NIS+ client on Redhat 9

wlwalker at datasync.com wlwalker at datasync.com
Fri May 16 06:37:03 EST 2003 

Thank you for your patience with me. Doug was quite right in that I didn't have pam_unix2.so on my system.  So, I installed it, and changed my /etc/pam.d/login from his suggestions:

$ more login
#%PAM-1.0
auth       required     pam_securetty.so
#auth       required    pam_stack.so service=system-auth
auth       requisite    /root/installed_sw/pam_unix2-1.16/src/pam_unix2.so set_secrpc
auth       required     pam_nologin.so
#account    required    pam_stack.so service=system-auth
#password   required    pam_stack.so service=system-auth
#session    required    pam_stack.so service=system-auth
session    optional     pam_console.so

When I try to telnet to the client, I get a "login incorrect" error with a NIS+ domain account, and a "user account has expired, connection closed by local host" error with an account that is local to the system.

As root, when I try to su - <nis domain account>, I get: su: user wendy does not exist.  When I niscat passwd.org_dir | grep wendy, I get back the normal info:  wendy:<encrypted password>: user description: home directory : shell (I did put a link to where Sun expects csh):expiration:::::::

>>I suggest running the tests with su so that debugging is easier.  You will need to edit pam.d/su in a similar fashion as login.

I'm sorry but I don't know how to do that.  I am new to Linux.  I usually work on Solaris and not with pam. My su file looks like this:

$ more su
#%PAM-1.0
auth       sufficient   /lib/security/$ISA/pam_rootok.so
# Uncomment the following line to implicitly trust users in the "wheel" group.
#auth       sufficient   /lib/security/$ISA/pam_wheel.so trust use_uid
# Uncomment the following line to require a user to be in the "wheel" group.
#auth       required     /lib/security/$ISA/pam_wheel.so use_uid
auth       required     /lib/security/$ISA/pam_stack.so service=system-auth
account    required     /lib/security/$ISA/pam_stack.so service=system-auth
password   required     /lib/security/$ISA/pam_stack.so service=system-auth
session    required     /lib/security/$ISA/pam_stack.so service=system-auth
session    optional     /lib/security/$ISA/pam_xauth.so

The rpcinfo -p from the NIS+ master is:

rpcinfo -p <linux box>
   program vers proto   port  service
    100000    2   tcp    111  rpcbind
    100000    2   udp    111  rpcbind
    100024    1   udp  32768  status
    100024    1   tcp  32768  status
    391002    2   tcp  32769
    100029    1   udp    760  keyserv
    100029    2   udp    760  keyserv
 
Thank you,
Wendy

More information about the linux-nisplus mailing list