Date: Thu, 25 Oct 2001 19:59:49 +0200 (CEST) From: "Hartmann, O." <ohartman@klima.physik.uni-mainz.de> To: <freebsd-stable@freebsd.org> Cc: <freebsd-questions@freebsd.org> Subject: NIS/YP problems using pw(8) Message-ID: <20011025191916.Y1888-100000@klima.physik.uni-mainz.de>
next in thread | raw e-mail | index | archive | help
Hello. I reported a problem regarding pw and NIS/YP and I run into more trouble now and I do not now how and why. Maybe this reveals a bug - or a foolish sysadmin. All of our systems are running FreeBSD 4.4-STABLE as recently cvsupdated. What I did (on the NIS/YP master server which is a slave to itself): I created a separate directory etc in /var/yp (now /var/yp/etc) and moved herein all NIS/YP relevant files, normaly located in /etc, eg. master.passwd group rpc services and so on. Then I created a new /var/yp/etc/pw.conf file to come along the new definitions targetting /var/yp/etc for new account creations. The /etc/master.passwd and /etc/group files only keep all the standard system accounts and a separate, local dedicated admin account for supervising purposes. Each file ends up with the NIS/YP necessary + entry (+:::::::: in passwd and +:*:: in group). Then I applied all changes to /var/yp/Makefile to target to the new source directories were all the source files can be found. My intention is to keep the network wide users separated from a local system account. That means, in /var/yp/Makefile nearly all NIS/YP maps' sources where now located in $(YPSRCDIR) and this means /var/yp/etc, except /var/yp/ypservers, which is located in /var/yp/ypservers, $(YPDIR). After this changes, I run a make in /var/yp and all maps has been recreated and spread out to the appropriate slave servers. I deleted the domain directory, did a ypinit to be on the sure side, and did a mak again. No problem. master.passwd is found in /var/yp/etc and the maps are created the right way. But now, I get on all NIS/YP clients this error when trying to change a users passwd: Changing NIS password for USER on localhost in domain DOMAIN.NAME.FR New password: Retype new password: yppasswd: failed to change NIS password: RPC: Success When doing this on the NIS/YP master server, it shows localhost, doing the same on a slave or client, it shows the master server instead of localhost). This is weird! When moving the master.passwd from /var/yp/etc to /var/yp and doing all the make stuff again (building .db versions of the passwd files), all users can change their passwords in the normal manner. it seems, that a build in code in all clients want the master.passwd file in /var/yp, but this collide with the recommendation in Makefile, to build separate domain directories for several domains a single NIS/YP master server serves! Another phenomenon is, that using a separate domain directory like /var/yp/etc with pw(8) results in the fault of creating properly a home directory for this user although the option -m has been applied. Moving master.passwd to /var/yp back to ensure that all users can change their passwords results in a unusuable pw command, it reports a non existent /var/yp/etc/master.passwd. I feel confused, because I have no glue what is going wrong! At this moment I need to use the NFS server to be the same time the master NIS server and its slave (because users need to log into the same machine). But I want to separate the user's stuff from the system stuff and in theory it should be work the way it is described in /var/yp/Makefile. I tried to force pw(8) to handle a concurrent master.passwd as explained in the manpage, but holding two master.passwd (one in /var/yp/ and one in /var/yp/etc) results in an error from pw. It is really weird how I have to force pw(8) to accept users AND create the appropriate home directory in the right place (the configuration is all right, I checked this many times): master.passwd has to be kept synchronously in /etc/ and /var/yp and pw's config file has to be in /etc. I wish to call pw like this: pw -V/var/yp/etc I think doing so, pw(8) expects master.passwd to be located in /var/yp/etc, but if located their, the yp service is unable to change users passowrds either form the master NIS/YP server or from slave servers or client. It seem that the yp code is not able to relocate the master.passwd file and that turns me into problems. I seems to be a bug ... Please help. Need to know whether this is a bug or it's a conceptional problem. Thanks a lot, Oliver -- MfG O. Hartmann ohartman@klima.physik.uni-mainz.de ---------------------------------------------------------------- IT-Administration des Institutes fuer Physik der Atmosphaere (IPA) ---------------------------------------------------------------- Johannes Gutenberg Universitaet Mainz Becherweg 21 55099 Mainz Tel: +496131/3924662 (Maschinenraum) Tel: +496131/3924144 FAX: +496131/3923532 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011025191916.Y1888-100000>