NAME | SYNOPSIS | DESCRIPTION | SUMMARY OF TRUSTED SOLARIS CHANGES | ATTRIBUTES | SEE ALSO | NOTES
rpc.yppasswdd is a server that handles password change requests from yppasswd(1). It changes a password entry in the passwd, shadow, and security/passwd.adjunct files. The passwd and shadow files provide the basis for the passwd.byname and passwd.byuid maps. The passwd.adjunct file provides
the basis for the passwd.adjunct.byname and passwd.adjunct.byuid maps. Entries in the passwd, shadow or passwd.adjunct files are changed only if the password presented by yppasswd(1) matches the encrypted password of the entry. All password files are located in the PWDIR directory. rpc.yppasswdd
must be run from the Trusted Path and inherit the net_broadcast
, net_downgrade_sl
, net_upgrade_sl
, net_mac_read
, net_privaddr
, proc_setclr
, and proc_setsl
privileges.
If the -D option is given, the passwd, shadow, or passwd.adjunct files are placed under the directory path that is the argument to -D.
If the -noshell, -nogecos or -nopw options are given, these fields cannot be changed remotely using chfn, chsh, or passwd(1).
If the -m option is given, a make(1) is performed in /var/yp after any of the passwd, shadow, or passwd.adjunct files are modified. All arguments following the flag are passed to make.
If the -u option is given, updates from non-Trusted Solaris TCB clients are allowed.
The second of the listed syntaxes is provided only for backward compatibility. If the second syntax is used, the passwordfile is the full pathname of the password file and adjunctfile is the full pathname of the optional passwd.adjunct file. If a shadow file is found in the same directory as passwordfile, the shadowfile is used as described above. Use of this syntax and the discovery of a shadowfile file generates diagnostic output. The daemon, however, starts normally.
The first and second syntaxes are mutually exclusive. You cannot specify the full pathname of the passwd, passwd.adjunct files and use the -D option at the same time.
The daemon is started automatically on the master server of the passwd map by ypstart(1), which is invoked at boot time by the /etc/init.d/rpc script.
The server does not insist on the presence of a shadow file unless there is no -D option present or the directory named with the -D option is /etc. In addition, a passwd.adjunct file is not necessary. If the -D option is given, the server attempts to find a passwd.adjunct file in the security subdirectory of the named directory. For example, in the presence of ``-D /var/yp'' the server checks for a ``/var/yp/security/passwd.adjunct'' file.
If only a passwd file exists, then the encrypted password is expected in the second field. If both a passwd and a passwd.adjunct file exist, the encrypted password is expected in the second field of the adjunct file with ##username in the second field of the passwd file. If all three files are in use, the encrypted password is expected in the shadow file. Any deviation causes a password update to fail.
If you remove or add a shadow or passwd.adjunct file after rpc.yppasswdd has started, you must stop and restart the daemon to enable it to recognize the change. See ypstart(1) for information on restarting the daemon.
rpc.yppasswdd must be run from the Trusted Path and inherit the net_broadcast
, net_downgrade_sl
, net_upgrade_sl
, net_mac_read
, net_privaddr
, proc_setclr
, and proc_setsl
privileges.
If the -u option is given, updates from non-Trusted Solaris TCB clients are allowed.
See attributes(5) for descriptions of the following attributes:
ATTRIBUTE TYPE | ATTRIBUTE VALUE |
---|---|
Availability | SUNWypu |
If make has not been installed and the -m option is given, the daemon outputs a warning and proceeds, effectively ignoring the -m flag.
When using the -D option, you should make sure that the PWDIR of the /var/yp/Makefile is set accordingly.
The second listed syntax is supplied only for backward compatibility and might be removed in a future release of this daemon.
The Network Information Service (NIS) was formerly known as Sun Yellow Pages (YP). The functionality of the two remains the same; only the name has changed. The name Yellow Pages is a registered trademark in the United Kingdom of British Telecommunications PLC, and cannot be used without permission.
NAME | SYNOPSIS | DESCRIPTION | SUMMARY OF TRUSTED SOLARIS CHANGES | ATTRIBUTES | SEE ALSO | NOTES