Package: nis
Version: 3.13-2
Besides having MINUID & MINGID in /var/yp/Makefile, it is quite handy to
also have MAXUID & MAXGID. For my case that is mainly to filter out
the Samba domain machines that also live in our /etc/passwd. I've added
a patch (which I've been using for quite some time now) to implement
this feature. Hopefully it is usefull for others too..
regards,
Arno
--
Ing. A.C.J. van Amersfoort (Arno)
Department Of Electronics (ELD, k1007)
Huygens Laboratory
Leiden University
P.O. Box 9504
Niels Bohrweg 2
2333 CA Leiden
The Netherlands
----------------------------------------------------------------
Phone : +31-(0)71-527.1894 Fax: +31-(0)71-527.5819
E-mail: [EMAIL PROTECTED]
----------------------------------------------------------------
Arno's (Linux firewall) homepage: http://rocky.eld.leidenuniv.nl
*** /tmp/Makefile.dpkg-dist 2007-03-26 15:20:30.000000000 +0200
--- /var/yp/Makefile 2007-02-26 11:19:29.000000000 +0100
***************
*** 34,41 ****
# the passwd file. If no entry is found, this shadow entry is
# ignored.
# MINGID is the lowest gid that will be included in the group maps.
! MINUID=1000
! MINGID=1000
# Don't export this uid/guid (nfsnobody).
# Set to 0 if you want to
--- 35,44 ----
# the passwd file. If no entry is found, this shadow entry is
# ignored.
# MINGID is the lowest gid that will be included in the group maps.
! MINUID=111
! MAXUID=1999
! MINGID=120
! MAXGID=1999
# Don't export this uid/guid (nfsnobody).
# Set to 0 if you want to
***************
*** 309,315 ****
@echo "Updating [EMAIL PROTECTED]"
@$(UMASK); \
$(MERGER) -p $(PASSWD) $(SHADOW) | \
! $(AWK) -F: '!/^[-+#]/ { if ($$1 != "" && $$3 >= $(MINUID) && $$3 !=
$(NFSNOBODYUID) ) \
print $$1"\t"$$0 }' | $(DBLOAD) -i $(PASSWD) \
-o $(YPMAPDIR)/$@ - $@
[EMAIL PROTECTED](NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
--- 313,319 ----
@echo "Updating [EMAIL PROTECTED]"
@$(UMASK); \
$(MERGER) -p $(PASSWD) $(SHADOW) | \
! $(AWK) -F: '!/^[-+#]/ { if ($$1 != "" && $$3 >= $(MINUID) && $$3 <=
$(MAXUID) && $$3 != $(NFSNOBODYUID) ) \
print $$1"\t"$$0 }' | $(DBLOAD) -i $(PASSWD) \
-o $(YPMAPDIR)/$@ - $@
[EMAIL PROTECTED](NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
***************
*** 318,324 ****
@echo "Updating [EMAIL PROTECTED]"
@$(UMASK); \
$(MERGER) -p $(PASSWD) $(SHADOW) | \
! $(AWK) -F: '!/^[-+#]/ { if ($$1 != "" && $$3 >= $(MINUID) && $$3 !=
$(NFSNOBODYUID) ) \
print $$3"\t"$$0 }' | $(DBLOAD) -i $(PASSWD) \
-o $(YPMAPDIR)/$@ - $@
[EMAIL PROTECTED](NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
--- 322,328 ----
@echo "Updating [EMAIL PROTECTED]"
@$(UMASK); \
$(MERGER) -p $(PASSWD) $(SHADOW) | \
! $(AWK) -F: '!/^[-+#]/ { if ($$1 != "" && $$3 >= $(MINUID) && $$3 <=
$(MAXUID) && $$3 != $(NFSNOBODYUID) ) \
print $$3"\t"$$0 }' | $(DBLOAD) -i $(PASSWD) \
-o $(YPMAPDIR)/$@ - $@
[EMAIL PROTECTED](NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
***************
*** 332,338 ****
passwd.byname: $(PASSWD) $(YPDIR)/Makefile
@echo "Updating [EMAIL PROTECTED]"
@$(UMASK); \
! $(AWK) -F: '!/^[-+#]/ { if ($$1 != "" && $$3 >= $(MINUID) && $$3 !=
$(NFSNOBODYUID) ) \
print $$1"\t"$$0 }' $(PASSWD) | $(DBLOAD) -i $(PASSWD) \
-o $(YPMAPDIR)/$@ - $@
[EMAIL PROTECTED](NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
--- 336,342 ----
passwd.byname: $(PASSWD) $(YPDIR)/Makefile
@echo "Updating [EMAIL PROTECTED]"
@$(UMASK); \
! $(AWK) -F: '!/^[-+#]/ { if ($$1 != "" && $$3 >= $(MINUID) && $$3 <=
$(MAXUID) && $$3 != $(NFSNOBODYUID) ) \
print $$1"\t"$$0 }' $(PASSWD) | $(DBLOAD) -i $(PASSWD) \
-o $(YPMAPDIR)/$@ - $@
[EMAIL PROTECTED](NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
***************
*** 340,346 ****
passwd.byuid: $(PASSWD) $(YPDIR)/Makefile
@echo "Updating [EMAIL PROTECTED]"
@$(UMASK); \
! $(AWK) -F: '!/^[-+#]/ { if ($$1 != "" && $$3 >= $(MINUID) && $$3 !=
$(NFSNOBODYUID) ) \
print $$3"\t"$$0 }' $(PASSWD) | $(DBLOAD) -i $(PASSWD) \
-o $(YPMAPDIR)/$@ - $@
[EMAIL PROTECTED](NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
--- 344,350 ----
passwd.byuid: $(PASSWD) $(YPDIR)/Makefile
@echo "Updating [EMAIL PROTECTED]"
@$(UMASK); \
! $(AWK) -F: '!/^[-+#]/ { if ($$1 != "" && $$3 >= $(MINUID) && $$3 <=
$(MAXUID) && $$3 != $(NFSNOBODYUID) ) \
print $$3"\t"$$0 }' $(PASSWD) | $(DBLOAD) -i $(PASSWD) \
-o $(YPMAPDIR)/$@ - $@
[EMAIL PROTECTED](NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
***************
*** 349,355 ****
@echo "Updating [EMAIL PROTECTED]"
@$(UMASK); \
$(AWK) -F: '{ if (FILENAME ~ /shadow$$/) { \
! if (UID[$$1] >= $(MINUID) && UID[$$1] != $(NFSNOBODYUID)) print
$$1"\t"$$0; \
} else UID[$$1] = $$3; }' $(PASSWD) $(SHADOW) \
| $(DBLOAD) -s -i $(SHADOW) -o $(YPMAPDIR)/$@ - $@
[EMAIL PROTECTED](NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
--- 353,359 ----
@echo "Updating [EMAIL PROTECTED]"
@$(UMASK); \
$(AWK) -F: '{ if (FILENAME ~ /shadow$$/) { \
! if (UID[$$1] >= $(MINUID) && UID[$$1] <= $(MAXUID) && UID[$$1]
!= $(NFSNOBODYUID)) print $$1"\t"$$0; \
} else UID[$$1] = $$3; }' $(PASSWD) $(SHADOW) \
| $(DBLOAD) -s -i $(SHADOW) -o $(YPMAPDIR)/$@ - $@
[EMAIL PROTECTED](NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
***************
*** 368,374 ****
@echo "Updating [EMAIL PROTECTED]"
@$(UMASK); \
$(MERGER) -g $(GROUP) $(GSHADOW) | \
! $(AWK) -F: '!/^[-+#]/ { if ($$1 != "" && $$3 >= $(MINGID) && $$3 !=
$(NFSNOBODYGID) ) \
print $$1"\t"$$0 }' | $(DBLOAD) -i $(GROUP) -o $(YPMAPDIR)/$@ - $@
[EMAIL PROTECTED](NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
--- 372,378 ----
@echo "Updating [EMAIL PROTECTED]"
@$(UMASK); \
$(MERGER) -g $(GROUP) $(GSHADOW) | \
! $(AWK) -F: '!/^[-+#]/ { if ($$1 != "" && $$3 >= $(MINGID) && $$3 <=
$(MAXGID) && $$3 != $(NFSNOBODYGID) ) \
print $$1"\t"$$0 }' | $(DBLOAD) -i $(GROUP) -o $(YPMAPDIR)/$@ - $@
[EMAIL PROTECTED](NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
***************
*** 376,382 ****
@echo "Updating [EMAIL PROTECTED]"
@$(UMASK); \
$(MERGER) -g $(GROUP) $(GSHADOW) | \
! $(AWK) -F: '!/^[-+#]/ { if ($$1 != "" && $$3 >= $(MINGID) && $$3 !=
$(NFSNOBODYGID) ) \
print $$3"\t"$$0 }' | $(DBLOAD) -i $(GROUP) -o $(YPMAPDIR)/$@ - $@
[EMAIL PROTECTED](NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
--- 380,386 ----
@echo "Updating [EMAIL PROTECTED]"
@$(UMASK); \
$(MERGER) -g $(GROUP) $(GSHADOW) | \
! $(AWK) -F: '!/^[-+#]/ { if ($$1 != "" && $$3 >= $(MINGID) && $$3 <=
$(MAXGID) && $$3 != $(NFSNOBODYGID) ) \
print $$3"\t"$$0 }' | $(DBLOAD) -i $(GROUP) -o $(YPMAPDIR)/$@ - $@
[EMAIL PROTECTED](NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
***************
*** 385,391 ****
group.byname: $(GROUP) $(YPDIR)/Makefile
@echo "Updating [EMAIL PROTECTED]"
@$(UMASK); \
! $(AWK) -F: '!/^[-+#]/ { if ($$1 != "" && $$3 >= $(MINGID) && $$3 !=
$(NFSNOBODYGID) ) \
print $$1"\t"$$0 }' $(GROUP) \
| $(DBLOAD) -i $(GROUP) -o $(YPMAPDIR)/$@ - $@
[EMAIL PROTECTED](NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
--- 389,395 ----
group.byname: $(GROUP) $(YPDIR)/Makefile
@echo "Updating [EMAIL PROTECTED]"
@$(UMASK); \
! $(AWK) -F: '!/^[-+#]/ { if ($$1 != "" && $$3 >= $(MINGID) && $$3 <=
$(MAXGID) && $$3 != $(NFSNOBODYGID) ) \
print $$1"\t"$$0 }' $(GROUP) \
| $(DBLOAD) -i $(GROUP) -o $(YPMAPDIR)/$@ - $@
[EMAIL PROTECTED](NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
***************
*** 393,399 ****
group.bygid: $(GROUP) $(YPDIR)/Makefile
@echo "Updating [EMAIL PROTECTED]"
@$(UMASK); \
! $(AWK) -F: '!/^[-+#]/ { if ($$1 != "" && $$3 >= $(MINGID) && $$3 !=
$(NFSNOBODYGID) ) \
print $$3"\t"$$0 }' $(GROUP) \
| $(DBLOAD) -i $(GROUP) -o $(YPMAPDIR)/$@ - $@
[EMAIL PROTECTED](NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
--- 397,403 ----
group.bygid: $(GROUP) $(YPDIR)/Makefile
@echo "Updating [EMAIL PROTECTED]"
@$(UMASK); \
! $(AWK) -F: '!/^[-+#]/ { if ($$1 != "" && $$3 >= $(MINGID) && $$3 <=
$(MAXGID) && $$3 != $(NFSNOBODYGID) ) \
print $$3"\t"$$0 }' $(GROUP) \
| $(DBLOAD) -i $(GROUP) -o $(YPMAPDIR)/$@ - $@
[EMAIL PROTECTED](NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@