Date: Wed, 9 Jul 2003 08:31:03 -0400 From: "Robin P. Blanchard" <Robin.Blanchard@gactr.uga.edu> To: "John De Boskey" <jwd@bsdwins.com>, <current@freebsd.org> Subject: RE: Help diagnosing NIS breakage ? Message-ID: <EE3D3FBAFFCAED448C21C398FDAD91AC237477@EBE1.gc.nat>
next in thread | raw e-mail | index | archive | help
Hey John -- Interesting new development... As I was beginning to setup a shell account for whomever to use to help = in diagnosing this: # whoami=20 root # id robin id: robin: no such user # su - fbsd5 $ whoami fbsd5 $ id robin uid=3D20292(robin) gid=3D30028(NSS) groups=3D30028(NSS), 30000(gactr), = 30026(ITS) !?!?! This is a 'broken' test box with sources as of late yesterday afternoon. = If you'd like you can ssh in as fbsd5 with passwd fbsd5devel. Still plugging away.... > -----Original Message----- > From: John De Boskey [mailto:jwd@bsdwins.com]=20 > Sent: Wednesday, July 09, 2003 8:22 AM > To: Robin P. Blanchard > Cc: Jacques A. Vidrine > Subject: Re: Help diagnosing NIS breakage ? >=20 >=20 > ----- Robin P. Blanchard's Original Message ----- > > Given the lack of response on this, I fortunately was able to=20 > > 'downgrade' back to sources dated 08 june 2003. Low and behold, NIS=20 > > users again work. >=20 > Can you build with a testbox new sources (binary search)=20 > until you can locate the cutover point between where it works=20 > and where it doesn't? >=20 > > There is undoubtedly something awry in the the latest sources, as I=20 > > can systematically recreate a 'broken' system. I will=20 > gladly provide=20 > > shell access to developers who wish to look into this. It would be=20 > > nice to be able to stay current on -CURRENT (heh). >=20 > You are not being ignored. I started writing a small test=20 > program to help trace down your problem and immediately ran=20 > into an errno return problem.=20 >=20 > The following program shows the 1st basic problem (remove all=20 > NIS usage from your box). Run with a valid user and no error=20 > is produced. Run with an invalid user and an invalid error is=20 > produced. >=20 > #include <sys/types.h> > #include <pwd.h> > #include <errno.h> > #include <stdio.h> >=20 > int > main(int argc, char **argv) > { > struct passwd *pw; > char *nam; >=20 > nam =3D argc =3D=3D 2 ? argv[1] : "nobody"; >=20 > pw =3D getpwnam(nam); > if (!pw) > perror("getpwnam"); >=20 > return(0); > } >=20 >=20 > If you want to see this debugged faster, something I=20 > recommend you do is rebuild with debug libraries and trace=20 > the get* functions to see where they are failing.=20 >=20 > Please file a PR so this problem is not lost since it is=20 > nolonger a pressure point for you. >=20 > Thanks, > John >=20 > > Thanks. > >=20 > > >=20 > > > > ----- Robin P. Blanchard's Original Message ----- > > > > >=20 > > > > > Still pulling my hair out on this one...Updated to latest > > > > kern/world > > > > > this morning and NIS users are no longer working. > > > >=20 > > > > What -`date` version were you running where things=20 > worked before=20 > > > > you did the 1st upgrade? > > > >=20 > > > > Can you provide the contents of your /etc/group,=20 > /etc/passwd (just=20 > > > > the last two lines of each), and /etc/nsswitch.conf files? > > > >=20 > > > > Your demonstration below indicates that NIS is=20 > correctly setup and=20 > > > > running, but that it is not correctly configured in for system=20 > > > > usage. > > > >=20 > > > > While I realize it doesn't help you, I am running the=20 > latest NIS=20 > > > > code in a cluster and it works fine (FreeBSD 4.8=20 > server, various=20 > > > > clients). > > >=20 > > > OK... Nsswitch.conf exists on neither machine here. I setup a > > > test nsswitch.conf on the broken NIS box to use NIS but it=20 > > > didn't help at all. > > >=20 > > > 1) > > > On FreeBSD 5.1-CURRENT #0: Tue Jun 17 10:28:52 EDT 2003: > > > # ypcat passwd |fgrep robin > > > robin:OeIS3xdIRAiQs:20292:30028::/home/robin:/bin/bash > > > # finger robin > > > Login: robin Name:=20 > > > Directory: /home/robin Shell: /bin/bash > > > Never logged in. > > > No Mail. > > > No Plan. > > > # id robin > > > uid=3D20292(robin) gid=3D30028(NSS) groups=3D30028(NSS),=20 > > > 30000(gactr), 30026(ITS) # tail -2 /etc/passwd=20 > > > nobody:*:65534:65534:Unprivileged user:/nonexistent:/sbin/nologin > > > +:*::::: > > > # tail -2 /etc/passwd > > > nobody:*:65534:65534:Unprivileged user:/nonexistent:/sbin/nologin > > > +:*::::: > > > # tail -2 /etc/group > > > nobody:*:65534: > > > +:*:0: > > >=20 > > >=20 > > > 2) > > > On FreeBSD 5.1-CURRENT #0: Mon Jul 7 11:33:56 EDT 2003 > > > # ypcat passwd |fgrep robin > > > robin:OeIS3xdIRAiQs:20292:30028::/home/robin:/bin/bash > > > # finger robin > > > Login: robin Name:=20 > > > Directory: /home/robin Shell: /bin/bash > > > Last login Mon Jul 7 07:47 (EDT) on ttyp0 from 10.2.2.10 > > > No Mail. > > > No Plan. > > > # id robin > > > id: robin: no such user > > > # tail -2 /etc/passwd=20 > > > nobody:*:65534:65534:Unprivileged user:/nonexistent:/sbin/nologin > > > +:*::::: > > > # > > > # tail -2 /etc/group > > > nobody:*:65534: > > > +:*:0: > > >=20 > > > And here's something else interesting on this 'broken' NIS box: > > >=20 > > > # ls -ald . > > > drwx--x--x 4 20292 NSS 4.0K Jun 13 13:34 ./ > > >=20 > > > So (via NIS) GID translation is working but not UID=20 > translation.... > > >=20 > > > Look forward to getting this solved... > > >=20 > > >=20 > > > >=20 > > > > -john > > > >=20 > > > > > Demonstration: > > > > >=20 > > > > > # ypcat passwd |fgrep robin=20 > > > > > robin:OeIS3xdIRAiQs:20292:30028::/home/robin:/bin/bash > > > > > # ypcat group |fgrep robin > > > > >=20 > > > >=20 > > >=20 > gactr::30000:holmesr,wrighta,prestonh,reagind,gankol,cafieroj,cahoon > > > b, > > > > > pettigr > > > > > m,brantlek,thumat,dosterc,nate,robin,charles > > > > > ITS::30026:dosterc,nate,robin,charles > > > > > NSS::30028:dosterc,nate,robin,charles,test > > > > > # ps ax |fgrep ypbind > > > > > 79910 ?? Ss 0:00.03 ypbind > > > > > # ypwhich > > > > > GCDC2.gc.nat > > > > > # finger robin > > > > > Login: robin Name:=20 > > > > > Directory: /home/robin Shell: /bin/bash > > > > > Last login Mon Jul 7 07:47 (EDT) on ttyp0 from 10.2.2.10 No=20 > > > > > Mail. No Plan. > > > > >=20 > > > > > So NIS is 'working'...But: > > > > > # id robin > > > > > id: robin: no such user > > > > >=20 > > > > > And as a result, he (I) cannot login. > > > > >=20 > > > > > # su - robin ; tail -1 /var/log/auth.log > > > > >=20 > > > > > su: Sorry > > > > > Jul 7 13:59:29 ftp su: pam_acct_mgmt: error in service module > > > > >=20 > > > > > There's a truss and a ktrace (of the id command)=20 > available at:=20 > > > > > ftp://ftp.gactr.uga.edu/incoming/id.tar.gz > > > > >=20 > > > > > Thanks in advance. > > > >=20 > > >=20 >=20 > --=20 > -- > As said by Napolean Bonaparte: > "Never ascribe to malice, that which is adequately explained=20 > by incompetence" >=20 > After being embraced by MS: >=20 > "When accused of malice, always hide behind incompetence". >=20
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?EE3D3FBAFFCAED448C21C398FDAD91AC237477>