Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   CentOS (http://www.linux-archive.org/centos/)
-   -   Odd issue with C6 and NIS (http://www.linux-archive.org/centos/580830-odd-issue-c6-nis.html)

"James A. Peltier" 09-27-2011 06:55 PM

Odd issue with C6 and NIS
 
I seem to have this very odd issue with CentOS 6 WRT NIS. I have taken the package selection that I used with CentOS 5 and basically plopped it into my C6 kickstart file (see below). On C5 this works just fine and I'm able to log in with NIS credentials just fine. However, it looks like on C6 if you use a package selection like this, you also need to specify the yp-tools package as part of the kickstart *even though* you specify an authentication method of NIS in the kickstart. Seems like a bug to me?!?



auth --useshadow --enablemd5 --enablenis --nisdomain test --nisserver yp.example.com

%packages
@core
augeas
autofs
dstat
nfs-utils
ntp
openssh
openssh-clients
openssh-server
portreserve
puppet
redhat-lsb
rsh-server
sendmail
sendmail-cf
sudo
sysstat
tcp_wrappers
wget
xinetd
yum-utils
%end


--
James A. Peltier
IT Services - Research Computing Group
Simon Fraser University - Burnaby Campus
Phone : 778-782-6573
Fax : 778-782-3045
E-Mail : jpeltier@sfu.ca
Website : http://www.sfu.ca/itservices
http://blogs.sfu.ca/people/jpeltier
I will do the best I can with the talent I have

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Jim Perrin 09-27-2011 07:00 PM

Odd issue with C6 and NIS
 
On Tue, Sep 27, 2011 at 1:55 PM, James A. Peltier <jpeltier@sfu.ca> wrote:

> I seem to have this very odd issue with CentOS 6 WRT NIS. I have taken the
> package selection that I used with CentOS 5 and basically plopped it into my
> C6 kickstart file (see below). On C5 this works just fine and I'm able to
> log in with NIS credentials just fine. However, it looks like on C6 if you
> use a package selection like this, you also need to specify the yp-tools
> package as part of the kickstart *even though* you specify an authentication
> method of NIS in the kickstart. Seems like a bug to me?!?
>

Current versions of fedora do this as well, in addition to f15 having a
buggy startup script for yp*. I agree with you that if you specify auth, the
tools for it should be there. That said, NIS needs to die. Quickly.

--
During times of universal deceit, telling the truth becomes a revolutionary
act.
George Orwell
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Joe Pruett 09-29-2011 04:18 PM

Odd issue with C6 and NIS
 
On 09/27/2011 11:55 AM, James A. Peltier wrote:
> I seem to have this very odd issue with CentOS 6 WRT NIS. I have taken the package selection that I used with CentOS 5 and basically plopped it into my C6 kickstart file (see below). On C5 this works just fine and I'm able to log in with NIS credentials just fine. However, it looks like on C6 if you use a package selection like this, you also need to specify the yp-tools package as part of the kickstart *even though* you specify an authentication method of NIS in the kickstart. Seems like a bug to me?!?
since you mention nis, i'll guess you use automount as well. so be
warned that centos 6 has some issues with automount. if automount
requests are made rapidly (like on a mail server delivery to a large
alias), it will quickly start failing to mount directories and get stuck
that way for minutes. i don't have access to r*dh*t box to determine if
this has been fixed with all the 6.1 updates. needless to say i can't
roll out centos 6 yet.

i have filed a centos bug (4984), but since i can't compare against
upstream, i don't know for sure where the problem lies.
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Alain Péan 09-29-2011 04:23 PM

Odd issue with C6 and NIS
 
Hi Joe,

Le 29/09/2011 18:18, Joe Pruett a écrit :
> since you mention nis, i'll guess you use automount as well. so be
> warned that centos 6 has some issues with automount. if automount
> requests are made rapidly (like on a mail server delivery to a large
> alias), it will quickly start failing to mount directories and get stuck
> that way for minutes. i don't have access to r*dh*t box to determine if
> this has been fixed with all the 6.1 updates. needless to say i can't
> roll out centos 6 yet.

Did you try to install the CentOS 6 CR repo (continuous releaes), which
brings to 6.0 the updates from 6.1 ? See :
https://www.centos.org/modules/newbb/viewtopic.php?topic_id=33458&forum=53

See if it solves the problem.

Alain

--
================================================== ========
Alain Péan - LPP/CNRS
Administrateur Système/Réseau
Laboratoire de Physique des Plasmas - UMR 7648
Observatoire de Saint-Maur
4, av de Neptune, Bat. A
94100 Saint-Maur des Fossés
Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33
================================================== ========

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Joe Pruett 09-29-2011 06:38 PM

Odd issue with C6 and NIS
 
On 09/29/2011 09:23 AM, Alain Péan wrote:
> Hi Joe,
>
> Le 29/09/2011 18:18, Joe Pruett a écrit :
>> since you mention nis, i'll guess you use automount as well. so be
>> warned that centos 6 has some issues with automount. if automount
>> requests are made rapidly (like on a mail server delivery to a large
>> alias), it will quickly start failing to mount directories and get stuck
>> that way for minutes. i don't have access to r*dh*t box to determine if
>> this has been fixed with all the 6.1 updates. needless to say i can't
>> roll out centos 6 yet.
> Did you try to install the CentOS 6 CR repo (continuous releaes), which
> brings to 6.0 the updates from 6.1 ? See :
> https://www.centos.org/modules/newbb/viewtopic.php?topic_id=33458&forum=53
>
> See if it solves the problem.
sorry, forgot to mention that i have applied the cr updates. but i
don't think the cr has everything from 6.1 yet (no new kernel, which i'd
guess there will be). since the devs are still having issues with
getting 6.1 to fully compile, i expect more packages to show up. there
was an autofs update, but that didn't help the situation.
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

10-05-2011 10:32 PM

Odd issue with C6 and NIS
 
In article <CALSzgHHTWLD-rW1tQ+Z+EUGK+wRRC47ygg31+FC2TrPYp-yZWQ@mail.gmail.com>, Jim Perrin <centos@centos.org> wrote:
>...
>Current versions of fedora do this as well, in addition to f15 having a
>buggy startup script for yp*. I agree with you that if you specify auth, the
>tools for it should be there.
>
>That said, NIS needs to die. Quickly.

Why? I'll grant NIS is insecure at best for login auth, and should not
be used for that purpose (at least not outside the lab).

But for other purposes e.g. automount maps, NIS is simple and easy and
still functional.

I'll also readily agree I wouldn't want NIS on internet-facing systems,
but for things like automount maps on the internal corporate LAN, is
it really a catastropic problem?

Cheers,
sr.
--
|| Steve Rikli ||| ||
|| Systems Administrator ||| How can something that is almost 3 MB ||
|| Genyosha Networks ||| in size be called a "kernel"? ||
|| sr@genyosha.net ||| ||

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

John Hodrien 10-06-2011 08:38 AM

Odd issue with C6 and NIS
 
On Wed, 5 Oct 2011, Steve Rikli wrote:

> Why? I'll grant NIS is insecure at best for login auth, and should not
> be used for that purpose (at least not outside the lab).
>
> But for other purposes e.g. automount maps, NIS is simple and easy and
> still functional.
>
> I'll also readily agree I wouldn't want NIS on internet-facing systems,
> but for things like automount maps on the internal corporate LAN, is
> it really a catastropic problem?

The problem you get is when you compare it with LDAP.

jh
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

"James A. Peltier" 10-06-2011 08:51 AM

Odd issue with C6 and NIS
 
----- Original Message -----
| On Wed, 5 Oct 2011, Steve Rikli wrote:
|
| > Why? I'll grant NIS is insecure at best for login auth, and should
| > not
| > be used for that purpose (at least not outside the lab).
| >
| > But for other purposes e.g. automount maps, NIS is simple and easy
| > and
| > still functional.
| >
| > I'll also readily agree I wouldn't want NIS on internet-facing
| > systems,
| > but for things like automount maps on the internal corporate LAN, is
| > it really a catastropic problem?
|
| The problem you get is when you compare it with LDAP.
|
| jh

There is no comparison. NIS is *much* faster than LDAP for these purposes.

--
James A. Peltier
IT Services - Research Computing Group
Simon Fraser University - Burnaby Campus
Phone : 778-782-6573
Fax : 778-782-3045
E-Mail : jpeltier@sfu.ca
Website : http://www.sfu.ca/itservices
http://blogs.sfu.ca/people/jpeltier
I will do the best I can with the talent I have

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

John Hodrien 10-06-2011 09:07 AM

Odd issue with C6 and NIS
 
On Thu, 6 Oct 2011, James A. Peltier wrote:

> | The problem you get is when you compare it with LDAP.
> |
> | jh
>
> There is no comparison. NIS is *much* faster than LDAP for these purposes.

And slow (and let's put it into context here, not *that* slow) performance of
automount map resolution bites your setup how?

jh
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

10-06-2011 06:44 PM

Odd issue with C6 and NIS
 
In article <alpine.LRH.2.00.1110060937180.9689@pfcpm187.yrrqf .np.hx>, John Hodrien <centos@centos.org> wrote:
>On Wed, 5 Oct 2011, Steve Rikli wrote:
>
>> ...
>> I'll also readily agree I wouldn't want NIS on internet-facing systems,
>> but for things like automount maps on the internal corporate LAN, is
>> it really a catastropic problem?
>
>The problem you get is when you compare it with LDAP.

Compare in what way? What characteristics are you contrasting? I'm
genuinely trying to understand the problem you're talking about for
the case I've presented, and pro-con from someone who has done both
would be appreciated.

Thanks,
sr.

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


All times are GMT. The time now is 01:48 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.