From owner-freebsd-current@FreeBSD.ORG Thu Apr 24 08:58:59 2003 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E983E37B401; Thu, 24 Apr 2003 08:58:59 -0700 (PDT) Received: from symbion.srrc.usda.gov (symbion.srrc.usda.gov [199.133.86.40]) by mx1.FreeBSD.org (Postfix) with ESMTP id A383B43FD7; Thu, 24 Apr 2003 08:58:58 -0700 (PDT) (envelope-from gjohnson@srrc.ars.usda.gov) Received: from node1.cluster.srrc.usda.gov (localhost [127.0.0.1]) by symbion.srrc.usda.gov (8.12.9/8.12.9) with ESMTP id h3OFwuiW074929; Thu, 24 Apr 2003 10:58:56 -0500 (CDT) (envelope-from glenn@node1.cluster.srrc.usda.gov) Received: (from glenn@localhost)h3OFwtpR074928; Thu, 24 Apr 2003 10:58:55 -0500 (CDT) (envelope-from glenn) Date: Thu, 24 Apr 2003 10:58:55 -0500 From: Glenn Johnson To: "Jacques A. Vidrine" , freebsd-current@FreeBSD.org Message-ID: <20030424155855.GA74410@node1.cluster.srrc.usda.gov> Mail-Followup-To: "Jacques A. Vidrine" , freebsd-current@FreeBSD.org References: <20030423210539.GA1348@node1.cluster.srrc.usda.gov> <20030423215038.GB22152@madman.celabo.org> <20030423220754.GA16387@node1.cluster.srrc.usda.gov> <20030423221120.GA22798@madman.celabo.org> <20030423221915.GA17543@node1.cluster.srrc.usda.gov> <20030424020829.GA73546@madman.celabo.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20030424020829.GA73546@madman.celabo.org> User-Agent: Mutt/1.5.4i Subject: Re: groups wrong on NIS clients X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 Apr 2003 15:59:00 -0000 On Wed, Apr 23, 2003 at 09:08:29PM -0500, Jacques A. Vidrine wrote: > On Wed, Apr 23, 2003 at 05:19:15PM -0500, Glenn Johnson wrote: > > > > How are you logging in? > > > > I was using ssh. After reading your message, I went down the hall > > and logged in via the console. The groups are set correctly when > > logging in via the console. > > > > Whatever login process you are using is responsible for setting > > > your group list correctly. It has not done so. > > > > As a note, the groups were set correctly via ssh before I updated to > > the latest sources today. My previous -current was from April 15, > > 2003. > > Do you have UsePrivilegeSeperation turned on? (Not that this should > make a difference ... `works here'.) I tried with it on and off, same result. > Do you have anything different from the default configuration? I am HostbasedAuthentication. That has never been a problem before. Anyway, I tried without it and get the same result. > The only thing I can think of that might give you different results > when logging in via the console versus via sshd is if the latter > cannot contact the NIS server for some reason. Do you see (e.g. with > tcpdump) any NIS queries when you attempt to login via ssh? Yes, I get messages like the following: 10:28:15.092664 node1.cluster.srrc.usda.gov.nfs > node11.cluster.srrc.usda.gov.207013284: reply ok 116 lookup ERROR: No such file or directory > If you want to dig deeper, you should arrange for sshd to spit out the > group list. I will gice that a try. -- Glenn Johnson USDA, ARS, SRRC Phone: (504) 286-4252 New Orleans, LA 70124 e-mail: gjohnson@srrc.ars.usda.gov