[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

NIS in a chroot

 On my pure64 chroot (which I posted about a couple hours ago) I got NIS set
up by following the usual directions in
/usr/share/doc/nis/nis.debian.howto.gz.  (i.e. adding +:::... lines to
/etc/passwd and group.)

 After doing a /etc/init.d/nis start, I can use dchroot as a normal user
from outside /amd64 to get in, with the same username.  However, inside the
chroot, I can su to root, and it doesn't care what I type at the password
prompt!!!  I don't think root is in the NIS map (no output from ypcat passwd
| grep root), but root has an entry in /etc/passwd and /etc/shadow
(including in the copy inside the chroot).  Outside the chroot, su does care
what root's password is!

 If I /etc/init.d/nis stop inside the chroot, I can't dchroot into it as a
user anymore, and I have to correctly enter root's password for su to work
(from a login that was running while I stopped NIS).

 The only thing that's "weird" about my setup, other than it being amd64
instead of i386, is that portmap is running in the system outside the
chroot, and there's a ypbind outside the chroot, and another one inside.
Most of what I know about sunrpc is that most people think it's ugly and
should get replaced with LDAP and something better for NFS too, so I don't
know if I'm violating its assumptions here...

 Anyone else have a pure64 chroot on an NIS client machine to try to
reproduce this with?  BTW, my NIS server is i386 RH9 (running on an x86_64
kernel, though), as configured by Microway.

#define X(x,y) x##y
Peter Cordes ;  e-mail: X(peter@cor , des.ca)

"The gods confound the man who first found out how to distinguish the hours!
 Confound him, too, who in this place set up a sundial, to cut and hack
 my day so wretchedly into small pieces!" -- Plautus, 200 BC

Attachment: signature.asc
Description: Digital signature

Reply to: