From owner-freebsd-net@FreeBSD.ORG Fri Aug 1 05:22:44 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B26F037B407 for ; Fri, 1 Aug 2003 05:22:44 -0700 (PDT) Received: from teamware-gmbh.de (mail.camelot.de [212.29.0.11]) by mx1.FreeBSD.org (Postfix) with ESMTP id 688BA43FAF for ; Fri, 1 Aug 2003 05:22:43 -0700 (PDT) (envelope-from ThomasZauner@gmx.de) Received: from [217.19.166.6] (HELO line-b-06.camelot.de) by teamware-gmbh.de (CommuniGate Pro SMTP 4.0.6) with ESMTP id 8774286 for freebsd-net@freebsd.org; Fri, 01 Aug 2003 14:22:41 +0200 From: Thomas Zauner To: freebsd-net@freebsd.org Content-Type: text/plain Content-Transfer-Encoding: 7bit X-Mailer: Ximian Evolution 1.0.3 (1.0.3-4) Date: 01 Aug 2003 14:22:48 +0200 Message-Id: <1059740569.6846.1.camel@Tom1> Mime-Version: 1.0 Subject: freeBSD NIS-server - LINUX NIS-client auth/login probs X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Aug 2003 12:22:45 -0000 hi, i set up a NIS server on freebsd(5.1) excactly like in the handbook and then started the NIS client on linux (RH-9). (i just have 1 test user for now) 1) here's the output from ypcat passwd: the client binds the server ok: [root@linux]# ypcat passwd testo:*:1003:1003:User &:/home/testo/:/usr/local/bin/bash (the home dir does exist on the client -- via NFS) also in the RH user-manager i can see the user testo but i CANT LOGIN i think its an auth problem. on the freeBSD side i use md5 as default encrypt. but thats ok with linux i think.(on the freebsd side in /etc/login.conf defined) 2) there is a option in /var/yp/Makefile on the FREEBSD side "UNSECURE=true" but its commented out. here'S the discription of this option: ------------------------------ # If you want to use a FreeBSD NIS server to serve non-FreeBSD clients # (i.e. clients who expect the password field in the passwd maps to be # valid) then uncomment this line. This will cause $YPDIR/passwd to # be generated with valid password fields. This is insecure: FreeBSD # normally only serves the master.passwd maps (which have real encrypted # passwords in them) to the superuser on other FreeBSD machines, but # non-FreeBSD clients (e.g. SunOS, Solaris (without NIS+), IRIX, HP-UX, # etc...) will only work properly in 'unsecure' mode. # #UNSECURE="True" -------------------------------- DO I need this ? 3) also i am not shure what config to use in nsswitch.conf on linux because i dunno what NIS(1/2/+) freebsd is using so is this ok? -----SNIP (/etc/nsswitch.conf)------ passwd: compat group: compat shadow: nis files # i think there is no compat for shadow passwd_compat: nis group_compat: nis -------------------------------------- and then add the "+::::::" stuff to /etc/shadow passwd and groups or just: ---------------------------- passwd: nis files shadow: nis files group: nis files ------------------------------- and NOT use the +::: stuff in the passwd,group.shadow files ? or sth with nis+ in nsswitch.conf ? i am soooooo confused ! 5) what about the diffrent styles of the "shadowed" password file of LINUX(/etc/shadow) and FREEBSD (/etc/master.passwd) the freebsd master.passwd has more fields then the linux equivalent here'an example: -----------FREBSD(/etc/master.passwd)-- man:*:9:9::0:0:Mister Man Pages:/usr/share/man:/sbin/nologin -------------------------------------- nine ":"'s right ------------LINUX(/etc/shadow)---------- daemon:*:11833:0:99999:7::: ---------------------------------- eight ":"'s i think linux is missing the class thing from BSD but that shouldn't be a prob for NIS because thats ecaxtly what it is there for, distrubution passwd+logins for diff. systems RIGHT. 6) BTW my umask is 0077 do others/group need read-access to and of the files in /var/yp/* ??? ok thats all i can think of right now PLS if someone can help "SAVE MY WEEKEND" and help me. LOL Thomas Zauner