NFS + NIS madness
Yedidyah Bar-David
linux-il at didi.bardavid.org
Tue Nov 29 08:53:26 IST 2011
On Mon, Nov 28, 2011 at 11:35:33PM +0200, Hetz Ben Hamo wrote:
> Hi,
> As you can see, all of them (from root) works perfectly:
>
> [root at client ~]# ypcat passwd.byuid
> vic:$6$FcNMjbbl$8wGzWhtEK9P0.WdoqE78xI9VDzmaH1wTF.2vax9VERW3uiqhytNjXXzVccCjnWRxV7ApHL.JibC0Ar4spM6In1:500:500:Vicky
> the kitten!:/home/vic:/bin/bash
> [root at client ~]# ypmatch 500 passwd.byuid
> vic:$6$FcNMjbbl$8wGzWhtEK9P0.WdoqE78xI9VDzmaH1wTF.2vax9VERW3uiqhytNjXXzVccCjnWRxV7ApHL.JibC0Ar4spM6In1:500:500:Vicky
> the kitten!:/home/vic:/bin/bash
> [root at client ~]# getent passwd 500
> vic:$6$FcNMjbbl$8wGzWhtEK9P0.WdoqE78xI9VDzmaH1wTF.2vax9VERW3uiqhytNjXXzVccCjnWRxV7ApHL.JibC0Ar4spM6In1:500:500:Vicky
> the kitten!:/home/vic:/bin/bash
>
> only when I do su - vic or login as vic, then it happens..
Can you try these as vic?
It's been some time since I last debugged NIS, but IIRC there are
mechanisms that try to prevent normal users from seeing some stuff,
e.g. shadow passwords. Obviously you did not use shadow passwords,
judging from the above. Perhaps the server replies to these only from
low ports or something like that, don't remember.
You can try to run the server with debugging/verbose/whatever and see
if there is anything in its logs.
--
Didi
More information about the Linux-il
mailing list