HPE Community
Operating System - HP-UX
1836385 Members
3669 Online
110100 Solutions
New Discussion

Re: Why add +::-2:60001::: to /etc/passwd when NIS?

 
leereg_3
New Member

‎06-20-2001 06:48 PM

‎06-20-2001 06:48 PM

Why add +::-2:60001::: to /etc/passwd when NIS?

Why we must append the line
+::-2:60001:::to/etc/passwd
and append the line
+:*:* to /etc/group
what do that mean?


Thanks in advance!

Always UNIX
0 Kudos
Reply
3 REPLIES 3
Patrick Wallek
Honored Contributor

‎06-20-2001 06:59 PM

‎06-20-2001 06:59 PM

Re: Why add +::-2:60001::: to /etc/passwd when NIS?

For more information on NIS and how to set up a slave server and the reasoning behind the entries in /etc/passwd and /etc/group see the following manual:

http://docs.hp.com/hpux/onlinedocs/B1031-90000/B1031-90000.html

To paraphrase the manual:

/etc/passwd:
+::-2:60001:::
The plus sign (+) causes processes to consult NIS for any user information not found in the local /etc/passwd file.

The -2 in the user ID field restricts the access of people who may attempt to log in using "+" as a valid user name when NIS is not running. Anyone who successfully logs in as "+" will be granted only the access permissions of user nobody.


/etc/group:
+:*:*
The plus sign (+) causes processes to consult NIS for any group information not found in the local /etc/group file. The asterisk (*) in the password field prevents people from using the plus sign as a valid group name if NIS is not running.

The changes you make to the /etc/group file on an NIS slave server are the same changes you make on an NIS client.
0 Kudos
Reply
Ravi_8
Honored Contributor

‎06-20-2001 10:37 PM

‎06-20-2001 10:37 PM

Re: Why add +::-2:60001::: to /etc/passwd when NIS?


+::-2:60001::: in passwd file,
The plus sign (+) causes processes to consult NIS for any user information not found in the local /etc/passwd file.

The -2 in the user ID field restricts the access of people who may attempt to log in using "+" as a valid user name when NIS is not running. Anyone who successfully logs in as "+" will be granted only the access permissions of user nobody.(user nobody's uid will be less than or equal to -2 or greater than or equal to 60001) since unix can create uid's max upto 60000.

+:*:* in group file,
The plus sign (+) causes processes to consult NIS for any group information not found in the local /etc/group file. The asterisk (*) in the password field prevents people from using the plus sign as a valid group name if NIS is not running.



never give up
0 Kudos
Reply
leereg_3
New Member

‎06-21-2001 02:10 AM

‎06-21-2001 02:10 AM

Re: Why add +::-2:60001::: to /etc/passwd when NIS?

Thanks a lot for your kind help!

Have a nice day!
Always UNIX
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.