[nsswitch.conf] Does compat setting work for you?

To: debian-devel@lists.debian.org
Subject: [nsswitch.conf] Does compat setting work for you?
From: "Eray Ozkural \(exa\)" <erayo@cs.bilkent.edu.tr>
Date: Fri, 19 Jan 2001 12:08:26 +0200
Message-id: <[🔎] 3A68121A.53382555@cs.bilkent.edu.tr>

Please cc: to me because I'm not on this list.

Hi,

A long time ago, I'd asked a question about PAM dying in all user
authentication in an NIS environment.

The problem turned out to be the shadow database not handled correctly
by glibc. In fact, having this configuration fails miserably:

passwd:         nis
group:          nis
shadow:         compat

The default for shadow is I believe compat in base-files. Now,
the confusion comes from the fact that compat is supposed to
work in the traditional way.

That was the situation in the potato version at least. And in fact
our configuration files which did work on potato are failing on
the sid version. Ultimately changing shadow service to 
shadow:         nis

solves the problem.

Now, my question is does compat setting work for you? Either as
in the default:
passwd:         compat
group:          compat
shadow:         compat

or as in the mixture of compat and nis in the malfunctioning configuration
which I mentioned.

Note that the info manual says this:

   The `passwd', `group', and `shadow' databases are traditionally
handled in a special way.  The appropriate files in the `/etc'
directory are read but if an entry with a name starting with a `+'
character is found NIS is used.  This kind of lookup remains possible
by using the special lookup service `compat' and the default value for
the three databases above is `compat [NOTFOUND=return] files'.

Of course in our previous setup, we did have + names in /etc/passwd
and /etc/group. Does this mean we should be inventing an /etc/shadow
in the configuration of nis clients? Not that I'm hesitant to try
that, but my problem is that it used to work this way, and now it
doesn't.

If this problem turns out to be a concrete one, I suggest either
changing the defaults (which is easier) or fixing the documentation
(especially the HOWTO documents)

Thanks in advance,

node04:/var/log# tail /etc/passwd 
postgres:*:31:32:postgres:/var/lib/postgres:/bin/sh
www-data:*:33:33:www-data:/var/www:/bin/sh
backup:*:34:34:backup:/var/backups:/bin/sh
msql:*:36:36:Mini SQL Database Manager:/var/lib/msql:/bin/sh
operator:*:37:37:Operator:/var:/bin/sh
list:*:38:38:SmartList:/var/list:/bin/sh
irc:*:39:39:ircd:/var:/bin/sh
gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats/gnats-db:/bin/sh
nobody:*:65534:65534:nobody:/home:/bin/sh
+::::::
node04:/var/log# tail /etc/group  
src:*:40:
gnats:*:41:
shadow:*:42:
utmp:*:43:
video:*:44:
staff:*:50:
games:*:60:
users:*:100:
nogroup:*:65534:
+:::
node04:/var/log# 


-- 
Eray (exa) Ozkural
Comp. Sci. Dept., Bilkent University, Ankara
e-mail: erayo@cs.bilkent.edu.tr
www: http://www.cs.bilkent.edu.tr/~erayo

Reply to:

Prev by Date: Re: eth0: unable to signal thread
Next by Date: would like to take some packages , but NM?!?! (2)
Previous by thread: libdb3
Next by thread: would like to take some packages , but NM?!?! (2)
Index(es):
- Date
- Thread