Ignacio Vazquez-Abrams wrote:
> Stuff pam_netgroups into system-auth then make a group per machine.
> http://www2.physics.umd.edu/~payerle/Software/PAM/
Doh!!! I should have realized that.
Yes, using NIS Netgroups and PAM authentication around them is much,
much better on Linux (and even Solaris) than using multiple NIS domains.
And even if he still replicates his files manually (he should at least
consider automating their distribution via SSH), he can still setup just 1
file and use the same netgroups-PAM solution.
Good catch.
From: Paul Heinlein <heinlein@xxxxxxxxxx>
> If you set up netgroups, you can specify login rights easily:
> * /etc/passwd
> [...]
> +@login-group
> +:::::/dev/null:/sbin/nologin
> * /etc/nsswitch.conf
> passwd: compat
> shadow: compat
> group: files nis
> netgroup: files nis
Now that only works for NIS distributed passwd, netgroups, correct?
Or will it work for local users as well?
--
Bryan J. Smith mailto:b.j.smith@xxxxxxxx
