Category
Security
Category
Availability
Release Phase
Resolved
ProductSolaris 9 Operating System
Solaris 8 Operating System
Bug Id
4873939
Date of Workaround Release08-JUL-2003
Date of Resolved Release26-FEB-2004
Impact
Solaris 8 and Solaris 9 NIS clients which contain passwd(4) entries beginning with a "+" (plus sign) or a "-" (minus sign) and also contain a password entry in nsswitch.conf(4) of "passwd: compat" may find the NIS accounts are no longer able to login.
Note: Password entries with a "+" or "-" selectively incorporate entries from NIS maps for the password.
Contributing Factors
This issue can occur in the following releases:
SPARC Platform
-
Solaris 8 with patch 108993-14 through 108993-31 and without patch 108993-32
-
Solaris 9 without patch 113476-10
x86 Platform
-
Solaris 8 with patch 108994-14 through 108994-31 and without patch 108994-32
-
Solaris 9 without patch 114242-06
Note: Solaris 2.6 and Solaris 7 are not affected by this issue.
Only login accounts configured on NIS client systems utilizing the +/- passwd(4) syntax as well as containing an entry of "compat" for either the "passwd" or "group" entries in the nsswitch.conf(4) file are affected.
To determine if a system is an NIS client, run the following command:
$ ps -ef |grep ypbind
To view the 'passwd' and 'group' entries in the nsswitch.conf(4) file, run the following command:
$ egrep "^passwd|^group" /etc/nsswitch.conf
Symptoms
If the described issue occurs, NIS user accounts will no longer be able to login to NIS client systems.
Workaround
To workaround the described issue, the following entry in the "/etc/pam.conf" file can be changed from:
other auth required pam_unix_auth.so.1
To:
other auth required pam_unix.so.1
Resolution
This issue is addressed in the following releases:
SPARC Platform
-
Solaris 8 with patch 108993-32 or later
-
Solaris 9 with patch 113476-10 or later
x86 Platform
-
Solaris 8 with patch 108994-32 or later
-
Solaris 9 with patch 114242-06 or later
Modification History
Date: 05-JAN-2004
-
Updated Relief/Workaround
Date: 26-FEB-2004
-
State: Resolved
-
Updated Contributing Factors and Resolution sections
References
114242-06
113476-10
108994-32
108993-32
AttachmentsThis solution has no attachment