Re: FreeBSD 6.x, NIS, local root password, and nsswitch.conf
David Adam [EMAIL PROTECTED] wrote: On Tue, 21 Nov 2006, Mark Hennessy wrote: I have a new system that has FreeBSD 6.1 on it to replace a system with FreeBSD 4.11 being put out of service. I want to keep to using local root passwords only, but export other users' logins over NIS. It acts presently as an NIS slave server. The NIS master server was upgraded a few months ago to FreeBSD 6.0 and then 6.1. All other machines are running FreeBSD 4.11. A weird thing started to happen with the new machine. Only on this new machine, the local root password doesn't work and only the root password of the NIS master server will work to attain root. Perhaps something needs to be changed somewhere to make the local root password work again? Here's the /etc/nsswitch.conf from the master server: group: compat group_compat: nis hosts: files dns networks: files passwd: compat passwd_compat: nis shells: files Here's the /etc/nsswitch.conf from the slave server: group: compat group_compat: nis hosts: files dns networks: files passwd: compat passwd_compat: nis shells: files They both appear to be set to defaults. I tried changing group and passwd to include 'files', I also tried changing group_compat and passwd_compat to include 'files', but no positive change. Mark, Careful here. The line needs to read 'files nis', not 'nis files' - if you used the latter, try switching it around so that the local /etc/passwd is checked for root logins before NIS is consulted. As I understand the man page, you want to change the {group,passwd}_compat lines, not the {group,passwd} lines themselves. I couldn't find nsswitch.conf on any of the FreeBSD 4.11 servers. They are served by NIS as clients and all of their local root passwords work fine. From nsswitch.conf(5): The nsswitch.conf file format first appeared in FreeBSD 5.0. It was imported from the NetBSD Project, where it appeared first in NetBSD 1.4. The NIS section of the handbook contains no mention of nsswitch.conf(5), so I'm not actually sure that it's required for system authentication. David Adam [EMAIL PROTECTED] ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED] I'm a bit unsure about it myself. I tried exactly what you suggested, putting files on the compat line and before nis for both passwd and groups on the NIS slave server only, and no go. Perhaps it is the master server that actually controls this? I don't know. Any further advice would be greatly appreciated. -- Mark P. Hennessy ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FreeBSD 6.x, NIS, local root password, and nsswitch.conf
David Adam [EMAIL PROTECTED] wrote: On Wed, 22 Nov 2006, Mark Hennessy wrote: David Adam [EMAIL PROTECTED] wrote: On Tue, 21 Nov 2006, Mark Hennessy wrote: I have a new system that has FreeBSD 6.1 on it to replace a system with FreeBSD 4.11 being put out of service. I want to keep to using local root passwords only, but export other users' logins over NIS. It acts presently as an NIS slave server. The NIS master server was upgraded a few months ago to FreeBSD 6.0 and then 6.1. All other machines are running FreeBSD 4.11. A weird thing started to happen with the new machine. Only on this new machine, the local root password doesn't work and only the root password of the NIS master server will work to attain root. Perhaps something needs to be changed somewhere to make the local root password work again? snip I tried changing group and passwd to include 'files', I also tried changing group_compat and passwd_compat to include 'files', but no positive change. Mark, Careful here. The line needs to read 'files nis', not 'nis files' - if you used the latter, try switching it around so that the local /etc/passwd is checked for root logins before NIS is consulted. As I understand the man page, you want to change the {group,passwd}_compat lines, not the {group,passwd} lines themselves. I couldn't find nsswitch.conf on any of the FreeBSD 4.11 servers. They are served by NIS as clients and all of their local root passwords work fine. From nsswitch.conf(5): The nsswitch.conf file format first appeared in FreeBSD 5.0. It was imported from the NetBSD Project, where it appeared first in NetBSD 1.4. The NIS section of the handbook contains no mention of nsswitch.conf(5), so I'm not actually sure that it's required for system authentication. I'm a bit unsure about it myself. I tried exactly what you suggested, putting files on the compat line and before nis for both passwd and groups on the NIS slave server only, and no go. Perhaps it is the master server that actually controls this? I don't know. Any further advice would be greatly appreciated. Just to clarify - you're running a single NIS master, and you're having this problem on a new NIS client? Or is it a NIS slave server as well? I don't think that this should affect things, but I just wanted to clear up the nomenclature. Hmm, odd. I don't know if you have to restart any services to pick up changes in nsswitch.conf, but I doubt it. However, re-reading the manpage reminded me that nsswitch doesn't actually control authentication in many cases - PAM handles this, on Linux at any rate. Someone (quite possibly me) has kicked the cable out of my FreeBSD box, so I can't check this at the moment, but you may well need to edit something in /etc/pam.d. In particular, if you have NIS as sufficient, it'll take precedence over pam_unix (i.e., files). Cheers, David Adam [EMAIL PROTECTED] The machine in question having the problem with its root password being clobbered by NIS is an NIS Slave Server running FreeBSD 6.1, the other machines that aren't having this problem are clients running FreeBSD 4.11, and the NIS Master Server is running FreeBSD 6.1. The pam config for login and su don't appear to be pointing specifically to NIS for anything, just system. -- Mark P. Hennessy ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Compiling Linuxthreads
I'm trying to compile Linuxthreads from ports on my FreeBSD 4.8 system here, and for some reason I keep getting this: You can use an experimental patch to reduce the number of condition variable triggered context switches by defining WITH_CONDWAIT_PATCH Some unsafe calls to exit() can be detected by defining LINUXTHREADS_DETECT_UNSAFE_EXIT, see files/README.FreeBSD for more info. === Extracting for linuxthreads-2.2.3_10 Checksum OK for glibc-linuxthreads-2.2.3.tar.gz. === Patching for linuxthreads-2.2.3_10 === Applying FreeBSD patches for linuxthreads-2.2.3_10 === Configuring for linuxthreads-2.2.3_10 === Building for linuxthreads-2.2.3_10 Warning: Object directory not changed from original /usr/ports/devel/linuxthreads/work/linuxthreads-2.2.3_10/libgcc_r echo '#include i386/xm-i386.h' config.h echo '#include xm-freebsd.h' config.h echo '#include gansidecl.h'tconfig.h echo '#include i386/xm-i386.h' tconfig.h echo '#include i386/i386.h'tm.h echo '#include i386/att.h' tm.h echo '#include freebsd.h' tm.h echo '#include i386/freebsd.h' tm.h echo '#include i386/perform.h' tm.h make: don't know how to make libgcc1.c. Stop *** Error code 2 Stop in /usr/ports/devel/linuxthreads. I know that Linux binary compatibility is installed, as well as /usr/src/gnu (installed that today, machine was upgraded to 4.8 a couple of months ago) Any ideas on where I should look next? -- Mark P. Hennessy [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
FreeBSD 5.0 and MySQL on NFS-mounted partition (NetApp)
From mysql compiled from ports: Can't lock file (errno: 45) I just rebuilt mysql 3.23.55 on FreeBSD 5.0, and I am trying to start mysqld with my databases, and all of a sudden I'm getting this error. I was wondering if anyone has seen this and might know where I should start looking? Additionally, it appears that this error only comes up when the DATADIR for MySQL is set to a directory on an NFS-mounted drive. I have also asked one of the MySQL lists, and they suggested looking at rpc.lockd, but would that be needed if no writes were being made? -- Mark P. Hennessy [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-stable in the body of the message
pam_listfile for use with FreeBSD
Has anyone set up pam_listfile for use with FreeBSD successfully? I am trying to get it working so I can prevent users listed in a flatfile from gaining access. I was wondering what steps might need to be taken to find and build it with FreeBSD 4.x. If this question is too nebulous for this list, any advice on who to ask next would be appreciated. -- Mark P. Hennessy [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-stable in the body of the message
Problem with poppassd
I am having a consistent problem with poppassd, and I'm not sure what the cause or resolution of that problem is. I was wondering if anyone had any ideas I could try to fix it. I get messages like those listed below, but not every instance of the running of poppassd fails. Oct 31 09:46:38 host poppassd[96878]: can't open slave pty: (/dev/ttyph) Permission denied Oct 31 09:50:25 host poppassd[97321]: can't open slave pty: (/dev/ttypj) Permission denied Oct 31 09:54:29 host poppassd[97804]: can't open slave pty: (/dev/ttypl) Permission denied Oct 31 10:30:12 host poppassd[3690]: can't open slave pty: (/dev/ttypn) Permission denied Oct 31 12:34:44 host poppassd[19076]: can't open slave pty: (/dev/ttypt) Permission denied Oct 31 14:24:55 host poppassd[32502]: can't open slave pty: (/dev/ttypc) Permission denied -- Mark P. Hennessy [EMAIL PROTECTED] Cloud 9 InternetWhite Plains, NY +1 914 696-4000 / 800 356-5683 http://www.cloud9.net To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-stable in the body of the message