[4607] in Release_7.7_team
[Fwd: [SA] What's all this about Hesiod support?]
daemon@ATHENA.MIT.EDU (Bill Cattey)
Mon Jun 21 16:18:19 2004
From: Bill Cattey <wdc@MIT.EDU>
To: release-team@mit.edu
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
Message-Id: <1087849094.7224.53.camel@tokata.mit.edu>
Mime-Version: 1.0
Date: Mon, 21 Jun 2004 16:18:14 -0400
Is this information, about to be given as an IS&T Stock Answer to
stand-alone Red Hat Enterprise Linux users consistent with what we tell
users of DISCONNECTABLE Athena?
Have we ourselves crafted a response to the "nonexistant
/bin/athena/tcsh" failure?
Do we tell users to avoid creating their local account with a
/mit/<uname> home directory?
Here's an opportunity to make sure we're NOT the Athena versus IS&T
support stovepipes.
-wdc
-----Forwarded Message-----
From: Jonathan Reed <jdreed@MIT.EDU>
To: rhe-release@mit.edu
Subject: [SA] What's all this about Hesiod support?
Date: Mon, 21 Jun 2004 09:33:43 -0400
Q: I was poking around in the "authconfig" application, and I noticed
that there is a "Enable Hesiod" option. Can I use it?
A: No. While Athena does use Hesiod for obtaining, among other
things, 'passwd' entries, there are two problems with this:
- Your home directory will be /mit/username, which will not exist.
- Your shell is likely to be /bin/athena/tcsh, which will
also not exist.
Unfortunately, the login does not fail gracefully when your home
directory and/or shell are non-existent, so the error message will
only be displayed briefly before the screen resets itself, and this
can make troubleshooting quite difficult.
P.S. What if I create /mit/username and /bin/athena/tcsh?
Don't do that. The first one will cause problems if you ever wish to
use OpenAFS, and the second one may cause updates to fail.
Additionally, Athena tcsh has some customizations that will not exist
on RedHat Enterprise.
The same functionality can be obtained by creating a local user of
the same name as your Athena username and enabling Kerberos
passwords. See our stock answer on how to do that.
