On Wed, 27 Oct 1999, Pablo Ruiz wrote:
> Does anybody know how to force a user to a different default group? For
> example: user john default group from the passwd file (actually from yp)
> is student. If I want to force his default group to guest only when he
> logs in to machine xyz. How will I do it?
> I am running Solaris 2.6 with NIS.
> I have the compat option in my /etc/nsswitch.conf
> I tried adding the following in the /etc/passwd file:
> +john:::555:::
> where 555 is the gid for guest. It did not work. Any ideas?
I received a few good suggestions, but none of them really solve the
problem. I decided to write a script to make it work the way I wanted it.
Thanks go to:
seela@cs.yorku.ca
Heiko Maiwald <hmaiwald@hns.com>
Matt Reynolds <Matt.Reynolds@aztek-eng.com>
Samir Sethi <ssethi@mailhost.cicg-dev.etsd.ml.com>
Jochen Bern <bern@penthesilea.uni-trier.de>
Stuart Whitby" <stuwhitby@yahoo.com>
Important Note:
One of the suggestion was to add an entry in my users .cshrc that looks
like:
if (`uname -n` == "xyz" ) then
newgrp guest
endif
Do not do it!!! This will fork an infinite number of subshells and will
bring the machine down.
-------------
A couple of the reply was to add "files nis" to the group entry in
/etc/nsswitch.conf
Well, that is what I had.
-------------
My script:
#!/bin/csh
# Make sure to disable password changing from this machine
# chmod 400 /usr/bin/passwd
set path = ( /usr/bin /usr/sbin )
# Files involved in script
# protopw is password prototype file
# protosw is shadow prototype file
set passwdfile = "/etc/passwd"
set shadowfile = "/etc/shadow"
set passwdbak = "/etc/passwd.bak"
set shadowbak = "/etc/shadow.bak"
set tmpdir = "/etc/site/.mkpw"
set protopw = "$tmpdir/protopw"
set protosw = "$tmpdir/protosw"
set passwdwork = "$tmpdir/passwd.work"
set shadowwork = "$tmpdir/shadow.work"
# gid=909 (guest)
set gname = "guest"
set gid = "909"
cp $passwdfile $passwdbak
cp $shadowfile $shadowbak
cp $protopw $passwdwork
cp $protosw $shadowwork
foreach i ( `ypcat group | grep -w $gname | cut -f 4 -d ":" | tr -s "," "
"` )
set fall = `ypcat passwd | grep -w $i`
set f1 = `echo $fall | cut -f 1 -d ":"`
set f2 = `echo $fall | cut -f 2 -d ":"`
set f3 = `echo $fall | cut -f 3 -d ":"`
set f4 = `echo $fall | cut -f 4 -d ":"`
set f5 = `echo $fall | cut -f 5 -d ":"`
set f6 = `echo $fall | cut -f 6 -d ":"`
set f7 = `echo $fall | cut -f 7 -d ":"`
# Check if account is active. Shell has to be /bin/tcsh or /bin/csh
if ( $f7 == "/bin/tcsh" || $f7 == "/bin/csh" ) then
echo $f1":x:"$f3":"$gid":"$f5":"$f6":"$f7 >> $passwdwork
echo $f1":"$f2":6445::::::" >> $shadowwork
endif
# Append the following to the end of passwdwork and shadowwork files
echo "+@ecdept::::::/bin/tcsh" >> $passwdwork
echo "+::::::/dev/null" >> $passwdwork
echo "+::::::::" >> $shadowwork
# This part is very tricky. Lets make sure it works...
cp $passwdwork $passwdfile
cp $shadowwork $shadowfile
rm -f $passwdwork
rm -f $shadowwork
===========================================================================
Pablo Ruiz E-mail: ruiz@eng.usf.edu
System and Network Administrator WWW: http://www.csee.usf.edu/~ruiz
University of South Florida Phone: (813) 974-4106
Engineering Computing Fax: (813) 974-4464
===========================================================================
This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:13:31 CDT