Hallo Martin,
sorry for the late answer... but the weekend was... :-)
Am 2007-05-18 12:28:10, schrieb martin f krafft:
> Hi,
>
> /usr/share/doc/libnss-pgsql1/nss-pgsql.html suggests an
> nsswitch.conf entry like so:
>
> passwd: compat [SUCCESS=continue] pgsql
>
> with the following reasoning:
>
> The option [SUCCESS=continue] ensures that all accounts or groups
> are retrieved when using the iteration functions getpwent(3) and
> getgrent(3).
Which gaved me heavy trouble since the UID's 0-999 are system UID's and
are generaly different on each systems. Exactly, the above entry does
return the correct values from "compat" but then ask pgsql to override
it and since I do not have entries for UID's 0-999 in my pgsql, it will
fail (return nothing). -- Maybe this is a bug?
> in all other docs, I see the following used instead:
>
> passwd: compat [NOTFOUND=continue] pgsql
>
> this makes much more sense. In fact, if I add SUCCESS=continue:
Thats right, since "compat" should only check for UID's 0-999 and
"pgsql" ordinary $USER with UID's >= 1000.
The problem was that libnss-pgsql and libpam-pgsql have added System-
Users to th pgsql and I was running into trouble with it since the
UID's can be different for them.
> passwd: compat [NOTFOUND=continue SUCCESS=continue] pgsql
>
> nss will stop working. I have not yet tried removing
> NOTFOUND=continue since I am connected via SSH and don't want to run
> a risk.
Same problem here in Strasbourg!
Thanks, Greetings and nice Day
Michelle Konzack
Systemadministrator
Tamay Dogan Network
Debian GNU/Linux Consultant
--
Linux-User #280138 with the Linux Counter, http://counter.li.org/
##################### Debian GNU/Linux Consultant #####################
Michelle Konzack Apt. 917 ICQ #328449886
50, rue de Soultz MSN LinuxMichi
0033/6/61925193 67100 Strasbourg/France IRC #Debian (irc.icq.com)
Attachment:
signature.pgp
Description: Digital signature