Date: Sun, 21 Mar 1999 14:18:05 -0500 (EST) From: John Baldwin <jobaldwi@vt.edu> To: freebsd-questions@freebsd.org Subject: Why are NIS netgroups ignored... Message-ID: <XFMail.990321141805.jobaldwi@vt.edu>
next in thread | raw e-mail | index | archive | help
I administrate a lab of about 80 machines running BSD and Digital UNIX. To make our lives easier, we run NIS. However, I can't get FreeBSD to acknowledge NIS netgroups in config files, specifically .rhosts or /etc/login.access. NIS does work in that people can login using their NIS accounts without any problem, thus /etc/passwd handles netgroups fine. I've also written a simple program that calls innetgr() to see if I am in the admins netgroup (which I am) and it works. However, the following lines in /etc/login.access don't work (the intention is for admins to be able to login from anywhere, consultants (lab workers in netgroup consult) to be able to login remotely only, and nobody else to be able to login) +:@admins:ALL +:@consult:ALL EXCEPT LOCAL -:ALL:ALL I also tried these two lines but they didn't work either: -:ALL EXCEPT @admins:LOCAL -:ALL EXCEPT @consult:ALL Is this a known problem? Is there any workaround (other than duplicating all of the netgroups in local groups in /etc/group, which rather defeats the purpose of netgroups)? We used to disable logins via the following lines in /etc/passwd (which DID work): +@consult:::::::: +::::::::/sbin/nlogin but that breaks some things (such as using pipelines like procmail in .forward files). Any help or advice appreciated. --- John Baldwin <jobaldwi@vt.edu> -- http://members.freedomnet.com/~jbaldwin/ PGP Key: http://members.freedomnet.com/~jbaldwin/pgpkey.asc To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?XFMail.990321141805.jobaldwi>