Date: Wed, 11 Jun 2008 12:19:57 +0300 From: Volodymyr Kostyrko <c.kworr@gmail.com> To: freebsd-questions@freebsd.org Subject: hesiod in RELENG_7 not working or poorly documented Message-ID: <g2o5bu$ej0$1@ger.gmane.org>
next in thread | raw e-mail | index | archive | help
Hi all.
I'm trying to setup a hesiod/kerberos based domain. Kerberos works just
fine but as for hesiod I can't understand what I need to do to make it work.
Originally I have created a sample zone 'ns.local':
$TTL 86400 ; 1 day
@ IN SOA server.local. hostmaster.server.local. (
2008061101 3600 900 2419200 3600 )
; Serial Refresh Retry Expire Minimum
IN NS server.local.
IN MX 0 server.local.
test.passwd TXT "test:*:2001:2001::0:0:Test user:/home/test:/bin/tcsh"
2001.uid CNAME test.passwd
test.group TXT "test:*:2001:"
2001.gid CNAME test.group
And used this configuration file:
rhs = local
lhs = hs
classes = IN
The hesinfo works with no problems:
# hesinfo test passwd
test:*:2001:2001::0:0:Test user:/home/test:/bin/tcsh
However finger stands that user test is uknown:
I'm using the following nsswitch.conf:
#
# nsswitch.conf(5) - name service switch configuration file
# $FreeBSD: src/etc/nsswitch.conf,v 1.1 2006/05/03 15:14:47 ume Exp $
#
group: compat
group_compat: dns
hosts: files dns
networks: files
passwd: compat
passwd_compat: dns
shells: files
services: compat
services_compat: dns
protocols: files
rpc: files
And I do have the +::::... lines in /etc/passwd and /etc/group.
I've tried to debug the cause of the error and it reveals that hesinfo
and finger makes different lookups:
hesinfo:
client 127.0.0.1#62846: view internal: query:
test.passwd.hs.tandem.local IN TXT +
finger:
client 127.0.0.1#51278: view internal: query:
passwd-0.passwd.hs.tandem.local IN TXT +
I've searched the net for 'passwd-0' cause and tried to make something
for this to work, but all my efforts were futile.
Can anyone help me with hesiod configuration? Just a little sample of
your working zone would be enough.
--
Sphinx of black quartz judge my vow.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?g2o5bu$ej0$1>