Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

[Samba] bash change from "root@myserver" to

0 views
Skip to first unread message

suph...@gmx.com

unread,
Jul 8, 2009, 4:02:52 AM7/8/09
to
Hi Guys,

I have posted this subject long time ago but this problem still
persistently happens on my linux+pdc server.

Here is my server detail , CentOs5.1 + Samba-3.0.25b + Fedora Directory
Server

So far every is running fine. It is just one thing I don't understand
what I have done wrong.

Normally if you open teminal window it should be like " [root@myserver
/]" but sometime when I sat in front the server and open a terminal
then it showed "[Administrator@myserver /]# " . And after I rebooted
the server ,it changed back to [root@myserver /]" I could not
reconstruct the problem whether when it will happen again.

Please find below my nsswitch.conf and system-auth file

#
# /etc/nsswitch.conf
#
# An example Name Service Switch config file. This file should be
# sorted with the most-used services at the beginning.
#
# The entry '[NOTFOUND=return]' means that the search for an
# entry should stop if the search in the previous entry turned
# up nothing. Note that if the search failed due to some other reason
# (like no NIS server responding) then the search continues with the
# next entry.
#
# Legal entries are:
#
# nisplus or nis+ Use NIS+ (NIS version 3)
# nis or yp Use NIS (NIS version 2), also called YP
# dns Use DNS (Domain Name Service)
# files Use the local files
# db Use the local database (.db) files
# compat Use NIS on compat mode
# hesiod Use Hesiod for user lookups
# [NOTFOUND=return] Stop searching if not found so far
#

# To use db, put the "db" in front of "files" for entries you want to be
# looked up first in the databases
#
# Example:
#passwd: db files nisplus nis
#shadow: db files nisplus nis
#group: db files nisplus nis

passwd: files ldap
shadow: files ldap
group: files ldap

#hosts: db files nisplus nis dns
hosts: files dns

# Example - obey only what nisplus tells us...
#services: nisplus [NOTFOUND=return] files
#networks: nisplus [NOTFOUND=return] files
#protocols: nisplus [NOTFOUND=return] files
#rpc: nisplus [NOTFOUND=return] files
#ethers: nisplus [NOTFOUND=return] files
#netmasks: nisplus [NOTFOUND=return] files

bootparams: nisplus [NOTFOUND=return] files

ethers: files
netmasks: files
networks: files
protocols: files ldap
rpc: files
services: files ldap

netgroup: files ldap

publickey: nisplus

automount: files ldap
aliases: files nisplus


==========================================================


/etc/pam.d/system-auth

#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required pam_env.so
auth sufficient pam_unix.so nullok try_first_pass
auth requisite pam_succeed_if.so uid >= 500 quiet
auth sufficient pam_ldap.so use_first_pass
auth required pam_deny.so

account required pam_unix.so broken_shadow
account sufficient pam_succeed_if.so uid < 500 quiet
account [default=bad success=ok user_unknown=ignore] pam_ldap.so
account required pam_permit.so

password requisite pam_cracklib.so retry=3
password sufficient pam_unix.so md5 shadow nullok try_first_pass
use_authtok
password sufficient pam_ldap.so use_authtok
password required pam_deny.so

session optional pam_keyinit.so revoke
session required pam_limits.so
session [success=1 default=ignore] pam_succeed_if.so service in
crond quiet use_uid
session required pam_unix.so
session optional pam_ldap.so


Thank you ,

Tom


--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba

Norberto Bensa

unread,
Jul 9, 2009, 1:05:36 AM7/9/09
to
On Thu, Jul 9, 2009 at 1:28 AM, suph...@gmx.com<suph...@gmx.com> wrote:
> Hello Norberto,
>
> Why it change back and forth automatically between root and Administrator ?

sometimes nss reads from /etc/password and sometimes from ldap. I
don't know why.

> Will it lead to any problem in the future?

Maybe.

If you do:

id root
id Administrator

you'll get back uid=0

So who is uid=0, root or administrator? You know they are the same
entity, but machines are too stupid.

Regards,
Norberto

suph...@gmx.com

unread,
Jul 9, 2009, 3:20:06 AM7/9/09
to
Thank you for the clarification .
Does it help if I add ROOT in a group of invalid user ?

[global]
....
......
.......
invalid users = root bin daemon adm sync shutdown \
halt mail news uucp operator gopher \
mailnull rpm ntp


Thank you and Best Regards,
Tom

Norberto Bensa

unread,
Jul 9, 2009, 1:28:29 PM7/9/09
to
On Thu, Jul 9, 2009 at 4:18 AM, suph...@gmx.com<suph...@gmx.com> wrote:
> Thank you for the clarification .
> Does it help if I add ROOT in a group of invalid user ?
>

I don't know. I never tried.

Why don't you just modify the uid for Administrator?

0 new messages