[Techtalk] NFS and NIS issues: RH 8.0 - UPDATE
Caitlyn M. Martin
cmartin at rateintegration.com
Tue Oct 29 13:36:55 EST 2002
Hi, Gina, and everyone else,
>
> Could you give a little bit more information about your setup/config?
> From what you wrote I gather you do basic user authentication with NIS
> -
> anything else? Did you check the ypserv/ypbind processes?
Here's my original post again, with a few additions:
OK, I'm doing something simple and stupid wrong, but... I can't get NIS
authentication to work on RH 8. I'll admit I've only done NIS on
Solaris (with Irix clients), so this is all new to me. Oh, and yeah, I
read the HOWTO and did everything suggested.
-shadow passwords were off (yuck!), now back on
-NIS client is binding to the NIS server -- no errors there at bootup
-nis is in the appropriate places in the /etc/nsswitch.conf file (can
provide the text if anyone wants to see it)
-/etc/yp.conf file:
#
domain <MYDOMAIN> server <nisserver fqdn>
-+:::::: added to /etc/passwd file
-/etc/pam.d/login file <needs to be tightened up later>
#%PAM-1.0
auth requisite /lib/security/pam_unix.so
auth required /lib/security/pam_securetty.so
auth required /lib/security/pam_nologin.so
account required /lib/security/pam_unix.so
password required /lib/security/pam_pwcheck.so nullok
password required /lib/security/pam_unix.so nullok use_first_pass
use_authtok
session required /lib/security/pam_unix.so
session required /lib/security/pam_limits.so
session optional /lib/security/pam_console.so
If I try to do a ypcat hosts or ypcat passwd it tells me it can't bind
to the server it seemed to bind to fine at boot time. I don't get it.
I'm not even worrying about automounting home directories yet. The
necessary home directories for testing exist. I first want to get my
Linux box talking to my Solaris box.
FWIW, my various Solaris boxen can bind to the NIS server just fine, so
the problem has to be on the Linux client end. Yes, ypbind is running,
and yes, it shows up when I do an rpcinfo -p.
Thanks for any clues you can give me. Like I said, I'm sure it's
something simple and stupid.
Best,
Caity
More information about the Techtalk
mailing list