From owner-freebsd-questions Thu Feb 20 7:45:48 2003 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9A31937B401 for ; Thu, 20 Feb 2003 07:45:46 -0800 (PST) Received: from dan.emsphone.com (dan.emsphone.com [199.67.51.101]) by mx1.FreeBSD.org (Postfix) with ESMTP id EF6BF43FBF for ; Thu, 20 Feb 2003 07:45:45 -0800 (PST) (envelope-from dan@dan.emsphone.com) Received: (from dan@localhost) by dan.emsphone.com (8.12.6/8.12.6) id h1KFjjNN000120; Thu, 20 Feb 2003 09:45:45 -0600 (CST) (envelope-from dan) Date: Thu, 20 Feb 2003 09:45:45 -0600 From: Dan Nelson To: Antoine Jacoutot Cc: freebsd Subject: Re: MINUID in NIS Makefile Message-ID: <20030220154545.GN13096@dan.emsphone.com> References: <200302201226.37661.ajacoutot@lphp.org> <20030220151739.GM13096@dan.emsphone.com> <200302201630.21546.ajacoutot@lphp.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200302201630.21546.ajacoutot@lphp.org> X-OS: FreeBSD 5.0-CURRENT X-message-flag: Outlook Error User-Agent: Mutt/1.5.3i Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG In the last episode (Feb 20), Antoine Jacoutot said: > On Thursday 20 February 2003 16:17, Dan Nelson wrote: > > In the last episode (Feb 20), Antoine Jacoutot said: > > > Is there a way to use the MINUID and MINGID options in a NIS > > > Makefile or is it Linux only ? > > > You'll have to tell us what those options mean before we can tell > > you whether there is an equivalent. > > Of course, I'm sorry... > The MINUID and MINGID allow to create passwd.by* only with account which UID > are equal or higher than MINUID and group.by* only with groups which GID are > equal or higher than MINGID. > Extract from a Debian NIS Makefile: > # We do not put password entries with lower UIDs (the root and system > # entries) in the NIS password database, for security. MINUID is the > # lowest uid that will be included in the password maps. > # MINGID is the lowest gid that will be included in the group maps. Ok, so this is for the case where all your users are in /etc/passwd, and /var/yp/passwd is basically just autogenerated from it? What I do is a bit different. I put NIS users in /yar/yp/master.passwd, and NIS groups in /var/yp/group. /etc/ on the NIS server (and any NIS slaves) is configured just like an NIS client, with only local users/groups, and a "+" record at the bottom. This lets me decide which user records get exported to all machines, and has the added benefit that the NIS server is configured the same as any other machine, which means any machine can easily be set up as the master if necessary. If you want to stick with your original setup, just compare the passwd.by* rules on your Debian box and the FreeBSD one. I looked at Debian's Makefile, and both pipe the passwd file through awk. You should be able to copy the $$3 >= $(MINUID) test to the FreeBSD Makefile and get the same behaviour as on Debian. -- Dan Nelson dnelson@allantgroup.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message