Date: Fri, 25 Apr 2003 10:55:30 -0500 From: Glenn Johnson <gjohnson@srrc.ars.usda.gov> To: "Jacques A. Vidrine" <nectar@FreeBSD.org>, freebsd-current@FreeBSD.org Subject: Re: groups wrong on NIS clients Message-ID: <20030425155530.GA17160@node1.cluster.srrc.usda.gov> In-Reply-To: <20030424020829.GA73546@madman.celabo.org> References: <20030423210539.GA1348@node1.cluster.srrc.usda.gov> <20030423215038.GB22152@madman.celabo.org> <20030423220754.GA16387@node1.cluster.srrc.usda.gov> <20030423221120.GA22798@madman.celabo.org> <20030423221915.GA17543@node1.cluster.srrc.usda.gov> <20030424020829.GA73546@madman.celabo.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Apr 23, 2003 at 09:08:29PM -0500, Jacques A. Vidrine wrote: > On Wed, Apr 23, 2003 at 05:19:15PM -0500, Glenn Johnson wrote: > > > > How are you logging in? > > > > I was using ssh. After reading your message, I went down the hall > > and logged in via the console. The groups are set correctly when > > logging in via the console. > > > > Whatever login process you are using is responsible for setting > > > your group list correctly. It has not done so. > > > > As a note, the groups were set correctly via ssh before I updated to > > the latest sources today. My previous -current was from April 15, > > 2003. > > Do you have UsePrivilegeSeperation turned on? (Not that this should > make a difference ... `works here'.) Do you have anything different > from the default configuration? > > The only thing I can think of that might give you different results > when logging in via the console versus via sshd is if the latter > cannot contact the NIS server for some reason. Do you see (e.g. with > tcpdump) any NIS queries when you attempt to login via ssh? > > If you want to dig deeper, you should arrange for sshd to spit out the > group list. I applied your patch and here are the results. An ssh connection to the master node with a complete group list: debug1: XXX group[0]=1001,glenn debug1: XXX group[1]=1001,glenn debug1: XXX group[2]=0,wheel debug1: XXX group[3]=2,kmem debug1: XXX group[4]=5,operator debug1: XXX group[5]=1000,cluster An ssh connection to a backend node with an NIS served group list: debug1: XXX group[0]=1001,glenn debug1: XXX group[1]=1001,glenn After I ssh into the NIS client node I ran ypcat group and it shows the correct information for the groups. -- Glenn Johnson USDA, ARS, SRRC Phone: (504) 286-4252 New Orleans, LA 70124 e-mail: gjohnson@srrc.ars.usda.gov
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030425155530.GA17160>