[prev in list] [next in list] [prev in thread] [next in thread] 

List:       opensolaris-security-discuss
Subject:    [security-discuss] NIS malfunction on Linux NIS server <-> Solaris
From:       Nicolay <nvizovitin () swsoft ! nsu ! ru>
Date:       2007-07-06 5:19:12
Message-ID: 1812868.1183724382784.JavaMail.Twebapp () oss-app1
[Download RAW message or body]

[b]Problem:[/b]
  We have Debian as a NIS server and Solaris 10 as NIS client but authentication \
can't be made, although ypmatch shows that everything works perfect.

We've found out a [b]reason:[/b]
  Solaris pam module recieves only 'x' as a password hash. That happens because \
`passwdutil` library routine looks for password hash only in `passwd.byname` and \
`passwd.ajunct.byname` NIS maps, but not in the `shadow.byname` NIS map. (This looks \
very strange, but this is how the things are settled)

We've came up with a [b]solution:[/b]
  Patch `passwdutil` library - add a section to look up the hash in `shadow.byname` \
if it wasn't found in `passwd` or `passwd.ajunct` previously. Very simple.

So, any ideas about it? Is it a good way? Have anybody encountered this problem?
 
 
This message posted from opensolaris.org
_______________________________________________
security-discuss mailing list
security-discuss@opensolaris.org


[prev in list] [next in list] [prev in thread] [next in thread]