[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Broken way to implement NIS

I've had impression that glibc (ie. libc6) will handle NYS/YP client
routines internally through /etc/yp.conf and /etc/nsswitch.conf. I've read
glibc documentation and found out that there is support for shadow passwords

I've re-compiled libc5 and shadow packages for Debian 1.3.0, for NYS
support. This setup allows one to bind into server in another subnet and has
couple of other advantages over old NIS client implementation in
Debian 1.3.0.

We have been running this kind of system (ie. NYS code in libc) from libc
version 5.2.18, couple of days more and it has been running for year. Setup
has been very stable, but yet I've received many comments that integrated
NYS code in libc and specially using it is broken idea. No-one of
commentators have been able to explain this to me, maybe someone here in
developer list can?

Only problem with integrated NYS/shadow support is setuid root binaries
which has to access /etc/shadow. I think this problem is possible to avoid
with careful testing as Debian stable releases are tested.

Thanks for your time.

Sami Laine

TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Reply to: