We are facing upgrade Redhat 6 to Redhat 9. There are many NIS user in Redhat 6, but Redhat 9 doesn’t support NIS .
I saw a post :Nis on Rocky/RHEL 9 , it says the ypbind tool could be installed in Redhat 9 .
But when i try to install ypbind , it showed the error log like below:
[root@rocky9 ~]# yum install /root/ypbind-2.7.2-8.fc36.x86_64.rpm
Last metadata expiration check: 0:00:30 ago on Wed 27 Mar 2024 05:02:23 PM CST.
Error:
Problem: conflicting requests
nothing provides nss_nis needed by ypbind-3:2.7.2-8.fc36.x86_64
nothing provides yp-tools >= 4.2.2-2 needed by ypbind-3:2.7.2-8.fc36.x86_64
(try to add ‘–skip-broken’ to skip uninstallable packages or ‘–nobest’ to use not only best candidate packages)
[root@rocky9 ~]# yum install /root/yp-tools-4.2.3-12.fc36.x86_64.rpm
Last metadata expiration check: 0:00:18 ago on Wed 27 Mar 2024 05:03:11 PM CST.
Error:
Problem: conflicting requests
nothing provides ypbind >= 3:2.4-2 needed by yp-tools-4.2.3-12.fc36.x86_64
(try to add ‘–skip-broken’ to skip uninstallable packages or ‘–nobest’ to use not only best candidate packages)
How to solve this ? Anyone could give me some help?
Thx in advance.
The NIS user could login via SHELL tools without any problem, but i try to use the NIS login the desktop, it fails with error:
Mar 28 10:49:06 rocky9 systemd[1]: Started Fingerprint Authentication Daemon.
Mar 28 10:49:23 rocky9 /usr/libexec/gdm-wayland-session[40111]: dbus-daemon[40111]: [session uid=501 pid=40111] Activating service name=‘org.freedesktop.systemd1’ requested by ‘:1.0’ (uid=501 pid=40109 comm=“/usr/libexec/gdm-wayland-session --register-sessio” label=“kernel”)
Mar 28 10:49:23 rocky9 /usr/libexec/gdm-wayland-session[40111]: dbus-daemon[40111]: [session uid=501 pid=40111] Activated service ‘org.freedesktop.systemd1’ failed: Process org.freedesktop.systemd1 exited with status 1
Mar 28 10:49:23 rocky9 /usr/libexec/gdm-wayland-session[40109]: Unable to register display with display manager
Mar 28 10:49:23 rocky9 gdm[872]: Gdm: GdmDisplay: Session never registered, failing
Mar 28 10:49:23 rocky9 journal[38637]: unable to get EDID for xrandr-Virtual-1: unable to get EDID for output
Mar 28 10:49:23 rocky9 journal[38637]: unable to get EDID for xrandr-Virtual-1: unable to get EDID for output
Mar 28 10:49:23 rocky9 journal[38637]: unable to get EDID for xrandr-Virtual-1: unable to get EDID for output
Mar 28 10:49:23 rocky9 org.gnome.Shell.desktop[40135]: The XKEYBOARD keymap compiler (xkbcomp) reports:
Mar 28 10:49:23 rocky9 org.gnome.Shell.desktop[40135]: > Warning: Unsupported maximum keycode 708, clipping.
Mar 28 10:49:23 rocky9 org.gnome.Shell.desktop[40135]: > X11 cannot support keycodes above 255.
Mar 28 10:49:23 rocky9 org.gnome.Shell.desktop[40135]: Errors from xkbcomp are not fatal to the X server
First, that is a separate issue than the OP “how to install packages from files” that is already resolved. So should be on new thread for clarity.
I would test two things:
Can non-NIS accounts log in, i.e. is this only for NIS-accounts
Use Gnome, rather than Wayland. (There is a cog-wheel on right bottom corner where you can select type of session, when you have given/selected username and about to type password.)
The real solution is to move on from NIS to a more modern authentication and authorization stack. NIS has serious limitations and security issues. Consider moving to FreeIPA. Or, if you don’t want all of what it comes with, openldap-server (from epel and the plus repo we provide) or 389-ds-base all by itself.
You could also look at zentyal that way you get support as well. I use it for authentication on my rocky 8.8 and 9.3 systems and now it also supports automounts. Works for Linux and windows clients .
Thx for your reply. I mean NIS user could use the linux terminal like MobaXterm using ssh connection , they could execute the linux command without any problem , but when they try to use the graphical Desktop , it fails.
They login with Redhat 9 logon screen, they type user and password, then nothing happened. It returns to the logon screen again. The detail log i have post above.
The nsswitch.conf tells where to look for passwords (and other user info) from. The files in /etc/pam.d/ tell when passwords are looked for, and sshd and gdm do probably have a bit different requirements.
The journalctl shows system logs, but there are probably still a partial copy in files /var/log/messages and /var/log/secure too. The logs might show whether issue is with password, or with creation of user session.
When using MobaXterm, are NIS users prompted for their password ? - or do you use ssh keys etc ?
i.e. if using ssh keys, then no password authentication will be done - whereas the graphical login will require password authentication - which may mean you will have to make changes in your PAM config files ?
I haven’t used NIS for authentication for years (and never with Rocky 9) - so not sure what you will need to change to get it working …