Date: Thu, 20 Feb 2003 09:45:45 -0600 From: Dan Nelson <dnelson@allantgroup.com> To: Antoine Jacoutot <ajacoutot@lphp.org> Cc: freebsd <freebsd-questions@FreeBSD.ORG> Subject: Re: MINUID in NIS Makefile Message-ID: <20030220154545.GN13096@dan.emsphone.com> In-Reply-To: <200302201630.21546.ajacoutot@lphp.org> References: <200302201226.37661.ajacoutot@lphp.org> <20030220151739.GM13096@dan.emsphone.com> <200302201630.21546.ajacoutot@lphp.org>
next in thread | previous in thread | raw e-mail | index | archive | help
In the last episode (Feb 20), Antoine Jacoutot said: > On Thursday 20 February 2003 16:17, Dan Nelson wrote: > > In the last episode (Feb 20), Antoine Jacoutot said: > > > Is there a way to use the MINUID and MINGID options in a NIS > > > Makefile or is it Linux only ? > > > You'll have to tell us what those options mean before we can tell > > you whether there is an equivalent. > > Of course, I'm sorry... > The MINUID and MINGID allow to create passwd.by* only with account which UID > are equal or higher than MINUID and group.by* only with groups which GID are > equal or higher than MINGID. > Extract from a Debian NIS Makefile: > # We do not put password entries with lower UIDs (the root and system > # entries) in the NIS password database, for security. MINUID is the > # lowest uid that will be included in the password maps. > # MINGID is the lowest gid that will be included in the group maps. Ok, so this is for the case where all your users are in /etc/passwd, and /var/yp/passwd is basically just autogenerated from it? What I do is a bit different. I put NIS users in /yar/yp/master.passwd, and NIS groups in /var/yp/group. /etc/ on the NIS server (and any NIS slaves) is configured just like an NIS client, with only local users/groups, and a "+" record at the bottom. This lets me decide which user records get exported to all machines, and has the added benefit that the NIS server is configured the same as any other machine, which means any machine can easily be set up as the master if necessary. If you want to stick with your original setup, just compare the passwd.by* rules on your Debian box and the FreeBSD one. I looked at Debian's Makefile, and both pipe the passwd file through awk. You should be able to copy the $$3 >= $(MINUID) test to the FreeBSD Makefile and get the same behaviour as on Debian. -- Dan Nelson dnelson@allantgroup.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030220154545.GN13096>