Hello all,
I have a Solaris 10 SPARC server that crashed a couple of weeks ago and I finally got it up the other day. I am having some problems getting my NIS automounts to work though. It appears that NIS is working, but the /home directories are not mounting and users can not log in (I can log in with root from a thin client remotely). This is my primary server that runs everything for a couple thin clients running off of it. I don't know if I really need NIS (I am new to it), but it is how the server was configured before I started working here.
I ran a few commands to check if NIS is working and got this:
Code:
# ypwhich
mdc1
which is my server, so it recognizes that NIS is working.
Code:
# ypmatch adam passwd
adam:$1$JLcVC9OC$m297M2r/u5FT4Sajcj/7t1:1047:1:Adam:/home/adam:/bin/tcsh
so it appears to know how to get my log in credentials
Code:
# ypmatch adam auto.home
mdc1:/pool/home/adam
and that is where the my home directory is physically located at. I don't know if it is worth noting, but if I do ypmatch adam auto_home it does not find a map, I have not seen any files named auto.home on my server.
Before the crash the NIS automounts would map the home directories from /pool/home/adam to /home/adam. /pool/home which is shared out with the dfstab.
This is the output of my /etc/auto_master file:
Code:
#
# Copyright 2003 Sun Microsystems, Inc. All rights reserved.
# Use is subject to license terms.
#
# ident "@(#)auto_master 1.8 03/04/28 SMI"
#
# Master map for automounter
#
+auto_master
/net -hosts -nosuid,nobrowse
/home auto_home -nobrowse
and my /etc/auto_home file:
Code:
#
# Copyright 2003 Sun Microsystems, Inc. All rights reserved.
# Use is subject to license terms.
#
# ident "@(#)auto_home 1.6 03/04/28 SMI"
#
# Home directory map for automounter
#
+auto_home
One thing I found different on this server is that the yp directory with all the auto_* files is in /export/home/opt/yp (I believe due to storage limitations). I don't know if this is my problem, just though it may be relevant in helping troubleshoot.
The contents of my /export/home/opt/yp/auto_master file:
Code:
#
# Copyright 2003 Sun Microsystems, Inc. All rights reserved.
# Use is subject to license terms.
#
# ident "@(#)auto_master 1.8 03/04/28 SMI"
#
# Master map for automounter
#
/net -hosts -nosuid,nobrowse
/home auto_home -nobrowse
/data auto_data
/apps auto_apps
/adm auto_adm
/- auto_direct
/ATD auto_ATD
and the contents of /export/home/opt/yp/auto_home:
Code:
#
# Copyright 2003 Sun Microsystems, Inc. All rights reserved.
# Use is subject to license terms.
#
# ident "@(#)auto_home 1.6 03/04/28 SMI"
#
# Home directory map for automounter
#
rt mdc1:/export/home/&
david mdc1:/pool/home/dkallus
butch mdc1:/pool/home/butch
adam mdc1:/pool/home/adam
* mdc1:/pool/home/&
When I try to manually run the /export/home/opt/yp/auto_master automount I get permission denied for all 7 automounts listed.
Everything in my /etc/dfs/dfstab and /etc/vfstab are mounting with no problems and I can manually mount directories from my storage servers (which are one of my NIS automounts that are not working) with no problem. I have read a known problem for this is that there is already a directory under /home, but this is not the case.
One thing I will mention is that the cause of my server crash was some permissions getting changed (unknown cause), which caused it to not boot into multi-user mode. So I'm wondering if it is some residual permissions issue again.
I also noticed that I can su to any user, but when I try to cd ~ it takes me to /, not the users home directory. Also, I can not su to root once I su to another user, it says "su: Unknown id: root" (I am logged in as root, so I have to exit out of the user).
Here is the contents of my /etc/nsswitch.conf file:
Code:
#
# /etc/nsswitch.nis:
#
# An example file that could be copied over to /etc/nsswitch.conf; it
# uses NIS (YP) in conjunction with files.
#
# "hosts:" and "services:" in this file are used only if the
# /etc/netconfig file has a "-" for nametoaddr_libs of "inet" transports.
# NIS service requires that svc:/network/nis/client:default be enabled
# and online.
# the following two lines obviate the "+" entry in /etc/passwd and /etc/group.
passwd: files nis
group: files nis
# consult /etc "files" only if nis is down.
hosts: files nis dns
# Note that IPv4 addresses are searched for in all of the ipnodes databases
# before searching the hosts databases.
ipnodes: files nis
# SUNRAY DEL networks: nis [NOTFOUND=return] files
networks: files nis [NOTFOUND=return] # SUNRAY ADD
protocols: nis [NOTFOUND=return] files
rpc: nis [NOTFOUND=return] files
ethers: nis [NOTFOUND=return] files
# SUNRAY DEL netmasks: nis [NOTFOUND=return] files
netmasks: files nis [NOTFOUND=return] # SUNRAY ADD
bootparams: nis [NOTFOUND=return] files
publickey: nis [NOTFOUND=return] files
netgroup: nis
automount: files nis
aliases: files nis
# for efficient getservbyname() avoid nis
services: files nis
printers: user files nis
auth_attr: files nis
prof_attr: files nis
project: files nis
Any thoughts or ideas?? All help is greatly appreciated!
---------- Post updated at 01:34 PM ---------- Previous update was at 11:22 AM ----------
Looks like I have the automount working now, Nothing shows up under /home until you cd into a directory. Once I went into /home/adam it created the mount under the /home directory like it is supposed to.
So now the only problem is I can only login with my account and root, but none of my users can login still, and I can't su to root when I login as myself (or su back to root after I su to one of my customers while logged in as root). My login credentials and home directory are in the same location as my users.
I am thinking it may be from my yp files being in the wrong location, how can I check the file locations that the server is checking when someone attempts to login, or where NIS is looking for the NIS files.
The Solaris automounter has a magic _ and . mapping. If you specify auto.home it looks for auto.home first then for auto_home - and vice versa.
Nothing shows up under /home because there is 1. -nobrowse option for the auto.home map and 2. it can only "browse" the 3 real user entries - not the other users that match in the * wildcard. E.g. /home/userx does not show up, but a cd /home/userx will attempt to mount mdc1:/pool/home/userx
Once it is mounted, it will show up for some time.
I guess that /export/home/opt/yp/ holds the source files for the NIS maps, and that your current system is the NIS master server.
To clarify please give results of the following commands:
Thanks for your response MadeInGermany. The /home automount issue seems to be resolved, makes more sense after the clarification you provided. Below is the output of the commands you requested.
Code:
# ypcat -k auto.home
wagner mdc1:/pool/home/wagner
yajun mdc1:/pool/home/yajun
david mdc1:/pool/home/dkallus
butch mdc1:/pool/home/butch
adam mdc1:/pool/home/adam
rt mdc1:/export/home/&
* mdc1:/pool/home/&
Code:
ypcat -k ypservers
mdc1
That is correct, /etc/home/opt/yp holds all my NIS information (auto_master, auto_home, etc... files, passwd, shadow, groups, symbolic links to /etc/hosts, etc...) and mdc1 is my primary (and sole) NIS server for this location.
I am going to close this thread as this problem has been resolved for the most part. If anyone is wondering it wound up being all sorts of permissions problems under /devices/pseudo, I'm not sure exactly which permissions change fixed my issue of users not logging in, but I think it was either the pts@0:* or ptsl@0:tty* files. I have some other issues still, but I will open up a new thread with a more accurate title for that problem.
The pkgchk SUNWcsu was very helpful, it had a long list of files with incorrect permissions. Is there a way to check all the permissions for the key files on the system?
Just pkchk checks *everything*.
But is certainly too picky. For example many files in /etc/ *must* have changed contents.
A more simple check that only lists wrong owner/group/permissions:
Code:
while read path ftype class mode owner group junk
do
[ "$ftype" = "f" ] &&
find "$path" \! \( -perm $mode -a -user $owner -a -group $group \) -ls
done < /var/sadm/install/contents
For any file you can simply grep the correct attributes from the contents file, for example
Code:
grep /usr/bin/lp /var/sadm/install/contents
This User Gave Thanks to MadeInGermany For This Post:
Hi,
I am new to NIS, In my company need to create a user with admin rights and the user was created but he is unable to login. below are the difference i am getting for me and him.
root@ abc]# getent passwd cric
cric:x:60215:20059:a:/home/cric:/bin/csh
# ypcat passwd | grep sam... (5 Replies)
Hi All,
I have configured NIS server in linux rhel5 and made one client member to that server.
nfs share created for users home directory
i have created one nis user, user not able to change the passwd of his login.
getting below mentioned error
" yppasswdd not running on NIS master... (1 Reply)
I'm creating a scrip for auditing our AIX box's to ensure that they are built according to our system standards. I'm not sure on the logic for checking to see if the NIS and NIS+ services are disabled. any idea's? (2 Replies)
Hi, all.
I have a Solaris client here needs to bind to NIS server in another subnet. Following is the configuration i made on the client,
1) edit /etc/inet/hosts to add an entry of the NIS server -- nserver01
2) execute `domainname` to set local NIS domain to the domain of the NIS server.... (1 Reply)
Hi Guys,
I have lots of doubts regarding NIS+.I also think by basics could be wrong......I am trying to pick up stuff from documents which are a bit murky. I am working on production environment so I am afraid of trial and error! Please help.
1) What is the difference between root domain master... (1 Reply)
We have a RedHat 8.0 NIS master, with a RedHat 8.0 NIS Slave.
We also have a small number of SUSE 9.1 and SUSE 10 machines here for evaluation.
However, no matter what i do, the SUSE machines will not talk to the NIS Servers.
If i broadcast for NIS Servers for the specified NIS domain, it... (1 Reply)
Hi all,
I just took over the admin role from someone and I wanna setup sendmail (just to send mail from the host) however, after I config all the resolv.conf, nssitch.conf, hosts file and when I try to send a mail out, after I punched ctl-D, it returned he following,
"NIS map mail.aliases... (2 Replies)
Hello all,
I'm not sure if this is the right forum, but I would like to know if Redhat running NIS ( not NIS +) would have conflict with Solaris running NIS+. Currently I am running NIS+ on Solaris but will be adding RedHat to the network. I seem to be unable to find and information regarding... (2 Replies)