From owner-freebsd-questions@FreeBSD.ORG Thu Dec 20 19:50:32 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 618E216A418 for ; Thu, 20 Dec 2007 19:50:32 +0000 (UTC) (envelope-from perrin@apotheon.com) Received: from outbound-mail-44.bluehost.com (outbound-mail-44.bluehost.com [69.89.18.13]) by mx1.freebsd.org (Postfix) with SMTP id 2FB7E13C458 for ; Thu, 20 Dec 2007 19:50:31 +0000 (UTC) (envelope-from perrin@apotheon.com) Received: (qmail 12441 invoked by uid 0); 20 Dec 2007 19:50:31 -0000 Received: from unknown (HELO box183.bluehost.com) (69.89.25.183) by mailproxy3.bluehost.com with SMTP; 20 Dec 2007 19:50:31 -0000 Received: from c-24-9-123-251.hsd1.co.comcast.net ([24.9.123.251] helo=demeter.hydra) by box183.bluehost.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.68) (envelope-from ) id 1J5RPb-00006J-DK for freebsd-questions@freebsd.org; Thu, 20 Dec 2007 12:50:31 -0700 Received: from demeter.hydra (localhost [127.0.0.1]) by demeter.hydra (8.13.6/8.13.6) with ESMTP id lBKJoSaf054974 for ; Thu, 20 Dec 2007 12:50:28 -0700 (MST) (envelope-from perrin@apotheon.com) Received: (from ren@localhost) by demeter.hydra (8.13.6/8.13.6/Submit) id lBKJoSNp054973 for freebsd-questions@freebsd.org; Thu, 20 Dec 2007 12:50:28 -0700 (MST) (envelope-from perrin@apotheon.com) X-Authentication-Warning: demeter.hydra: ren set sender to perrin@apotheon.com using -f Date: Thu, 20 Dec 2007 12:50:27 -0700 From: Chad Perrin To: freebsd-questions@freebsd.org Message-ID: <20071220195027.GB54762@demeter.hydra> Mail-Followup-To: freebsd-questions@freebsd.org References: <54129.66383.qm@web54201.mail.re2.yahoo.com> <44fxxxphbh.fsf@be-well.ilk.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <44fxxxphbh.fsf@be-well.ilk.org> User-Agent: Mutt/1.4.2.3i X-Identified-User: {737:box183.bluehost.com:apotheon:apotheon.net} {sentby:bopbeforesmtp 24.9.123.251 authed with apotheon.com} Subject: Re: NIS Linux - Ubuntu X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Dec 2007 19:50:32 -0000 On Thu, Dec 20, 2007 at 09:32:50AM -0500, Lowell Gilbert wrote: > RA Cohen writes: > > > I am sorry, here is an addendum to my previous post: > > > >>>Somehow Ubuntu was given root user > > permissions<< > > > > Actually, upon rereading my notes, Ubuntu was only given permissions of the user doing the login - not root - but we could login with any valid user apparently FreeBSD thought it was presented with a wildcard password. > > > > And I can also verify that FreeBSD clients are able to use the password map when x is used instead of * in the map to represent the password. So I can secure the system using the x but still cannot get Ubuntu clients to authenticate. > > Sounds like Ubuntu is using the wrong map, probably one where it's > getting a different and empty field where it expects to find a password. The behavior with an asterisk instead of an X is pretty worrisome, however, and is not strictly Ubuntu's fault. Security of a server should not rely on the good will and competence of the client developers. -- CCD CopyWrite Chad Perrin [ http://ccd.apotheon.org ] Baltasar Gracian: "A wise man gets more from his enemies than a fool from his friends."