Followup-To: poster
Precedence: bulk
I appreciate the speedy response. Just in case anyone else could benifit
from the answers I got, here is the gist of things so far:
- to avoid corruption of the /var/src/yp/passwd file which is used to
distribute network logins with NIS, a file /var/src/yp/passwd.ptmp must
be created while editing the passwd file to lock access to this
resource. As I suspected, it is the same as with /etc/passwd.
- the second question, how to prevent logins to the master server but
still have passwd entries from NIS be included in the /etc/passwd file on
that machine (for sendmail and other things). There are actually several
ways to accomplish this. The easiest is to make the +:*: user at the end
of the passwd file have a shell that disallows a login such as a
/bin/false or a /usr/local/bin/messagenologin or something. The second
method I can think of which is in use at OSU where I attend is a bit more
complex and I am still asking questions over there. What they do is
compile a hook to run a secondary script in the login program that runs an
auth checking script that determines if this user should be permitted to
log in to this machine. Of course this means that the login program on
each machine (or if /bin is nfs mounted, each nfs server for each binary,
for HP, sun, dec, etc...) be recompiled or replaced.
- Thanks again!
BRad Block,
Global Access Network
Received on Tue Oct 31 1995 - 04:49:58 NZDT