2

I have set up a NIS server and several NIS clients. I have a user and a group on the NIS server like so:

/etc/passwd:  myself:x:5000:5000:,,,:/home/myself:/bin/bash
/etc/group:   fishy:x:3001:otheruser,etc,myself,moreppl

I imported the users and groups on the NIS client by adding +:::::: to /etc/passwd and +::: to /etc/group.

I can log in to the NIS client, but when I run groups, fishy is not listed. But getent group fishy shows that it was imported correctly and lists me as a member. And if I do sudo su - myself, then suddenly groups says I am in the group!

I also had nscd installed, and the groups worked correctly for a while. It seemed like after being logged in for a while, I would silently be dropped out of the group. If I restarted nscd and logged in again, then the groups worked correctly...for a while.

There are no UID or GID conflicts with local users or groups.

Update: Contents of /etc/nsswitch.conf:

passwd:         compat
group:          compat
shadow:         compat

hosts:          files nis dns
networks:       files

protocols:      db files
services:       db files
ethers:         db files
rpc:            db files

netgroup:       nis
aliases:        nis files
Brian
  • 766
  • 1
  • 6
  • 14
  • are you by any chance running [`nscd`](http://linux.die.net/man/8/nscd), also known as "Ye wretched bane of my existence"? – voretaq7 Sep 27 '12 at 18:31
  • 1
    I described the role of nscd in all of this in the second-to-last paragraph. I was running nscd at first but uninstalled it to eliminate it as the cause. – Brian Sep 27 '12 at 19:56
  • So you did.... blind today I am! Second question - "Do you have more than one NIS server?" (the behavior you're describing in that paragraph sounds like you may have a slave that isn't getting updates - assuming you're adding yourself to a group in an existing environment?) – voretaq7 Sep 27 '12 at 19:56
  • What does your /etc/nsswitch file look like? How many groups are you in total? There is a limit to the number of groups automatically initialized on many UNIX/Linux systems. – mdpc Sep 27 '12 at 20:01
  • @mdpc, updated with /etc/nsswitch.conf. What really confuses me is why my NIS groups don't appear when I log in, but after `sudo su - myself` then they do. Seems like bad permissions on something, but I have no idea what... – Brian Sep 27 '12 at 20:16
  • @voretaq7, nope, just one NIS server; no slaves. – Brian Sep 27 '12 at 20:17
  • You might want to add the output from 'uname -a' and the contents of /etc/*release .... and the output from 'id -a' BEFORE and AFTER you do the su to yourself. – mdpc Sep 27 '12 at 20:59
  • Yup, ncsd was doing it for me, stop the daemon and the NIS groups show up, start it again and they disappear again. so I stopped nscd caching group in nscd.conf, restarted the daemon and it works. – user2978573 Nov 10 '15 at 14:56

1 Answers1

1

I don't remember where I found the solution for this, but I was able to solve it by adding "nis" to the "group" line in /etc/nsswitch.conf:

passwd:         compat
group:          compat nis
shadow:         compat
Brian
  • 766
  • 1
  • 6
  • 14