• Part I
  • sun managers I
• Part D
  • sun managers D
• Part L
  • sun managers L
• Part H
  • sun managers H
• Part B
  • sun managers B
• Part E
  • sun managers E
• Part J
  • sun managers J
• Part F
  • sun managers F
• Part C
  • sun managers C
• Part K
  • sun managers K

SITEMAP

passwd -r nis fails (more info)

My first summary said:

> It turns out that newer versions of Solaris do not allow root to change

> NIS* passwords. From man passwd(1) in Solaris 2.5.1 and later:

>

> In the files case, superusers (for instance, real and effec-

> tive uid equal to 0, see id(1M) and su(1M)) may change any

> password;

>

> But, from man passwd(1) in Solaris 2.4 the same section reads:

>

> Super-users (for instance, real and effective uid equal to

> zero, see id(1M) and su(1M)) may change any password;

>

> So, in 2.5 or 2.5.1 this root power was rescinded. Nice of them to

> document it so well. :-(

However, I got more response to my summary than to my original question.

It turns out that this root power was *not* available in Solaris 2 until

very recently, when it was added back in. A sentence was added to the

end of the paragraph from which I quoted above:

                                                 If NIS is in

      effect, superuser on the root master can change any password

      without being prompted for the old NIS passwd , and is not

      forced to comply with password construction requirements.

It turns out that if this had been a later OS, or had certain patches

(below), it would have worked.

Casper Dik explained it best (as usual). Thanks also to Niall O Broin

and Gerard Henry.

> From: Casper Dik <casper@holland.sun.com>

>

> Uhm, the power couldn't have existed in 2.4, I'm sure (because of how

> NIS as a protocol works).

>

> However, in newer releases we've added a backdoor protocol taht works

> on the master server only:

>

> If NIS is in

> effect, superuser on the root master can change any password

> without being prompted for the old NIS passwd , and is not

> forced to comply with password construction requirements.

>

> ...

>

> In SunOS 4 days, you could use "passwd -F" on the NIS master source.

>

> There's patch 106563-04 (PAM) and 103053-08 (NSKIT 1.2) that fix this

> problem when they're both applied.

        David L. Markowitz Director, UNIX Software

        David.Markowitz@litronic.com Litronic Industries

        http://members.home.net/rttrek http://www.litronic.com/

Comments

"sun managers L [Part L]" Sponsored Links

• "sun managers L [Part L]" New Questiones!

  • passwd -r nis fails
  • passwd problems
  • Passwd file export
  • passwd expiration
  • Passwd ageing query
  • partitions
  • Partitioning a drive
  • Partition Table Info
  • partition sizes
  • Partial Summary: Problems with accounting
  • Partial Summary: Vendors with fixed-frequency video cards ...
  • Partial Summary DiskSuite 4.1
  • Partial Summary and Eeprom Reset Question? (was boot sparc 1+ off ttya)
  • Partial Samba Printing
  • Partial rsh host command not working
  • Partial NIS+ woes
  • partial new ULTRA 5 owner
  • PARTIAL disabling ports
  • partial Dead disk, corrupted backup tapes, bah
  • Part Summary: XWindow question (displaying Netview/6000 on Sparc 5)

Copyright © 2008 thatsjava.com • All rights reserved • CMS Theme by WebmasterFund.com - 0.344