HPE Community
Operating System - HP-UX
1838576 Members
4117 Online
110128 Solutions
New Discussion

Re: Making manual changes to NIS passwd file

 
Nick Webb
New Member

‎09-26-2002 01:34 PM

‎09-26-2002 01:34 PM

Making manual changes to NIS passwd file

Hi,

We have a few invalid accounts in our NIS passwd file (user name over 8 characters) and wish to remove them. We usually user the usermod.sam utility, but it won't work with a 9 character user. I was planning on doing something like this:

ed passwd < passwd.ed

Where passwd.ed contains:
,s/unxtest/unxtst/g
,s/Unix\ Test/Unix\ eTest/g
w
q

To make the accounts only have a 8 character user field, but do I need to lock the file in some way? I don't want other users to make changes to the file underneath me. I've looked for what file to lock, but I don't see anything, only /etc/.pwd.lock for non YP passwords).

Thanks.
0 Kudos
Reply
6 REPLIES 6
S.K. Chan
Honored Contributor

‎09-26-2002 03:00 PM

‎09-26-2002 03:00 PM

Re: Making manual changes to NIS passwd file

My suggestion is to use "vipw" hence utilizing the file /etc/ptmp to lock the password file. Do ..
# man vipw
for details but basically this is how you can make it work. First of all the passwd.ed file needs some changes, for example (substitute "unxtest" with "unxtst") ..

:g/unxtest/s//unxtst/g
:wq!

First just test if the substitution work..before that make a copy of the original passwd file.
# vipw < passwd.ed
If the substitution string works, try this next, copy the backed up passwd file back to it's original content.
# touch /etc/ptmp
==> Create the lock file.
# vipw < passwd.ed
You'll get an error preventing you from editing the passwd file.. something like .."file busy, try again". Remove /etc/ptmp to "unlock" the passwd file.
0 Kudos
Reply
Nick Webb
New Member

‎09-27-2002 12:46 PM

‎09-27-2002 12:46 PM

Re: Making manual changes to NIS passwd file

Thanks Chan, but that will only work for local accounts. I'm not talking about /etc/passwd here, but rather the NIS passwd file.
0 Kudos
Reply
V. Nyga
Honored Contributor

‎09-30-2002 05:08 AM

‎09-30-2002 05:08 AM

Re: Making manual changes to NIS passwd file

Hi Nick,

you can change the NIS passwd file only at the NIS server self.

Volkmar
*** Say 'Thanks' with Kudos ***
0 Kudos
Reply
A. Clay Stephenson
Acclaimed Contributor

‎09-30-2002 06:07 AM

‎09-30-2002 06:07 AM

Re: Making manual changes to NIS passwd file

Normally, /etc/passwd on your NIS master server is the NIS passwd file (to use your terminology). You would need to examine /var/yp/Makefile on the master server to see if the source file for the passwd map is not /etc/passwd.

If you create a file /etc/passwd.tmp, it will prevent others from using vipw to change the passwd file but does not prevent anyone from changing the passwd file with any other tool than vipw. Users can still modify the file using vi, sed, awk, perl, ... .

After making your changes to the passwd source file, you will need to update the passwd map and push the changes. You do this by cd'ing to /var/yp and then issueing a simple 'make' command without arguments.

Important: When you are editing the passwd file, make sure that you are logged in as root in at least two sessions and that you have a copy of the passwd file. You can then get yourself out of trouble as fast as you got yourself in.
If it ain't broke, I can fix that.
0 Kudos
Reply
Shannon Petry
Honored Contributor

‎09-30-2002 09:27 AM

‎09-30-2002 09:27 AM

Re: Making manual changes to NIS passwd file

Just to add to the Makefile issues, the passwd file can also be defined in /var/yp/ypmake. (I use the ypmake script, and not the Makefile).

The NIS map is a database copy of the /etc/passwd or NIS defined passwd file.

If you wanted to edit the database itself, you would have to write your own code to do so.

Regards,
Shannon
Microsoft. When do you want a virus today?
0 Kudos
Reply
Khalid A. Al-Tayaran
Valued Contributor

‎09-30-2002 09:43 PM

‎09-30-2002 09:43 PM

Re: Making manual changes to NIS passwd file

HI,

You can use yppasswd
The yppasswd command is a link to the passwd -r nis command.

See man yppasswd fo details...

Remember that yppasswd prompts for the old NIS password (even if it does not exist).

Regards,,,,,
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.