svn commit: r40649 - head/en_US.ISO8859-1/books/handbook/network-servers

Benedict Reuschling bcr at
Wed Jan 16 08:50:15 UTC 2013

Author: bcr
Date: Wed Jan 16 08:50:14 2013
New Revision: 40649

  Correct the example on how to prevent NIS users from logging in.
  The previous instructions did not work and this corrected version
  is based on a working config from a production system. Add some
  descriptive text, too.
  Submitted by:	Glen Neff


Modified: head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml
--- head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml	Wed Jan 16 08:18:08 2013	(r40648)
+++ head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml	Wed Jan 16 08:50:14 2013	(r40649)
@@ -1951,10 +1951,13 @@ nis_client_enable="YES"</programlisting>
       <para>There is a way to bar specific users from logging on to a
 	machine, even if they are present in the NIS database.  To do
 	this, all you must do is add
-	<literal>-<replaceable>username</replaceable></literal> to the
+	<literal>-<replaceable>username</replaceable></literal> with
+	the correct number of colons like other entries to the
 	end of the <filename>/etc/master.passwd</filename> file on the
 	client machine, where <replaceable>username</replaceable> is
 	the username of the user you wish to bar from logging in.
+	The line with the blocked user must be before the
+	<literal>+</literal> line for allowing NIS users.
 	This should preferably be done using <command>vipw</command>,
 	since <command>vipw</command> will sanity check your changes
 	to <filename>/etc/master.passwd</filename>, as well as
@@ -1964,7 +1967,7 @@ nis_client_enable="YES"</programlisting>
 	<hostid>basie</hostid> we would:</para>
       <screen>basie&prompt.root; <userinput>vipw</userinput>
-<userinput>[add -bill to the end, exit]</userinput>
+<userinput>[add -bill::::::::: to the end, exit]</userinput>
 vipw: rebuilding the database...
 vipw: done
@@ -1985,8 +1988,8 @@ uucp:*:66:66::0:0:UUCP pseudo-user:/var/
 xten:*:67:67::0:0:X-10 daemon:/usr/local/xten:/sbin/nologin
 pop:*:68:6::0:0:Post Office Owner:/nonexistent:/sbin/nologin
 nobody:*:65534:65534::0:0:Unprivileged user:/nonexistent:/sbin/nologin

More information about the svn-doc-all mailing list