129308 – ypmatch problems with ypserv

Bug 129308 - ypmatch problems with ypserv

Summary: ypmatch problems with ypserv

Keywords:
Status:	CLOSED WORKSFORME
Alias:	None
Product:	Red Hat Enterprise Linux 3
Classification:	Red Hat
Component:	ypserv
Sub Component:
Version:	3.0
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Vitezslav Crhonek
QA Contact:	Jay Turner
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2004-08-06 08:38 UTC by Simon Oliver
Modified:	2015-01-08 00:08 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2008-09-16 10:13:24 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Description Simon Oliver 2004-08-06 08:38:52 UTC

From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.4)
Gecko/20030624 Netscape/7.1 (ax)

Description of problem:
ypmatch and ypcat return different results after a user's password is
changed.  When a user's password is changed via yppasswd, although
`ypcat passwd | grep uid` returns the new password hash, `ypmatch uid
passwd` returns the previous password hash.  The new information only
appears after a ypserv restart.

It would seem that PAM uses the same method as ypmatch because when
the user tries to open an ssh connection to the server we find that
the old password is still effective and the new one does not
authenticate.  In fact in order for the new password to take effect
both ypserv and nscd must be restarted!

If I disable nscd (/etc/init.d/nscd stop) then onlt the ypserv restart
is required.  It seems like this problem is happening at more than one
level!

A notice another RHEL3 admin had a similar problem - I guess they are
related:

Bugzilla Bug 120263:  ypserv problems ypmatching netgroup entries


Version-Release number of selected component (if applicable):
ypserv-2.8-6

How reproducible:
Always

Steps to Reproduce:
1. yppasswd -p uid
2. ypcat passwd | grep ^uid && ypmatch uid passwd
3. /etc/init.d/ypserv restart
4. ypcat passwd | grep ^uid && ypmatch uid passwd
    

Actual Results:  actual result from step 2:

tu:hKHVOY1.3Ik5c:500:500::/home/tu:/bin/bash
tu:LkMIeXkgtSHCI:500:500::/home/tu:/bin/bash


Expected Results:  expected result from step 2:

tu:hKHVOY1.3Ik5c:500:500::/home/tu:/bin/bash
tu:hKHVOY1.3Ik5c:500:500::/home/tu:/bin/bash


Additional info:

here's a transcript:

# ypcat passwd | grep ^tu && ypmatch tu passwd
tu:LkMIeXkgtSHCI:500:500::/home/tu:/bin/bash
tu:LkMIeXkgtSHCI:500:500::/home/tu:/bin/bash
# yppasswd -p tu
Changing NIS account information for tu on ss1.bms.umist.ac.uk.
Please enter root password:
Changing NIS password for tu on ss1.bms.umist.ac.uk.
Please enter new password:
Please retype new password:

The NIS password has been changed on ss1.bms.umist.ac.uk.

# ypcat passwd | grep ^tu && ypmatch tu passwd
tu:hKHVOY1.3Ik5c:500:500::/home/tu:/bin/bash
tu:LkMIeXkgtSHCI:500:500::/home/tu:/bin/bash
# /etc/init.d/ypserv restart
Stopping YP server services:                               [  OK  ]
Starting YP server services:                               [  OK  ]
[root@ss1 yp]# ypcat passwd | grep ^tu && ypmatch tu passwd
tu:hKHVOY1.3Ik5c:500:500::/home/tu:/bin/bash
tu:hKHVOY1.3Ik5c:500:500::/home/tu:/bin/bash

Comment 1 Gerben Roest 2007-11-27 14:56:20 UTC

I am having the same problem with RH 4, ypserv-2.13-11. Changing a password or
adding a user and then doing "make" in /var/yp, I see the old date when using:

yppoll passwd.byname

Only after doing /etc/init.d/ypserv stop, /etc/init.d/ypserv start, it shows the
new date. restart doesn't work.

Comment 2 Vitezslav Crhonek 2008-09-16 10:13:24 UTC

I'm not able to reproduce it (both RHEL3, RHEL4). Probably misconfiguration or already fixed in later updates. Closing.

Note You need to log in before you can comment on or make changes to this bug.