yppasswd failed in FreeBSD9.x

I tried to run a NIS server/client with FreeBSD 9.1 RELEASE on ESXi4.1 and I found that it seems like ypserv and ypbind run well but yppasswd failed.

Those are how I enable and test the NIS service:
  1. Create a new VM and install a fresh FreeBSD 9.1 RELEASE.
  2. Add a user (e.g.: asdf) and copy the entry of the account from /etc/master.passwd to /var/yp/master.passwd.
  3. Use vipw to comment the entry of the account and add +:::::::::.
  4. Add settings below to /etc/rc.conf:
    Code:
    nisdomainname="qwer" #eg
    nis_server_enable="YES"
    nis_client_enable="YES"
    nis_yppasswdd_enable="YES"
  5. Execute domainname "qwer" ; cd /var/yp ; ypinit -m to build the NIS map.
  6. Execute service ypserv start, service ypbind start, service yppasswdd start.
  7. Execute id asdf and ypcat passwd for testing.
  8. Check if rpc.yppasswdd is turned on by rpcinfo | grep yppasswdd.
  9. Execute passwd asdf or yppasswd asdf. Then it would get an error message as below:
    Code:
    # passwd asdf
    Changing NIS password for asdf
    passwd: pam_chauthtok(): error in service module

I tried to reboot, but nothing changed, then I set all.log in syslog.conf but got nothing.

I also tried the steps above in FreeBSD 9.0 RELEASE, 9.2 RC3, 8.3 RELEASE, 8.4 RELEASE. yppasswd $NIS_USERNAME fails in 9.x but successful in 8.x.

I'm not sure if it is a bug in FreeBSD 9.x or something I am doing wrong. I googled the error message with "FreeBSD9" and other keywords, but got nothing, too.
 
This sounds awfully familiar. I had a similar problem when I set up NIS to share users between jails (and the host). I had to add entries to the host's /etc/hosts for every jail. Perhaps something similar will help here. I'm not that familiar with ESXi, but perhaps it helps if you add an entry to /etc/hosts with the IP address of the VM (assuming it has one).
 
fonz said:
but perhaps it helps if you add an entry to /etc/hosts with the IP address of the VM (assuming it has one).

It works! I add an entry in /etc/hosts below
Code:
#IP            #domainname (NIS) but hostname
192.168.1.1    qwer

After installing FreeBSD 8.x , it would add an IP-hostname-hostname.domainname mapping to /etc/hosts, and I take the same name ("qwer") for hostname and domainname. So it works in my test in 8.x is unexpected. I miss the setting in every environment. :r

I think if I didn`t give the argument "-h" to passwd/yppasswd, it would just know in which domainname the account is, so passwd/yppasswd has to refer to DNS or /etc/hosts. So it could work without /etc/hosts like this: passwd -h $YPSERV_IP $USERNAME

Thanks for the help!
 
Back
Top