Bug 61176 - NIS authentication broken
NIS authentication broken
Status: CLOSED RAWHIDE
Product: Red Hat Raw Hide
Classification: Retired
Component: pam (Show other bugs)
1.0
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Nalin Dahyabhai
Aaron Brown
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2002-03-14 16:34 EST by ellson
Modified: 2007-04-18 12:40 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2002-03-14 16:34:06 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description ellson 2002-03-14 16:34:00 EST
Description of Problem:
Users with NIS passwd entries, but not /etc/passwd entry, are unable to login.
YP server is Sun/Solaris 5.6 

NIS logins worked until Rawhide updates in last couple of days.

Version-Release number of selected component (if applicable):
pam-0.75-28
rawhide-release-20020314-1

How Reproducible:
100%

Steps to Reproduce:
1. No entry for "ellson" in /etc/passwd or /etc/shadow

2. NIS entry for "ellson"
$ ypcat passwd | grep ellson
ellson:s6Q9hVc.KWh/Q:5318:550:John Ellson:/home/ellson:/bin/bash

3. "login ellson" fails.

$ login ellson
Password: 

User account has expired


Actual Results:


Expected Results:


Additional Information:
/etc/pam.d/system-auth contains:

#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth        required      /lib/security/pam_env.so
auth        sufficient    /lib/security/pam_unix.so likeauth nullok
auth        required      /lib/security/pam_deny.so

account     required      /lib/security/pam_unix.so
account     sufficient    /lib/security/pam_localuser.so
account     required      /lib/security/pam_deny.so

password    required      /lib/security/pam_cracklib.so retry=3 type=
password    sufficient    /lib/security/pam_unix.so nullok use_authtok md5
shadow nis
password    required      /lib/security/pam_deny.so

session     required      /lib/security/pam_limits.so
session     required      /lib/security/pam_unix.so
~
Comment 1 Bill Nottingham 2002-03-28 17:44:01 EST
This is fixed in a newer authconfig (for ex: 4.2.7-2); you can either re-run it,
or (IIRC) change:

account     required      /lib/security/pam_unix.so

to

account  sufficient /lib/security/pam_unix.so

Note You need to log in before you can comment on or make changes to this bug.