June 2000
Intermediate to advanced
512 pages
15h 18m
English
Content preview from Linux Network Administrator's Guide, Second EditionBecome an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
Using NIS with Shadow Support
Using NIS in conjunction with shadow password files is somewhat problematic.
First we have some bad news: using NIS defeats the goals of shadow passwords.
The shadow password scheme was designed to prevent
nonroot users from having access to the encrypted form of the login
passwords. Using NIS to share shadow data by necessity
makes the encrypted passwords available to any user who can listen to the NIS
server replies on the network. A policy to enforce users to choose
“good” passwords is arguably better than trying to shadow
passwords in an NIS environment. Let’s take a quick look at how you do it,
should you decide to forge on ahead.
In libc5 there is no real solution to sharing shadow data
using NIS. The only way to distribute password and user information by NIS is
through the standard passwd.* maps. If you do have
shadow passwords installed, the easiest way to share them is to generate a
proper passwd file from /etc/shadow
using tools like pwuncov, and create the NIS maps from
that file.
Of course, there are some hacks necessary to use NIS and shadow passwords at
the same time, for instance, by installing an /etc/shadow
file on each host in the network, while distributing user information, through
NIS. However, this hack is really crude and defies the goal of NIS,
which is to ease system administration.
The NIS support in the GNU libc library (libc6) provides support for shadow password databases. It does not provide any real solution to making ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.