Date: Mon, 27 Sep 2004 11:48:44 -0600 From: Tillman Hodgson <tillman@seekingfire.com> To: FreeBSD-Questions <freebsd-questions@freebsd.org> Subject: Re: nsswitch.conf: How does one use netgroups/over-ride passwd fields? Message-ID: <20040927174844.GC83726@seekingfire.com> In-Reply-To: <20040927170641.GB90839@dan.emsphone.com> References: <20040927164329.GA83726@seekingfire.com> <20040927170641.GB90839@dan.emsphone.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Sep 27, 2004 at 12:06:41PM -0500, Dan Nelson wrote: > In the last episode (Sep 27), Tillman Hodgson said: > > I've been poking through the nsswitch.conf manpage in preparation for > > moving some machiens to 5.3 (from 4.10). This machines participate in > > an NIS domain which uses netgroups. It also over-rides passwd fields > > (like the shell field) in certain cases. > > > > How does one do that with nsswitch.conf if I want to avoid compat mode? > > I don't think you can. netgroups (and +/- records and field > overriding) only make sense in compat mode. passwd and group both > default to "compat", and passwd_compat and group_compat both default to > "nis", so you shouldn't have to make any changes to nsswitch.conf. I know that nsswitch.conf defaults to traditional behaviour (compat mode). The non-compat modes are intriguing, though, and I don't know much about them. So I thought I'd see if I can get traditional behaviour through the newer mechanisms. This might make migrations (for example) a bit easier. The field over-riding makes sense (and I can work around it easily enough). Netgroups seems important though, especially since NIS doesn't do multiple domains. Something like this is what I was hoping could be made to work: passwd: nis [notfound=return,netgroup=dept1,dept2,admins] files Possibly I'm missing a point somewhere :-) What is it about netgroups that don't make sense in an nsswitch.conf world? -T -- It used to be said [...] that AIX looks like one space alien discovered Unix, and described it to another different space alien who then implemented AIX. But their universal translators were broken and they'd had to gesture a lot. - A.S.R. quote (Paul Tomblin)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040927174844.GC83726>