Alternatives for Yellow Pages?
Bill Nickless
bnick at aucis.UUCP
Tue Jan 10 23:34:21 AEST 1989
In article <747 at genie.UUCP>, scooter at genie.UUCP (Scooter Morris) writes:
> From article <6999 at pyr.gatech.EDU>, by david at pyr.gatech.EDU (David Brown):
> > Hi. Over the past several months, I've read several articles from
> > SysAdmins who said that they didn't use Yellow Pages on their networks.
> > I can understand this: we use yp and it's a real pain sometimes. What
> > are some alternate ways to get similar effects? (I want user x to be able
> > to use his same username and password on all our machines, and when he
> > changes it on any machine, I want that change propagated to all the others).
>
> So, we modified /bin/passwd so that insted of updating the
> password database directly, it sends a packet to a password
> daemon.
[ Description of solution deleted ]
> P.S. This stuff is available to anyone who wants it, but
> you'll need source to take advantage of it because of the
> changes to /bin/passwd.
At our installation, we run 2 AT&T 3B2/400's with an RFS link set up between
them. Unfortunately (?) we don't have a source license here, so we have to
make do with the binaries.
The first step was to restrict /bin/passwd (chmod o-rx /bin/passwd). Then
we created a simple program to act as a front-end to /bin/passwd, with a
set-gid to sys (or whatever the group of /bin/passwd is). We installed this
as /usr/local/bin/passwd.
This front end traps SIGQUIT and SIGINT, creates a lockfile in a common place
in the RFS domain, and executes /bin/passwd as a child process with the same
argument that the front end was called with. When /bin/passwd returns, it
copies /etc/passwd to the remote sites using chmod and /bin/cp.
Problems include:
1. Only one person, domain-wide, can change their password at a time. This
can cause significant delays because many people wait for the "Enter new
password:" prompt before thinking one up!
2. Password aging probably can't be used, because I suspect login expects to
execute /bin/passwd to change passwords.
3. /etc/passwd has to be copied to all the other machines.
Good luck!
--
William (Bill) Kirk Nickless Andrews University
305 Meier Computer and Information Science Department
Berrien Springs, MI 49104 UNIX Support Group
(616) 471-6515 or (616) 471-3422 ...!uunet!cucstud!aucis!bnick
More information about the Comp.unix.wizards
mailing list