr_u = un_fattr;
+#ifdef DEBUG
+	dlog("nfs_getattr: succesful search for uid=%d, gid=%d", uid, gid);
+#endif /* DEBUG */
+      } else {			/* not found */
+	res.ns_status = NFSERR_STALE;
+      }
+    }
+  }
+  return &res;
+}
+
+
+nfsattrstat *
+nfsproc_setattr_2_svc(nfssattrargs *argp, struct svc_req *rqstp)
+{
+  static nfsattrstat res = {NFSERR_ROFS};
+
+  return &res;
+}
+
+
+voidp
+nfsproc_root_2_svc(voidp argp, struct svc_req *rqstp)
+{
+  static char res;
+
+  return (voidp) &res;
+}
+
+
+nfsdiropres *
+nfsproc_lookup_2_svc(nfsdiropargs *argp, struct svc_req *rqstp)
+{
+  static nfsdiropres res;
+  int idx;
+  uid_t uid = (uid_t) INVALIDID;
+  gid_t gid = (gid_t) INVALIDID;
+
+  if (!started) {
+    started++;
+    rootfattr.na_ctime = startup;
+    rootfattr.na_mtime = startup;
+    slinkfattr.na_ctime = startup;
+    slinkfattr.na_mtime = startup;
+    un_fattr.na_ctime = startup;
+    un_fattr.na_mtime = startup;
+  }
+
+  if (eq_fh(&argp->da_fhandle, &slink)) {
+    res.dr_status = NFSERR_NOTDIR;
+    return &res;
+  }
+
+  if (eq_fh(&argp->da_fhandle, &root)) {
+    if (argp->da_name[0] == '.' &&
+	(argp->da_name[1] == '\0' ||
+	 (argp->da_name[1] == '.' &&
+	  argp->da_name[2] == '\0'))) {
+      res.dr_u.dr_drok_u.drok_fhandle = root;
+      res.dr_u.dr_drok_u.drok_attributes = rootfattr;
+      res.dr_status = NFS_OK;
+      return &res;
+    }
+
+    if (STREQ(argp->da_name, slinkname)) {
+      res.dr_u.dr_drok_u.drok_fhandle = slink;
+      res.dr_u.dr_drok_u.drok_attributes = slinkfattr;
+      res.dr_status = NFS_OK;
+      return &res;
+    }
+
+    if (getcreds(rqstp, &uid, &gid) < 0 || gid != hlfs_gid) {
+      res.dr_status = NFSERR_NOENT;
+      return &res;
+    }
+
+    /* if get's here, gid == hlfs_gid */
+    if ((idx = untab_index(argp->da_name)) < 0) {
+      res.dr_status = NFSERR_NOENT;
+      return &res;
+    } else {			/* entry found and gid is permitted */
+      un_fattr.na_fileid = untab[idx].uid;
+      res.dr_u.dr_drok_u.drok_attributes = un_fattr;
+      memset((char *) &un_fhandle, 0, sizeof(am_nfs_fh));
+      *(u_int *) un_fhandle.fh_data = (u_int) untab[idx].uid;
+      strncpy((char *) &un_fhandle.fh_data[sizeof(int)],
+	      untab[idx].username,
+	      sizeof(am_nfs_fh) - sizeof(int));
+      res.dr_u.dr_drok_u.drok_fhandle = un_fhandle;
+      res.dr_status = NFS_OK;
+#ifdef DEBUG
+      dlog("nfs_lookup: succesful lookup for uid=%d, gid=%d: username=%s",
+	   uid, gid, untab[idx].username);
+#endif /* DEBUG */
+      return &res;
+    }
+  } /* end of "if (eq_fh(argp->dir.data, root.data)) {" */
+
+  res.dr_status = NFSERR_STALE;
+  return &res;
+}
+
+static int
+getcreds(struct svc_req *rp, uid_t *u, gid_t *g)
+{
+  struct authunix_parms *aup = (struct authunix_parms *) NULL;
+#ifdef HAVE_RPC_AUTH_DES_H
+  struct authdes_cred *adp;
+#endif /* HAVE_RPC_AUTH_DES_H */
+
+  switch (rp->rq_cred.oa_flavor) {
+
+  case AUTH_UNIX:
+    aup = (struct authunix_parms *) rp->rq_clntcred;
+    *u = aup->aup_uid;
+    *g = aup->aup_gid;
+    break;
+
+#ifdef HAVE_RPC_AUTH_DES_H
+  case AUTH_DES:
+    adp = (struct authdes_cred *) rp->rq_clntcred;
+    *g = INVALIDID;		/* some unknown group id */
+    if (sscanf(adp->adc_fullname.name, "unix.%lu@", u) == 1)
+        break;
+    /* fall through */
+#endif /* HAVE_RPC_AUTH_DES_H */
+
+  default:
+    *u = *g = INVALIDID;	/* just in case */
+    svcerr_weakauth(nfsxprt);
+    return -1;
+  }
+
+  return 0;			/* everything is ok */
+}
+
+
+nfsreadlinkres *
+nfsproc_readlink_2_svc(am_nfs_fh *argp, struct svc_req *rqstp)
+{
+  static nfsreadlinkres res;
+  uid_t userid = (uid_t) INVALIDID;
+  gid_t groupid = hlfs_gid + 1;	/* anything not hlfs_gid */
+  int retval = 0;
+  char *path_val = (char *) NULL;
+  char *username;
+  static uid_t last_uid = (uid_t) INVALIDID;
+
+  if (eq_fh(argp, &root)) {
+    res.rlr_status = NFSERR_ISDIR;
+  } else if (eq_fh(argp, &slink)) {
+    if (getcreds(rqstp, &userid, &groupid) < 0)
+      return (nfsreadlinkres *) NULL;
+
+    gettimeofday((struct timeval *) &slinkfattr.na_atime, (struct timezone *) 0);
+
+    res.rlr_status = NFS_OK;
+    if (groupid == hlfs_gid) {
+      res.rlr_u.rlr_data_u = DOTSTRING;
+    } else if (!(res.rlr_u.rlr_data_u = path_val = homedir(userid))) {
+      /*
+       * parent process (fork in homedir()) continues
+       * processing, by getting a NULL returned as a
+       * "special".  Child returns result.
+       */
+      return (nfsreadlinkres *) NULL;
+    }
+
+  } else {			/* check if asked for user mailbox */
+
+    if (getcreds(rqstp, &userid, &groupid) < 0) {
+      return (nfsreadlinkres *) NULL;
+    }
+
+    if (groupid == hlfs_gid) {
+      memset((char *) &userid, 0, sizeof(int));
+      userid = *(u_int *) argp->fh_data;
+      username = (char *) &argp->fh_data[sizeof(int)];
+      if (!(res.rlr_u.rlr_data_u = mailbox(userid, username)))
+	return (nfsreadlinkres *) NULL;
+    } else {
+      res.rlr_status = NFSERR_STALE;
+    }
+  }
+
+  /* print info, but try to avoid repetitions */
+  if (userid != last_uid) {
+    plog(XLOG_USER, "mailbox for uid=%d, gid=%d is %s",
+	 userid, groupid, (char *) res.rlr_u.rlr_data_u);
+    last_uid = userid;
+  }
+
+  /* I don't think will pass this if -D nofork */
+  if (serverpid == getpid())
+    return &res;
+
+  if (!svc_sendreply(nfsxprt, (XDRPROC_T_TYPE) xdr_readlinkres, (SVC_IN_ARG_TYPE) &res))
+    svcerr_systemerr(nfsxprt);
+
+  /*
+   * Child exists here.   We need to determine which
+   * exist status to return.  The exit status
+   * is gathered using wait() and determines
+   * if we returned $HOME/.hlfsspool or $ALTDIR.  The parent
+   * needs this info so it can update the lookup table.
+   */
+  if (path_val && alt_spooldir && STREQ(path_val, alt_spooldir))
+    retval = 1;		/* could not get real home dir (or uid 0 user) */
+  else
+    retval = 0;
+
+#ifdef DEBUG
+  /*
+   * If asked for -D nofork, then must return the value,
+   * NOT exit, or else the main hlfsd server exits.
+   * Bug where is that status information being collected?
+   */
+  amuDebugNo(D_FORK)
+    return &res;
+#endif /* DEBUG */
+
+  exit(retval);
+}
+
+
+nfsreadres *
+nfsproc_read_2_svc(nfsreadargs *argp, struct svc_req *rqstp)
+{
+  static nfsreadres res = {NFSERR_ACCES};
+
+  return &res;
+}
+
+
+voidp
+nfsproc_writecache_2_svc(voidp argp, struct svc_req *rqstp)
+{
+  static char res;
+
+  return (voidp) &res;
+}
+
+
+nfsattrstat *
+nfsproc_write_2_svc(nfswriteargs *argp, struct svc_req *rqstp)
+{
+  static nfsattrstat res = {NFSERR_ROFS};
+
+  return &res;
+}
+
+
+nfsdiropres *
+nfsproc_create_2_svc(nfscreateargs *argp, struct svc_req *rqstp)
+{
+  static nfsdiropres res = {NFSERR_ROFS};
+
+  return &res;
+}
+
+
+nfsstat *
+nfsproc_remove_2_svc(nfsdiropargs *argp, struct svc_req *rqstp)
+{
+  static nfsstat res = {NFSERR_ROFS};
+
+  return &res;
+}
+
+
+nfsstat *
+nfsproc_rename_2_svc(nfsrenameargs *argp, struct svc_req *rqstp)
+{
+  static nfsstat res = {NFSERR_ROFS};
+
+  return &res;
+}
+
+
+nfsstat *
+nfsproc_link_2_svc(nfslinkargs *argp, struct svc_req *rqstp)
+{
+  static nfsstat res = {NFSERR_ROFS};
+
+  return &res;
+}
+
+
+nfsstat *
+nfsproc_symlink_2_svc(nfssymlinkargs *argp, struct svc_req *rqstp)
+{
+  static nfsstat res = {NFSERR_ROFS};
+
+  return &res;
+}
+
+
+nfsdiropres *
+nfsproc_mkdir_2_svc(nfscreateargs *argp, struct svc_req *rqstp)
+{
+  static nfsdiropres res = {NFSERR_ROFS};
+
+  return &res;
+}
+
+
+nfsstat *
+nfsproc_rmdir_2_svc(nfsdiropargs *argp, struct svc_req *rqstp)
+{
+  static nfsstat res = {NFSERR_ROFS};
+
+  return &res;
+}
+
+
+nfsreaddirres *
+nfsproc_readdir_2_svc(nfsreaddirargs *argp, struct svc_req *rqstp)
+{
+  static nfsreaddirres res;
+  static nfsentry slinkent = {SLINKID, 0, {SLINKCOOKIE}};
+  static nfsentry dotdotent = {ROOTID, "..", {DOTDOTCOOKIE}, &slinkent};
+  static nfsentry dotent = {ROOTID, ".", {DOTCOOKIE}, &dotdotent};
+
+  slinkent.ne_name = slinkname;
+
+  if (eq_fh(&argp->rda_fhandle, &slink)) {
+    res.rdr_status = NFSERR_NOTDIR;
+  } else if (eq_fh(&argp->rda_fhandle, &root)) {
+    gettimeofday((struct timeval *) &rootfattr.na_atime, (struct timezone *) 0);
+
+    res.rdr_status = NFS_OK;
+    switch (argp->rda_cookie[0]) {
+    case 0:
+      res.rdr_u.rdr_reply_u.dl_entries = &dotent;
+      break;
+    case DOTCOOKIE:
+      res.rdr_u.rdr_reply_u.dl_entries = &dotdotent;
+      break;
+    case DOTDOTCOOKIE:
+      res.rdr_u.rdr_reply_u.dl_entries = &slinkent;
+      break;
+    case SLINKCOOKIE:
+      res.rdr_u.rdr_reply_u.dl_entries = (nfsentry *) 0;
+      break;
+    }
+    res.rdr_u.rdr_reply_u.dl_eof = TRUE;
+  } else {
+    res.rdr_status = NFSERR_STALE;
+  }
+  return &res;
+}
+
+
+nfsstatfsres *
+nfsproc_statfs_2_svc(am_nfs_fh *argp, struct svc_req *rqstp)
+{
+  static nfsstatfsres res = {NFS_OK};
+
+  res.sfr_u.sfr_reply_u.sfrok_tsize = 1024;
+  res.sfr_u.sfr_reply_u.sfrok_bsize = 1024;
+
+  /*
+   * Some "df" programs automatically assume that file systems
+   * with zero blocks are meta-filesystems served by automounters.
+   */
+  res.sfr_u.sfr_reply_u.sfrok_blocks = 0;
+  res.sfr_u.sfr_reply_u.sfrok_bfree = 0;
+  res.sfr_u.sfr_reply_u.sfrok_bavail = 0;
+
+  return &res;
+}