RE: Help diagnosing NIS breakage ?

From: Robin P. Blanchard <Robin.Blanchard_at_gactr.uga.edu>
Date: Mon, 14 Jul 2003 08:40:42 -0400
Ok...Been systematically stepping through the sources to locate the point at
which NIS became broken.  Here are the results:

-CURRENT src date       report
-------------------     -------
2003.06.18.00.00.00     success
2003.06.25.00.00.00     success
2003.06.26.00.00.00     success
2003.06.27.00.00.00     sucesss
2003.06.28.00.00.00     failure
2003.07.01.00.00.00     failure
2003.07.09.00.00.00     failure
latest (last night)     failure

So, something between 27 and 28 June resulted in this NIS breakage. Hopefully
this will jog someone's memory and give ideas as to my/our next step as to
diagnosing/repairing what's wrong here. I have a test box with src's and obj
's from both 27 and 28 june availabe for testing, should someone like to ssh
in and poke around.

Thanks in advance.

Robin.
 
> Can you build with a testbox new sources (binary search) 
> until you can locate the cutover point between where it works 
> and where it doesn't?
> > > OK... Nsswitch.conf exists on neither machine here. I setup a
> > > test nsswitch.conf on the broken NIS box to use NIS but it 
> > > didn't help at all.
> > > 
> > > 1)
> > > On FreeBSD 5.1-CURRENT #0: Tue Jun 17 10:28:52 EDT 2003:
> > > # ypcat passwd |fgrep robin
> > > robin:OeIS3xdIRAiQs:20292:30028::/home/robin:/bin/bash
> > > # finger robin
> > > Login: robin                            Name: 
> > > Directory: /home/robin                  Shell: /bin/bash
> > > Never logged in.
> > > No Mail.
> > > No Plan.
> > > # id robin
> > > uid=20292(robin) gid=30028(NSS) groups=30028(NSS), 
> > > 30000(gactr), 30026(ITS) # tail -2 /etc/passwd 
> > > nobody:*:65534:65534:Unprivileged user:/nonexistent:/sbin/nologin
> > > +:*:::::
> > > # tail -2 /etc/passwd
> > > nobody:*:65534:65534:Unprivileged user:/nonexistent:/sbin/nologin
> > > +:*:::::
> > > # tail -2 /etc/group
> > > nobody:*:65534:
> > > +:*:0:
> > > 
> > > 
> > > 2)
> > > On FreeBSD 5.1-CURRENT #0: Mon Jul  7 11:33:56 EDT 2003
> > > # ypcat passwd |fgrep robin
> > > robin:OeIS3xdIRAiQs:20292:30028::/home/robin:/bin/bash
> > > # finger robin
> > > Login: robin                            Name: 
> > > Directory: /home/robin                  Shell: /bin/bash
> > > Last login Mon Jul  7 07:47 (EDT) on ttyp0 from 10.2.2.10
> > > No Mail.
> > > No Plan.
> > > # id robin
> > > id: robin: no such user
> > > # tail -2 /etc/passwd 
> > > nobody:*:65534:65534:Unprivileged user:/nonexistent:/sbin/nologin
> > > +:*:::::
> > > #
> > > # tail -2 /etc/group
> > > nobody:*:65534:
> > > +:*:0:
> > > 
> > > And here's something else interesting on this 'broken' NIS box:
> > > 
> > > # ls -ald .
> > > drwx--x--x  4 20292  NSS  4.0K Jun 13 13:34 ./
> > > 
> > > So (via NIS) GID translation is working but not UID 
> translation....
> > > 
> > > Look forward to getting this solved...
> > > 
> > > 
> > > > 
> > > > -john
> > > > 
> > > > > Demonstration:
> > > > > 
> > > > > # ypcat passwd |fgrep robin 
> > > > > robin:OeIS3xdIRAiQs:20292:30028::/home/robin:/bin/bash
> > > > > # ypcat group |fgrep robin
> > > > > 
> > > > 
> > > 
> gactr::30000:holmesr,wrighta,prestonh,reagind,gankol,cafieroj,cahoon
> > > b,
> > > > > pettigr
> > > > > m,brantlek,thumat,dosterc,nate,robin,charles
> > > > > ITS::30026:dosterc,nate,robin,charles
> > > > > NSS::30028:dosterc,nate,robin,charles,test
> > > > > # ps ax |fgrep ypbind
> > > > > 79910  ??  Ss     0:00.03 ypbind
> > > > > # ypwhich
> > > > > GCDC2.gc.nat
> > > > > # finger robin
> > > > > Login: robin                            Name: 
> > > > > Directory: /home/robin                  Shell: /bin/bash
> > > > > Last login Mon Jul  7 07:47 (EDT) on ttyp0 from 10.2.2.10 No 
> > > > > Mail. No Plan.
> > > > > 
> > > > > So NIS is 'working'...But:
> > > > > # id robin
> > > > > id: robin: no such user
> > > > > 
> > > > > And as a result, he (I) cannot login.
> > > > > 
> > > > > # su - robin ; tail -1 /var/log/auth.log
> > > > > 
> > > > > su: Sorry
> > > > > Jul  7 13:59:29 ftp su: pam_acct_mgmt: error in service module
> > > > > 
> > > > > There's a truss and a ktrace (of the id command) 
> available at: 
> > > > > ftp://ftp.gactr.uga.edu/incoming/id.tar.gz
> > > > > 
> > > > > Thanks in advance.
> > > > 
> > > 
> 
> -- 
> --
> As said by Napolean Bonaparte:
> "Never ascribe to malice, that which is adequately explained 
> by incompetence"
> 
> After being embraced by MS:
> 
> "When accused of malice, always hide behind incompetence".
>
Received on Mon Jul 14 2003 - 03:42:05 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:15 UTC