On Saturday 20 December 2003 16:56 pm, Alexandr Malusek wrote:
Dylan
writes: ... What I actually want (and indeed, expected to be the case) is that the full group membership be distributed by NIS. ...
You should read about the NIS setup first - you apparently don't know what you are doing ;-). Anyway
You're a bit presumptive. I have consulted the manpages, the (practically nonexistant) info in /usr/share/doc/packages/autofs, the HOWTO from www.linux-nis.org, and the O'Reily NFS/NIS book. I hadn't made the connection that for group membership to be distributed the system groups (i.e. GUID<500) would need to be distributed.
1. Check that the NIS group map content is seen by the client:
client# ypcat group.byname
Indeed, it is now I've lowered the min GUID option.
2. On each client, change the group line in /etc/nsswitch.conf to
group: files nis
An alternative is to keep the compat option but then you have to add a line containing '+' at the end of /etc/group.
It always was group: compat My point is that it shouldn't be necessary to distribute the entire groups map from the server in order for the client to know a user's group membership. Especially since the default settings effectively withold this information.
I haven't tested it now but as far as I remember this should be all. Don't forget to "re-log" on the client, otherwise the login shell will use the old setting.
Of course... Dylan -- Sweet moderation Heart of this nation Desert us not We are between the wars - Billy Bragg