Date: Mon, 15 Oct 2007 13:40:22 -0700 From: David Benfell <benfell@parts-unknown.org> To: Manolis Kiagias <sonicy@otenet.gr> Cc: freebsd-questions@freebsd.org, benfell@parts-unknown.org Subject: NIS interoperability with Linux, was Re: Following directions doesn't seem to work: Adding users in NIS Message-ID: <20071015204022.GA76464@parts-unknown.org> In-Reply-To: <4713BF9F.3050803@otenet.gr> References: <20071015054707.GA34948@parts-unknown.org> <47138DE7.80800@otenet.gr> <20071015190846.GB86225@parts-unknown.org> <4713BF9F.3050803@otenet.gr>
next in thread | previous in thread | raw e-mail | index | archive | help
--G4iJoqBmSsgzjUCe Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, 15 Oct 2007 22:29:35 +0300, Manolis Kiagias wrote: >=20 > Well I can tell you with certainty, it is not compatible out of the box, > and I have not managed to make it work (though I must admit I did not > put a lot of effort into this). Seems the exported master.passwd map > needs a filename change + internal changes, thus the NIS Makefile needs > to be modified. On the Linux side, the users are visible (e.g. you can > run id <username> and the user is there) but they cannot login. > If you Google "FreeBSD NIS Server Linux Clients" you will get some > patches for the NIS Makefile to make it Linux compatible. I was not > however successful with this. If you do try it and get it to work, > please report back. >=20 Linux doesn't normally use master.passwd. If I recall correctly, it uses /etc/shadow instead (but I don't have such a box at hand right now to check). And yes, the internal format is different (and, again, I don't remember details). This conversion, however, sounds like an ugly hack. I'm thinking a *correct* (tm) solution would be a pluggable authentication module (pam) that could interpret the master.passwd file properly. This would also depend on Linux supporting the cryptography method used to encrypt the passwords (perhaps it does, but I'm not sure). What I wasn't realizing was that NIS operated by simply propagating versions of master.passwd (and maybe passwd); while this will certainly be interoperable between FreeBSD (and I think OpenBSD) systems, it is clearly a problem with Linux and probably other UNIX-like OS's. --=20 David Benfell, LCP benfell@parts-unknown.org --- Resume available at http://www.parts-unknown.org/ NOTE: I sign all messages with GnuPG (0DD1D1E3). --G4iJoqBmSsgzjUCe Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (FreeBSD) iD8DBQFHE9A1Ud+dMw3R0eMRAnYjAKCJyax7LbiLmPGhB8LGwU32gR9krQCgn3Wo tbWIwdedSFV9QndHDWd2Ifg= =gRbF -----END PGP SIGNATURE----- --G4iJoqBmSsgzjUCe--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20071015204022.GA76464>