From owner-freebsd-stable@FreeBSD.ORG  Tue Mar  9 19:11:05 2010
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id DC45C106566C
	for <freebsd-stable@freebsd.org>; Tue,  9 Mar 2010 19:11:05 +0000 (UTC)
	(envelope-from byshenknet@byshenk.net)
Received: from core.byshenk.net (core.byshenk.net [62.58.73.230])
	by mx1.freebsd.org (Postfix) with ESMTP id 711E88FC16
	for <freebsd-stable@freebsd.org>; Tue,  9 Mar 2010 19:11:05 +0000 (UTC)
Received: from core.byshenk.net (localhost [127.0.0.1])
	by core.byshenk.net (8.14.4/8.14.4) with ESMTP id o29JBvHa027075;
	Tue, 9 Mar 2010 20:11:57 +0100 (CET)
	(envelope-from byshenknet@core.byshenk.net)
Received: (from byshenknet@localhost)
	by core.byshenk.net (8.14.4/8.14.4/Submit) id o29JBv0P027074;
	Tue, 9 Mar 2010 20:11:57 +0100 (CET) (envelope-from byshenknet)
Date: Tue, 9 Mar 2010 20:11:57 +0100
From: Greg Byshenk <freebsd@byshenk.net>
To: Linghua Tseng <uranus@tinlans.org>
Message-ID: <20100309191157.GG2303@core.byshenk.net>
References: <F3B6FDBA2D4E44E49C4DFC8CA2F3A182@TinlansPC>
	<20100309000826.GF4648@cesium.hyperfine.info>
	<80F42CAF32A14A1FB43B830AAF877A5A@TinlansPC>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <80F42CAF32A14A1FB43B830AAF877A5A@TinlansPC>
User-Agent: Mutt/1.4.2.3i
X-Spam-Status: No, score=1.9 required=5.0 tests=ALL_TRUSTED, FH_DATE_PAST_20XX
	autolearn=no version=3.2.5
X-Spam-Level: *
X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on core.byshenk.net
Cc: "Peter C. Lai" <peter@simons-rock.edu>, freebsd-stable@freebsd.org
Subject: Re: Supplementary groups on LDAP cannot work with RELENG_8 +nss_ldap
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>, 
	<mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Mar 2010 19:11:05 -0000

On Tue, Mar 09, 2010 at 09:00:49AM +0800, Linghua Tseng wrote:
 
> Here is the output of `diff -u /usr/src/etc/nsswitch.conf 
> /etc/nsswitch.conf'.
> --- /usr/src/etc/nsswitch.conf  2010-03-08 09:04:25.000000000 +0800
> +++ /etc/nsswitch.conf  2010-03-08 18:01:08.000000000 +0800
> @@ -1,13 +1,13 @@
> #
> # nsswitch.conf(5) - name service switch configuration file
> -# $FreeBSD: src/etc/nsswitch.conf,v 1.1.10.1 2009/08/03 08:13:06 kensmith 
> Exp $
> +# $FreeBSD: src/etc/nsswitch.conf,v 1.1 2006/05/03 15:14:47 ume Exp $
> #
> group: compat
> -group_compat: nis
> +group_compat: ldap nis
> hosts: files dns
> networks: files
> passwd: compat
> -passwd_compat: nis
> +passwd_compat: ldap nis
> shells: files
> services: compat
> services_compat: nis
> 
> The line `+:*::::::::' has already put into /etc/master.passwd,
> and the line `+:*::' has already put into /etc/group.

I may be completely wrong (I can't seem to find the source), and I
don't know if it is the source of your problem, but I recall it being
reported that 'passwd_compat' and 'group_compat' require a *single*
source entry. 


-- 
greg byshenk  -  gbyshenk@byshenk.net  -  Leiden, NL