1 .\" Copyright (c) 1995, 1996
2 .\" Bill Paul <wpaul@ctr.columbia.edu>. All rights reserved.
4 .\" Redistribution and use in source and binary forms, with or without
5 .\" modification, are permitted provided that the following conditions
7 .\" 1. Redistributions of source code must retain the above copyright
8 .\" notice, this list of conditions and the following disclaimer.
9 .\" 2. Redistributions in binary form must reproduce the above copyright
10 .\" notice, this list of conditions and the following disclaimer in the
11 .\" documentation and/or other materials provided with the distribution.
12 .\" 3. All advertising materials mentioning features or use of this software
13 .\" must display the following acknowledgement:
14 .\" This product includes software developed by Bill Paul.
15 .\" 4. Neither the name of the author nor the names of contributors
16 .\" may be used to endorse or promote products derived from this software
17 .\" without specific prior written permission.
19 .\" THIS SOFTWARE IS PROVIDED BY Bill Paul AND CONTRIBUTORS ``AS IS'' AND
20 .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21 .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 .\" ARE DISCLAIMED. IN NO EVENT SHALL Bill Paul OR CONTRIBUTORS BE LIABLE
23 .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24 .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25 .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26 .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27 .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
36 .Nd "server for updating NIS passwords"
39 .Op Fl t Ar master.passwd template file
40 .Op Fl d Ar default domain
53 utility allows users to change their NIS passwords and certain
54 other information using the
62 is an RPC-based server that accepts incoming password change requests,
63 authenticates them, places the updated information in the
64 .Pa /var/yp/master.passwd
65 template file and then updates the NIS
73 utility allows a normal NIS user to change
74 his or her NIS password, full name (also
75 known as 'GECOS' field) or shell.
76 These updates are typically done using
84 (Some administrators do not want users to be able to change their
85 full name information or shells; the server can be invoked with option flags
86 that disallow such changes.)
87 When the server receives an update request,
88 it compares the address of the client making the request against the
91 .Pa /var/yp/securenets .
94 manual page for more information on securenets; the
96 utility uses the same access control mechanism as
100 checks the 'old' password supplied by the user to make sure it is
101 valid, then performs some sanity checks on the updated information (these
102 include checking for embedded control characters, colons or invalid shells).
103 Once it is satisfied that the update request is valid, the server modifies
104 the template password file (the default is
105 .Pa /var/yp/master.passwd )
107 .Pa /usr/libexec/yppwupdate
108 script to rebuild the NIS maps.
109 (This script has two arguments passed
110 to it: the absolute pathname of the password template that was modified
111 and the name of the domain that is to be updated.
114 .Pa /var/yp/Makefile ) .
120 also allows the super-user on the NIS master server to perform more
121 sophisticated updates on the NIS passwd maps.
122 The super-user can modify
123 any field in any user's master.passwd entry in any domain, and can
124 do so without knowing the user's existing NIS password (when the server
125 receives a request from the super-user, the password authentication
127 Furthermore, if the server is invoked with the
129 flag, the super-user can even add new entries to the maps using
131 Again, this only applies to the super-user on the NIS
132 master server: none of these special functions can be performed over
137 utility can only be run on a machine that is an NIS master server.
139 The following options are available:
140 .Bl -tag -width indent
141 .It Fl t Ar master.passwd template file
144 assumes that the template file used to generates the
148 maps for the default domain is called
149 .Pa /var/yp/master.passwd .
150 This default can be overridden by specifying an alternate file name
155 Note: if the template file specified with this flag is
156 .Pa /etc/master.passwd ,
158 will also automatically invoke
160 to rebuild the local password databases in addition to the NIS
165 utility can support multiple domains, however it must
166 choose one domain as a default.
167 It will try to use the system default domain name as set by the
169 command for this default.
171 if the system domain name is not
172 set, a default domain must be specified on
174 If the system default domain is set,
175 then this option can be used to override it.
177 This option can be used to override the default path to
178 the location of the NIS
180 The compiled-in default path is
183 Disallow changing of shell information.
185 Disallow changing of full name ('GECOS') information.
187 Allow additions to be made to the NIS passwd databases.
188 The super-user on the
189 NIS master server is permitted to use the
191 command to perform unrestricted modifications to any field in a user's
196 is started with this flag, it will also allow the super-user to add new
197 records to the NIS passwd maps, just as is possible when using
199 to modify the local password database.
201 Turn on multi-domain mode.
204 can handle several simultaneous domains, most implementations of
206 can only operate on a single NIS domain, which is generally the same as
207 the system default domain of the NIS master server.
211 attempts to overcome this problem in spite of the inherent limitations
214 protocol, which does not allow for a
216 argument in client requests.
217 In multi-domain mode,
219 will search through all the passwd maps of all the domains it
222 until it finds an entry that matches the user information specified in
223 a given update request.
224 (Matches are determined by checking the username,
226 The matched entry and corresponding domain are then
229 Note that in order for multi-domain mode to work, there have to be
230 separate template files for each domain.
231 For example, if a server
232 supports three domains,
237 there should be three separate master.passwd template files called
238 .Pa /var/yp/foo/master.passwd ,
239 .Pa /var/yp/bar/master.passwd ,
241 .Pa /var/yp/baz/master.passwd .
244 happens to be the system default domain, then its template file can
246 .Pa /var/yp/foo/master.passwd
248 .Pa /var/yp/master.passwd .
249 The server will check for the latter file first and then use the former
250 if it cannot find it.
252 Multi-domain mode is off by default since it can fail if there are
253 duplicate or near-duplicate user entries in different domains.
255 will abort an update request if it finds more than one user entry that
256 matches its search criteria.
257 Even so, paranoid administrators
258 may wish to leave multi-domain mode disabled.
262 is invoked with this flag, it will perform map updates in place.
264 means that instead of just modifying the password template file and
265 starting a map update, the server will modify the map databases
267 This is useful when the password maps are large: if, for
268 example, the password database has tens of thousands of entries, it
269 can take several minutes for a map update to complete.
271 maps in place reduces this time to a few seconds.
273 Turn on verbose logging mode.
274 The server normally only logs messages
277 facility when it encounters an error condition, or when processing
278 updates for the super-user on the NIS master server.
282 flag will cause it to log informational messages for all updates.
286 clients do not use a reserved port when sending requests to
288 This is either because the
290 program is not installed set-uid root, or because the RPC
291 implementation does not place any emphasis on binding to reserved
292 ports when establishing client connections for the super-user.
295 expects to receive requests from clients using reserved ports; requests
296 received from non-privileged ports are rejected.
298 behavior prevents any client systems that to not use privileged
299 ports from successfully submitting password updates.
305 disables the privileged port check so that it will work with
307 clients that do not use privileged ports.
308 This reduces security to
309 a certain small degree, but it might be necessary in cases where it
310 is not possible to change the client behavior.
312 Display the list of flags and options understood by
316 .Bl -tag -width Pa -compact
317 .It Pa /usr/libexec/yppwupdate
318 The script invoked by
320 to update and push the NIS maps after
322 .It Pa /var/yp/master.passwd
323 The template password file for the default domain.
324 .It Pa /var/yp/[domainname]/[maps]
325 The NIS maps for a particular NIS domain.
326 .It Pa /var/yp/[domainname]/master.passwd
327 The template password file(s) for non-default domains
328 (used only in multi-domain mode).
336 .An Bill Paul Aq Mt wpaul@ctr.columbia.edu
338 As listed in the yppasswd.x protocol definition, the YPPASSWDPROC_UPDATE
339 procedure takes two arguments: a V7-style passwd structure containing
340 updated user information and the user's existing unencrypted (cleartext)
344 is supposed to handle update requests from remote NIS client machines,
347 and similar client programs will in fact be transmitting users' cleartext
348 passwords over the network.
350 This is not a problem for password updates since the plaintext password
351 sent with the update will no longer be valid once the new encrypted password
352 is put into place, but if the user is only updating his or her 'GECOS'
353 information or shell, then the cleartext password sent with the update
354 will still be valid once the update is completed.
356 insecure, this cleartext password could be intercepted and used to
357 gain unauthorized access to the user's account.