NIS problem: root gets passwd's normal users don't

hertog

Just installed NIS-server and client.

Now something weird happens...

Normal users don't see their names, look at the following:

[edit: this is all on the client]

As root:
big-iron root # ypcat passwd
hertog:<<removed>>:1000:100:Gert-Jan Rodenburg,,,:/home/hertog:/bin/bash
nobody:*:65534:65534:nobody:/:/bin/false
simone:<<removed>>:1001:100:Simone Middelveld,,,:/home/simone:/bin/bash

and as a user:big-iron root # su - hertog
/usr/bin/whoami: cannot find username for UID 1000
[: =: unary operator expected
I have no name!@big-iron hertog $ ypcat passwd
I have no name!@big-iron hertog $

(btw, note the lack of a username and the error)

Somehow, 'normal users' don't get the info they need.

Any hints?

pillo79 · n00b Joined: 17 Oct 2002 Posts: 5

Hello,
I have the same problem. By the way, I think that regular users can't "ypcat passwd" for security. In fact, I tried "ypcat hosts" and it works even for regular users.
Anyone getting the problem solved

please post!
Thanks!!

pillo79 · n00b Joined: 17 Oct 2002 Posts: 5

Found an explanation here, however, this does not fix the problem. It suggests the problem to be something with the permissions of normal users not allowing 'whoami' and similar programs to access the database...

http://list.cobalt.com/pipermail/cobalt-users/2001-April/043393.html

darkweaseljedi · Posted: Wed Jan 15, 2003 8:40 pm Post subject:

https://forums.gentoo.org/viewtopic.php?t=30301

I'm having the same problem. I guess I didn't read the forum search very closely at 2am otherwise I would have noticed your post.

You can ypcat group.byuid or group.byname, but not passwd.(anything)

darkweasel

darkweaseljedi · Posted: Wed Jan 15, 2003 8:53 pm Post subject:

Some of the follow up posts to that link you posted, pillo79, said that he fixed the problem by changing the permissions on his /etc/passwd file to 644 from 600.

My /etc/passwd file was 644. I checked my /var/yp/(domainname)/ files, and they were all 600, but changing their permissions didn't make anything different.

btw, I noticed I have a (none) directory in my /var/yp folder. Any one know what that is? I can't get into it, but it is a folder. I did a "locate passwd" and i get this near the end:
/var/yp/(none)/passwd.byname
/var/yp/(none)/passwd.byuid

shows up like:
drwxr-xr-x 2 root root 4096 Jan 10 19:03 (none)
-rw-r--r-- 1 root root 15784 Jan 14 11:01 Makefile
drwxr-xr-x 2 root root 4096 Jan 14 11:01 mynisdomain
-rw-r--r-- 1 root root 498 Jan 14 00:30 securenets
-rw-r--r-- 1 root root 21 Jan 14 00:00 ypservers

darkweasel

hertog · Posted: Wed Jan 15, 2003 10:19 pm Post subject:

the (none) entry apears when starting nis without domain name specified I believe?

hertog · Posted: Wed Jan 15, 2003 10:23 pm Post subject:

Some time ago I got stuff working by the way, and got reminded to this by someone via e-mail...

My ypserv.con helped him to get stuff running, I'll include it here....

Warning tho.. it is quite 'not so subtile' I just axed the security, maybe someone can come up with a working config for this one.. however, for the meantime, with the following ypserv.conf (on the server) everything works (I commented 4 lines, starting with * out, dunno which one anymore, just compare them):

darkweaseljedi · Posted: Wed Jan 15, 2003 10:34 pm Post subject:

Yep worked for me.

Would be nice to have the security thing functional though...

darkweasel

madmat · n00b Joined: 22 Oct 2003 Posts: 8

For me the security column in ypserv.conf doesn't work with port so I set it to none.
And for a minimum of security i allowed only my local network to access.

The lines in ypserv.conf look like this:

192.168.0.0/255.255.255.0 : * : passwd.byname : none
192.168.0.0/255.255.255.0 : * : passwd.byuid : none