managing user accounts without NIS

Greg Lindahl glindahl at
Sat May 20 15:03:56 PDT 2000

> > NIS and NFS are pretty efficient at what they do, and can be
> > configured to cache to some extent. Why reinvent them?

Neither NFS nor NIS are ideal. NFS doesn't do well at gigabyte/second I/O,
and NIS, well, it's hard to think of anything that NIS does that well.

> NIS and NFS are insecure and incur performance penalties.  I'm looking
> for better alternatives.  My idea of setuid-root wrappers (using rsync
> for distribution of relevant files) already provides a more secure,
> high-performance, high-availability alternative; I just want to make
> sure that there isn't something better out there already, and that I'm
> not overlooking some potential security hole.

I distribute password files by copying. Updates are all made on 1 server;
replace the command the user runs to change their password. This command
does not have to be setuid root; it can rsh/ssh as the user to the server
and run the usual passwd.

-- greg

More information about the Beowulf mailing list