Re: Debian Potato NIS+
[EMAIL PROTECTED] [EMAIL PROTECTED] writes: I'm wondering what kind of support(if any) potato has for NIS+ (NIS w/shadow passwd support) I tried playin with NIS+ on slink about a year ago and hosed many machines during libc upgrades. because potato is glibc2.1, has anyone got a network running with potato boxen and NIS+ ? and possibly NFS as well. There are NIS+ client packages available for potato, but they are not in the normal distribution. See http://www.suse.de/~kukuk/nisplus/index.html The following sources.list lines allow you to apt-get the packages/source deb http://www.realbodo.de/ debian/ deb-src http://www.realbodo.de/ debian/ I have had NIS+ running on a couple of machines quite satisfactorily for a few months now, and plan to switch all our other Debian boxes from plain NIS as I upgrade them to potato over the summer. -- Gilbert Laycock email: [EMAIL PROTECTED] Maths and Computer Science, http://www.mcs.le.ac.uk/~glaycock University of Leicester phone: (+44) 116 252 3902
Debian Potato NIS+
I am working in a new network operations center that needs to standardize on a linux distribution, currently it seems to be leaning towards debian potato as thats what the unix admins want.(either that or mandrake) I'm wondering what kind of support(if any) potato has for NIS+ (NIS w/shadow passwd support) I tried playin with NIS+ on slink about a year ago and hosed many machines during libc upgrades. because potato is glibc2.1, has anyone got a network running with potato boxen and NIS+ ? and possibly NFS as well. I'm also considering getting the machines equipped with dual NICs one for normal network and another for NIS/NFS between the server/client for maximum security. We would use freebsd but the graphics is i810 and is not supported under bsd (yet), it requires a kernel module which only linux has. nate ::: http://www.aphroland.org/ http://www.linuxpowered.net/ [EMAIL PROTECTED] 3:50pm up 5 days, 1:52, 2 users, load average: 0.02, 0.02, 0.00
Potato NIS Vs PAM problems
I have, what I expect is, a simple problem. I'm trying to set my Potato box to use NIS to do the lookup for /etc/passwd. I have the +:: line at the bottom of my passwd file, and all the yp tools work fine (e.g. 'ypmatch pauls passwd' brings up the right response.) I've even got autofs automouting home directories with info gleened from the NIS database. Everything is greatexcept... If the user has no password then he can't logon to the system. What is blocking this? I believe this is PAM rather than NIS causing the problem, but PAM is a mystery to me. Does anybody have any ideas? or any good sources of info for PAM? Thanks Paul -- Paul Sargent mailto: [EMAIL PROTECTED]
Re: Potato NIS Vs PAM problems
On Thu, Sep 30, 1999 at 03:18:26PM +0100, Paul M Sargent wrote: I have, what I expect is, a simple problem. I'm trying to set my Potato box to use NIS to do the lookup for /etc/passwd. I have the +:: line at the bottom of my passwd file, and all the yp tools work fine (e.g. 'ypmatch pauls passwd' brings up the right response.) I've even got autofs automouting home directories with info gleened from the NIS database. Everything is greatexcept... If the user has no password then he can't logon to the system. What is blocking this? I believe this is PAM rather than NIS causing the problem, but PAM is a mystery to me. Does anybody have any ideas? or any good sources of info for PAM? Have you tried adding nis to the /etc/nsswitch.conf fields? Note, than the pam_unix.so modules (being that they use standard libc calls for use lookups) recognizes NIS with any problems, so long as the NS Switch is setup properly. Ben
Re: Potato NIS Vs PAM problems
On Thu, Sep 30, 1999 at 10:23:04AM -0400, Ben Collins wrote: Have you tried adding nis to the /etc/nsswitch.conf fields? Note, than the pam_unix.so modules (being that they use standard libc calls for use lookups) recognizes NIS with any problems, so long as the NS Switch is setup properly. I'll give it a go, but I'm managing to login if the user has a password set, so I don't think the actual NIS fetch is a problem. I think that the fault lies in the PAM authentiation. The other thing I should have mentioned is in /var/log/auth.log I'm getting PAM_unix [1234]: authentation failure; LOGIN(uid=0) - username for login service Paul -- Paul Sargent mailto: [EMAIL PROTECTED]
Re: Potato NIS Vs PAM problems
On Thu, Sep 30, 1999 at 03:42:14PM +0100, Paul M Sargent wrote: On Thu, Sep 30, 1999 at 10:23:04AM -0400, Ben Collins wrote: Have you tried adding nis to the /etc/nsswitch.conf fields? Note, than the pam_unix.so modules (being that they use standard libc calls for use lookups) recognizes NIS with any problems, so long as the NS Switch is setup properly. I'll give it a go, but I'm managing to login if the user has a password set, so I don't think the actual NIS fetch is a problem. I think that the fault lies in the PAM authentiation. The other thing I should have mentioned is in /var/log/auth.log I'm getting PAM_unix [1234]: authentation failure; LOGIN(uid=0) - username for login service That's incorrect, you can login with a password locally because it then acts like a normal UNIX login. You HAVE to add nis to the nsswitch.conf fields in order to use _any_ programs with NIS. This is not a PAM issue. Ben
Re: Potato NIS Vs PAM problems
On Thu, Sep 30, 1999 at 10:43:40AM -0400, Ben Collins wrote: On Thu, Sep 30, 1999 at 03:42:14PM +0100, Paul M Sargent wrote: On Thu, Sep 30, 1999 at 10:23:04AM -0400, Ben Collins wrote: Have you tried adding nis to the /etc/nsswitch.conf fields? Note, than the pam_unix.so modules (being that they use standard libc calls for use lookups) recognizes NIS with any problems, so long as the NS Switch is setup properly. I'll give it a go[] Right I put 'nis' on the start of the passwd line in /etc/nsswitch.conf. No change. :-( I even restarted all services just to be sure (runlevel 2-1-2) The other thing I should have mentioned is in /var/log/auth.log I'm getting PAM_unix [1234]: authentation failure; LOGIN(uid=0) - username for login service That's incorrect, you can login with a password locally because it then acts like a normal UNIX login. You HAVE to add nis to the nsswitch.conf fields in order to use _any_ programs with NIS. This is not a PAM issue. OK, now you're confusing me. * I have no local users on this machine apart from root. * I can login with users specified in the NIS database if that user has a password. * I can not login with a NIS user if that user has a blank password. * If I give a user which is not in the NIS database I get a different authentication error message. (Cannot retrieve authentation info.) * finger username retrieves the correct information from the NIS database. How can NIS not be working? Paul P.S. I'm not trying to wind you up, I'm just confused. -- Paul Sargent Tel: +44 (1784) 476669 Fax: +44 (1784) 470699 mailto: [EMAIL PROTECTED]
Re: Potato NIS Vs PAM problems
On Thu, Sep 30, 1999 at 04:07:01PM +0100, Paul M Sargent wrote: That's incorrect, you can login with a password locally because it then acts like a normal UNIX login. You HAVE to add nis to the nsswitch.conf fields in order to use _any_ programs with NIS. This is not a PAM issue. OK, now you're confusing me. * I have no local users on this machine apart from root. * I can login with users specified in the NIS database if that user has a password. * I can not login with a NIS user if that user has a blank password. * If I give a user which is not in the NIS database I get a different authentication error message. (Cannot retrieve authentation info.) * finger username retrieves the correct information from the NIS database. How can NIS not be working? Ok, I misunderstood what you were trying to explain. The no password login is an issue with the pam_unix.so (I though you were saying you couldn't login at all with NIS). I already knew about this, and it will be fixed in my next upload. Ben
Re: Potato NIS Vs PAM problems
On Thu, Sep 30, 1999 at 12:27:38PM -0400, Ben Collins wrote: Ok, I misunderstood what you were trying to explain. The no password login is an issue with the pam_unix.so (I though you were saying you couldn't login at all with NIS). I already knew about this, and it will be fixed in my next upload. Ah, OK. Is there a way of reconfiguring to get around this, or is this a recompile issue? Paul -- Paul Sargent mailto: [EMAIL PROTECTED]
Re: Potato NIS Vs PAM problems
On Thu, Sep 30, 1999 at 05:44:03PM +0100, Paul M Sargent wrote: On Thu, Sep 30, 1999 at 12:27:38PM -0400, Ben Collins wrote: Ok, I misunderstood what you were trying to explain. The no password login is an issue with the pam_unix.so (I though you were saying you couldn't login at all with NIS). I already knew about this, and it will be fixed in my next upload. Ah, OK. Is there a way of reconfiguring to get around this, or is this a recompile issue? Sorry, it's a recompile thing. Should be up in a day or two. Ben
Re: Potato NIS Vs PAM problems
In article [EMAIL PROTECTED], Ben Collins [EMAIL PROTECTED] wrote: On Thu, Sep 30, 1999 at 03:18:26PM +0100, Paul M Sargent wrote: I have the +:: line at the bottom of my passwd file, and all the yp tools work fine (e.g. 'ypmatch pauls passwd' brings up the right response.) Have you tried adding nis to the /etc/nsswitch.conf fields? If you have +:: at the end of /etc/passwd, you must use compat in nsswitch.conf. If you don't have that plus stuff in /etc/passwd, use nis files in nsswitch.conf. compat knows about plussed users. The other nsswitch methods might not. Imagine someone trying to login as + ... Mike. -- First things first, but not necessarily in that order.
Re: potato NIS
It seems that I potato nis package is still working fine for me. Chanop On Sun, Aug 01, 1999 at 01:03:59PM -0700, Alex Romosan wrote: Marcin Kurc [EMAIL PROTECTED] writes: I have upgraded to potato with NIS 3.4-1. Everything worked fine with slink NIS package but now I cannot connect to NIS master. For example, ypcat passwd output: [EMAIL PROTECTED]:/etc]# ypcat passwd yp_all: clnt_call: RPC: Timed out No such map passwd.byname. Reason: Internal NIS error Does anybody know whats wrong? i had the same problem. this is because ypserv dies every time a client tries to access the master. i got around this by recompiling the package on my system. didn't feel like investigating too much why ypserv in the maintainer's package dies. hope this helps. --alex-- -- | I believe the moment is at hand when, by a paranoiac and active | | advance of the mind, it will be possible (simultaneously with | | automatism and other passive states) to systematize confusion | | and thus to help to discredit completely the world of reality. | -- Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] /dev/null -- Chanop Silpa-Anan Australian National University. Tel. +61 2 6279 8826, +61 2 6279 8837 (office hour) +61 2 6249 5240 (home +voice mail) ICQ uin 11366301
Re: potato NIS
Marcin Kurc [EMAIL PROTECTED] writes: I have upgraded to potato with NIS 3.4-1. Everything worked fine with slink NIS package but now I cannot connect to NIS master. For example, ypcat passwd output: [EMAIL PROTECTED]:/etc]# ypcat passwd yp_all: clnt_call: RPC: Timed out No such map passwd.byname. Reason: Internal NIS error Does anybody know whats wrong? i had the same problem. this is because ypserv dies every time a client tries to access the master. i got around this by recompiling the package on my system. didn't feel like investigating too much why ypserv in the maintainer's package dies. hope this helps. --alex-- -- | I believe the moment is at hand when, by a paranoiac and active | | advance of the mind, it will be possible (simultaneously with | | automatism and other passive states) to systematize confusion | | and thus to help to discredit completely the world of reality. |
potato NIS
I have upgraded to potato with NIS 3.4-1. Everything worked fine with slink NIS package but now I cannot connect to NIS master. For example, ypcat passwd output: [EMAIL PROTECTED]:/etc]# ypcat passwd yp_all: clnt_call: RPC: Timed out No such map passwd.byname. Reason: Internal NIS error Does anybody know whats wrong? siemce