From owner-freebsd-questions Wed Nov 7 10:51:15 2001 Delivered-To: freebsd-questions@freebsd.org Received: from syndicate.tek-shop.com (tek-shop.com [63.206.17.223]) by hub.freebsd.org (Postfix) with ESMTP id C0C6337B443 for ; Wed, 7 Nov 2001 10:50:33 -0800 (PST) Received: from setibox (adsl-63-206-234-188.dsl.lsan03.pacbell.net [63.206.234.188]) by syndicate.tek-shop.com (8.11.5/8.11.5) with SMTP id fA7IrB213088 for ; Wed, 7 Nov 2001 10:53:11 -0800 (PST) (envelope-from eric@tek-shop.com) Message-ID: <000c01c167bc$70143690$0c01a8c0@setibox> Reply-To: "Eric" From: "Eric" To: "freebsd-questions" Subject: NIS & wheel/su problems Date: Wed, 7 Nov 2001 10:45:56 -0800 Organization: TekShop X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG So I'm setting up NIS on our network and it seems like it's working just fine. On the master server, I build the maps from the system files and my user is part of the wheel group, so I can su. On all the NIS client machines, no local users (except root of course) have been set up, so the clients wheel group doesn't contain my user, but the NIS wheel group does. I use the NIS include symbol at the bottom of the client machines group file. Now I can log into these clients fine as myself, but they won't let me su to root because the local wheel group is found first, and doesn't include me. If I take the wheel group out of the local file, I get errors on bootup. Is there a way around this?? Is there a way to augment a group with NIS users?? Also, according to the handbook, I'm supposed to copy my master.passwd file into the yp directory, and manually edit it to remove system accounts that shouldn't be propagated. But that means everytime I add a user, I have to add them to the master server, copy the file, and edit it all over again. That seems too roundabout. The other problem with that is users who change their password with yppasswd, have their new passwords destroyed when the /var/yp/master.passwd is overwritten by the one from /etc. Is there a better way to do this, or is it really a big deal to have the system accounts appear in NIS. Can I just add, remove, and yppasswd users normally, and have NIS use the /etc/master.passwd file so that everything is in sync?? Thanks eric www.tek-shop.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message