Permissions on the password database may be too restrictive

tweetiepooh · November 7, 2009, 4:55am

I’m getting this on OpenSuse 11.1 but only on NIS accounts.

This was all working fine, went for a coffee came back and couldn’t unlock screensaver.

I can ssh in on these accounts using keys, I can su - from root and login with local accounts is fine.

Ideas most welcome. I can see that a number of PAM files have been updated.

knurpht · November 7, 2009, 2:07pm

What happens after a reboot (server)? I’ve seen the problem, fixed it, but cannot remember how. If a NIS server reboot doesn’t work, we could compare the NIS settings on your network to mine, which are working.
Since PAM is updated, just a restart of the NIS services might not do, therefore the suggested reboot. Get back here if it doesn’t work.

tweetiepooh · November 7, 2009, 3:07pm

I can’t reboot the NIS server, it’s used for too many boxes and has been up 10 years or so (Solaris).

I have restarted the OpenSuse client but no joy.

I can login with local accounts including root and from root I can su to NIS accounts. This suggests that the authentication is being broken.

tweetiepooh · November 7, 2009, 6:32pm

I sorted it.

In nsswitch.conf there was added

shadow: compat

Remove this and both NIS and local accounts now login fine. Phew!

I guess this is because NIS puts the password into passwd not shadow.

Thanks for all the suggestions and help.rotfl!

knurpht · November 7, 2009, 8:40pm

Good you got it solved. On the NIS server
rcyppasswd restart && rcypserv restart
would have restarted the NIS server.

My next suggestion would have been to take a look whether NIS was using passwd or shadow, but you got it solved already.

jbailo · October 22, 2011, 8:54pm

I am performing a new installation of openSuse 12 and got this message after the reboot and tried to log in with my one user account.

I did use a password that was very “weak” and now I’m trying reinstalling with a full strength password.

hendersj · October 23, 2011, 12:02am

On Sat, 22 Oct 2011 18:56:02 +0000, jbailo wrote:

> I am performing a new installation of openSuse 12 and got this message
> after the reboot and tried to log in with my one user account.
>
> I did use a password that was very “weak” and now I’m trying
> reinstalling with a full strength password.

This would be a good topic to take to the pre-release/beta forum since
openSUSE 12.1 is not yet released.

Thanks,

Jim

–
Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C

sunilka · April 7, 2015, 5:07pm

I had the syntax issues in the shadow field in /etc/nsswitch.conf of because of which I faced this error after rectification it was working fine.