Guest account setup using NIS - Unix

This is a discussion on Guest account setup using NIS - Unix ; I've got two servers running Solaris 8 and configure with NIS. The problem is that logging in with my user id puts me in a guest directory with my unix id as the name of the home directory. nodenam-1> pwd ...

+ Reply to Thread
Results 1 to 7 of 7

Thread: Guest account setup using NIS

  1. Guest account setup using NIS

    I've got two servers running Solaris 8 and configure with NIS.
    The problem is that logging in with my user id puts me in a
    guest directory with my unix id as the name of the home directory.
    nodenam-1> pwd
    /export/home/tmp/myuser id

    The other server says:
    No directory! Logging in with home=/
    Last login: Tue Mar 15 14:47:03 from arc2t0am
    Sun Microsystems Inc. SunOS 5.8 Generic Patch December 2002
    $ pwd
    /

    Both /etc/passwd files are the same on both servers:

    $ more /etc/passwd
    root:x:0:1:Super-User:/:/sbin/sh
    daemon:x:1:1::/:
    bin:x:2:2::/usr/bin:
    sys:x:3:3::/:
    adm:x:4:4:Admin:/var/adm:
    lp:x:71:8:Line Printer Admin:/usr/spool/lp:
    uucp:x:5:5:uucp Admin:/usr/lib/uucp:
    nuucp:x:9:9:uucp Admin:/var/spool/uucppublic:/usr/lib/uucp/uucico
    listen:x:37:4:Network Admin:/usr/net/nls:
    nobody:x:60001:60001:Nobody:/:
    noaccess:x:60002:60002:No Access User:/:
    nobody4:x:65534:65534:SunOS 4.x Nobody:/:
    user65:x:1001:10::/export/home/user65:/bin/csh
    +::60001:10::/export/home:/bin/csh

    Both /etc/shadow files are the same also:
    # more /etc/shadow
    rootpEKIBXhCZR96:6445::::::
    daemon:NP:6445::::::
    bin:NP:6445::::::
    sys:NP:6445::::::
    adm:NP:6445::::::
    lp:NP:6445::::::
    uucp:NP:6445::::::
    nuucp:NP:6445::::::
    listen:*LK*:::::::
    nobody:NP:6445::::::
    noaccess:NP:6445::::::
    nobody4:NP:6445::::::
    cpds65:4qX7KcRE.Yhls:12478::::::
    +::::::::

    How can I change the guest login to have a home directory of
    /export/home/tmp/$USERID? I'm sure it's a local file somewhere
    but I don't know which one.

    Thanks in advance to all who help!!!

  2. Re: Guest account setup using NIS

    In article ,
    kurt wrote:

    > I've got two servers running Solaris 8 and configure with NIS.
    > The problem is that logging in with my user id puts me in a
    > guest directory with my unix id as the name of the home directory.
    > nodenam-1> pwd
    > /export/home/tmp/myuser id
    >
    > The other server says:
    > No directory! Logging in with home=/
    > Last login: Tue Mar 15 14:47:03 from arc2t0am
    > Sun Microsystems Inc. SunOS 5.8 Generic Patch December 2002
    > $ pwd
    > /
    >
    > Both /etc/passwd files are the same on both servers:
    >
    > $ more /etc/passwd
    > root:x:0:1:Super-User:/:/sbin/sh
    > daemon:x:1:1::/:
    > bin:x:2:2::/usr/bin:
    > sys:x:3:3::/:
    > adm:x:4:4:Admin:/var/adm:
    > lp:x:71:8:Line Printer Admin:/usr/spool/lp:
    > uucp:x:5:5:uucp Admin:/usr/lib/uucp:
    > nuucp:x:9:9:uucp Admin:/var/spool/uucppublic:/usr/lib/uucp/uucico
    > listen:x:37:4:Network Admin:/usr/net/nls:
    > nobody:x:60001:60001:Nobody:/:
    > noaccess:x:60002:60002:No Access User:/:
    > nobody4:x:65534:65534:SunOS 4.x Nobody:/:
    > user65:x:1001:10::/export/home/user65:/bin/csh
    > +::60001:10::/export/home:/bin/csh
    >
    > Both /etc/shadow files are the same also:
    > # more /etc/shadow
    > rootpEKIBXhCZR96:6445::::::
    > daemon:NP:6445::::::
    > bin:NP:6445::::::
    > sys:NP:6445::::::
    > adm:NP:6445::::::
    > lp:NP:6445::::::
    > uucp:NP:6445::::::
    > nuucp:NP:6445::::::
    > listen:*LK*:::::::
    > nobody:NP:6445::::::
    > noaccess:NP:6445::::::
    > nobody4:NP:6445::::::
    > cpds65:4qX7KcRE.Yhls:12478::::::
    > +::::::::
    >
    > How can I change the guest login to have a home directory of
    > /export/home/tmp/$USERID? I'm sure it's a local file somewhere
    > but I don't know which one.
    >
    > Thanks in advance to all who help!!!


    Well I see a problem with your passwd and shadow files. Line 13 in both
    files should start with a username, which doesn't match.

    Also, if you login to hostA you'll get a different /export/home/user65
    than on hostB. Usually what's done is there's a single user directory
    that's on an exported filesystem like hostA:/export/home (see
    /etc/dfs/dfstab on hostA). The automounter is setup so that when you
    login to user65, it mounts /home/user65 automagically from whatever
    server you're on--hostA or hostB.

    See the man page for the automounter and fix your files. Populate the
    auto_home map with the correct entry for user65, push out the map,
    create the directory with the correct permissions on the serving host
    and you should be all set.

    All this is pretty basic stuff and covered in the beginning sysadmin
    books.

    --
    DeeDee, don't press that button! DeeDee! NO! Dee...




  3. Re: Guest account setup using NIS



    Michael Vilain wrote:

    > In article ,
    > kurt wrote:
    >
    >
    >>I've got two servers running Solaris 8 and configure with NIS.
    >>The problem is that logging in with my user id puts me in a
    >>guest directory with my unix id as the name of the home directory.
    >>nodenam-1> pwd
    >>/export/home/tmp/myuser id
    >>
    >>The other server says:
    >> No directory! Logging in with home=/
    >>Last login: Tue Mar 15 14:47:03 from arc2t0am
    >>Sun Microsystems Inc. SunOS 5.8 Generic Patch December 2002
    >>$ pwd
    >>/
    >>
    >>Both /etc/passwd files are the same on both servers:
    >>
    >>$ more /etc/passwd
    >>root:x:0:1:Super-User:/:/sbin/sh
    >>daemon:x:1:1::/:
    >>bin:x:2:2::/usr/bin:
    >>sys:x:3:3::/:
    >>adm:x:4:4:Admin:/var/adm:
    >>lp:x:71:8:Line Printer Admin:/usr/spool/lp:
    >>uucp:x:5:5:uucp Admin:/usr/lib/uucp:
    >>nuucp:x:9:9:uucp Admin:/var/spool/uucppublic:/usr/lib/uucp/uucico
    >>listen:x:37:4:Network Admin:/usr/net/nls:
    >>nobody:x:60001:60001:Nobody:/:
    >>noaccess:x:60002:60002:No Access User:/:
    >>nobody4:x:65534:65534:SunOS 4.x Nobody:/:
    >>user65:x:1001:10::/export/home/user65:/bin/csh
    >>+::60001:10::/export/home:/bin/csh
    >>
    >>Both /etc/shadow files are the same also:
    >># more /etc/shadow
    >>rootpEKIBXhCZR96:6445::::::
    >>daemon:NP:6445::::::
    >>bin:NP:6445::::::
    >>sys:NP:6445::::::
    >>adm:NP:6445::::::
    >>lp:NP:6445::::::
    >>uucp:NP:6445::::::
    >>nuucp:NP:6445::::::
    >>listen:*LK*:::::::
    >>nobody:NP:6445::::::
    >>noaccess:NP:6445::::::
    >>nobody4:NP:6445::::::
    >>cpds65:4qX7KcRE.Yhls:12478::::::
    >>+::::::::
    >>
    >>How can I change the guest login to have a home directory of
    >>/export/home/tmp/$USERID? I'm sure it's a local file somewhere
    >>but I don't know which one.
    >>
    >>Thanks in advance to all who help!!!

    >
    >
    > Well I see a problem with your passwd and shadow files. Line 13 in both
    > files should start with a username, which doesn't match.
    >
    > Also, if you login to hostA you'll get a different /export/home/user65
    > than on hostB. Usually what's done is there's a single user directory
    > that's on an exported filesystem like hostA:/export/home (see
    > /etc/dfs/dfstab on hostA). The automounter is setup so that when you
    > login to user65, it mounts /home/user65 automagically from whatever
    > server you're on--hostA or hostB.
    >
    > See the man page for the automounter and fix your files. Populate the
    > auto_home map with the correct entry for user65, push out the map,
    > create the directory with the correct permissions on the serving host
    > and you should be all set.
    >
    > All this is pretty basic stuff and covered in the beginning sysadmin
    > books.
    >


    Sorry I copied it wrong. The entry in the /etc/shadow file for both
    nodes is user65. I don't know how it's able to create a home directory
    for a user that's not in the /etc/password file each time that person
    logs in.


  4. Re: Guest account setup using NIS

    In article , Michael
    Vilain wrote:
    > In article ,
    > kurt wrote:
    >
    >> I've got two servers running Solaris 8 and configure with NIS.
    >> The problem is that logging in with my user id puts me in a
    >> guest directory with my unix id as the name of the home directory.
    >> nodenam-1> pwd
    >> /export/home/tmp/myuser id
    >>
    >> The other server says:
    >> No directory! Logging in with home=/
    >> Last login: Tue Mar 15 14:47:03 from arc2t0am
    >> Sun Microsystems Inc. SunOS 5.8 Generic Patch December 2002
    >> $ pwd
    >> /
    >>
    >> Both /etc/passwd files are the same on both servers:
    >>
    >> $ more /etc/passwd
    >> root:x:0:1:Super-User:/:/sbin/sh
    >> daemon:x:1:1::/:
    >> bin:x:2:2::/usr/bin:
    >> sys:x:3:3::/:
    >> adm:x:4:4:Admin:/var/adm:
    >> lp:x:71:8:Line Printer Admin:/usr/spool/lp:
    >> uucp:x:5:5:uucp Admin:/usr/lib/uucp:
    >> nuucp:x:9:9:uucp Admin:/var/spool/uucppublic:/usr/lib/uucp/uucico
    >> listen:x:37:4:Network Admin:/usr/net/nls:
    >> nobody:x:60001:60001:Nobody:/:
    >> noaccess:x:60002:60002:No Access User:/:
    >> nobody4:x:65534:65534:SunOS 4.x Nobody:/:
    >> user65:x:1001:10::/export/home/user65:/bin/csh
    >> +::60001:10::/export/home:/bin/csh
    >>
    >> Both /etc/shadow files are the same also:
    >> # more /etc/shadow
    >> rootpEKIBXhCZR96:6445::::::
    >> daemon:NP:6445::::::
    >> bin:NP:6445::::::
    >> sys:NP:6445::::::
    >> adm:NP:6445::::::
    >> lp:NP:6445::::::
    >> uucp:NP:6445::::::
    >> nuucp:NP:6445::::::
    >> listen:*LK*:::::::
    >> nobody:NP:6445::::::
    >> noaccess:NP:6445::::::
    >> nobody4:NP:6445::::::
    >> cpds65:4qX7KcRE.Yhls:12478::::::
    >> +::::::::
    >>
    >> How can I change the guest login to have a home directory of
    >> /export/home/tmp/$USERID? I'm sure it's a local file somewhere
    >> but I don't know which one.
    >>
    >> Thanks in advance to all who help!!!

    >
    > Well I see a problem with your passwd and shadow files. Line 13 in both
    > files should start with a username, which doesn't match.


    Assuming you are talking about this line?

    >> +::60001:10::/export/home:/bin/csh


    That does NOT need to start with a user name - what it says its to look up
    names from NIS until a match is found, and then over-ride the users home dir
    and shell. You can't over-ride UID/GID - those are there as a security measure
    in case NIS is down. In fact, the GID should be the GID for 'nogroup'...
    perfectly valid NIS syntax.

    [snip]

    To the OP - why are you over-riding everyone's home dir and shell? Change that
    line to:

    +::60001:10:::

    and you'll probably get what you want. However, if you are allowing *all* NIS
    entries (as you are), its probably better to change your /etc/nsswitch from:

    passwd: compat
    shadow: compat
    group: compat

    to:

    passwd: files nis
    shadow: files nis
    group: files nis

    And then you don't need the '+' entries...

    Kevin

  5. Re: Guest account setup using NIS

    In article ,
    Kevin Collins wrote:

    > In article , Michael
    > Vilain wrote:
    > > In article ,
    > > kurt wrote:
    > >
    > >> I've got two servers running Solaris 8 and configure with NIS.
    > >> The problem is that logging in with my user id puts me in a
    > >> guest directory with my unix id as the name of the home directory.
    > >> nodenam-1> pwd
    > >> /export/home/tmp/myuser id
    > >>
    > >> The other server says:
    > >> No directory! Logging in with home=/
    > >> Last login: Tue Mar 15 14:47:03 from arc2t0am
    > >> Sun Microsystems Inc. SunOS 5.8 Generic Patch December 2002
    > >> $ pwd
    > >> /
    > >>
    > >> Both /etc/passwd files are the same on both servers:
    > >>
    > >> $ more /etc/passwd
    > >> root:x:0:1:Super-User:/:/sbin/sh
    > >> daemon:x:1:1::/:
    > >> bin:x:2:2::/usr/bin:
    > >> sys:x:3:3::/:
    > >> adm:x:4:4:Admin:/var/adm:
    > >> lp:x:71:8:Line Printer Admin:/usr/spool/lp:
    > >> uucp:x:5:5:uucp Admin:/usr/lib/uucp:
    > >> nuucp:x:9:9:uucp Admin:/var/spool/uucppublic:/usr/lib/uucp/uucico
    > >> listen:x:37:4:Network Admin:/usr/net/nls:
    > >> nobody:x:60001:60001:Nobody:/:
    > >> noaccess:x:60002:60002:No Access User:/:
    > >> nobody4:x:65534:65534:SunOS 4.x Nobody:/:
    > >> user65:x:1001:10::/export/home/user65:/bin/csh
    > >> +::60001:10::/export/home:/bin/csh
    > >>
    > >> Both /etc/shadow files are the same also:
    > >> # more /etc/shadow
    > >> rootpEKIBXhCZR96:6445::::::
    > >> daemon:NP:6445::::::
    > >> bin:NP:6445::::::
    > >> sys:NP:6445::::::
    > >> adm:NP:6445::::::
    > >> lp:NP:6445::::::
    > >> uucp:NP:6445::::::
    > >> nuucp:NP:6445::::::
    > >> listen:*LK*:::::::
    > >> nobody:NP:6445::::::
    > >> noaccess:NP:6445::::::
    > >> nobody4:NP:6445::::::
    > >> cpds65:4qX7KcRE.Yhls:12478::::::
    > >> +::::::::
    > >>
    > >> How can I change the guest login to have a home directory of
    > >> /export/home/tmp/$USERID? I'm sure it's a local file somewhere
    > >> but I don't know which one.
    > >>
    > >> Thanks in advance to all who help!!!

    > >
    > > Well I see a problem with your passwd and shadow files. Line 13 in both
    > > files should start with a username, which doesn't match.

    >
    > Assuming you are talking about this line?
    >
    > >> +::60001:10::/export/home:/bin/csh

    >
    > That does NOT need to start with a user name - what it says its to look up
    > names from NIS until a match is found, and then over-ride the users home dir
    > and shell. You can't over-ride UID/GID - those are there as a security measure
    > in case NIS is down. In fact, the GID should be the GID for 'nogroup'...
    > perfectly valid NIS syntax.
    >
    > [snip]
    >
    > To the OP - why are you over-riding everyone's home dir and shell? Change that
    > line to:
    >
    > +::60001:10:::
    >
    > and you'll probably get what you want. However, if you are allowing *all* NIS
    > entries (as you are), its probably better to change your /etc/nsswitch from:
    >
    > passwd: compat
    > shadow: compat
    > group: compat
    >
    > to:
    >
    > passwd: files nis
    > shadow: files nis
    > group: files nis
    >
    > And then you don't need the '+' entries...
    >
    > Kevin


    Nope. By my count, that's line 14. I was pointing out that

    passwd had

    user65:x:1001:10::/export/home/user65:/bin/csh

    and shadow had

    cpds65:4qX7KcRE.Yhls:12478::::::

    The problem as he described it sounds like an automounter problem.
    Either the map isn't setup correctly or the OP didn't know about
    automount.

    --
    DeeDee, don't press that button! DeeDee! NO! Dee...




  6. Re: Guest account setup using NIS



    Kevin Collins wrote:
    > In article , Michael
    > Vilain wrote:
    >
    >>In article ,
    >> kurt wrote:
    >>
    >>
    >>>I've got two servers running Solaris 8 and configure with NIS.
    >>>The problem is that logging in with my user id puts me in a
    >>>guest directory with my unix id as the name of the home directory.
    >>>nodenam-1> pwd
    >>>/export/home/tmp/myuser id
    >>>
    >>>The other server says:
    >>> No directory! Logging in with home=/
    >>>Last login: Tue Mar 15 14:47:03 from arc2t0am
    >>>Sun Microsystems Inc. SunOS 5.8 Generic Patch December 2002
    >>>$ pwd
    >>>/
    >>>
    >>>Both /etc/passwd files are the same on both servers:
    >>>
    >>>$ more /etc/passwd
    >>>root:x:0:1:Super-User:/:/sbin/sh
    >>>daemon:x:1:1::/:
    >>>bin:x:2:2::/usr/bin:
    >>>sys:x:3:3::/:
    >>>adm:x:4:4:Admin:/var/adm:
    >>>lp:x:71:8:Line Printer Admin:/usr/spool/lp:
    >>>uucp:x:5:5:uucp Admin:/usr/lib/uucp:
    >>>nuucp:x:9:9:uucp Admin:/var/spool/uucppublic:/usr/lib/uucp/uucico
    >>>listen:x:37:4:Network Admin:/usr/net/nls:
    >>>nobody:x:60001:60001:Nobody:/:
    >>>noaccess:x:60002:60002:No Access User:/:
    >>>nobody4:x:65534:65534:SunOS 4.x Nobody:/:
    >>>user65:x:1001:10::/export/home/user65:/bin/csh
    >>>+::60001:10::/export/home:/bin/csh
    >>>
    >>>Both /etc/shadow files are the same also:
    >>># more /etc/shadow
    >>>rootpEKIBXhCZR96:6445::::::
    >>>daemon:NP:6445::::::
    >>>bin:NP:6445::::::
    >>>sys:NP:6445::::::
    >>>adm:NP:6445::::::
    >>>lp:NP:6445::::::
    >>>uucp:NP:6445::::::
    >>>nuucp:NP:6445::::::
    >>>listen:*LK*:::::::
    >>>nobody:NP:6445::::::
    >>>noaccess:NP:6445::::::
    >>>nobody4:NP:6445::::::
    >>>cpds65:4qX7KcRE.Yhls:12478::::::
    >>>+::::::::
    >>>
    >>>How can I change the guest login to have a home directory of
    >>>/export/home/tmp/$USERID? I'm sure it's a local file somewhere
    >>>but I don't know which one.
    >>>
    >>>Thanks in advance to all who help!!!

    >>
    >>Well I see a problem with your passwd and shadow files. Line 13 in both
    >>files should start with a username, which doesn't match.

    >
    >
    > Assuming you are talking about this line?
    >
    >
    >>>+::60001:10::/export/home:/bin/csh

    >
    >
    > That does NOT need to start with a user name - what it says its to look up
    > names from NIS until a match is found, and then over-ride the users home dir
    > and shell. You can't over-ride UID/GID - those are there as a security measure
    > in case NIS is down. In fact, the GID should be the GID for 'nogroup'...
    > perfectly valid NIS syntax.
    >
    > [snip]
    >
    > To the OP - why are you over-riding everyone's home dir and shell? Change that
    > line to:
    >
    > +::60001:10:::
    >
    > and you'll probably get what you want. However, if you are allowing *all* NIS
    > entries (as you are), its probably better to change your /etc/nsswitch from:
    >
    > passwd: compat
    > shadow: compat
    > group: compat
    >
    > to:
    >
    > passwd: files nis
    > shadow: files nis
    > group: files nis
    >
    > And then you don't need the '+' entries...
    >
    > Kevin


    Thanks Kevin!! You were right about the /etc/nsswitch.conf file. I
    found the rest of the problem was due to the /export/home not having a
    ..login file. Now for some reason, the 'mkdir' command wont run when
    I login with my id that's not in the /etc/passwd file. It gives a
    "permission denied" error as soon as I login. It stops running the
    ..login file as soon as it hits the 'mkdir' command. It's the exact same
    ..login on both servers but only one will run the 'mkdir' command.
    Here's the .login file:
    # Setup the search path for use within this shell script:
    #
    # *** Note: Do not attempt to change the following `path' variable. ***
    # *** This variable only has effect within this script and does ***
    # *** not carry over into the user environment. If you wish to ***
    # *** change your default `path', edit your .corprc file. A ***
    # *** default .corprc file is provided as ***
    # *** /opt/corp/local/lib/stdlogin/bnr.corprc, and a UNIX man ***
    # *** page called corprc(5) is available on-line by typing 'man ***
    # *** corprc' (without the quotes). ***
    #
    set path=( /bin /usr/bin /usr/ucb /opt/cdmatools/start/bin
    /opt/corp/tools/Tornado/host/sun4
    -solaris2/bin /usr/openwin/bin /etc /usr/sbin )


    # Set up the terminal line characteristics:
    /bin/tty >&/dev/null
    if ( $status == 0 ) then
    # *** Note: The following stty is common to all platforms. ***
    #stty erase "^H" kill "^U" intr "^C" eof "^D" susp "^Z" dsusp "^Y"
    # *** Note: While the following stty is necessary on the Sun ***
    # *** and HP systems, it does nothing but produce an ***
    # *** error on the Apollos. Thus stderr is redirected. ***
    #
    stty hupcl ixon ixoff >&/dev/null
    endif

    # Set up the environment variables:
    # *** Note: Don't add any other environment definitions to this file.
    # *** Place them in your .corprc file instead. See the corprc(5)
    # *** man page for more information.
    #
    setenv EDITOR vi # Default editor


    # Set up the standard shell charateristics:
    #
    umask 027 # Keep files / directories secure.


    # Make a temporary guest directory if one does not exist
    set GUESTDIR=`pwd`
    if ( ! -d $GUESTDIR/tmp/$LOGNAME ) then
    mkdir $GUESTDIR/tmp/$LOGNAME
    endif

    # Set home directory up properly
    set home=$GUESTDIR/tmp/$LOGNAME
    cd

    # Copy in default startup files
    if ( ! -f $HOME/.cshrc ) then
    cp $GUESTDIR/.cshrc $HOME/.cshrc
    cp $GUESTDIR/.logout $HOME/.logout
    endif
    if ( ! -f $HOME/.bnrrc ) then
    cp $GUESTDIR/.bnrrc $HOME/.bnrrc
    ln -s .bnrrc .corprc
    endif

    # Print warning message to all guest account users
    echo ''
    echo '######################################'
    echo YOU ARE LOGGED IN THE GUEST ACCOUNT.
    echo PLEASE READ $GUESTDIR/README
    echo FOR DETAILS ON GUEST ACCOUNT POLICIES.
    echo '######################################'
    echo ''

    # Source .cshrc in new home directory. This accounts for:
    # 1) any user customisations,
    # 2) the fact than on Suns .cshrc must be owned by the user.
    #
    source .cshrc

    Thanks, Kurt

  7. Re: Guest account setup using NIS



    Kevin Collins wrote:
    > In article , Michael
    > Vilain wrote:
    >
    >>In article ,
    >> kurt wrote:
    >>
    >>
    >>>I've got two servers running Solaris 8 and configure with NIS.
    >>>The problem is that logging in with my user id puts me in a
    >>>guest directory with my unix id as the name of the home directory.
    >>>nodenam-1> pwd
    >>>/export/home/tmp/myuser id
    >>>
    >>>The other server says:
    >>> No directory! Logging in with home=/
    >>>Last login: Tue Mar 15 14:47:03 from arc2t0am
    >>>Sun Microsystems Inc. SunOS 5.8 Generic Patch December 2002
    >>>$ pwd
    >>>/
    >>>
    >>>Both /etc/passwd files are the same on both servers:
    >>>
    >>>$ more /etc/passwd
    >>>root:x:0:1:Super-User:/:/sbin/sh
    >>>daemon:x:1:1::/:
    >>>bin:x:2:2::/usr/bin:
    >>>sys:x:3:3::/:
    >>>adm:x:4:4:Admin:/var/adm:
    >>>lp:x:71:8:Line Printer Admin:/usr/spool/lp:
    >>>uucp:x:5:5:uucp Admin:/usr/lib/uucp:
    >>>nuucp:x:9:9:uucp Admin:/var/spool/uucppublic:/usr/lib/uucp/uucico
    >>>listen:x:37:4:Network Admin:/usr/net/nls:
    >>>nobody:x:60001:60001:Nobody:/:
    >>>noaccess:x:60002:60002:No Access User:/:
    >>>nobody4:x:65534:65534:SunOS 4.x Nobody:/:
    >>>user65:x:1001:10::/export/home/user65:/bin/csh
    >>>+::60001:10::/export/home:/bin/csh
    >>>
    >>>Both /etc/shadow files are the same also:
    >>># more /etc/shadow
    >>>rootpEKIBXhCZR96:6445::::::
    >>>daemon:NP:6445::::::
    >>>bin:NP:6445::::::
    >>>sys:NP:6445::::::
    >>>adm:NP:6445::::::
    >>>lp:NP:6445::::::
    >>>uucp:NP:6445::::::
    >>>nuucp:NP:6445::::::
    >>>listen:*LK*:::::::
    >>>nobody:NP:6445::::::
    >>>noaccess:NP:6445::::::
    >>>nobody4:NP:6445::::::
    >>>cpds65:4qX7KcRE.Yhls:12478::::::
    >>>+::::::::
    >>>
    >>>How can I change the guest login to have a home directory of
    >>>/export/home/tmp/$USERID? I'm sure it's a local file somewhere
    >>>but I don't know which one.
    >>>
    >>>Thanks in advance to all who help!!!

    >>
    >>Well I see a problem with your passwd and shadow files. Line 13 in both
    >>files should start with a username, which doesn't match.

    >
    >
    > Assuming you are talking about this line?
    >
    >
    >>>+::60001:10::/export/home:/bin/csh

    >
    >
    > That does NOT need to start with a user name - what it says its to look up
    > names from NIS until a match is found, and then over-ride the users home dir
    > and shell. You can't over-ride UID/GID - those are there as a security measure
    > in case NIS is down. In fact, the GID should be the GID for 'nogroup'...
    > perfectly valid NIS syntax.
    >
    > [snip]
    >
    > To the OP - why are you over-riding everyone's home dir and shell? Change that
    > line to:
    >
    > +::60001:10:::
    >
    > and you'll probably get what you want. However, if you are allowing *all* NIS
    > entries (as you are), its probably better to change your /etc/nsswitch from:
    >
    > passwd: compat
    > shadow: compat
    > group: compat
    >
    > to:
    >
    > passwd: files nis
    > shadow: files nis
    > group: files nis
    >
    > And then you don't need the '+' entries...
    >
    > Kevin


    Thanks Kevin!! You were right about the /etc/nsswitch.conf file. I
    found the rest of the problem was due to the /export/home not having a
    ..login file. Now for some reason, the 'mkdir' command wont run when
    I login with my id that's not in the /etc/passwd file. It gives a
    "permission denied" error as soon as I login. It stops running the
    ..login file as soon as it hits the 'mkdir' command. It's the exact same
    ..login on both servers but only one will run the 'mkdir' command.
    Here's the .login file:
    # Setup the search path for use within this shell script:
    #
    # *** Note: Do not attempt to change the following `path' variable. ***
    # *** This variable only has effect within this script and does ***
    # *** not carry over into the user environment. If you wish to ***
    # *** change your default `path', edit your .corprc file. A ***
    # *** default .corprc file is provided as ***
    # *** /opt/corp/local/lib/stdlogin/bnr.corprc, and a UNIX man ***
    # *** page called corprc(5) is available on-line by typing 'man ***
    # *** corprc' (without the quotes). ***
    #
    set path=( /bin /usr/bin /usr/ucb /opt/cdmatools/start/bin
    /opt/corp/tools/Tornado/host/sun4
    -solaris2/bin /usr/openwin/bin /etc /usr/sbin )


    # Set up the terminal line characteristics:
    /bin/tty >&/dev/null
    if ( $status == 0 ) then
    # *** Note: The following stty is common to all platforms. ***
    #stty erase "^H" kill "^U" intr "^C" eof "^D" susp "^Z" dsusp "^Y"
    # *** Note: While the following stty is necessary on the Sun ***
    # *** and HP systems, it does nothing but produce an ***
    # *** error on the Apollos. Thus stderr is redirected. ***
    #
    stty hupcl ixon ixoff >&/dev/null
    endif

    # Set up the environment variables:
    # *** Note: Don't add any other environment definitions to this file.
    # *** Place them in your .corprc file instead. See the corprc(5)
    # *** man page for more information.
    #
    setenv EDITOR vi # Default editor


    # Set up the standard shell charateristics:
    #
    umask 027 # Keep files / directories secure.


    # Make a temporary guest directory if one does not exist
    set GUESTDIR=`pwd`
    if ( ! -d $GUESTDIR/tmp/$LOGNAME ) then
    mkdir $GUESTDIR/tmp/$LOGNAME
    endif

    # Set home directory up properly
    set home=$GUESTDIR/tmp/$LOGNAME
    cd

    # Copy in default startup files
    if ( ! -f $HOME/.cshrc ) then
    cp $GUESTDIR/.cshrc $HOME/.cshrc
    cp $GUESTDIR/.logout $HOME/.logout
    endif
    if ( ! -f $HOME/.bnrrc ) then
    cp $GUESTDIR/.bnrrc $HOME/.bnrrc
    ln -s .bnrrc .corprc
    endif

    # Print warning message to all guest account users
    echo ''
    echo '######################################'
    echo YOU ARE LOGGED IN THE GUEST ACCOUNT.
    echo PLEASE READ $GUESTDIR/README
    echo FOR DETAILS ON GUEST ACCOUNT POLICIES.
    echo '######################################'
    echo ''

    # Source .cshrc in new home directory. This accounts for:
    # 1) any user customisations,
    # 2) the fact than on Suns .cshrc must be owned by the user.
    #
    source .cshrc

    Thanks, Kurt

+ Reply to Thread