Bug 21799 - after start nscd i unable login to system as nis-mapped user ( on client system rh7, NIS, NFS server is RH6.x)
Summary: after start nscd i unable login to system as nis-mapped user ( on client syst...
Status: CLOSED WONTFIX
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: nscd   
(Show other bugs)
Version: 7.0
Hardware: i386 Linux
medium
medium
Target Milestone: ---
Assignee: Jakub Jelinek
QA Contact:
URL:
Whiteboard:
Keywords: Security
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2000-12-06 13:04 UTC by MEGASOFT HACKERS GROUP
Modified: 2007-04-18 16:30 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2003-04-23 14:05:04 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

Description MEGASOFT HACKERS GROUP 2000-12-06 13:04:54 UTC
after start nscd i unable login on client system (RH7, x86) as NIS-mapped
user ( client system rh7, NIS-NFS server is RH6.x)
if i stop nscd - all ok !!!
On Rh6.x clients all ok with nscd or without ?

This valid for all updates glibc for RH7 ( now i have latest 2.2-5)

Comment 1 Jakub Jelinek 2000-12-08 11:50:17 UTC
Strange, we use NIS internally here, NIS server is RH6.2 and RH7 boxes work
just fine against it (and several people are running nscd).
Can you e.g. stop nscd, login, from some other console start nscd and see
what get*by* request fail?

Comment 2 MEGASOFT HACKERS GROUP 2000-12-11 13:12:41 UTC
I turn-on debug and see my nscd.log:

--------------------------------------
1126: handle_request: request received (Version = 2)
1126:   GETPWBYNAME (boss)
1126: Haven't found "boss" in password cache!
1126: handle_request: request received (Version = 2)
1126:   GETPWBYNAME (boss)
1126: handle_request: request received (Version = 2)
1126:   GETPWBYNAME (boss)
1126: handle_request: request received (Version = 2)
1126:   GETPWBYUID (0)
1126: Haven't found "0" in password cache!
1126: handle_request: request received (Version = 2)
1126:   GETPWBYUID (0)
1126: handle_request: request received (Version = 2)
1126:   GETPWBYUID (0)
1126: handle_request: request received (Version = 2)
1126:   GETGRBYGID (0)
1126: Haven't found "0" in group cache!
-------------------------------


Comment 3 sh 2001-02-19 09:42:48 UTC
I am having the same problem with RedHat 7.0 clients and a RedHat 7.0 server, if
I have the following section listed in /etc/ypserv.conf on the NIS server
everything works fine with nscd started and I can login as normal:

# Host                       : Map              : Security   : Passwd_mangle
#
#*                          : passwd.byname    : port       : yes
#*                          : passwd.byuid     : port       : yes

However if I have the following in /etc/ypserv.conf to enable 'shadow like
passwords':

# Host                       : Map              : Security   : Passwd_mangle
#
*                          : passwd.byname    : port       : yes
*                          : passwd.byuid     : port       : yes

I can no longer login if nscd is started on the client. If I stop nscd on the
client things work as normal and I am able to login once again.

Comment 4 MEGASOFT HACKERS GROUP 2001-02-19 10:58:40 UTC
o !!!!!! 
on rh7 nscd run as nscd-user (uid=28), and with this option nis-server mangle
passwords for requests from unprivileged users :) on rh 6.x nscd run as root and
all ok !!!!

maybe it security problem ? on solaris clients all nis-requests also from
unprivileged ports.


Comment 5 Kjartan Maraas 2003-04-02 22:03:37 UTC
Any news on this issue?

Comment 6 Mark J. Cox 2003-04-23 14:05:04 UTC
Closing, please reopen if this issue still occurs with Red Hat Linux 7.1 or above.


Note You need to log in before you can comment on or make changes to this bug.