From owner-freebsd-questions@freebsd.org  Sat Aug 18 22:50:35 2018
Return-Path: <owner-freebsd-questions@freebsd.org>
Delivered-To: freebsd-questions@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 391521078268
 for <freebsd-questions@mailman.ysv.freebsd.org>;
 Sat, 18 Aug 2018 22:50:35 +0000 (UTC)
 (envelope-from feenberg@nber.org)
Received: from mail2.nber.org (mail2.nber.org [198.71.6.79])
 by mx1.freebsd.org (Postfix) with ESMTP id B6EBD7AA0E
 for <freebsd-questions@freebsd.org>; Sat, 18 Aug 2018 22:50:34 +0000 (UTC)
 (envelope-from feenberg@nber.org)
Received: from sas1.nber.org (sas1.nber.org [198.71.6.89])
 by mail2.nber.org (8.15.2/8.15.2) with ESMTPS id w7IMoQuO088529
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);
 Sat, 18 Aug 2018 18:50:27 -0400 (EDT)
 (envelope-from feenberg@nber.org)
Date: Sat, 18 Aug 2018 18:50:26 -0400 (EDT)
From: Daniel Feenberg <feenberg@nber.org>
To: Philipp Vlassakakis <freebsd-en@lists.vlassakakis.de>
cc: FreeBSD Mailing List <freebsd-questions@freebsd.org>
Subject: Re: NFS + ZFS - Base System readonly
In-Reply-To: <0595E83D-5E70-44B1-ACB5-A84261FB4A6D@lists.vlassakakis.de>
Message-ID: <alpine.LRH.2.21.1808181832350.10707@sas1.nber.org>
References: <82BCE4D6-69DF-49E0-8648-4E9F3767D089@lists.vlassakakis.de>
 <alpine.LRH.2.21.1808130836490.19407@sas1.nber.org>
 <C8E16E51-CE9E-45C4-8BCC-735AD18F3F1E@lists.vlassakakis.de>
 <alpine.LRH.2.21.1808131752400.11589@sas1.nber.org>
 <0595E83D-5E70-44B1-ACB5-A84261FB4A6D@lists.vlassakakis.de>
User-Agent: Alpine 2.21 (LRH 202 2017-01-01)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII; format=flowed
X-KLMS-Rule-ID: 1
X-KLMS-Message-Action: clean
X-KLMS-AntiSpam-Status: not scanned, disabled by settings
X-KLMS-AntiSpam-Interceptor-Info: not scanned
X-KLMS-AntiPhishing: Clean, 2018/08/17 16:02:44
X-KLMS-AntiVirus: Kaspersky Security 8.0 for Linux Mail Server,
 version 8.0.1.721, bases: 2018/08/18 15:42:00 #8740877
X-KLMS-AntiVirus-Status: Clean, skipped
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 18 Aug 2018 22:50:35 -0000



On Sat, 18 Aug 2018, Philipp Vlassakakis wrote:

> Is there a way to have a separate passwd file for each client and not to use the one of the template?
> I want to set up independent machines with different users. (NIS is not an option)

In the FreeBSD diskless booting process, each client receives the default 
/etc overwritten by whatever files we want to differ across clients with 
client specific files. We overwrite fstab on nearly every client and 
passwd on a few.

I understand why you might want to avoid NIS. NIS was unreliable and 
undiagnosable when we used it, so we stopped using it. LDAP wasn't any 
better. It is a great relief to have an actual password file to examine.

I couldn't find any information about this process in the Handbook, but
the man page - "man diskless" or on the Web at:

    https://www.freebsd.org/cgi/man.cgi?query=diskless&sektion=8&manpath=freebsd-release-ports

does have this information, as does:

    http://www.nber.org/sys-admin/FreeBSD-diskless.html


Daniel Feenberg
NBER