I have a fairly large network, which will be administered by several
people, who are physically located in different offices. We are using
NIS, and have a heterogeneous network including DEC alphas, Sun
machines, and HP's. Our master NIS server is a DEC alpha running
Digital Unix 4.0B.
Here is the problem I am trying to solve. I would like to provide some
mechanism to protect the master nis source files against inadvertent
corruption. I would like to prevent typos, and provide a way to back
out changes if they cause a problem. My first attempt at a solution to
this was to use RCS or SCCS - possibly in suid mode with access lists -
so that we could have a preserved file history in case we needed to back
off a change in a hurry. However, the users *can* modify their
passwords using yppasswd, and I don't want to overwrite this by checking
out the password file to edit it. My next attempt was to use dxaccounts
for passwd - and I found that it also controls the group file. This
provides file locking and prevents glaring typos, and appeared to be a
good solution. It doesn't provide an undo facility, but its nature
prevents the sort of typographical error that most concerns me. But
then I discovered that it corrupts our group file. Specifically, large
groups are split into several smaller groups with the same name and
gid. dxaccounts transparently merges these into a single group, but the
rest of Digital Unix does not.
So, my question is this. Do you have any suggestions to address this
problem?
Thank you,
David Ritch
Received on Tue Jul 22 1997 - 07:30:19 NZST