[CentOS] Re: Fix passwd/shadow/group files?
Bryan J. Smith <b.j.smith@ieee.org>
thebs413 at earthlink.net
Fri Jul 15 09:25:33 UTC 2005
Ignacio Vazquez-Abrams wrote:
> Stuff pam_netgroups into system-auth then make a group per machine.
> http://www2.physics.umd.edu/~payerle/Software/PAM/
Doh!!! I should have realized that.
Yes, using NIS Netgroups and PAM authentication around them is much,
much better on Linux (and even Solaris) than using multiple NIS domains.
And even if he still replicates his files manually (he should at least
consider automating their distribution via SSH), he can still setup just 1
file and use the same netgroups-PAM solution.
Good catch.
From: Paul Heinlein <heinlein at madboa.com>
> If you set up netgroups, you can specify login rights easily:
> * /etc/passwd
> [...]
> + at login-group
> +:::::/dev/null:/sbin/nologin
> * /etc/nsswitch.conf
> passwd: compat
> shadow: compat
> group: files nis
> netgroup: files nis
Now that only works for NIS distributed passwd, netgroups, correct?
Or will it work for local users as well?
--
Bryan J. Smith mailto:b.j.smith at ieee.org
More information about the CentOS
mailing list