Help diagnosing NIS breakage ?
Robin P. Blanchard
Robin.Blanchard at gactr.uga.edu
Wed Jul 9 05:10:15 PDT 2003
Given the lack of response on this, I fortunately was able to 'downgrade'
back to sources dated 08 june 2003. Low and behold, NIS users again work.
There is undoubtedly something awry in the the latest sources, as I can
systematically recreate a 'broken' system. I will gladly provide shell access
to developers who wish to look into this. It would be nice to be able to stay
current on -CURRENT (heh).
Thanks.
>
> > ----- Robin P. Blanchard's Original Message -----
> > >
> > > Still pulling my hair out on this one...Updated to latest
> > kern/world
> > > this morning and NIS users are no longer working.
> >
> > What -`date` version were you running where things worked
> > before you did the 1st upgrade?
> >
> > Can you provide the contents of your /etc/group, /etc/passwd
> > (just the last two lines of each), and /etc/nsswitch.conf files?
> >
> > Your demonstration below indicates that NIS is correctly
> > setup and running, but that it is not correctly configured in
> > for system usage.
> >
> > While I realize it doesn't help you, I am running the latest
> > NIS code in a cluster and it works fine (FreeBSD 4.8 server,
> > various clients).
>
> OK... Nsswitch.conf exists on neither machine here. I setup a
> test nsswitch.conf on the broken NIS box to use NIS but it
> didn't help at all.
>
> 1)
> On FreeBSD 5.1-CURRENT #0: Tue Jun 17 10:28:52 EDT 2003:
> # ypcat passwd |fgrep robin
> robin:OeIS3xdIRAiQs:20292:30028::/home/robin:/bin/bash
> # finger robin
> Login: robin Name:
> Directory: /home/robin Shell: /bin/bash
> Never logged in.
> No Mail.
> No Plan.
> # id robin
> uid=20292(robin) gid=30028(NSS) groups=30028(NSS),
> 30000(gactr), 30026(ITS) # tail -2 /etc/passwd
> nobody:*:65534:65534:Unprivileged user:/nonexistent:/sbin/nologin
> +:*:::::
> # tail -2 /etc/passwd
> nobody:*:65534:65534:Unprivileged user:/nonexistent:/sbin/nologin
> +:*:::::
> # tail -2 /etc/group
> nobody:*:65534:
> +:*:0:
>
>
> 2)
> On FreeBSD 5.1-CURRENT #0: Mon Jul 7 11:33:56 EDT 2003
> # ypcat passwd |fgrep robin
> robin:OeIS3xdIRAiQs:20292:30028::/home/robin:/bin/bash
> # finger robin
> Login: robin Name:
> Directory: /home/robin Shell: /bin/bash
> Last login Mon Jul 7 07:47 (EDT) on ttyp0 from 10.2.2.10
> No Mail.
> No Plan.
> # id robin
> id: robin: no such user
> # tail -2 /etc/passwd
> nobody:*:65534:65534:Unprivileged user:/nonexistent:/sbin/nologin
> +:*:::::
> #
> # tail -2 /etc/group
> nobody:*:65534:
> +:*:0:
>
> And here's something else interesting on this 'broken' NIS box:
>
> # ls -ald .
> drwx--x--x 4 20292 NSS 4.0K Jun 13 13:34 ./
>
> So (via NIS) GID translation is working but not UID translation....
>
> Look forward to getting this solved...
>
>
> >
> > -john
> >
> > > Demonstration:
> > >
> > > # ypcat passwd |fgrep robin
> > > robin:OeIS3xdIRAiQs:20292:30028::/home/robin:/bin/bash
> > > # ypcat group |fgrep robin
> > >
> >
> gactr::30000:holmesr,wrighta,prestonh,reagind,gankol,cafieroj,cahoonb,
> > > pettigr
> > > m,brantlek,thumat,dosterc,nate,robin,charles
> > > ITS::30026:dosterc,nate,robin,charles
> > > NSS::30028:dosterc,nate,robin,charles,test
> > > # ps ax |fgrep ypbind
> > > 79910 ?? Ss 0:00.03 ypbind
> > > # ypwhich
> > > GCDC2.gc.nat
> > > # finger robin
> > > Login: robin Name:
> > > Directory: /home/robin Shell: /bin/bash
> > > Last login Mon Jul 7 07:47 (EDT) on ttyp0 from 10.2.2.10
> > > No Mail.
> > > No Plan.
> > >
> > > So NIS is 'working'...But:
> > > # id robin
> > > id: robin: no such user
> > >
> > > And as a result, he (I) cannot login.
> > >
> > > # su - robin ; tail -1 /var/log/auth.log
> > >
> > > su: Sorry
> > > Jul 7 13:59:29 ftp su: pam_acct_mgmt: error in service module
> > >
> > > There's a truss and a ktrace (of the id command) available at:
> > > ftp://ftp.gactr.uga.edu/incoming/id.tar.gz
> > >
> > > Thanks in advance.
> >
>
More information about the freebsd-current
mailing list