From owner-freebsd-questions@FreeBSD.ORG Thu Oct 16 09:42:47 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 879EB16A4B3 for ; Thu, 16 Oct 2003 09:42:47 -0700 (PDT) Received: from dan.emsphone.com (dan.emsphone.com [199.67.51.101]) by mx1.FreeBSD.org (Postfix) with ESMTP id C73D343FF7 for ; Thu, 16 Oct 2003 09:42:46 -0700 (PDT) (envelope-from dan@dan.emsphone.com) Received: (from dan@localhost) by dan.emsphone.com (8.12.9/8.12.9) id h9GGgkeN042706; Thu, 16 Oct 2003 11:42:46 -0500 (CDT) (envelope-from dan) Date: Thu, 16 Oct 2003 11:42:46 -0500 From: Dan Nelson To: Adam Maloney Message-ID: <20031016164246.GA95553@dan.emsphone.com> References: <1066320928.7414.54.camel@unixws1> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1066320928.7414.54.camel@unixws1> X-OS: FreeBSD 5.1-CURRENT X-message-flag: Outlook Error User-Agent: Mutt/1.5.4i cc: freebsd-questions@freebsd.org Subject: Re: NIS problem X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 16 Oct 2003 16:42:47 -0000 In the last episode (Oct 16), Adam Maloney said: > In the last couple of days we have seen a lot of messages like the > one below appearing in /var/log/messages: > > Oct 13 06:14:58 xxxxx ypserv[45883]: access to master.passwd.byname denied -- client 1.2.3.4:3458 not privileged > > This goes on for a number of minutes, and then fixes itself. > > Obviously, the problem is that the NIS lookup request is coming from > a non-priveleged (> 1024) port, and ypserv won't honor it. What's > not so obvious is why/how this is happening. > > I'm suspecting it's Sendmail, since the frequency of the message > somewhat coincides with the rate of incoming mail on this box. But I > can't seem to find any clues on the web or usenet confirming this. Has > anyone seen this before, or know of a solution? That message gets printed whenever a remote NIS client tries to access master.passwd.* over a non-privileged port. Only root should have access to the master maps, so a remote process has to bind to a port < 1024 before doing the lookup, to prove that it's root. It looks like for some reason you have a process that's running as root but is using a port over 1024. I can't see anyplace in the NIS client code that binds the socket, though, so I must be looking in the wrong place. It has to work, or else you wouldn't be able to log in using NIS at all. -- Dan Nelson dnelson@allantgroup.com