Bug 64234
| Summary: | cant log in as NIS users | ||
|---|---|---|---|
| Product: | [Retired] Red Hat Linux | Reporter: | Seth Master <seth.master> |
| Component: | ypbind | Assignee: | Alexander Larsson <alexl> |
| Status: | CLOSED DUPLICATE | QA Contact: | Ben Levenson <benl> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 7.2 | CC: | rajuchinna0071, tcallawa |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | i686 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2002-05-01 00:01:46 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Seth Master
2002-04-29 23:00:31 UTC
You need to enable nis in /etc/nsswitch.conf /etc/nsswitch.conf is as follows. passwd: files nis shadow: files nis group: files nis hosts: files nis dns bootparams: files ethers: files netmasks: files networks: files protocols: files nis rpc: files services: files nis netgroup: files nis #publickey: nisplus automount: aliases: files Was NIS configured with authconfig or manually? Is the ypbind service enabled and running (/sbin/chkconfig ypbind on; /sbin/service ypbind restart)? What do "domainname" and "ypwhich" print? Is the client system able to see the contents of the server's passwd map (ypcat -k passwd)? Additionally, was the system configured with a firewall? The default firewalling options block all UDP traffic, which stops all RPC-based services (like NIS) from working. the system was not configured with a firewall, or atleast not in the
installation process, but is there a way to check that post install?
ypcat -k password works correctly
If I am logged in as root on the console, I can su - jlevy for example and I
will become the user and be in his homedir, we mount homedir from the fstab
file instead of using automounter.
Both are correct:
# ypwhich
ballad
# domainname
mtview.reasoning.com
# cat yp.conf
domain mtview.reasoning.com server 199.108.177.67
I removed some stuff from the listing, but left the important stuff
# chkconfig --list
netfs 0:off 1:off 2:off 3:on 4:on 5:on 6:off
network 0:off 1:off 2:on 3:on 4:on 5:on 6:off
random 0:off 1:off 2:on 3:on 4:on 5:on 6:off
ipchains 0:off 1:off 2:off 3:off 4:off 5:on 6:off
iptables 0:off 1:off 2:off 3:off 4:off 5:on 6:off
portmap 0:off 1:off 2:off 3:on 4:on 5:on 6:off
xinetd 0:off 1:off 2:off 3:on 4:on 5:on 6:off
autofs 0:off 1:off 2:off 3:off 4:off 5:off 6:off
nfs 0:off 1:off 2:off 3:off 4:off 5:off 6:off
nfslock 0:off 1:off 2:off 3:on 4:on 5:on 6:off
identd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
ypbind 0:off 1:off 2:off 3:on 4:on 5:on 6:off
sshd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
rstatd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
rusersd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
vncserver 0:off 1:off 2:off 3:off 4:off 5:off 6:off
xinetd based services:
rexec: on
rlogin: on
rsh: on
ntalk: on
talk: on
telnet: on
Does the second field of the user's entry in the NIS password table list the crypted password ( ypmatch smaster passwd | cut -f2 -d: ), or is there something else in the field? You can check your firewall settings by running "ipchains -L" (or "iptables -L", if your firewall was configured to use iptables instead of ipchains). ypmatch smaster passwd does show the 2nd field encrypted passwd Please double-check that the crypted field is correct. Run:
python -c 'import crypt;print crypt.crypt("PASSWORD","SALT")'
substituting the user's password for PASSWORD, and the value obtained from ypcat
for SALT, and comparing the output to the value of the field. It should match
exactly.
ok, it matches exactly Have the PAM configuration files been modified from their defaults at all? Are NIS users able to log in at the system console? no, the PAM stuff is from the default install. NIS users are not able to login in at console either. the only way in is ssh -l root <servername> from an other machine. But if Im logged in console as root, and su - jlevy which is a NIS user, I do get logged in as the user, with his environment, and his homedir. Does the user's password have more than eight characters in it? If so, has the errata from http://www.redhat.com/support/errata/RHBA-2001-149.html (which itself updates http://www.redhat.com/support/errata/RHBA-2001-127.html) been applied? well, that solved the problem! thanks, and I thought we were going to discover a bug. Now, how does a person normally get notified, receive, and update there machines with errata fixes? Notifications for all errata go to redhat-watch-list, which you can subscribe to at https://listman.redhat.com/mailman/listinfo/redhat-watch-list; errata are also available via Red Hat Network (which you can sign up to use by running 'rhn_register') and the main web site at http://www.redhat.com/errata/. *** This bug has been marked as a duplicate of 54443 *** I have followed above all steps. but I am not able to login with my user |