I use NIS to serve authentication over several dozen computers. But Makefile contains the following line : MINGID=500 But, Gentoo's default MINGID is 440. Which means that, by default, ypinit doesn't import group less than 500. This can be confusing, because this does not prevent users to log in. It just maps them with strange gids. Not a blocking bug, so, but could help maybe if the line was changed to MINGID=440 ? Reproducible: Always Steps to Reproduce: 1. just try to log in the ni domain with an account belonging to a group less than 500 2. 3. Actual Results: users were mapped with wring gids Expected Results: it should map users with their correct gid.
where do you find Gentoo defaulting to 440 ? what package ?
Hmmm good question ;-) All the machines i installed create my groups after 440, don't know why (maybe because emerge openldap created the group ldap with gid 339 ?), because you're right : gentoo's default isn't 440 but 100 (found in /etc/login.defs : GID_MIN 100). Sorry for confusion, I spent several hours resolving problems, and don't have ideas very clear now... time to go to bed ^^. But the problem stands, i think ? MINGID should default to the MINGID value of /etc/logins.defs ?
/etc/login.defs is the realm of pam redhat uses 500 as the default too, so changing it doesnt sound unreasonable
I do not have an issue of changing GID_MIN in login.defs, but where is this MINGID comming from? Certainly not from pam or pam-login ...
Sorry for (vervy very) long delay to answer. I'll try to explain more clearly my "problem". When juste "emerged", ypserv comes with several default values. Some of them are stored in the /var/yp/Makefile file. It contains, specially, theses lines : # MINGID is the lowest gid that will be included in the group maps. MINGID=500 Which means, that users whose GID is lower than this value won't be able to log in via NIS authentication. The problems used to begin when we tried to create users in the past, whose GID could be lower than this value (this was my case when I opened this bug). Things are solved now, since Gentoo's first GID available to users seems to be 1000 (value of my first Gentoo user in my lastly installed gentoo ;-). Time to close this bug, so. Thanks everybody.
