1833770 Members
2357 Online
110063 Solutions
New Discussion

Re: Nis-problem

 
SOLVED
Go to solution
Kassler
Advisor

Nis-problem

Hello!

I have a problem concerning nis.
I have a nis-master server (L3000, HP-UX 11.00)
and 9 clients.

If i want to change a group-id on the client
eg. newgrp example
i get following message:

Unknown group

With the command

ypcat -d mikron group

he shows me all groups from the nis server.

The other maps (hosts, passwd, ..)
have no problems.

Thanks for your help.
..... searching for the best way(s) ...
3 REPLIES 3
Alex Glennie
Honored Contributor
Solution

Re: Nis-problem

This looks similar ....

Changing groups w/newgrp, NIS clients fail with "Unknown group"


From 11.0 client as certain users (I'll use joe for example),
I issue the "id" command and see the following :

$ id
uid=201(joe) gid=20() groups=121(),14(),10(),678(),3001(),100(),109(),300()

I can only newgrp to the first 3 GIDs (20,121, and 14) ...
any other GIDs I try to "newgrp" to gives me the

"Unknown group" message


CONFIGURATION

NIS Master Server is on hp-ux 10.20
NIS Clients are on hp-ux 11.0

RESOLUTION

Since the 3 of 9 groups are in sequence as listed in the group map as seen with
a 'ypcat group' from client ...

# ypcat group | grep joe
users:*:20:joe,larry,curly,moe,sam,bill,diane
hwdev:*:121:larry,curly,moe,sam,bill,diane,joe
sysad:*:14:larry,joe,curly,moe,sam,bill,diane
staff:*:10:larry,curly,joe,moe,sam,bill,diane
admin:*:678:larry,curly,moe,sam,joe,bill,diane
piled:*:3001:larry,curly,moe,sam,bill,joe,diane
tummy:*:100:larry,curly,moe,sam,bill,diane,joe
lomos:*:109:larry,joe,curly,moe,sam,bill,diane
htool:*:300:joe,larry,curly,moe,sam,bill,diane

... looking thru map file to see if there are any anomalies between the
following entries in group map ...

sysad:*:14:larry,joe,curly,moe,sam,bill,diane
staff:*:10:larry,curly,joe,moe,sam,bill,diane

... and found the following :

carrier:*:403 <--- Notice no colon(:)

This should be ...

carrier:*:403:

After making this modification in the master group map, rebuilding and pushing
the group map, I can now newgrp to all of my groups from my 11.0 client.


NOTE: The above exclusion of a simple colon (:) is not the only stray
character that can cause the above problem symptoms. Look closely for any
stray or corrupt or missing characters that may be throwing your ability to
change groups off.

If you are having trouble finding any corruption in the group file upon visual
inspection, you also have use of the /usr/sbin/grpck command. grpck
verifies all entries in a "group" file and reports any inconsistencies with
regard to the number of fields, group name, group ID, and checks if login
names appear in the /etc/passwd file. The default group file is /etc/group
although any group file can be checked. This allows you to pull the NIS group
map from the master and run a check on it as well. For example :

ypcat group > /tmp/group 2>&1; grpck /tmp/group.

The message for the above example would be "Too many/few fields"
(NOTE: You will most likely see alot of Logname not found in password
file entries since the NIS master group map has alot of usernames that do
not exist in the NIS clients local /etc/passwd file).
Alex Glennie
Honored Contributor

Re: Nis-problem

and this looks very relevant ;)

HCO_22096
s700_800 11.00 cumulative newgrp(1) patch
Document Information Table

Patch Name: PHCO_22096

Patch Description: s700_800 11.00 cumulative newgrp(1) patch

Creation Date: 00/08/03

Post Date: 00/08/09

Hardware Platforms - OS Releases:
s700: 11.00
s800: 11.00

Products: N/A

Filesets:
OS-Core.CMDS-AUX,fr=B.11.00,fa=HP-UX_B.11.00_32/64,v=HP

Automatic Reboot?: No

Status: General Release

Critical:
Yes
PHCO_22096: OTHER
Previous patch was critical.
[PHCO_22021/PACHRDME/English] : OTHER
Previous patch was critical.
[PHCO_14044/PACHRDME/English] : OTHER
The present /usr/bin/newgrp doesn't identify
NIS groups.
This is a critical defect.

Category Tags:
defect_repair general_release critical

Path Name: /hp-ux_patches/s700_800/11.X/PHCO_22096

Symptoms:
PHCO_22096:
1. newgrp is not changing user group properly.

[PHCO_22021/PACHRDME/English] :
1. newgrp command can use the wrong id and
password when group password matches with
the password of some other group.

[PHCO_14044/PACHRDME/English] :
1. Missing keyword "critical" in the Category Tags field.

[PHCO_13214/PACHRDME/English] :
1. /usr/bin/newgrp doesn't identify NIS groups.
If the system is an NIS client and the group
argument to newgrp is defined in NIS database
only, newgrp exits with "Unknown group" error.

Defect Description:
PHCO_22096:
1. newgrp is not changing user group properly.
Memory allocation was done for storing NULL
passwords also.

Kassler
Advisor

Re: Nis-problem

Hello Alex!

Thanks for your fast reply.

Yes there was an error in
the master group-file.

Thanks.
..... searching for the best way(s) ...