NIS user cannot login to RL9 client

Hello,

I have installed the following packages on my Rocky Linux 9 machine.

nss_nis-3.1-11.fc36.x86_64
yp-tools-4.2.3-12.fc36.x86_64
ypbind-2.7.2-8.fc36.x86_64

When I try logging to a NIS client as an user directly, it says ‘Permission denied, please try again.’ Switching to the user from root works fine.

/etc/ssh/sshd_config , /etc/yp.conf & /etc/nsswitch.conf looks fine. However, I don’t see ‘nis’ as one of the profiles in authselect. By default, it was selected ‘sssd’ and even after removing the existing profile (sssd) from authselect, I still see the same error.

Anyone came across any similar issue with NIS on Rocky Linux 9 ?

Thanks.

This is because NIS was dropped from RHEL9.

I believe you should be looking at installing and configuring freeipa in Rocky instead of attempting to install unsupported NIS packages.

2 Likes

Thanks iwalker. Although I’m aware of removal of NIS from RHEL9, I’ve seen forums where some users were able to run it on RHEL9.

Usually nis references would be found in /etc/nsswitch.conf so that could be one thing to look at. I don’t use nis and never have, so cannot help any more than that really. But the fact it’s not supported means it’s only going to get worse for EL10 and later distros in the fact that it’s more unlikely to work.

In reality, rather than attempting to work at getting something old working, would be to work with the substitute - in this case freeipa. Because sooner or later you’ll move to Rocky 10 or whatever, and it’ll not work at all. Better to spend the time migrating now :slight_smile:

4 Likes

Definitely this.

One could alternatively (or additionally) deploy local config to the managed systems with some configuration management system. That obviously does not suite for everything (that freeipa/NIS is/was responsible for).

1 Like

I’ve used NIS on Rocky 9 - although not for authentication

When you say ‘/etc/nsswitch.conf looks fine’ - what are the passwd: and group: lines ?