IRIX Base Documentation 2002 November

home *** CD-ROM | disk | FTP | other *** search

/ IRIX Base Documentation 2002 November / SGI IRIX Base Documentation 2002 November.iso / usr / share / catman / a_man / cat1 / rpc.passw.z / rpc.passw

Wrap

Text File | 2002-10-03 | 7.8 KB | 199 lines

rrrrppppcccc....ppppaaaasssssssswwwwdddd((((1111MMMM)))) rrrrppppcccc....ppppaaaasssssssswwwwdddd((((1111MMMM)))) NNNNAAAAMMMMEEEE rpc.passwd - server for modifying NIS password file SSSSYYYYNNNNOOOOPPPPSSSSIIIISSSS ////uuuussssrrrr////eeeettttcccc////rrrrppppcccc....ppppaaaasssssssswwwwdddd [[----DDDD _d_i_r_e_c_t_o_r_y]|_p_a_s_s_w_o_r_d_f_i_l_e] [----nnnnooooggggeeeeccccoooossss] [----nnnnoooosssshhhheeeellllllll] [----nnnnooooppppwwww] [----nnnnooooddddiiiirrrr] [----aaaalllllllloooowwwwddddiiiirrrr] [----mmmm _a_r_g_1 _a_r_g_2 ...] DDDDEEEESSSSCCCCRRRRIIIIPPPPTTTTIIIIOOOONNNN _r_p_c._p_a_s_s_w_d is a server that handles password change requests from _y_p_p_a_s_s_w_d(1). It changes a password entry in the passwd file or, if present, the shadow file. These files provide the basis for the _p_a_s_s_w_d._b_y_n_a_m_e and _p_a_s_s_w_d._b_y_u_i_d maps. Entries in the passwd or shadow files are only changed if the password presented by yppasswd(1) matches the encrypted password of the entry. This server should be run on the host serving as the network information service (NIS) master. It is started from the /_e_t_c/_i_n_i_t._d/_n_e_t_w_o_r_k startup script if the yyyypppp and yyyyppppmmmmaaaasssstttteeeerrrr configuration flags are set on (see _n_e_t_w_o_r_k(1M)). For backward compatibility for IRIX versions prior to 6.5.14, if the shadow file is used, the _s_h_a_d_o_w._b_y_n_a_m_e map is built along with _p_a_s_s_w_d._b_y_n_a_m_e and _p_a_s_s_w_d._b_y_u_i_d. For more information configuration info on shadow see man page shadow(4). If the ----DDDD option is given the passwd or shadow files are located under the directory path specified with -D. The default directory for the passwd or shadow files is /_e_t_c. If the ----DDDD option is used, the PPPPWWWWDDDDIIIIRRRR variable in /_e_t_c/_c_o_n_f_i_g/_y_p_m_a_s_t_e_r._o_p_t_i_o_n_s, should be set to match directory specified on the command line, i.e. PWDIR=_d_i_r_e_c_t_o_r_y Note that if PPPPWWWWDDDDIIIIRRRR is set in /_e_t_c/_c_o_n_f_i_g/_y_p_m_a_s_t_e_r._o_p_t_i_o_n_s, /_e_t_c/_c_o_n_f_i_g/_r_p_c._p_a_s_s_w_d._o_p_t_i_o_n_s is not used to specify options for rrrrppppcccc....ppppaaaasssssssswwwwdddd.... If, instead of specifying a directory with ----DDDD, the _p_a_s_s_w_o_r_d_f_i_l_e is used, it should provide the full pathname of the password file. If a shadow file is found in the same directory as _p_a_s_s_w_o_r_d_f_i_l_e the shadow file is used as described above and the actual password changes will be made in the shadow file. By default, /_e_t_c/_p_a_s_s_w_d was used as the NIS passwd file. If an alternative is provided by putting ppppaaaasssssssswwwwoooorrrrddddffffiiiilllleeee on the command line (by putting it into /_e_t_c/_c_o_n_f_i_g/_r_p_c._p_a_s_s_w_d._o_p_t_i_o_n_s), the PPPPWWWWFFFFIIIILLLLEEEE variable in /_e_t_c/_c_o_n_f_i_g/_y_p_m_a_s_t_e_r._o_p_t_i_o_n_s should be set to match _p_a_s_s_w_o_r_d_f_i_l_e, specified on the command line, i.e PPPPaaaaggggeeee 1111 rrrrppppcccc....ppppaaaasssssssswwwwdddd((((1111MMMM)))) rrrrppppcccc....ppppaaaasssssssswwwwdddd((((1111MMMM)))) PWFILE=_p_a_s_s_w_o_r_d_f_i_l_e Note that the option of specifying alternative file name is provided for the backward compatibility with IRIX releases prior to 6.5.14 and may be removed in a future release. It is recommended that administrators update their rpc.passwd configurations to use the ----DDDD option (using the PPPPWWWWDDDDIIIIRRRR variable as described above) if an alternate passwd file is being used. Note also that with the use of the ----DDDD option, the literal filenames "passwd" and "shadow" are used in the directory specified with the ----DDDD option. Because the ----DDDD option assumes the use of a directory other than /_e_t_c there is no need for alternate file names such as "passwd.yp". If the ----mmmm option is given, _y_p_m_a_k_e(_1_M) is performed in /_v_a_r/_y_p after the passwd or shadow files are modified. Any arguments following the -m flag are passed to _y_p_m_a_k_e. If the ----nnnnoooosssshhhheeeellllllll, ----nnnnooooggggeeeeccccoooossss, ----nnnnooooddddiiiirrrr or ----nnnnooooppppwwww options are given, these fields may not be changed remotely using yyyyppppcccchhhhppppaaaassssssss(1). Note that ----nnnnooooddddiiiirrrr is the default behavior because security can be compromised by allowing arbitrary directories, use ----aaaalllllllloooowwwwddddiiiirrrr to explicitly allow this feature. ----aaaalllllllloooowwwwddddiiiirrrr, once it has been specified, will override ----nnnnooooddddiiiirrrr. If a user is allowed to change his or her shell either via yyyyppppppppaaaasssssssswwwwdddd(1) or yyyyppppcccchhhhppppaaaassssssss(1) the new shell path is checked against the default list of known shells on a NIS master. By default that list includes /bin/bsh /bin/csh /bin/jsh /bin/ksh /bin/rksh /bin/sh /sbin/bsh /sbin/csh /sbin/jsh /sbin/ksh /sbin/rksh /sbin/sh /usr/bin/bsh /usr/bin/csh /usr/bin/jsh /usr/bin/ksh /usr/bin/rksh /usr/bin/sh /usr/bin/tcsh This list can be changed by creating the file /_e_t_c/_s_h_e_l_l_s, where each line corresponds to one shell path. PPPPaaaaggggeeee 2222 rrrrppppcccc....ppppaaaasssssssswwwwdddd((((1111MMMM)))) rrrrppppcccc....ppppaaaasssssssswwwwdddd((((1111MMMM)))) FFFFIIIILLLLEEEESSSS /etc/passwd /etc/shadow /etc/shells /etc/config/rpc.passwd.options /etc/config/ypmaster.options SSSSEEEEEEEE AAAALLLLSSSSOOOO network(1M), ypmake(1M), yppasswd(1), ypchpass(1), passwd(4), shadow(4), shells(4), ypfiles(4). CCCCAAAAVVVVEEEEAAAATTTT This server will eventually be replaced with a more general service for modifying any NIS map. PPPPaaaaggggeeee 3333