I've got some machines running as NIS clients very fine. Files like hosts, networks, auto.master, ... are used by all these machines. The passwd-file is also allocated by NIS and I can change the passwd by yppasswd an some minutes later I have the new password on all other machines. Everything is fine, but there is one thing I cannot change and maybe it's just a small entry in one configuration-file.
The NIS server should be a NIS client at the same time so that I can logon to my NIS server by using the same password as I use for the NIS clients. I configured all files in the same way as I configured the other client machines but when I log on the server I have to give the password I gave the server when I installed the linux system. Using passwd (or yppasswd) on the server will change the NIS password so that I have to login on every nis client with the new apssword except the server/client. I don't see any possibility to change this password (or to login to server using the same password I am using for the clients).
One more thing attract my attention: In the nsswitch.conf file the order to lookup for the passwd is 'nis files'. I can login my server by using the 'local' passwd (not the nis passwd). If I delete the 'files' entry, so that all passwds should be talken from nis it makes no differences. But, I am not able to change to root any longer (whcih seems to be normal).
Maybe someone can help me ? Or do you have a good link to get a solution for this ?
Here are some of my configurations:
Using SuSE 8.2 on alle machines.
The 'domainname' is the same on all machines.
/etc/nsswitch.conf (on all machines):
passwd: nis files shadow: nis files group: nis files
hosts: nis [NOTFOUND=return] files networks: nis [NOTFOUND=return] files ...
yp.conf contains the IP of the server or 127.0.0.1 (on all machines)
/var/yp/securenets allows access for 255.0.0.0 127.0.0.0 255.255.255.224 192.168.200.0
/etc/passwd contains no 'normal users'. The last line is +:::::: (same for file /etc/group) /etc/nis/passwd contains all 'normal users' and /var/yp/Makefile includes /etc/nis for passwd, shadow and groups.
Maybe this helps to find a solution for my problem ? I started the NIS server with the -d option and looked at the messages. It seems to me that there is a problem with the 'gdbm tool' ? I hope by shortening the logs I didn't loose some important informations.
Does anyone has an idea about this ? Another question: Why does the client tries to get the shadow-map? I told the NIS server to merge the passwd and the shadow file - so, there is no shadow map which the client could get.
[ypserv (ypserv) 2.8]
Find securenet: 255.0.0.0 255.0.0.0 Find securenet: 255.255.255.224 255.255.255.224 ypserv.conf: dns: 0 ypserv.conf: files: 30 ypserv.conf: xfr_check_port: 1 ypserv.conf: 0.0.0.0/0.0.0.0:*:shadow.byname:2 ypserv.conf: 0.0.0.0/0.0.0.0:*:passwd.adjunct.byname:2 ypproc_domain_nonack("linux.cmp.de") [From: 188.8.131.52:32859] connect from 184.108.40.206 -> OK. ypproc_domain_nonack("linux.cmp.de") [From: 220.127.116.11:32877] connect from 18.104.22.168 -> OK. ypproc_domain_nonack("linux.cmp.de") [From: 127.0.0.1:32772] connect from 127.0.0.1 -> OK. ypproc_match(): [From: 127.0.0.1:983] domainname = "linux.cmp.de" mapname = "passwd.byname" keydat = "sshd" ypdb_open("linux.cmp.de", "passwd.byname") ->Returning OK! Opening: linux.cmp.de/passwd.byname (0) 8055bd0 ypdb_close() called connect from 127.0.0.1 ypdb_open("linux.cmp.de", "passwd.byname") Found: linux.cmp.de/passwd.byname (0) ypdb_close() called -> Error #-3
[ Up to this point everything seemed to be fine. But what does this error should tell me ? ]
ypproc_match(): [From: 127.0.0.1:983] domainname = "linux.cmp.de" mapname = "passwd.byname" keydat = "meyer" ypdb_open("linux.cmp.de", "passwd.byname") Found: linux.cmp.de/passwd.byname (0)
ypdb_close() called -> Value = "meyer:YZYlSCP8l2eVKqhE:306:1000:HANS MEYER:/home/meyer:/bin/bash" ypproc_match(): [From: 127.0.0.1:986] domainname = "linux.cmp.de" mapname = "shadow.byname" keydat = "meyer" connect from 127.0.0.1 ypdb_open("linux.cmp.de", "shadow.byname") gdbm_open: GDBM Error Code #3 -> Error #-1
[ Next error, different errornumber. Does anyone knows what I should do to avoid these errors ? Or: Can I ignore all these messages ? ]