ypbind not running - can still login
I did some tests with the NIS authentication stuff on SuSE 6.3, setting a ypserver and starting ypbind (both via /etc/rc.config). Package ypclient-3.4-4. I edited /etc/passwd and changed the default +:::::: to +someuser:::::: This should only allow someuser to login. Fine. Then I /etc/rc.d/init.d/ypclient stop to revert back to standard non-NIS behaviour. But user someuser can still login, using the password authenticated by the yp server. Putting a bogus ypserver into /etc/yp.conf has no effect, and there is no someuser anywhere else in passwd. This is a worry - I get NIS authentication but ypbind isn't running!! What's going on? Something must be buffered somewwhere - unloading ypbind should flush that!! Volker
* Volker Kuhlmann wrote on Wed, May 03, 2000 at 10:36 +1200:
/etc/rc.d/init.d/ypclient stop But user someuser can still login [...]
This is a worry - I get NIS authentication but ypbind isn't running!!
Do you run nscd with passwd cacheing enabled? If so, try a enable-cache passwd no enable-cache group no in /etc/nscd.conf. oki, Steffen -- Dieses Schreiben wurde maschinell erstellt, es trägt daher weder Unterschrift noch Siegel.
On Wed, May 03, Volker Kuhlmann wrote:
I did some tests with the NIS authentication stuff on SuSE 6.3, setting a ypserver and starting ypbind (both via /etc/rc.config). Package ypclient-3.4-4.
I edited /etc/passwd and changed the default +:::::: to +someuser:::::: This should only allow someuser to login. Fine. Then I /etc/rc.d/init.d/ypclient stop to revert back to standard non-NIS behaviour. But user someuser can still login, using the password authenticated by the yp server. Putting a bogus ypserver into /etc/yp.conf has no effect, and there is no someuser anywhere else in passwd.
This is a worry - I get NIS authentication but ypbind isn't running!!
What's going on? Something must be buffered somewwhere - unloading ypbind should flush that!!
No, unloading ypbind cannot flush caches. B I think you fail into a "bug" with the wrong kernel implementation of posix threads. If ypbind stops, it should delete the files in /var/yp/binding/* But the Linux thread implementation is no 100% posix conform, so this does not always happen. Remove /var/yp/binding/* and everything should be ok. Thorsten -- Thorsten Kukuk http://www.suse.de/~kukuk/ kukuk@suse.de SuSE GmbH Schanzaeckerstr. 10 90443 Nuernberg Linux is like a Vorlon. It is incredibly powerful, gives terse, cryptic answers and has a lot of things going on in the background.
participants (3)
-
Steffen Dettmer -
Thorsten Kukuk -
Volker Kuhlmann