Hi! Stuart Marshall ([EMAIL PROTECTED]): > the password file but not update the nis map. I seem > to recall long ago that the nis installation made passwd > call yppasswd? I am confused as to how it should be set > up.
currently /bin/passwd isn't linked to yppasswd on installation and I think this is the Right Thing (TM). passwd is still needed for local accounts. You can link it yourself: either put a link in /usr/local/bin (and hope everybody has this in its PATH before /usr/bin) or run these commands # dpkg-divert /usr/bin/passwd # mv /usr/bin/passwd /usr/bin/passwd.distrib # ln -s yppasswd /usr/bin/passwd But beware: Last time I tried, rpc.yppasswd (the daemon running on the NIS master) dumped core if I used yppaswd. > If I use the "+::::::" entry in the /etc/passwd file on the > master, then the nis maps are used for logins, etc. But if you put "+::::::" in /etc/passwd of the NIS master you - must put your passwords for the NIS map in another file - and tell rpc.yppasswd where to find this file Don't put the plus entry in NIS master's /etc/passwd if you use it as source for the NIS map. > since the maps are unchanged after using "passwd" the passwd > program reports success and the password appears to be unchanged > to the user. passwd fails for accounts not in /etc/passwd. therefore passwd won't work on NIS clients. You can run passwd on the NIS master *if* you make your NIS maps from /etc/passwd. And as you observed correctly the NIS map won't be updated. > The next time root runs make in /var/yp the > maps are updated and the password is changed. This is a source > of confusion naturally. so I suggest you either - tell all users to only use yppasswd ( *lol* ) - link passwd to yppasswd - move NIS accounts to another file than /etc/passwd (to make ordinary passwd fail) - patch NIS master's passwd to invoke "make -C /var/yp" after successfully changing a passwd - let cron execute "make -C /var/yp" Rainer -- KeyID=58341901 fingerprint=A5 57 04 B3 69 88 A1 FB 78 1D B5 64 E0 BF 72 EB
pgpZFicoqfkOn.pgp
Description: PGP signature
