Group permissions not respected in sunOS 4.1.3_u1 (SUMMARY)
2007-12-25 8:54:00
when group permissions were set 770 and the user was in the appropriate
group.
complicating factors: We run rpc.pwauthd for password shadowing, and we have
two NIS domains. The two domains share everything except a couple of amd
maps. The problem occurred in only ONE of the two domains,
The cause: apparently netid maps cannot be shared in this situation (very
surprising in light the fact that we had been doing this happily for some
time).
The solution:
The solution was to make the map separately for each
domain. I did this on one master server (since we only have one master
server) but to make it work I needed to run domainname between executions
of mknetid. That is, the server had to be bound to the domain for which it
was presently creating the netid map. And that did it--with the minor
complication that users must logout and back in in order to see the
effects apparently login talks to netid.
With solution in hand, two mysteries remain:
(1) why did it ever work and
(2) mknetid expects a file called netid referenced with the -m flag. Here is
the line from Makefile:
@$(MKNETID) -q -p $(DIR)/passwd -g $(DIR)/group\
-h $(DIR)/hosts -m $(DIR )/netid > .ypjunk;
I could not find a man page for mknetid so I have no idea what that file
does. On our system it's just a 0byte.
Many thanks to Tony Heskett.
--Carl Mason
Comments
Got something to say?
You must be logged in to post a comment.
