Issues with nsswitch.conf in RHEL5
I have an issue that I've not seen before.
I was given a server that is running RHEL5 update 4 and asked to configure it for our development network. I edited all of the necessary files to accomplish the task. (hosts, resolv.conf, yp.conf, network, ifcfg-eth0, nsswitch.conf, resolv.conf, etc.) I chkconfig'd on the needed services, and rebooted the machine. After the reboot, I was not able to login as a regular user. I logged in as root and began my investigation of the problem. Upon looking at nsswitch.conf, I noticed that the changes I had made to the file ( I had added nis to password, shadow, and group. The machine originally used files as the primary login method.) had disappeared! I thought that maybe I was mistaken and had not edited the file, so I did it again and rebooted. After the reboot, the same thing happened. The edits I had made in the nsswitch.conf file had reverted back! I was able to edit the file again, and this time, I simply restarted ypbind and autofs. Low and behold, I could cd to shares and various NIS'd home directories without issue. I rebooted the box one last time and found the file had reverted for a third time! Does anyone know of something in services or init.d that could be overwriting the changes to the file each time the machine is rebooted? I made the changes as root and was CERTAIN that I wrote the changes prior to quitting the editor. Any help and/or suggestion is greatly appreciated! |
I have seen NetworkManager make changes to resolve.conf and have heard it can do weird stuff with other files. The file should have a header that tells you what modified it(thats best practice at least). So if you update your /etc/resolv.conf and reboot the system it gets over-written but there is a three line header that is appended stating that it was updated by NetworkManager.
If there is no header its really hard to tell what is modifying it, I mean you could do an fuser or lsof and hope to catch it but I cant think of any log file that would tell you. Maybe try a: Code:
grep -Hir "nsswitch" /var/log/ Another way to prevent this would be to use selinux and change the context of the file to prevent unauthorized edits. |
All times are GMT -5. The time now is 10:04 AM. |