Re: entry in /etc/passwd

From: Jamie (aouf77@dsl.pipex.com)
Date: 05/01/02


From: Jamie <aouf77@dsl.pipex.com>
To: Yannis Nikolopoulos <yanodd@otenet.gr>, focus-linux@securityfocus.com
Date: Wed, 1 May 2002 21:07:39 +0100

On Tuesday 30 Apr 2002 10:57 am, Yannis Nikolopoulos wrote:
> Hey all,
>
> yesterday I noticed that the last line of my /etc/passwd file
> was something like :
> +::0::0
>
> I didnt put it and it was definitely not there before :)
> I vaguely remember that it has something to do with NIS..

You are right - the '+' signifies that we'll consult the NIS maps
passwd.byname and passwd.byuid for any users not in /etc/passwd.

Now I did a quick search on the ::0::0 part and it looks like any
users who can successfully authenticate themselves via the NIS maps will be
given uid 0 and their GCOS / Comment field entry will be mapped to 0 which
sounds kinda dangerous....

BUT I think the above is only true for older Unix boxes as most now use
/etc/nsswitch.conf to decide whether they will use NIS or not. I think for
the above to work you would need to have the word 'compat' in the passwd line
of your /etc/nsswitch.conf file.

Assuming you have NIS setup on your boxes the quickest way to find out if the
above is true is to try it yourself.

Anyway, hope this helps and let me know how you get on.

Ta leme, ;-)

-jamie.



Relevant Pages

  • [SUMMARY] Convert NIS --> Java Directory Server 6.2 (LDAP)?
    ... The N2L service is the Sun-provided way to convert NIS maps to LDAP. ... It's a service that makes your NIS master receive info from an LDAP ... I'm interested in the conversion of data into an LDAP server, ...
    (SunManagers)
  • Re: Auitomounter and NIS on Linux
    ... > NIS domain to which the client belongs. ... > map.All the NIS maps are visible on the client node1.e.g. ... > so that I can specify the NFS mounts via the NIS maps to my client ...
    (comp.os.linux.misc)
  • NIS, Automounter and NFS
    ... NIS domain to which the client belongs. ... My client, node1 is a NFS client of NFS server, nfs1, and a NIS client ... map.All the NIS maps are visible on the client node1.e.g. ...
    (comp.os.linux.networking)
  • Automounter and NIS problem in Linux
    ... NIS domain to which the client belongs. ... My client, node1 is a NFS client of NFS server, nfs1, and a NIS client ... map.All the NIS maps are visible on the client node1.e.g. ...
    (comp.os.linux.setup)
  • Auitomounter and NIS on Linux
    ... NIS domain to which the client belongs. ... My client, node1 is a NFS client of NFS server, nfs1, and a NIS client ... map.All the NIS maps are visible on the client node1.e.g. ...
    (comp.os.linux.misc)