LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (https://www.linuxquestions.org/questions/linux-server-73/)
-   -   The problem about NIS (https://www.linuxquestions.org/questions/linux-server-73/the-problem-about-nis-654993/)

Hanzo 07-10-2008 09:24 PM
The problem about NIS
 
I set up the NIS Server and client.
NIS Server:Red Hat Enterprise Linux ES release 4 (Nahant Update 4)
NIS Client:Red Hat Enterprise Linux AS release 3 (Taroon Update 6)

What I wanna implement is when NIS client uses the command
Code:
ypcat passwd
, I want the NIS client to display
Code:
dstest:x:500:500::/home/dstest:/bin/bash
, not
Code:
dstest:$1$6fC1ju5n$.431bYi.7bQdByaYtKjwo.:500:500::/home/dstest:/bin/bash
Thank you so much!

Mr. C. 07-10-2008 09:56 PM
I don't know how up to date this information is, but see:

7.6. Shadow Passwords with NIS
http://www.linux-nis.org/nis-howto/H...up_client.html

Hanzo 07-13-2008 09:22 PM
Why the root user can execute "ypcat passwd", but dstest can't.
 
I modified the file: /var/yp/Makefile. Here is the content:
Code:
B=
NOPUSH=true
MINUID=500
MINGID=500

NFSNOBODYUID=65534
NFSNOBODYGID=65534

MERGE_PASSWD=false

MERGE_GROUP=true

AWK = /usr/bin/gawk
MAKE = /usr/bin/gmake
UMASK = umask 066

YPSRCDIR = /etc
YPPWDDIR = /etc
YPBINDIR = /usr/lib/yp
YPSBINDIR = /usr/sbin
YPDIR = /var/yp
YPMAPDIR = $(YPDIR)/$(DOMAIN)

GROUP      = $(YPPWDDIR)/group
PASSWD      = $(YPPWDDIR)/passwd
SHADOW      = $(YPPWDDIR)/shadow
GSHADOW    = $(YPPWDDIR)/gshadow
ADJUNCT    = $(YPPWDDIR)/passwd.adjunct
#ALIASES    = $(YPSRCDIR)/aliases  # aliases could be in /etc or /etc/mail
ALIASES    = /etc/aliases
ETHERS      = $(YPSRCDIR)/ethers    # ethernet addresses (for rarpd)
BOOTPARAMS  = $(YPSRCDIR)/bootparams # for booting Sun boxes (bootparamd)
HOSTS      = $(YPSRCDIR)/hosts
NETWORKS    = $(YPSRCDIR)/networks
PRINTCAP    = $(YPSRCDIR)/printcap
PROTOCOLS  = $(YPSRCDIR)/protocols
PUBLICKEYS  = $(YPSRCDIR)/publickey
RPC        = $(YPSRCDIR)/rpc
SERVICES    = $(YPSRCDIR)/services
NETGROUP    = $(YPSRCDIR)/netgroup
NETID      = $(YPSRCDIR)/netid
AMD_HOME    = $(YPSRCDIR)/amd.home
AUTO_MASTER = $(YPSRCDIR)/auto.master
AUTO_HOME  = $(YPSRCDIR)/auto.home
AUTO_LOCAL  = $(YPSRCDIR)/auto.local
TIMEZONE    = $(YPSRCDIR)/timezone
LOCALE      = $(YPSRCDIR)/locale
NETMASKS    = $(YPSRCDIR)/netmasks

.....
I modified the option of "MERGE_PASSWD" from "true" to "false".
I added the user name "dstest". And run the command "passwd dstest" and execute the "make" command.

When I run the command "ypcat passwd" on the nis client as root, it displayed
Code:
dstest:x:500:500::/home/dstest:/bin/bash
But when I run the command " su - dstest" on the nis client, after log into, I execute the "ypcat passwd" command, it displayed
Code:
No such map passwd.byname. Reason: No such map in server's domain
Here is the content when I execute the "ypwhich -x" as dstest:
Code:
Use "ethers"    for map "ethers.byname"
Use "aliases"  for map "mail.aliases"
Use "services"  for map "services.byname"
Use "protocols" for map "protocols.bynumber"
Use "hosts"    for map "hosts.byname"
Use "networks"  for map "networks.byaddr"
Use "group"    for map "group.byname"
Use "passwd"    for map "passwd.byname"
Here is the content of nis client's file: /etc/yp.conf
Code:
domain nistest server hostname.domainname.com # sorry, I can't tell you what the real name is
Here is the content of nis client's file: /etc/nsswitch.conf
Code:
passwd:    files nis
shadow:    files nis
group:      files nis
hosts:      files nis dns
bootparams: nisplus [NOTFOUND=return] files

ethers:    files
netmasks:  files
networks:  files
protocols:  files nisplus nis
rpc:        files
services:  files nisplus nis
netgroup:  files nisplus nis
publickey:  nis
automount:  files nisplus nis
aliases:    files nisplus
Here is the content of nis server's file:/etc/ypserv.conf
Code:
dns: no
files: 30
slp: no
slp_timeout: 3600
xfr_check_port: yes
*                          : *      : passwd.byname    : port
*                          : *      : shadow.byname    : port
*                          : *      : passwd.adjunct.byname : port
Here is the content of nis server's file: /etc/pam.d/login
Code:
auth      required    pam_securetty.so
auth      required    pam_stack.so service=system-auth
auth      required    pam_nologin.so
account    required    pam_stack.so service=system-auth
password  required    pam_stack.so service=system-auth

session    required    pam_selinux.so close
session    required    pam_stack.so service=system-auth
session    required    pam_loginuid.so
session    optional    pam_console.so

session    required    pam_selinux.so open
Here is the content of nis server's file: /etc/pam.d/system-auth
Code:
auth        required      /lib/security/$ISA/pam_env.so
auth        sufficient    /lib/security/$ISA/pam_unix.so likeauth nullok
auth        required      /lib/security/$ISA/pam_deny.so

account    required      /lib/security/$ISA/pam_unix.so
account    sufficient    /lib/security/$ISA/pam_succeed_if.so uid < 100 quiet
account    required      /lib/security/$ISA/pam_permit.so

password    requisite    /lib/security/$ISA/pam_cracklib.so retry=3
password    sufficient    /lib/security/$ISA/pam_unix.so nullok use_first use_au
thtok
password    required      /lib/security/$ISA/pam_deny.so

session    required      /lib/security/$ISA/pam_limits.so
session    required      /lib/security/$ISA/pam_unix.so
Also, here is the problem after I use " su - dstest" and execute the command "id dstest":
Code:
id: dstest: No such user
Why the root user can execute "ypcat passwd", but dstest can't.
By the way, the all machines are in the same Lan.

Please help me. Thank you very much!

Hanzo 07-14-2008 03:04 AM
Could anyone pay attention to this problem? Many thanks!

Mr. C. 07-14-2008 03:31 AM
I'm sorry, I'm rusty on NIS under Linux - its been a while.

You might need to reinitialize the NIS database, with /usr/lib/yp/ypinit -m. The Makefile compares the source timestamp (eg. /etc/passwd, /etc/shadow), and updates the destination (eg. .db) file if the source is newer than the existing .db file. I don't think the Makefile recognizes changes to itself.

Hanzo 07-14-2008 03:43 AM
Hi,buddy:
After executing the command "/usr/lib/yp/ypinit -m" ,I compared the local /etc/passwd and /etc/shadow with /var/yp/nistest(nis domainname) on nis server. The time stamp of /var/yp/nistest/passwd.byname is more later than /etc/passwd and /etc/shadow. Then, what can we conclude?
What am I gonna do next?

Mr. C. 07-14-2008 03:45 AM
Well, you can conclude the db file was updated. Did you test again afterwards ?

Hanzo 07-14-2008 03:58 AM
Sorry, where can I check those db files?

Hanzo 07-14-2008 04:37 AM
I checked the time stamp of all files under /var/yp/nistest. They are much later than /etc/passwd and /etc/shadow. What else?

Hanzo 07-14-2008 08:19 PM
Can anyone continue to answer this question?

Hanzo 07-16-2008 03:12 AM
[Solved] this issue
 
I sovled this problem.
I installed NIS on ubuntu. And make a rhel3 as NIS client. It works. That's it.
I really appreciate Mr.C.'s help!

Mr. C. 07-16-2008 03:19 AM
OH, darn, I'm sorry I didn't get back to you. I've been busy up until tonight, and didn't have access to a Linux system to download the NIS server. But glad you got it working.


All times are GMT -5. The time now is 01:56 AM.