Neal Pollack writes: > I've netinstalled a laptop while inside Sun > using Solaris Nevada build 96. > This means, that at the end of the install, and reboot, > it is using NIS.
I assume that's coming from your jumpstart configuration. > Things work fine, however, it is noticed that during boot, > the console shows: > NIS domain: 2k4lab.lax.sun.com (actual name changed for sec) Aside: how is a NIS domain name a security issue? I don't think I follow the argument. It's just a plain old string, and doesn't unlock anything special. For what it's worth, my desktop system is phorcys.east.sun.com, and is in the "solaris-labs.east.sun.com" NIS domain. ;-} > It would seem that perhaps NWAM should enhance the SMF ordering > and startup dependencies or settings? If, at the end of boot, > NWAM will be running and using DHCP, then why is it relevant to > start and display NIS information earlier in the boot? > It could even be considered a weak security bug, since it will > show the accurate name of a valid NIS domain while at other locations? Actually, a *much* bigger rewhack is needed. It's not just a small change in start-up ordering, as it's a change in system design: boot time is not special, and you can learn new network facts at any time while the system is running. It's neither adequate, reasonable, nor even possible to pause at boot time to find out what is available. That's part of what's in the NWAM Phase 1 project, and not in the current NWAM Phase 0 in Nevada. If you have NWAM Phase 0 and you're using it on the SWAN (or similar place with NIS or LDAP), then you'll need to control your name services yourself. Neal Pollack writes: > clarification: "and since I now use NWAM, I do NOT use NIS." You'll want to disable that configuration, then. Disable svc:/network/nis/client:default and copy /etc/nsswitch.dns on top of /etc/nsswitch.conf. > So after boot is complete, NWAM uses DHCP to get DNS naming > server information. So in my mind, NWAM should disable NIS > until it fully starts and determines what it wants to utilize > for naming service. In the future, it will. -- James Carlson, Solaris Networking <[EMAIL PROTECTED]> Sun Microsystems / 35 Network Drive 71.232W Vox +1 781 442 2084 MS UBUR02-212 / Burlington MA 01803-2757 42.496N Fax +1 781 442 1677 _______________________________________________ networking-discuss mailing list [email protected]
