From owner-freebsd-questions@FreeBSD.ORG Mon Oct 15 20:40:23 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2DC3216A468 for ; Mon, 15 Oct 2007 20:40:23 +0000 (UTC) (envelope-from benfell@earth.parts-unknown.org) Received: from earth.parts-unknown.org (earth.parts-unknown.org [66.93.170.243]) by mx1.freebsd.org (Postfix) with SMTP id BEB3313C474 for ; Mon, 15 Oct 2007 20:40:22 +0000 (UTC) (envelope-from benfell@earth.parts-unknown.org) Received: (qmail 90592 invoked by uid 501); 15 Oct 2007 20:40:22 -0000 DomainKey-Status: no signature Date: Mon, 15 Oct 2007 13:40:22 -0700 From: David Benfell To: Manolis Kiagias Message-ID: <20071015204022.GA76464@parts-unknown.org> Mail-Followup-To: Manolis Kiagias , freebsd-questions@freebsd.org References: <20071015054707.GA34948@parts-unknown.org> <47138DE7.80800@otenet.gr> <20071015190846.GB86225@parts-unknown.org> <4713BF9F.3050803@otenet.gr> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="G4iJoqBmSsgzjUCe" Content-Disposition: inline In-Reply-To: <4713BF9F.3050803@otenet.gr> X-gnupg-public-key: http://www.parts-unknown.org/gnupg/export-0DD1D1E3 X-stardate: [-29]8359.25 X-moon: The Moon is Waxing Crescent (19% of Full) User-Agent: Mutt/1.5.16 (2007-06-09) Cc: freebsd-questions@freebsd.org, benfell@parts-unknown.org Subject: NIS interoperability with Linux, was Re: Following directions doesn't seem to work: Adding users in NIS X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 15 Oct 2007 20:40:23 -0000 --G4iJoqBmSsgzjUCe Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, 15 Oct 2007 22:29:35 +0300, Manolis Kiagias wrote: >=20 > Well I can tell you with certainty, it is not compatible out of the box, > and I have not managed to make it work (though I must admit I did not > put a lot of effort into this). Seems the exported master.passwd map > needs a filename change + internal changes, thus the NIS Makefile needs > to be modified. On the Linux side, the users are visible (e.g. you can > run id and the user is there) but they cannot login. > If you Google "FreeBSD NIS Server Linux Clients" you will get some > patches for the NIS Makefile to make it Linux compatible. I was not > however successful with this. If you do try it and get it to work, > please report back. >=20 Linux doesn't normally use master.passwd. If I recall correctly, it uses /etc/shadow instead (but I don't have such a box at hand right now to check). And yes, the internal format is different (and, again, I don't remember details). This conversion, however, sounds like an ugly hack. I'm thinking a *correct* (tm) solution would be a pluggable authentication module (pam) that could interpret the master.passwd file properly. This would also depend on Linux supporting the cryptography method used to encrypt the passwords (perhaps it does, but I'm not sure). What I wasn't realizing was that NIS operated by simply propagating versions of master.passwd (and maybe passwd); while this will certainly be interoperable between FreeBSD (and I think OpenBSD) systems, it is clearly a problem with Linux and probably other UNIX-like OS's. --=20 David Benfell, LCP benfell@parts-unknown.org --- Resume available at http://www.parts-unknown.org/ NOTE: I sign all messages with GnuPG (0DD1D1E3). --G4iJoqBmSsgzjUCe Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (FreeBSD) iD8DBQFHE9A1Ud+dMw3R0eMRAnYjAKCJyax7LbiLmPGhB8LGwU32gR9krQCgn3Wo tbWIwdedSFV9QndHDWd2Ifg= =gRbF -----END PGP SIGNATURE----- --G4iJoqBmSsgzjUCe--