SUMMARY: NIS, PAM and an old question

From: Detlev Habicht (habicht@ims.uni-hannover.de)
Date: Wed Feb 11 1998 - 07:25:07 CST


Hi all!

My question was:

 We have in the past some discussions about a solution to allow only
 root login in a server, while running NIS.

 The only solution was every time, to disable NIS for passwd in
 /etc/nsswitch.conf (something like this: passwd: files ).

 This has some disadvantages (we can only see the UIDs, problems
 with samba and so on ...).

 Well, now i get a hint, that Solaris 2.5.1 is delivered with PAM.
 (I know, Solaris 2.6 has also PAM and it has some docs).

 Solaris 2.5.1 has no docs for PAM, i think.

 My question now is:

 Is there any PAM configuration for Solaris 2.5.1 to allow only root login
 to the host while running NIS?

 Which PAM module uses only /etc/passwd for authentification?

Well, old question - old solution:

 I change passwd in nsswitch.conf to:

   passwd: compat

 And i add a line to /etc/passwd:

   +:*:::::

 Running pwconv and it works now.

I get no hints for a PAM solution.

I don't know my mistake in former times. I tried it nearly in the
same way ... :-} . But i think, it is very important to use only the
passwd-line for NIS. For NIS+ is a second line passwd_compat necessary.

Thanx to:

Mike Blandford <mikey@NMSU.Edu>
"Mark A. Baldwin" <mark.baldwin@aur.alcatel.com>
Job Bogan <job@piquin.uchicago.edu>
Casper Dik <casper@holland.Sun.COM>
Mike Blandford <mikey@nmsu.edu>
Arthur Darren Dunham <add@netcom.com>
Chris Liljenstolpe <cds@io.com>
rbgabriel@amoco.com (Roland B. Gabriel)

Detlev

-- 
 Detlev  | Institut fuer Mikroelektronische Systeme, Uni Hannover
 Habicht | D-30167 Hannover +49 511 7624992 habicht@ims.uni-hannover.de
 --------+-------- Handy    +49 172 5415752 ---------------------------



This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:12:30 CDT