On my pure64 chroot (which I posted about a couple hours ago) I got NIS set up by following the usual directions in /usr/share/doc/nis/nis.debian.howto.gz. (i.e. adding +:::... lines to /etc/passwd and group.) After doing a /etc/init.d/nis start, I can use dchroot as a normal user from outside /amd64 to get in, with the same username. However, inside the chroot, I can su to root, and it doesn't care what I type at the password prompt!!! I don't think root is in the NIS map (no output from ypcat passwd | grep root), but root has an entry in /etc/passwd and /etc/shadow (including in the copy inside the chroot). Outside the chroot, su does care what root's password is! If I /etc/init.d/nis stop inside the chroot, I can't dchroot into it as a user anymore, and I have to correctly enter root's password for su to work (from a login that was running while I stopped NIS). The only thing that's "weird" about my setup, other than it being amd64 instead of i386, is that portmap is running in the system outside the chroot, and there's a ypbind outside the chroot, and another one inside. Most of what I know about sunrpc is that most people think it's ugly and should get replaced with LDAP and something better for NFS too, so I don't know if I'm violating its assumptions here... Anyone else have a pure64 chroot on an NIS client machine to try to reproduce this with? BTW, my NIS server is i386 RH9 (running on an x86_64 kernel, though), as configured by Microway. -- #define X(x,y) x##y Peter Cordes ; e-mail: X(peter@cor , des.ca) "The gods confound the man who first found out how to distinguish the hours! Confound him, too, who in this place set up a sundial, to cut and hack my day so wretchedly into small pieces!" -- Plautus, 200 BC
Attachment:
signature.asc
Description: Digital signature