Summary: | [patch] [nis] rpc.yppasswdd(8): Linux NIS clients connecting to FreeBSD NIS servers get authentication failure | ||||||
---|---|---|---|---|---|---|---|
Product: | Base System | Reporter: | Stavros Grigorakakis <sgrig> | ||||
Component: | bin | Assignee: | Marcelo Araujo <araujo> | ||||
Status: | Closed Unable to Reproduce | ||||||
Severity: | Affects Only Me | CC: | araujo | ||||
Priority: | Normal | ||||||
Version: | 1.0-RELEASE | ||||||
Hardware: | Any | ||||||
OS: | Any | ||||||
Attachments: |
|
Description
Stavros Grigorakakis
2004-05-19 17:20:18 UTC
Hi, I write a mail to freebsd-bugs [1] and I get answer to make a pr. So I searched the bug reports and find this open bug. I think that my patch [2] could help to solve the bug in such a way that you don'nt need to patch ypasswd or some c-program else. Only apply the patch and everything works fine. With best regards Andreas Sources: [1] http://lists.freebsd.org/pipermail/freebsd-bugs/2006-March/017532.html [2] http://w5/~lnxbil/bsd-patches/nis-clients-unter-linux.patch Inline Patch: --- Makefile.dist Thu Nov 3 09:12:04 2005 +++ Makefile Fri Mar 17 09:55:48 2006 @@ -40,6 +40,11 @@ # key will be removed from these maps, allowing anyone to access them. S=-s +# If you want to have linux NIS clients you must enable this: +# Comment the line if you have no linux NIS clients +#LINUXCOMPMODE=1 + + # These are commands which this Makefile needs to properly rebuild the # NIS databases. Don't change these unless you have a good reason. Also # be sure not to place an @ in front of /usr/bin/awk: it isn't necessary @@ -196,6 +201,7 @@ aliases: mail.aliases master.passwd: master.passwd.byname master.passwd.byuid +master.passwd: shadow.byname # # This is a special target used only when doing in-place updates with @@ -498,6 +504,16 @@ $(PASSWD): $(MASTER) @echo "Creating new $@ file from $(MASTER)..." +.if defined(LINUXCOMPMODE) + @if [ ! $(UNSECURE) ]; then \ + $(AWK) -F: '{if ($$1 != "" && $$1 !~ "^#.*" && $$1 != "+") \ + print $$1":x:"$$3":"$$4":"$$8":"$$9":"$$10}' $(MASTER) \ + > $(PASSWD) ; \ + else \ + $(AWK) -F: '{if ($$1 != "" && $$1 !~ "^#.*" && $$1 != "+") \ + print $$1":"$$2":"$$3":"$$4":"$$8":"$$9":"$$10}' $(MASTER) \ + > $(PASSWD) ; fi +.else @if [ ! $(UNSECURE) ]; then \ $(AWK) -F: '{if ($$1 != "" && $$1 !~ "^#.*" && $$1 != "+") \ print $$1":*:"$$3":"$$4":"$$8":"$$9":"$$10}' $(MASTER) \ @@ -506,6 +522,7 @@ $(AWK) -F: '{if ($$1 != "" && $$1 !~ "^#.*" && $$1 != "+") \ print $$1":"$$2":"$$3":"$$4":"$$8":"$$9":"$$10}' $(MASTER) \ > $(PASSWD) ; fi +.endif passwd.byname: $(PASSWD) @@ -613,3 +630,20 @@ @if [ ! $(NOPUSH) ]; then $(YPPUSH) -d $(DOMAIN) $@; fi @if [ ! $(NOPUSH) ]; then echo "Pushed $@ map." ; fi + +shadow.byname: $(MASTER) +.if defined(LINUXCOMPMODE) + @echo "Updating $@..." +.if ${MASTER} == "/dev/null" + @echo "Master.passwd source file not found -- skipping" +.else + @cat $(MASTER) | \ + $(AWK) -F: '{ if ($$1 != "" && $$1 !~ "^#.*" && $$1 != "+") \ + print $$1"\t"$$1":"$$2":::::::" }' $^ \ + | $(DBLOAD) ${S} -f -i $(MASTER) -o $(YPMAPDIR)/$@ - $(TMP); \ + $(RMV) $(TMP) $@ + @$(DBLOAD) -c + @if [ ! $(NOPUSH) ]; then $(YPPUSH) -d $(DOMAIN) $@; fi + @if [ ! $(NOPUSH) ]; then echo "Pushed $@ map." ; fi +.endif +.endif -- Andreas Steinel email: lnxbil@xantippe.cs.uni-sb.de Zimmer 122 web: http://w5.cs.uni-sb.de Bau 36.1 Phone: +49 (0) 681 302-4135 Lehrstuhl Prof. Wahlster fax: +49 (0) 12 12 / 52 35 64 89 Fakultät 6 - Informatik Universität des Saarlandes 66123 Saarbrücken GPG-Fingerprint: C09D 96DD 548C 8F13 097A 8D04 8329 7BEA A623 11D6 Hello, the patch from Mr. Andreas Steinel fails with the following errors (FBSD 5.3-RELEASE, but similar to 6.0): =================== Hunk #1 succeeded at 40. Hunk #2 failed at 201. Hunk #3 failed at 504. Hunk #4 failed at 522. Hunk #5 succeeded at 629 with fuzz 2 (offset -1 lines). patch: **** misordered hunks! output would be garbled =================== In fact, the lines that need to be altered are not those. Besides, there are strange characters sequences (=2D, =3D etc., probably an encoding issue) in the above copy of patch, but not in the original file at http://www.bsdforen.de/showthread.php?t=14059 However, when manually applying this patch, "make" fails with: ==================== "Makefile", line 597: Need an operator "Makefile", line 607: Need an operator "Makefile", line 609: warning: duplicate script for target "@if" ignored "Makefile", line 609: warning: duplicate script for target "[" ignored "Makefile", line 611: warning: duplicate script for target "@if" ignored "Makefile", line 611: warning: duplicate script for target "[" ignored make: fatal errors encountered -- cannot continue ==================== The reason, simple as it is, is that the patch is indented with spaces, and for some reason "make" doesn´t accept that. The solution is to replace the spaces with tabs. I´m submitting a copy of the resulting unified diff, which can be applied with: patch -p1 Makefile <Yp.Makefile.patch It was built for 5.3-RELEASE, but also works on 6.2-RELEASE (untested as NIS-server, though) with only different offsets. If some peaceful mind would apply it to 6.4 or 7.1, or host it at FreeBSD servers, I (and all other people that would use Linux clients) will be very grateful. It´s about time to such a simple issue to disappear, don´t you think? ;-) One last note, though, is that passwd from the client machines will alter only the NIS passwords, not the server´s own pwd.db, which I don´t know if it´s a desired behaviour. Having said that, I´m attaching the patch, but here it is (inline), for any case: ------------------------------ +++ Makefile Tue Jan 22 21:45:02 2008 @@ -40,6 +40,10 @@ # key will be removed from these maps, allowing anyone to access them. S=-s +# If you want to have linux NIS clients you must enable this: +# Comment the line if you have no linux NIS clients +LINUXCOMPMODE=1 + # These are commands which this Makefile needs to properly rebuild the # NIS databases. Don't change these unless you have a good reason. Also # be sure not to place an @ in front of /usr/bin/awk: it isn't necessary @@ -187,7 +191,7 @@ publickey: publickey.byname aliases: mail.aliases -master.passwd: master.passwd.byname master.passwd.byuid +master.passwd: master.passwd.byname master.passwd.byuid shadow.byname # # This is a special target used only when doing in-place updates with @@ -460,6 +464,16 @@ $(PASSWD): $(MASTER) @echo "Creating new $@ file from $(MASTER)..." +.if defined(LINUXCOMPMODE) + @if [ ! $(UNSECURE) ]; then \ + $(AWK) -F: '{if ($$1 != "" && $$1 !~ "^#.*" && $$1 != "+") \ + print $$1":x:"$$3":"$$4":"$$8":"$$9":"$$10}' $(MASTER) \ + > $(PASSWD) ; \ + else \ + $(AWK) -F: '{if ($$1 != "" && $$1 !~ "^#.*" && $$1 != "+") \ + print $$1":"$$2":"$$3":"$$4":"$$8":"$$9":"$$10}' $(MASTER) \ + > $(PASSWD) ; fi +.else @if [ ! $(UNSECURE) ]; then \ $(AWK) -F: '{if ($$1 != "" && $$1 !~ "^#.*" && $$1 != "+") \ print $$1":*:"$$3":"$$4":"$$8":"$$9":"$$10}' $(MASTER) \ @@ -468,6 +482,7 @@ $(AWK) -F: '{if ($$1 != "" && $$1 !~ "^#.*" && $$1 != "+") \ print $$1":"$$2":"$$3":"$$4":"$$8":"$$9":"$$10}' $(MASTER) \ > $(PASSWD) ; fi +.endif passwd.byname: $(PASSWD) @@ -574,4 +589,22 @@ @$(DBLOAD) -c @if [ ! $(NOPUSH) ]; then $(YPPUSH) -d $(DOMAIN) $@; fi @if [ ! $(NOPUSH) ]; then echo "Pushed $@ map." ; fi + + +shadow.byname: $(MASTER) +.if defined(LINUXCOMPMODE) + @echo "Updating $@..." +.if ${MASTER} == "/dev/null" + @echo "Master.passwd source file not found -- skipping" +.else + @cat $(MASTER) | \ + $(AWK) -F: '{ if ($$1 != "" && $$1 !~ "^#.*" && $$1 != "+") \ + print $$1"\t"$$1":"$$2":::::::" }' $^ \ + | $(DBLOAD) ${S} -f -i $(MASTER) -o $(YPMAPDIR)/$@ - $(TMP); \ + $(RMV) $(TMP) $@ + @$(DBLOAD) -c + @if [ ! $(NOPUSH) ]; then $(YPPUSH) -d $(DOMAIN) $@; fi + @if [ ! $(NOPUSH) ]; then echo "Pushed $@ map." ; fi +.endif +.endif -------------------- Thanks to Mr. Steinel for the original work and efforts. Sincerely, Tulio G. da Silva I can't reproduce this problem. |