Separate password files on diskless boxes?
Milan Obuch
small at dino.sk
Mon Oct 17 21:21:15 PDT 2005
On Monday 17 October 2005 23:21, Brooks Davis wrote:
> On Mon, Oct 17, 2005 at 02:49:49PM -0400, Michael W. Lucas wrote:
> > On Mon, Oct 17, 2005 at 08:46:34PM +0200, Marco Molteni wrote:
> > > On Mon, 17 Oct 2005 09:42:57 -0400
> > >
> > > "Michael W. Lucas" <mwlucas at blackhelicopters.org> wrote:
> > > > I'm using nanobsd.sh on 6.0RC to provide a small world for diskless
> > > > boxes. These are for small single-purpose machines -- i.e., DNS
> > > > server, FTP server, etc, served off read-only NFS. Nothing exciting
> > > > there, it just works.
> > > >
> > > > The last problem I'm having is the password file. I need to assign
> > > > separate password files to each, and separate root passwords on each
> > > > diskless station. The problem, of course, is the MFS /etc, so
> > > > changes are not permanent.
> > > >
> > > > Is there any way to make passwd(1) talk to a different password file?
> > > > I really don't want to use read/write mounts on my NFS server. Or,
> > > > has anyone come up with a clever way to do this? All the tutorials
> > > > in Google talk about using the server's password file, which I
> > > > specifically don't want to do...
> > >
> > > you can use the /conf override directory as explained in
> > > man diskless:
> > >
> > > /conf/default/10.0.0.1/etc/master.passwd
> > > /conf/default/10.0.0.1/etc/passwd
> > >
> > > /conf/default/10.0.0.2/etc/master.passwd
> > > /conf/default/10.0.0.2/etc/passwd
> >
> > Yes, but on boot /etc/ is a MFS.
> >
> > I can change the password, but on the next boot it reverts back to
> > whatever's saved on the hard drive.
> >
> > I'd like to avoid doing kerberos or NIS for half a dozen little boxes,
> > but if that's the only choice that's what I'll have to do.
>
> For a one off setup, change the password and then copy the resulting
> password files to /conf by hand.
>
>
I think you need a script comparing your running config files to the startup
ones and update startup if necessary. This could mean not only passwords,
naturally.
Milan
More information about the freebsd-small
mailing list