1rpc.yppasswdd(1M)       System Administration Commands       rpc.yppasswdd(1M)
2
3
4

NAME

6       rpc.yppasswdd, yppasswdd - server for modifying NIS password file
7

SYNOPSIS

9       /usr/lib/netsvc/yp/rpc.yppasswdd [-D directory]
10            [-nogecos] [-noshell] [-nopw]
11            [-m argument1 argument2...]
12
13
14       /usr/lib/netsvc/yp/rpc.yppasswdd
15            [passwordfile [adjunctfile]]
16            [-nogecos] [-noshell] [-nopw]
17            [-m argument1 argument2...]
18
19

DESCRIPTION

21       rpc.yppasswdd  is  a  server that handles password change requests from
22       yppasswd(1). It changes a password entry in  the  passwd,  shadow,  and
23       security/passwd.adjunct  files. The passwd and shadow files provide the
24       basis for the passwd.byname and passwd.byuid maps.  The  passwd.adjunct
25       file   provides   the   basis   for   the   passwd.adjunct.byname   and
26       passwd.adjunct.byuid  maps.  Entries   in   the   passwd,   shadow   or
27       passwd.adjunct  files  are  changed  only  if the password presented by
28       yppasswd(1) matches the encrypted password of the entry.  All  password
29       files are located in the PWDIR directory.
30
31
32       If  the -D option is given, the passwd, shadow, or passwd.adjunct files
33       are placed under the directory path that is the argument to -D.
34
35
36       If the -noshell, -nogecos or -nopw options are given, these fields can‐
37       not be changed remotely using chfn, chsh, or passwd(1).
38
39
40       If the -m option is given, a make(1S) is performed in /var/yp after any
41       of the passwd, shadow, or passwd.adjunct files are modified. All  argu‐
42       ments following the flag are passed to make.
43
44
45       The second of the listed syntaxes is provided only for backward compat‐
46       ibility. If the second syntax is used, the  passwordfile  is  the  full
47       pathname  of  the password file and adjunctfile is the full pathname of
48       the optional passwd.adjunct file. If a shadow file is found in the same
49       directory  as  passwordfile, the shadowfile is used as described above.
50       Use of this syntax and the discovery of  a  shadowfile  file  generates
51       diagnostic output. The daemon, however, starts normally.
52
53
54       The  first and second syntaxes are mutually exclusive. You cannot spec‐
55       ify the full pathname of the passwd, passwd.adjunct files and  use  the
56       -D option at the same time.
57
58
59       The  daemon is started automatically on the master server of the passwd
60       map by ypstart(1M), which is invoked at boot  time  by  the  svcs:/net‐
61       work/nis/server:default service.
62
63
64       The  server  does  not  insist  on the presence of a shadow file unless
65       there is no -D option present or the directory named with the -D option
66       is /etc. In addition, a passwd.adjunct file is not necessary. If the -D
67       option is given, the server attempts to find a passwd.adjunct  file  in
68       the  security  subdirectory of the named directory. For example, in the
69       presence  of  -D  /var/yp  the  server  checks  for   a   /var/yp/secu‐
70       rity/passwd.adjunct file.
71
72
73       If  only  a passwd file exists, then the encrypted password is expected
74       in the second field. If both a passwd and a passwd.adjunct file  exist,
75       the  encrypted  password is expected in the second field of the adjunct
76       file with ##username in the second field of the  passwd  file.  If  all
77       three  files  are  in  use,  the  encrypted password is expected in the
78       shadow file. Any deviation causes a password update to fail.
79
80
81       If you remove or add a shadow or passwd.adjunct file after  rpc.yppass‐
82       wdd  has  started, you must stop and restart the daemon to enable it to
83       recognize the change. See ypstart(1m) for information on restarting the
84       daemon.
85
86
87       The  rpc.yppasswdd daemon considers a shell that has a name that begins
88       with 'r' to be a restricted shell. By  default,  the  daemon  does  not
89       check  whether  a shell begins with an 'r'. However, you can tell it to
90       do  so  by  uncommenting  the  check_restricted_shell_name=1  line   in
91       /etc/default/yppasswdd. The result will be to restrict a user's ability
92       to change from his default shell. See yppasswdd(4).
93
94
95       On start up, yppasswdd checks for the existence of a NIS to LDAP  (N2L)
96       configuration  file,  /var/yp/NISLDAPmapping. If the configuration file
97       is present, the daemon runs in N2L mode. If the file  is  not  present,
98       yppasswdd runs in traditional, non-N2L mode.
99
100
101       In  N2L mode, changes are written directly to the Directory Information
102       Tree (DIT). If the changes are written successfully,  the  NIS  map  is
103       updated.  The NIS source files, passwd, shadow, and passwd.adjunct, for
104       example, are not updated. Thus, in N2L mode, the -D option is  meaning‐
105       less.  In  N2L mode, yppasswdd propagates changes by calling yppush(1M)
106       instead of ypmake(1M). The -m option is thus unused.
107
108
109       During an NIS-to-LDAP transition, the yppasswdd  daemon uses  the  N2L-
110       specific  map,  ageing.byname,  to read and write password aging infor‐
111       mation to the DIT. If you are not using password aging, then the   age‐
112       ing.byname mapping is ignored.
113

ATTRIBUTES

115       See attributes(5) for descriptions of the following attributes:
116
117
118
119
120       ┌─────────────────────────────┬─────────────────────────────┐
121       │      ATTRIBUTE TYPE         │      ATTRIBUTE VALUE        │
122       ├─────────────────────────────┼─────────────────────────────┤
123       │Availability                 │SUNWypu                      │
124       └─────────────────────────────┴─────────────────────────────┘
125

SEE ALSO

127       svcs(1),   make(1S),  passwd(1),  yppasswd(1),  inetd(1M),  svcadm(1M),
128       ypmake(1M),  yppush(1M),  ypstart(1M),  NISLDAPmapping(4),   passwd(4),
129       shadow(4), ypfiles(4), yppasswdd(4), ypserv(4), attributes(5), smf(5)
130

NOTES

132       If  make  has not been installed and the -m option is given, the daemon
133       outputs a warning and proceeds, effectively ignoring the -m flag.
134
135
136       When using the -D option, you should make sure that the  PWDIR  of  the
137       /var/yp/Makefile is set accordingly.
138
139
140       The  second  listed  syntax is supplied only for backward compatibility
141       and might be removed in a future release of this daemon.
142
143
144       The Network Information Service (NIS) was formerly known as Sun  Yellow
145       Pages  (YP).  The  functionality  of the two remains the same; only the
146       name has changed. The name Yellow Pages is a  registered  trademark  in
147       the  United  Kingdom  of  British Telecommunications PLC, and cannot be
148       used without permission.
149
150
151       The NIS server service is managed by the service  management  facility,
152       smf(5), under the service identifier:
153
154         svcs:/network/nis/server:default
155
156
157
158
159       Administrative actions on this service, such as enabling, disabling, or
160       requesting restart, can be performed using  svcadm(1M).  The  service's
161       status can be queried using the svcs(1) command.
162
163
164
165SunOS 5.11                        24 Aug 2004                rpc.yppasswdd(1M)
Impressum