On Wed, 2005-07-27 at 22:08 -0400, Peter Arremann wrote: > On Wednesday 27 July 2005 21:50, P Jones wrote: > > Hi all; > > > > I have a Centos 4.1 server and three FC4 workstations in my little > > network. I just started using NIS for authentication and NFS for /home > > serving. For fun I did a quick Ubuntu install on one machine, and ran > > into the wall when it came to differences between groups/GIDs. For > > example, Debian has the audio group GID 29, and RH/FC has rpcusers at > > 29, and RH/FC doesn't seem to have an audio group, so my Ubuntu > > machine user couldn't get access to the sound card unless I granted > > access using pam_group on the client. I like the idea of NOT having to > > touch the client, just controlling access from the server. > *nods* Yeah - good luck with that... We have it even worse - we got HP-UX, > Solaris, AIX and Linux in different versions everywhere... Most people wonder > why when they first log into their Linux box, their user ID shows up as > "games" :-D > Anyway - the solution is easy... there is none. Either you mod the groups on > your client or you find another way to work around your issue... We have RHL9, RHEL3, RHEL4, FC1, FC3, FC4, HP-UX and Solaris boxes at $WORKPLACE all using the same NIS. The way we do it is to use NIS only for regular user accounts, and we use UIDs >= 1000 for this. We use separate files /etc/passwd.nis and /etc/group.nis on the NIS master server (HP-UX) rather than its own /etc/passwd and /etc/group to create the NIS databases. This is done by modifying the Makefile on the NIS master server. So each client uses its own UIDs for system accounts (< UID 1000) and NIS for user accounts. Works fine. Paul. -- Paul Howarth <paul@xxxxxxxxxxxx>
