freeBSD NIS-sever - LINUX(RH-9) NIS-client LOGIN/AUTH probs

Discussion in 'Linux Networking' started by Thomas Zauner, Aug 1, 2003.

  1. hi,

    i set up a NIS server on freebsd(5.1) excactly like in the handbook and
    then started the NIS client on linux (RH-9).


    (i just have 1 test user for now)


    1)

    here's the output from ypcat passwd:
    the client binds the server ok:

    [[email protected]]# ypcat passwd
    testo:*:1003:1003:User &:/home/testo/:/usr/local/bin/bash

    (the home dir does exist on the client -- via NFS)

    also in the RH user-manager i can see the user testo but i CANT LOGIN
    i think its an auth problem.

    on the freeBSD side i use md5 as default encrypt. but thats ok with linux
    i think.(on the freebsd side in /etc/login.conf defined)


    2)

    there is a option in /var/yp/Makefile on the FREEBSD side "UNSECURE=true"
    but its commented out. here'S the discription of this option:
    ------------------------------
    # If you want to use a FreeBSD NIS server to serve non-FreeBSD clients
    # (i.e. clients who expect the password field in the passwd maps to be
    # valid) then uncomment this line. This will cause $YPDIR/passwd to
    # be generated with valid password fields. This is insecure: FreeBSD
    # normally only serves the master.passwd maps (which have real encrypted
    # passwords in them) to the superuser on other FreeBSD machines, but
    # non-FreeBSD clients (e.g. SunOS, Solaris (without NIS+), IRIX, HP-UX,
    # etc...) will only work properly in 'unsecure' mode.
    #
    #UNSECURE="True"
    --------------------------------
    DO I need this ?


    3)
    also i am not shure what config to use in nsswitch.conf on linux
    because i dunno what NIS(1/2/+) freebsd is using so is this ok?

    -----SNIP (/etc/nsswitch.conf)------
    passwd: compat
    group: compat
    shadow: nis files # i think there is no compat for shadow


    passwd_compat: nis
    group_compat: nis
    --------------------------------------

    and then add the "+::::::" stuff to /etc/shadow passwd and groups


    or just:
    ----------------------------

    passwd: nis files
    shadow: nis files
    group: nis files
    -------------------------------

    and NOT use the +::: stuff in the passwd,group.shadow files ?

    or sth with nis+ in nsswitch.conf ?
    i am soooooo confused !


    5)
    what about the diffrent styles of the "shadowed" password file of
    LINUX(/etc/shadow) and FREEBSD (/etc/master.passwd)
    the freebsd master.passwd has more fields then the linux equivalent

    here'an example:

    -----------FREBSD(/etc/master.passwd)--
    man:*:9:9::0:0:Mister Man Pages:/usr/share/man:/sbin/nologin
    --------------------------------------
    nine ":"'s right

    ------------LINUX(/etc/shadow)----------
    daemon:*:11833:0:99999:7:::
    ----------------------------------
    eight ":"'s

    i think linux is missing the class thing from BSD but that shouldn't be a
    prob for NIS because thats ecaxtly what it is there for, distrubution
    passwd+logins for diff. systems RIGHT.




    6)
    BTW my umask is 0077 do others/group need read-access to and of the files
    in /var/yp/* ???



    ok thats all i can think of right now
    PLS if someone can help "SAVE MY WEEKEND" and help me. LOL


    Thomas Zauner
     
    Thomas Zauner, Aug 1, 2003
    #1
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.