Re: [SLE] Distributing group membership with NIS

On Saturday 20 December 2003 16:56 pm, Alexandr Malusek wrote:

Dylan writes:

...

... What I actually want (and indeed, expected to be the case) is that the full group membership be distributed by NIS. ...

You should read about the NIS setup first - you apparently don't know what you are doing ;-). Anyway

You're a bit presumptive. I have consulted the manpages, the (practically nonexistant) info in /usr/share/doc/packages/autofs, the HOWTO from www.linux-nis.org, and the O'Reily NFS/NIS book. I hadn't made the connection that for group membership to be distributed the system groups (i.e. GUID<500) would need to be distributed.

1. Check that the NIS group map content is seen by the client:

client# ypcat group.byname

Indeed, it is now I've lowered the min GUID option.

2. On each client, change the group line in /etc/nsswitch.conf to

group: files nis

An alternative is to keep the compat option but then you have to add a line containing '+' at the end of /etc/group.

It always was group: compat My point is that it shouldn't be necessary to distribute the entire groups map from the server in order for the client to know a user's group membership. Especially since the default settings effectively withold this information.

I haven't tested it now but as far as I remember this should be all. Don't forget to "re-log" on the client, otherwise the login shell will use the old setting.

Of course... Dylan -- Sweet moderation Heart of this nation Desert us not We are between the wars - Billy Bragg