Bug 7620

Summary: failure to authenticate when remote NIS server is configured for C2 security
Product: [Retired] Red Hat Linux Reporter: dnelson
Component: ypbindAssignee: Cristian Gafton <gafton>
Status: CLOSED CURRENTRELEASE QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 6.0   
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2000-01-27 19:25:53 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description dnelson 1999-12-06 05:28:50 UTC
Currently our NIS servers are on Sol 2.6 machines in which NIS uses the
shadow.adjunct file (ie C2 security).  This makes the shadow information
unretreiveable via typical NIS methods since the NIS database files are not
generated.  RH 6.0 thus fails to authenticate using this method of NIS
security.

I contacted the author/maintainer of yp-tools (Thorsten Kukuk
<kukuk@vt.uni-paderborn.de>) and per his suggestion, I tried SuSE 6.2 which
properly authenticated logins via NIS using the above configuration.

Comment 1 Cristian Gafton 2000-01-27 19:25:59 UTC
A newer version of ypbind should fix this problem.

Comment 2 dnelson 2000-02-03 22:15:59 UTC
This authentication failure is also present in RH 6.1.  By default, 'login' uses
the PAM module 'pam_pwdb.so'.  In order to use C2 enabled NIS, one must edit
/etc/pwdb.conf so that the 'nis' entries read 'decnis'.  This is documented
/usr/doc/pwdb-xxx.

	/\/elson