From owner-freebsd-current@FreeBSD.ORG  Tue Jul  8 07:52:03 2003
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id AC3AE37B404
	for <current@freebsd.org>; Tue,  8 Jul 2003 07:52:03 -0700 (PDT)
Received: from mail.gactr.uga.edu (mail.gactr.uga.edu [128.192.37.25])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 3B4E643F75
	for <current@freebsd.org>; Tue,  8 Jul 2003 07:52:02 -0700 (PDT)
	(envelope-from Robin.Blanchard@gactr.uga.edu)
Received: (qmail 46215 invoked from network); 8 Jul 2003 14:52:01 -0000
Received: from unknown (HELO ex.gactr.uga.edu) ([10.10.11.21])
	(envelope-sender <Robin.Blanchard@gactr.uga.edu>)
	by mail.servers.gactr.gc.nat (qmail-ldap-1.03) with SMTP
	for <current@freebsd.org>; 8 Jul 2003 14:52:01 -0000
Content-Class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
X-MimeOLE: Produced By Microsoft Exchange V6.0.6375.0
Date: Tue, 8 Jul 2003 10:52:00 -0400
Message-ID: <EE3D3FBAFFCAED448C21C398FDAD91AC010831@EBE1.gc.nat>
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
Thread-Topic: Help diagnosing NIS breakage ?
Thread-Index: AcNE/AlcSdHWFCaQST6EUg3YAHo/qgAY13pg
From: "Robin P. Blanchard" <Robin.Blanchard@gactr.uga.edu>
To: "John De Boskey" <jwd@bsdwins.com>, <current@freebsd.org>
cc: "Jacques A. Vidrine" <nectar@freebsd.org>
Subject: RE: Help diagnosing NIS breakage ?
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Jul 2003 14:52:04 -0000

> ----- Robin P. Blanchard's Original Message -----
> >=20
> > Still pulling my hair out on this one...Updated to latest=20
> kern/world=20
> > this morning and NIS users are no longer working.
>=20
> What -`date` version were you running where things worked=20
> before you did the 1st upgrade?
>=20
> Can you provide the contents of your /etc/group, /etc/passwd=20
> (just the last two lines of each), and /etc/nsswitch.conf files?
>=20
> Your demonstration below indicates that NIS is correctly=20
> setup and running, but that it is not correctly configured in=20
> for system usage.
>=20
> While I realize it doesn't help you, I am running the latest=20
> NIS code in a cluster and it works fine (FreeBSD 4.8 server,=20
> various clients).

OK... Nsswitch.conf exists on neither machine here. I setup a test
nsswitch.conf on the broken NIS box to use NIS but it didn't help at =
all.

1)
On FreeBSD 5.1-CURRENT #0: Tue Jun 17 10:28:52 EDT 2003:
# ypcat passwd |fgrep robin
robin:OeIS3xdIRAiQs:20292:30028::/home/robin:/bin/bash
# finger robin
Login: robin                            Name:=20
Directory: /home/robin                  Shell: /bin/bash
Never logged in.
No Mail.
No Plan.
# id robin
uid=3D20292(robin) gid=3D30028(NSS) groups=3D30028(NSS), 30000(gactr), =
30026(ITS)
# tail -2 /etc/passwd=20
nobody:*:65534:65534:Unprivileged user:/nonexistent:/sbin/nologin
+:*:::::
# tail -2 /etc/passwd=20
nobody:*:65534:65534:Unprivileged user:/nonexistent:/sbin/nologin
+:*:::::
# tail -2 /etc/group=20
nobody:*:65534:
+:*:0:


2)
On FreeBSD 5.1-CURRENT #0: Mon Jul  7 11:33:56 EDT 2003
# ypcat passwd |fgrep robin
robin:OeIS3xdIRAiQs:20292:30028::/home/robin:/bin/bash
# finger robin
Login: robin                            Name:=20
Directory: /home/robin                  Shell: /bin/bash
Last login Mon Jul  7 07:47 (EDT) on ttyp0 from 10.2.2.10
No Mail.
No Plan.
# id robin
id: robin: no such user
# tail -2 /etc/passwd=20
nobody:*:65534:65534:Unprivileged user:/nonexistent:/sbin/nologin
+:*:::::
#
# tail -2 /etc/group=20
nobody:*:65534:
+:*:0:

And here's something else interesting on this 'broken' NIS box:

# ls -ald .
drwx--x--x  4 20292  NSS  4.0K Jun 13 13:34 ./

So (via NIS) GID translation is working but not UID translation....

Look forward to getting this solved...


>=20
> -john
>=20
> > Demonstration:
> >=20
> > # ypcat passwd |fgrep robin=20
> > robin:OeIS3xdIRAiQs:20292:30028::/home/robin:/bin/bash
> > # ypcat group |fgrep robin=20
> >=20
> gactr::30000:holmesr,wrighta,prestonh,reagind,gankol,cafieroj,cahoonb,
> > pettigr
> > m,brantlek,thumat,dosterc,nate,robin,charles
> > ITS::30026:dosterc,nate,robin,charles
> > NSS::30028:dosterc,nate,robin,charles,test
> > # ps ax |fgrep ypbind
> > 79910  ??  Ss     0:00.03 ypbind
> > # ypwhich=20
> > GCDC2.gc.nat
> > # finger robin
> > Login: robin                            Name:=20
> > Directory: /home/robin                  Shell: /bin/bash
> > Last login Mon Jul  7 07:47 (EDT) on ttyp0 from 10.2.2.10
> > No Mail.
> > No Plan.
> >=20
> > So NIS is 'working'...But:
> > # id robin
> > id: robin: no such user
> >=20
> > And as a result, he (I) cannot login.
> >=20
> > # su - robin ; tail -1 /var/log/auth.log
> >=20
> > su: Sorry
> > Jul  7 13:59:29 ftp su: pam_acct_mgmt: error in service module
> >=20
> > There's a truss and a ktrace (of the id command) available at:=20
> > ftp://ftp.gactr.uga.edu/incoming/id.tar.gz
> >=20
> > Thanks in advance.
>=20