Bug 21799
Summary: | after start nscd i unable login to system as nis-mapped user ( on client system rh7, NIS, NFS server is RH6.x) | ||
---|---|---|---|
Product: | [Retired] Red Hat Linux | Reporter: | MEGASOFT HACKERS GROUP <megasofthg> |
Component: | nscd | Assignee: | Jakub Jelinek <jakub> |
Status: | CLOSED WONTFIX | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 7.0 | CC: | kmaraas, sh |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | i386 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2003-04-23 14:05:04 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
MEGASOFT HACKERS GROUP
2000-12-06 13:04:54 UTC
Strange, we use NIS internally here, NIS server is RH6.2 and RH7 boxes work just fine against it (and several people are running nscd). Can you e.g. stop nscd, login, from some other console start nscd and see what get*by* request fail? I turn-on debug and see my nscd.log: -------------------------------------- 1126: handle_request: request received (Version = 2) 1126: GETPWBYNAME (boss) 1126: Haven't found "boss" in password cache! 1126: handle_request: request received (Version = 2) 1126: GETPWBYNAME (boss) 1126: handle_request: request received (Version = 2) 1126: GETPWBYNAME (boss) 1126: handle_request: request received (Version = 2) 1126: GETPWBYUID (0) 1126: Haven't found "0" in password cache! 1126: handle_request: request received (Version = 2) 1126: GETPWBYUID (0) 1126: handle_request: request received (Version = 2) 1126: GETPWBYUID (0) 1126: handle_request: request received (Version = 2) 1126: GETGRBYGID (0) 1126: Haven't found "0" in group cache! ------------------------------- I am having the same problem with RedHat 7.0 clients and a RedHat 7.0 server, if I have the following section listed in /etc/ypserv.conf on the NIS server everything works fine with nscd started and I can login as normal: # Host : Map : Security : Passwd_mangle # #* : passwd.byname : port : yes #* : passwd.byuid : port : yes However if I have the following in /etc/ypserv.conf to enable 'shadow like passwords': # Host : Map : Security : Passwd_mangle # * : passwd.byname : port : yes * : passwd.byuid : port : yes I can no longer login if nscd is started on the client. If I stop nscd on the client things work as normal and I am able to login once again. o !!!!!! on rh7 nscd run as nscd-user (uid=28), and with this option nis-server mangle passwords for requests from unprivileged users :) on rh 6.x nscd run as root and all ok !!!! maybe it security problem ? on solaris clients all nis-requests also from unprivileged ports. Any news on this issue? Closing, please reopen if this issue still occurs with Red Hat Linux 7.1 or above. |