mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2025-01-11 17:04:19 +01:00
8b6a78c2ec
If rpc.yppasswdd is invoked with the -i flag, password changes will be made to the master.passwd template file and the hash map files in-place, which means it won't have to run a complete map update. Instead, it calls /var/yp/Makefile with the 'pushpw' target, which just pushes the maps to the slaves and runs yp_mkdb -c to tell the local ypserv to flush its database cache. The server will check the passwd.byname and passwd.byuid maps to see if they were built in 'insecure' or 'secure' mode (i.e. with real encrypted passwords in them or without) and update them accordingly. This combined with rpc.ypxfrd greatly reduces the amount of time it takes to complete an NIS password change, especially with very large passwd databases.
34 lines
915 B
Bash
34 lines
915 B
Bash
#!/bin/sh
|
|
#
|
|
# This script is invoked by rpc.yppasswdd to update the password
|
|
# maps after the master password file has been modified. It expects
|
|
# to be passed two arguments: the name of the master.passwd template
|
|
# file that was modified by the server, and the name of the domain to
|
|
# update. These are passed to /var/yp/Makefile.
|
|
#
|
|
# Comment out the LOG=yes line to disable logging.
|
|
#
|
|
# $Id: yppwupdate,v 1.4 1996/06/03 16:17:21 wpaul Exp $
|
|
#
|
|
|
|
LOG=yes
|
|
LOGFILE=/var/yp/ypupdate.log
|
|
|
|
umask 077
|
|
|
|
if [ ! -f $LOGFILE ];
|
|
then
|
|
/usr/bin/touch $LOGFILE
|
|
echo "# Edit /usr/libexec/yppwupdate to disable" >> $LOGFILE
|
|
echo "# logging to this file from yppasswdd." >> $LOGFILE
|
|
echo -n "# Log started on: " >> $LOGFILE
|
|
/bin/date >> $LOGFILE
|
|
fi
|
|
|
|
if [ ! $LOG ];
|
|
then
|
|
cd /var/yp; /usr/bin/make MASTER_PASSWD=$1 UPDATE_DOMAIN=$2 $3 2>&1
|
|
else
|
|
cd /var/yp; /usr/bin/make MASTER_PASSWD=$1 UPDATE_DOMAIN=$2 $3 >> $LOGFILE 2>&1
|
|
fi
|