From owner-freebsd-questions@FreeBSD.ORG Wed Apr 30 01:18:03 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CF25737B401 for ; Wed, 30 Apr 2003 01:18:03 -0700 (PDT) Received: from its-mu-hestia.its.rmit.edu.au (its-mu-hestia.its.rmit.edu.au [131.170.1.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5E0FC43FA3 for ; Wed, 30 Apr 2003 01:18:01 -0700 (PDT) (envelope-from Neeraj.Arora@ems.rmit.edu.au) Received: from ems.rmit.edu.au (ems.rmit.edu.au [131.170.10.112]) (8.10.1/8.10.1/ANTI-SPAM/ANTI-RELAY/HESTIA) with ESMTP id h3U8Hwh03078 for ; Wed, 30 Apr 2003 18:17:58 +1000 (EST) Received: from INET1-MTA by ems.rmit.edu.au with Novell_GroupWise; Wed, 30 Apr 2003 18:17:59 +1000 Message-Id: X-Mailer: Novell GroupWise Internet Agent 6.0.3 Beta Date: Wed, 30 Apr 2003 18:17:40 +1000 From: "Neeraj Arora" To: , "Neeraj Arora" , Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline cc: mrspock@esfm.ipn.mx cc: freebsd-questions@freebsd.org Subject: Re: Sincronize /etc/passwd and /etc/yp/passwd.master X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 30 Apr 2003 08:18:04 -0000 You can force your nis server machine to act as a nis client to itself; = look in the handbook for the section that says something similar to 'nis = servers which are nis clients too'. You will have to maintain a different master.passwd, passwd and group file = for yp. Then update the Makefile in /var/yp to accomodate the path for = yp-related master.passwd, group and passwd files. Use pw(8) with the -V option (to specify location to the yp-related files) = to update, delete and modify user and groups. This will update only the = files in the seperate directory (specified after the -V option) and not = touch your local system database. On the local database keep only root, = system and one user who is member of the group wheel. The rest will be = sourced from/by yp (the server is a client to itself). The above applies only to the nis server. The clients are configured as normal. Thus, all accept root and the local = user who is member of the group wheel, will need to use passwd to update = their passwd, on all machines seperately; while users existing only on the = nis database will need to use yppasswd to update their passwd; no matter = which machine they are logged on from. Hope this helps. Regards, Neeraj >>> =C2ngelo Rodrigues 04/30/03 00:44 AM >>> Hi again, My problem is simple. I'm trying to install a central login/password = system=20 but I want to find a way to sincronize /etc/master.passwd and=20 /var/yp/master.passwd without having to force all local users to run = two=20 commands, passwd and yppasswd. It has been suggested me to make a simbolic link from /var/yp/master.passw= d=20 to /etc/master.passwd. This is a possible solution but, this will force = the=20 server's root user to be the client's root user so, I won't be able to = access=20 to any client when the network is down. I think any client should have at least one local user to avoid this = critical=20 situation. Do you have any ideia about this? Regards, On Tuesday 29 April 2003 11:37, Neeraj Arora wrote: > Hmm...needed to search the trash for your original post before replying = is > it...??? > > And I did it....I think amidst the replies I got the impression that you > werent able to direct the home directory to the correct one when the > machine was not the nis server machine. > > Well cleared up now... > > Sorry about that...:^) > > So is your problem solved??? Or would you like to state it again in a = clean > way (your problem (undeleted) minus all the replies that have been made = by > now...:^) > > Regards, > Neeraj > > >>> =C2ngelo Rodrigues 04/29/03 20:59 PM >>> > > Hi, > > I think you have made a series confusion!!! I don't want to use any file > server, I just want to use a centralized system of login/password. > Please, read all messages to understand all point. > > Regards, > > On Tuesday 29 April 2003 10:31, Neeraj Arora wrote: > > Please refer to the email below (that I am replying to) before reading > > what I write... > > > > /var/yp/master.passwd is not to be a softlink or symbolic link to > > /etc/master.passwd According the documentation (handbook I think), > > /var/yp/master.passwd is a copy of /etc/master.passwd without the = root, > > system and one user who is also the member of group wheel. > > > > One can use amd (automount daemon) to have all users have their home > > directories in /home, while the directories inside /home are themselves= > > mounted when needed according to the amd map supplied by nis. On the > > fileserver or the nfs server system, one could have different = directories > > for different machines depending on any one or a combination of the > > os/hostname/ipaddress/network/etc. of the mounting machine. > > > > So if the fileserver had /allhomedirs and in that had ./linux, and > > ./freebsd and in each of them ./tom ./dick and ./harry; a linux client > > would end up providing /allhomedirs/linux/ at /home/ while = a > > freebsd client would do the same by providing /allhomedirs/freebsd/ > > at /home/. > > > > This will allow the entries in the /var/yp/master.passwd and > > /var/yp/passwd to remain untouched when produced as nis maps for > > different clients/hosts. Same can be done by mounting the appropriate > > shell binary from a fileserver using amd maps while the path for the > > shell can still remain only /path/shell or /usr/local/bin/bash; for = linux > > clients the > > /usr/local/whatever is mounted from /allusrlocaldirs/linux/whatever = and > > for freebsd it is mounted from /allusrlocaldirs/freebsd/whatever. > > > > One might not need to overwrite any field produced by nis on a client > > machine. > > > > Personally I feel, the less the configuration differences in different > > client machines, the better. > > > > Hope I havent got off the point completely...:-\ > > > > Regards, > > Neeraj > > > > >>> =C2ngelo Rodrigues 04/29/03 20:08 PM >>> > > > > On Monday 28 April 2003 17:39, Dan Nelson wrote: > > > In the last episode (Apr 28), ^Angelo Rodrigues said: > > > > On Monday 28 April 2003 16:22, Matthew Seaman wrote: > > > > > On Mon, Apr 28, 2003 at 05:06:36PM +0000, ^Angelo Rodrigues = wrote: > > > > > > On Monday 28 April 2003 15:48, Dan Nelson wrote: > > > > > > > You want the same password; why wouldn't you want the same > > > > > > > homedir and shell also? All our NIS users have their = homedir > > > > > > > set to /net/homedirmachine/home/username. > > > > > > > > > > > > But my server users are distributed betwen /home and /homeapp = and > > > > > > this method will force the same thing in the clients. > > > > > > > > > > You can selectively override part of a NIS password database = entry > > > > > by using NIS magic tokens in the local passwd file --- see > > > > > passwd(5). For instance, user 'fred' might have home directory > > > > > /home/fred in the NIS database, but you can override that in a > > > > > client machine to /users/fred by putting: > > > > > > > > > > +fred::::::::/users/fred: > > > > > > > > > > into /etc/master.passwd on the client. All of the other fields = are > > > > > inherited from the NIS database. > > > > > > > > This could be a solution :) > > > > > > Standardizing the name of the homedir would make your job a lot = easier. > > > Can you make symlinks in /home so that every user whose homedir is = in > > > /homeapp can use /home/user also? Then the user's home is > > > "/home/user" no matter what machine he logs into. > > > > But there's still a little problem... As the /var/yp/master.passwd is = a > > softlink to /etc/master.passwd, the server's root user will be the = same > > in the client so, the client won't have any local user. This can cause > > some series problems when the network is down. The client machine > > should have at least some local users to avoid this kind of problem. > > > > Regards, --=20 =C2ngelo Rodrigues - amr@fccn.pt=20 FCCN - Funda=E7=E3o para a Computa=E7=E3o Cient=EDfica Nacional Av. Brasil, 101 1700-066 Lisboa - Portugal Tel: +351 218440100 Fax: +351 218472167 -----------------------------------------------------