RE: Help diagnosing NIS breakage ?

From: Robin P. Blanchard <Robin.Blanchard_at_gactr.uga.edu>
Date: Wed, 9 Jul 2003 08:10:07 -0400
Given the lack of response on this, I fortunately was able to 'downgrade'
back to sources dated 08 june 2003. Low and behold, NIS users again work.
There is undoubtedly something awry in the the latest sources, as I can
systematically recreate a 'broken' system. I will gladly provide shell access
to developers who wish to look into this. It would be nice to be able to stay
current on -CURRENT (heh).

Thanks.



> 
> > ----- Robin P. Blanchard's Original Message -----
> > > 
> > > Still pulling my hair out on this one...Updated to latest
> > kern/world
> > > this morning and NIS users are no longer working.
> > 
> > What -`date` version were you running where things worked
> > before you did the 1st upgrade?
> > 
> > Can you provide the contents of your /etc/group, /etc/passwd
> > (just the last two lines of each), and /etc/nsswitch.conf files?
> > 
> > Your demonstration below indicates that NIS is correctly
> > setup and running, but that it is not correctly configured in 
> > for system usage.
> > 
> > While I realize it doesn't help you, I am running the latest
> > NIS code in a cluster and it works fine (FreeBSD 4.8 server, 
> > various clients).
> 
> OK... Nsswitch.conf exists on neither machine here. I setup a 
> test nsswitch.conf on the broken NIS box to use NIS but it 
> didn't help at all.
> 
> 1)
> On FreeBSD 5.1-CURRENT #0: Tue Jun 17 10:28:52 EDT 2003:
> # ypcat passwd |fgrep robin 
> robin:OeIS3xdIRAiQs:20292:30028::/home/robin:/bin/bash
> # finger robin
> Login: robin                            Name: 
> Directory: /home/robin                  Shell: /bin/bash
> Never logged in.
> No Mail.
> No Plan.
> # id robin
> uid=20292(robin) gid=30028(NSS) groups=30028(NSS), 
> 30000(gactr), 30026(ITS) # tail -2 /etc/passwd 
> nobody:*:65534:65534:Unprivileged user:/nonexistent:/sbin/nologin
> +:*:::::
> # tail -2 /etc/passwd 
> nobody:*:65534:65534:Unprivileged user:/nonexistent:/sbin/nologin
> +:*:::::
> # tail -2 /etc/group 
> nobody:*:65534:
> +:*:0:
> 
> 
> 2)
> On FreeBSD 5.1-CURRENT #0: Mon Jul  7 11:33:56 EDT 2003
> # ypcat passwd |fgrep robin 
> robin:OeIS3xdIRAiQs:20292:30028::/home/robin:/bin/bash
> # finger robin
> Login: robin                            Name: 
> Directory: /home/robin                  Shell: /bin/bash
> Last login Mon Jul  7 07:47 (EDT) on ttyp0 from 10.2.2.10
> No Mail.
> No Plan.
> # id robin
> id: robin: no such user
> # tail -2 /etc/passwd 
> nobody:*:65534:65534:Unprivileged user:/nonexistent:/sbin/nologin
> +:*:::::
> #
> # tail -2 /etc/group 
> nobody:*:65534:
> +:*:0:
> 
> And here's something else interesting on this 'broken' NIS box:
> 
> # ls -ald .
> drwx--x--x  4 20292  NSS  4.0K Jun 13 13:34 ./
> 
> So (via NIS) GID translation is working but not UID translation....
> 
> Look forward to getting this solved...
> 
> 
> > 
> > -john
> > 
> > > Demonstration:
> > > 
> > > # ypcat passwd |fgrep robin
> > > robin:OeIS3xdIRAiQs:20292:30028::/home/robin:/bin/bash
> > > # ypcat group |fgrep robin 
> > > 
> > 
> gactr::30000:holmesr,wrighta,prestonh,reagind,gankol,cafieroj,cahoonb,
> > > pettigr
> > > m,brantlek,thumat,dosterc,nate,robin,charles
> > > ITS::30026:dosterc,nate,robin,charles
> > > NSS::30028:dosterc,nate,robin,charles,test
> > > # ps ax |fgrep ypbind
> > > 79910  ??  Ss     0:00.03 ypbind
> > > # ypwhich
> > > GCDC2.gc.nat
> > > # finger robin
> > > Login: robin                            Name: 
> > > Directory: /home/robin                  Shell: /bin/bash
> > > Last login Mon Jul  7 07:47 (EDT) on ttyp0 from 10.2.2.10
> > > No Mail.
> > > No Plan.
> > > 
> > > So NIS is 'working'...But:
> > > # id robin
> > > id: robin: no such user
> > > 
> > > And as a result, he (I) cannot login.
> > > 
> > > # su - robin ; tail -1 /var/log/auth.log
> > > 
> > > su: Sorry
> > > Jul  7 13:59:29 ftp su: pam_acct_mgmt: error in service module
> > > 
> > > There's a truss and a ktrace (of the id command) available at:
> > > ftp://ftp.gactr.uga.edu/incoming/id.tar.gz
> > > 
> > > Thanks in advance.
> > 
> 
Received on Wed Jul 09 2003 - 03:10:15 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:14 UTC