Red Hat Bugzilla – Bug 61176
NIS authentication broken
Last modified: 2007-04-18 12:40:56 EDT
Description of Problem: Users with NIS passwd entries, but not /etc/passwd entry, are unable to login. YP server is Sun/Solaris 5.6 NIS logins worked until Rawhide updates in last couple of days. Version-Release number of selected component (if applicable): pam-0.75-28 rawhide-release-20020314-1 How Reproducible: 100% Steps to Reproduce: 1. No entry for "ellson" in /etc/passwd or /etc/shadow 2. NIS entry for "ellson" $ ypcat passwd | grep ellson ellson:s6Q9hVc.KWh/Q:5318:550:John Ellson:/home/ellson:/bin/bash 3. "login ellson" fails. $ login ellson Password: User account has expired Actual Results: Expected Results: Additional Information: /etc/pam.d/system-auth contains: #%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time authconfig is run. auth required /lib/security/pam_env.so auth sufficient /lib/security/pam_unix.so likeauth nullok auth required /lib/security/pam_deny.so account required /lib/security/pam_unix.so account sufficient /lib/security/pam_localuser.so account required /lib/security/pam_deny.so password required /lib/security/pam_cracklib.so retry=3 type= password sufficient /lib/security/pam_unix.so nullok use_authtok md5 shadow nis password required /lib/security/pam_deny.so session required /lib/security/pam_limits.so session required /lib/security/pam_unix.so ~
This is fixed in a newer authconfig (for ex: 4.2.7-2); you can either re-run it, or (IIRC) change: account required /lib/security/pam_unix.so to account sufficient /lib/security/pam_unix.so