SUMMARY (AGAIN!!) and AGAIN : Restrict login access

From: Giwrgos Menegakis (menes@cc.uch.gr)
Date: Sat Nov 09 1996 - 12:56:48 CST


Hello ,
This is my 3rd Summary but I had a typo in the 2nd Summary.
I am sorry for the incovinience , please accept my apologies...

The original question was :
I want to run NIS (not NIS+) server on one machine
and I want to restrict login access to this machine.
All replied to me that the solution is to create a
netgroup whose members would have login access to this
machine
eg:
#vi /var/yp/src/netgroup
  
add this line to netgroup file
 
netgroup_name_who_have_access (,member_1,) (,member_2,) ... (,member_n,)
 
#cd /var/yp/
#make netgroup
  
add at the end of /etc/shadow and /etc/group the line

+:

add these lines at the /etc/passwd ( I missed it in my previous Summary )
+@netgroup_name_who_have_access::0:0:::
+::0:0:::/etc/no_login

change to

passwd : compat
group : compat

at /etc/nsswitch.conf

and of cource create /etc/no_login
The point is that I had done this stuff but nobody
could login in this machine.
 
Finally I did what I had to do from the beggining !!!
I changed the line
#EMULYP="-Y" to
EMULYP="-Y"
at the file /etc/init.d/rpc and finally I got restricted login access
to this machine.
 
Thanks to those who replied
 
Jochen Bern
Irana Whitaker-Patel
Viet Hoang
Benjaming Cline
Peter Bestel

PS . Of cource there is a second way to Restrict login access
The only thing you have to do is edit /etc/nsswitch.conf
and change the lines

passwd : nis files
group : nis files

to

passwd : files
group : files

and add the people who should have access to this machine
localy , at /etc/passwd and /etc/group

but this I wanted to avoid...

+--------------------------------------------------+
| George `crocodile' Menegakis |
+--------------------------------------------------+



This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:11:15 CDT