Bug 129308 - ypmatch problems with ypserv
Summary: ypmatch problems with ypserv
Alias: None
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: ypserv
Version: 3.0
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Vitezslav Crhonek
QA Contact: Jay Turner
Keywords: Security
Depends On:
TreeView+ depends on / blocked
Reported: 2004-08-06 08:38 UTC by Simon Oliver
Modified: 2015-01-08 00:08 UTC (History)
1 user (show)

Clone Of:
Last Closed: 2008-09-16 10:13:24 UTC

Attachments (Terms of Use)

Description Simon Oliver 2004-08-06 08:38:52 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.4)
Gecko/20030624 Netscape/7.1 (ax)

Description of problem:
ypmatch and ypcat return different results after a user's password is
changed.  When a user's password is changed via yppasswd, although
`ypcat passwd | grep uid` returns the new password hash, `ypmatch uid
passwd` returns the previous password hash.  The new information only
appears after a ypserv restart.

It would seem that PAM uses the same method as ypmatch because when
the user tries to open an ssh connection to the server we find that
the old password is still effective and the new one does not
authenticate.  In fact in order for the new password to take effect
both ypserv and nscd must be restarted!

If I disable nscd (/etc/init.d/nscd stop) then onlt the ypserv restart
is required.  It seems like this problem is happening at more than one

A notice another RHEL3 admin had a similar problem - I guess they are

Bugzilla Bug 120263:  ypserv problems ypmatching netgroup entries

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. yppasswd -p uid
2. ypcat passwd | grep ^uid && ypmatch uid passwd
3. /etc/init.d/ypserv restart
4. ypcat passwd | grep ^uid && ypmatch uid passwd

Actual Results:  actual result from step 2:


Expected Results:  expected result from step 2:


Additional info:

here's a transcript:

# ypcat passwd | grep ^tu && ypmatch tu passwd
# yppasswd -p tu
Changing NIS account information for tu on ss1.bms.umist.ac.uk.
Please enter root password:
Changing NIS password for tu on ss1.bms.umist.ac.uk.
Please enter new password:
Please retype new password:

The NIS password has been changed on ss1.bms.umist.ac.uk.

# ypcat passwd | grep ^tu && ypmatch tu passwd
# /etc/init.d/ypserv restart
Stopping YP server services:                               [  OK  ]
Starting YP server services:                               [  OK  ]
[root@ss1 yp]# ypcat passwd | grep ^tu && ypmatch tu passwd

Comment 1 Gerben Roest 2007-11-27 14:56:20 UTC
I am having the same problem with RH 4, ypserv-2.13-11. Changing a password or
adding a user and then doing "make" in /var/yp, I see the old date when using:

yppoll passwd.byname

Only after doing /etc/init.d/ypserv stop, /etc/init.d/ypserv start, it shows the
new date. restart doesn't work.

Comment 2 Vitezslav Crhonek 2008-09-16 10:13:24 UTC
I'm not able to reproduce it (both RHEL3, RHEL4). Probably misconfiguration or already fixed in later updates. Closing.

Note You need to log in before you can comment on or make changes to this bug.