On Saturday 20 December 2003 07:54 am, Damian O'Hara wrote: <SNIP>

Dylan,

What are the contents of your client's /etc/nsswitch.conf ?

/etc/nsswitch.conf =============== passwd: compat group: compat hosts: files nis dns networks: files dns services: files protocols: files rpc: files ethers: files netmasks: files netgroup: files publickey: files bootparams: files automount: files nis aliases: files shadow: compat ============ Dylan -- Sweet moderation Heart of this nation Desert us not We are between the wars - Billy Bragg

On Saturday 20 December 2003 16:56 pm, Alexandr Malusek wrote:

Dylan writes:

...

... What I actually want (and indeed, expected to be the case) is that the full group membership be distributed by NIS. ...

You should read about the NIS setup first - you apparently don't know what you are doing ;-). Anyway

You're a bit presumptive. I have consulted the manpages, the (practically nonexistant) info in /usr/share/doc/packages/autofs, the HOWTO from www.linux-nis.org, and the O'Reily NFS/NIS book. I hadn't made the connection that for group membership to be distributed the system groups (i.e. GUID<500) would need to be distributed.

1. Check that the NIS group map content is seen by the client:

client# ypcat group.byname

Indeed, it is now I've lowered the min GUID option.

2. On each client, change the group line in /etc/nsswitch.conf to

group: files nis

An alternative is to keep the compat option but then you have to add a line containing '+' at the end of /etc/group.

It always was group: compat My point is that it shouldn't be necessary to distribute the entire groups map from the server in order for the client to know a user's group membership. Especially since the default settings effectively withold this information.

I haven't tested it now but as far as I remember this should be all. Don't forget to "re-log" on the client, otherwise the login shell will use the old setting.

Of course... Dylan -- Sweet moderation Heart of this nation Desert us not We are between the wars - Billy Bragg

Alexandr Malusek writes:

If I specify

group: files files files

then the groups are listed three times ...

Duplicate entries in /etc/group are also reported more than once and this is not good. (Solaris 9 reports them only once.) I couldn't reach the http://bugs.gnu.org/cgi-bin/gnatsweb.pl site today so I reported the problem via the SUSE feedback. Some SUSE developers work on glibc too. -- A.M.