Very Computer

Have I missed something?

When a person's password is expired, the login program is calling
/usr/bin/passwd.  Arrgh.  It's running NIS+, of course, so this does NO GOOD.

So, apart from going to all hundred or so of my machines and making a link of
/usr/bin/passwd to nispasswd, could I somehow coerce login to call nispasswd?

Thanks!

--

Systems Administrator                  (214) 578-6189
Inet, Inc.                             You can have your cake and eat it, too.

Quote:

>Have I missed something?

Nope.  I see the same thing.  We run NIS+ and when I recently cleared
a passwd with admintool, on the next login /usr/bin/passwd was run
for that user and it could not find the id (since it was in NIS+ and
not in /etc/passwd).

Quote:

>When a person's password is expired, the login program is calling
>/usr/bin/passwd.  Arrgh.  It's running NIS+, of course, so this does NO GOOD.

Way back in the cluttered recesses of my mind, I remember reading some
doc on an early version of Solaris 2.X (X=0or1) which said that
/usr/bin/passwd would look for the id in NIS+ (and/or NIS) if it did
not exist in /etc/passwd.  I don't remember testing it though.

Anybody know if this was ever the case (at least in the doc)?

Is there a compelling reason not to do it this way?  

Quote:

>So, apart from going to all hundred or so of my machines and making a link of
>/usr/bin/passwd to nispasswd, could I somehow coerce login to call nispasswd?

Maybe if you have a dir like /usr/local/bin in your PATH before
/usr/bin (for all users) then just put a passwd script in there that
does what you want.  We do something similiar to that (we have users
from 2 NIS+ domains using our systems so we put the "-D domain" option on
nispasswd for them).

glenn

--
Glenn T Barry

Voice:  (404)727-5637   Fax:  (404)727-5611
Emory University, Dept of Math and CS, Atlanta,GA 30322-2390

Got some good info via email ...

I'm told this is related to Bugid # 1091205.  And the (unofficial)
word from Sun is that /usr/bin/passwd will be modifed to understand
NIS+ and NIS(YP) soon.  It will probably be ready for 2.5 and there
might be a patch ready for 2.4 (but not for 2.3).

Quote:

>>So, apart from going to all hundred or so of my machines and making a link of
>>/usr/bin/passwd to nispasswd, could I somehow coerce login to call nispasswd?

>Maybe if you have a dir like /usr/local/bin in your PATH before
>/usr/bin (for all users) then just put a passwd script in there that
>does what you want.  We do something similiar to that (we have users
>from 2 NIS+ domains using our systems so we put the "-D domain" option on
>nispasswd for them).

This, of course (sorry for my lack of clear thinking above), won't
work for your problem because /usr/bin/passwd is hardcoded into
/usr/bin/login.

So on the count of 3, start symlinking!!! :-)  

My workaround will probably be ok once a user is logged-in and thus
has thier PATH set and runs 'passwd' by hand.

glenn

--
Glenn T Barry [Sr Solaris2 adm position open at EmoryU, send me mail for info]

Voice:  (404)727-5637   Fax:  (404)727-5611
Emory University, Dept of Math and CS, Atlanta, GA 30322-2390

: Have I missed something?

: When a person's password is expired, the login program is calling
: /usr/bin/passwd.  Arrgh.  It's running NIS+, of course, so this does NO GOOD.

: So, apart from going to all hundred or so of my machines and making a link of
: /usr/bin/passwd to nispasswd, could I somehow coerce login to call nispasswd?

I think there's a point-patch from SUN, but I don't know the number.
Call SUN.

Regards
--
   ...     ___      ____      Christian Masopust
 _][_n_n___i_i ____/___|      Siemens AG Austria

/ooOOOO OOOOoo  oo oooo       Phone(Fax): +43-1-2501-4516 (4485)          

: Have I missed something?

: When a person's password is expired, the login program is calling
: /usr/bin/passwd.  Arrgh.  It's running NIS+, of course, so this does NO GOOD.

: So, apart from going to all hundred or so of my machines and making a link of
: /usr/bin/passwd to nispasswd, could I somehow coerce login to call nispasswd?

Try this on for size:

#!/bin/sh
#
# Work around the fact that login execs /bin/passwd when you don't
# have a password.
#
# to use move /usr/bin/passwd to /usr/bin/passwd_orig then install this
# script as /usr/bin/passwd
#
ARG=$1
export ARG SWITCHLINE
if [ -z "${ARG}" ]; then
        ARG=`/usr/bin/logname`
fi
if (/usr/bin/grep -c "${ARG}" /etc/passwd > /dev/null 2>&1) then
        exec /usr/bin/passwd_orig ${ARG}
else
        SWITCHLINE=`/usr/bin/grep '^passwd:' /etc/nsswitch.conf`
        if (echo $SWITCHLINE | /usr/bin/grep -c 'nisplus' > /dev/null 2>&1) then
                exec /usr/bin/nispasswd ${ARG}
        else
                exec /usr/bin/yppasswd ${ARG}
        fi
fi
# not reached
exit 1

--
James B. Davis, Sr. UNIX Systems Administrator
TeleCommunications, Inc., Advanced Information Technologies Department