Groups differ from the local ones when logging in remotely





.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ margin-bottom:0;
}







14















We store our users in LDAP, alongside some groups that have meaning across different systems (organizational roles including wheel). There are also groups local to workstations, e.g. audio or video that are not desirable to be put into LDAP. Now if I log in locally I get those local groups, but if I log in via SSH into the same machine I lack them. They of course come back, if I use su straight afterwards. I may be on the wrong track, but suspect PAM.



Relevant entries from nsswitch.conf



passwd:      compat ldap

shadow:      compat ldap

group:       compat ldap


As for pam, always the auth line, but the other lines are the same



/etc/pam.d/sshd



auth            include         system-remote-login


/etc/pam.d/system-remote-login (identical to system-local-login I might add)



auth            include         system-login


/etc/pam.d/system-login



auth            required        pam_tally2.so onerr=succeed

auth            required        pam_shells.so 

auth            required        pam_nologin.so 

auth            include         system-auth

auth            optional        pam_gnome_keyring.so



account         required        pam_access.so 

account         required        pam_nologin.so 

account         include         system-auth

account         required        pam_tally2.so onerr=succeed 



password        include         system-auth

password        optional        pam_gnome_keyring.so



session         optional        pam_loginuid.so

session         required        pam_env.so 

session         optional        pam_lastlog.so 

session         include         system-auth

session         optional        pam_gnome_keyring.so auto_start

session         optional        pam_motd.so motd=/etc/motd

session         optional        pam_mail.so


/etc/pam.d/su 



auth       sufficient   pam_rootok.so

auth       required     pam_wheel.so use_uid

auth       include              system-auth



account    include              system-auth



password   include              system-auth



session    include              system-auth

session    required     pam_env.so

session    optional             pam_xauth.so


/etc/pam.d/common-auth:



auth    required     pam_group.so use_first_pass


What could be the problem and how would I solve it? I'm happy to provide other information needed.






ssh group authentication pam ldap







share|improve this question

























  • What does your /etc/nsswitch.conf looks like for group? What is the output of getent YOURUSERNAME? Does your /etc/pam.d/sshd @include common-{session,auth,password,account}?

    – eppesuig
    Jan 4 '13 at 13:23











  • which process/steps you setup at client end ?

    – Rahul Patil
    Jan 4 '13 at 13:31






  • 1





    @Aurelien, when you have "shadow ldap", then pam_unix does the authentication retrieving the password info from nss.

    – Stéphane Chazelas
    Jan 17 '13 at 15:29






  • 1





    I think you're off track suspecting PAM. More likely a NIS problem. PAM has no idea of groups at all; it's all done through libc when sshd calls initgroups.

    – Nicholas Wilson
    Jan 19 '13 at 11:27






  • 1





    Actually, I slightly modify that: apparently some modules hook the pam_setcred call to establish user groups, which is why sshd calls initgroups before pam_setcred. Hmmm.

    – Nicholas Wilson
    Jan 19 '13 at 12:29


















14















We store our users in LDAP, alongside some groups that have meaning across different systems (organizational roles including wheel). There are also groups local to workstations, e.g. audio or video that are not desirable to be put into LDAP. Now if I log in locally I get those local groups, but if I log in via SSH into the same machine I lack them. They of course come back, if I use su straight afterwards. I may be on the wrong track, but suspect PAM.



Relevant entries from nsswitch.conf



passwd:      compat ldap

shadow:      compat ldap

group:       compat ldap


As for pam, always the auth line, but the other lines are the same



/etc/pam.d/sshd



auth            include         system-remote-login


/etc/pam.d/system-remote-login (identical to system-local-login I might add)



auth            include         system-login


/etc/pam.d/system-login



auth            required        pam_tally2.so onerr=succeed

auth            required        pam_shells.so 

auth            required        pam_nologin.so 

auth            include         system-auth

auth            optional        pam_gnome_keyring.so



account         required        pam_access.so 

account         required        pam_nologin.so 

account         include         system-auth

account         required        pam_tally2.so onerr=succeed 



password        include         system-auth

password        optional        pam_gnome_keyring.so



session         optional        pam_loginuid.so

session         required        pam_env.so 

session         optional        pam_lastlog.so 

session         include         system-auth

session         optional        pam_gnome_keyring.so auto_start

session         optional        pam_motd.so motd=/etc/motd

session         optional        pam_mail.so


/etc/pam.d/su 



auth       sufficient   pam_rootok.so

auth       required     pam_wheel.so use_uid

auth       include              system-auth



account    include              system-auth



password   include              system-auth



session    include              system-auth

session    required     pam_env.so

session    optional             pam_xauth.so


/etc/pam.d/common-auth:



auth    required     pam_group.so use_first_pass


What could be the problem and how would I solve it? I'm happy to provide other information needed.






ssh group authentication pam ldap







share|improve this question

























  • What does your /etc/nsswitch.conf looks like for group? What is the output of getent YOURUSERNAME? Does your /etc/pam.d/sshd @include common-{session,auth,password,account}?

    – eppesuig
    Jan 4 '13 at 13:23











  • which process/steps you setup at client end ?

    – Rahul Patil
    Jan 4 '13 at 13:31






  • 1





    @Aurelien, when you have "shadow ldap", then pam_unix does the authentication retrieving the password info from nss.

    – Stéphane Chazelas
    Jan 17 '13 at 15:29






  • 1





    I think you're off track suspecting PAM. More likely a NIS problem. PAM has no idea of groups at all; it's all done through libc when sshd calls initgroups.

    – Nicholas Wilson
    Jan 19 '13 at 11:27






  • 1





    Actually, I slightly modify that: apparently some modules hook the pam_setcred call to establish user groups, which is why sshd calls initgroups before pam_setcred. Hmmm.

    – Nicholas Wilson
    Jan 19 '13 at 12:29














14












14








14


5






We store our users in LDAP, alongside some groups that have meaning across different systems (organizational roles including wheel). There are also groups local to workstations, e.g. audio or video that are not desirable to be put into LDAP. Now if I log in locally I get those local groups, but if I log in via SSH into the same machine I lack them. They of course come back, if I use su straight afterwards. I may be on the wrong track, but suspect PAM.



Relevant entries from nsswitch.conf



passwd:      compat ldap

shadow:      compat ldap

group:       compat ldap


As for pam, always the auth line, but the other lines are the same



/etc/pam.d/sshd



auth            include         system-remote-login


/etc/pam.d/system-remote-login (identical to system-local-login I might add)



auth            include         system-login


/etc/pam.d/system-login



auth            required        pam_tally2.so onerr=succeed

auth            required        pam_shells.so 

auth            required        pam_nologin.so 

auth            include         system-auth

auth            optional        pam_gnome_keyring.so



account         required        pam_access.so 

account         required        pam_nologin.so 

account         include         system-auth

account         required        pam_tally2.so onerr=succeed 



password        include         system-auth

password        optional        pam_gnome_keyring.so



session         optional        pam_loginuid.so

session         required        pam_env.so 

session         optional        pam_lastlog.so 

session         include         system-auth

session         optional        pam_gnome_keyring.so auto_start

session         optional        pam_motd.so motd=/etc/motd

session         optional        pam_mail.so


/etc/pam.d/su 



auth       sufficient   pam_rootok.so

auth       required     pam_wheel.so use_uid

auth       include              system-auth



account    include              system-auth



password   include              system-auth



session    include              system-auth

session    required     pam_env.so

session    optional             pam_xauth.so


/etc/pam.d/common-auth:



auth    required     pam_group.so use_first_pass


What could be the problem and how would I solve it? I'm happy to provide other information needed.






ssh group authentication pam ldap







share|improve this question
















We store our users in LDAP, alongside some groups that have meaning across different systems (organizational roles including wheel). There are also groups local to workstations, e.g. audio or video that are not desirable to be put into LDAP. Now if I log in locally I get those local groups, but if I log in via SSH into the same machine I lack them. They of course come back, if I use su straight afterwards. I may be on the wrong track, but suspect PAM.



Relevant entries from nsswitch.conf



passwd:      compat ldap

shadow:      compat ldap

group:       compat ldap


As for pam, always the auth line, but the other lines are the same



/etc/pam.d/sshd



auth            include         system-remote-login


/etc/pam.d/system-remote-login (identical to system-local-login I might add)



auth            include         system-login


/etc/pam.d/system-login



auth            required        pam_tally2.so onerr=succeed

auth            required        pam_shells.so 

auth            required        pam_nologin.so 

auth            include         system-auth

auth            optional        pam_gnome_keyring.so



account         required        pam_access.so 

account         required        pam_nologin.so 

account         include         system-auth

account         required        pam_tally2.so onerr=succeed 



password        include         system-auth

password        optional        pam_gnome_keyring.so



session         optional        pam_loginuid.so

session         required        pam_env.so 

session         optional        pam_lastlog.so 

session         include         system-auth

session         optional        pam_gnome_keyring.so auto_start

session         optional        pam_motd.so motd=/etc/motd

session         optional        pam_mail.so


/etc/pam.d/su 



auth       sufficient   pam_rootok.so

auth       required     pam_wheel.so use_uid

auth       include              system-auth



account    include              system-auth



password   include              system-auth



session    include              system-auth

session    required     pam_env.so

session    optional             pam_xauth.so


/etc/pam.d/common-auth:



auth    required     pam_group.so use_first_pass


What could be the problem and how would I solve it? I'm happy to provide other information needed.






ssh group authentication pam ldap




ssh group authentication pam ldap






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Feb 14 '13 at 18:45







Max

















asked Jan 4 '13 at 12:46









MaxMax

662414




662414













  • What does your /etc/nsswitch.conf looks like for group? What is the output of getent YOURUSERNAME? Does your /etc/pam.d/sshd @include common-{session,auth,password,account}?

    – eppesuig
    Jan 4 '13 at 13:23











  • which process/steps you setup at client end ?

    – Rahul Patil
    Jan 4 '13 at 13:31






  • 1





    @Aurelien, when you have "shadow ldap", then pam_unix does the authentication retrieving the password info from nss.

    – Stéphane Chazelas
    Jan 17 '13 at 15:29






  • 1





    I think you're off track suspecting PAM. More likely a NIS problem. PAM has no idea of groups at all; it's all done through libc when sshd calls initgroups.

    – Nicholas Wilson
    Jan 19 '13 at 11:27






  • 1





    Actually, I slightly modify that: apparently some modules hook the pam_setcred call to establish user groups, which is why sshd calls initgroups before pam_setcred. Hmmm.

    – Nicholas Wilson
    Jan 19 '13 at 12:29



















  • What does your /etc/nsswitch.conf looks like for group? What is the output of getent YOURUSERNAME? Does your /etc/pam.d/sshd @include common-{session,auth,password,account}?

    – eppesuig
    Jan 4 '13 at 13:23











  • which process/steps you setup at client end ?

    – Rahul Patil
    Jan 4 '13 at 13:31






  • 1





    @Aurelien, when you have "shadow ldap", then pam_unix does the authentication retrieving the password info from nss.

    – Stéphane Chazelas
    Jan 17 '13 at 15:29






  • 1





    I think you're off track suspecting PAM. More likely a NIS problem. PAM has no idea of groups at all; it's all done through libc when sshd calls initgroups.

    – Nicholas Wilson
    Jan 19 '13 at 11:27






  • 1





    Actually, I slightly modify that: apparently some modules hook the pam_setcred call to establish user groups, which is why sshd calls initgroups before pam_setcred. Hmmm.

    – Nicholas Wilson
    Jan 19 '13 at 12:29

















What does your /etc/nsswitch.conf looks like for group? What is the output of getent YOURUSERNAME? Does your /etc/pam.d/sshd @include common-{session,auth,password,account}?

– eppesuig
Jan 4 '13 at 13:23





What does your /etc/nsswitch.conf looks like for group? What is the output of getent YOURUSERNAME? Does your /etc/pam.d/sshd @include common-{session,auth,password,account}?

– eppesuig
Jan 4 '13 at 13:23













which process/steps you setup at client end ?

– Rahul Patil
Jan 4 '13 at 13:31





which process/steps you setup at client end ?

– Rahul Patil
Jan 4 '13 at 13:31




1




1





@Aurelien, when you have "shadow ldap", then pam_unix does the authentication retrieving the password info from nss.

– Stéphane Chazelas
Jan 17 '13 at 15:29





@Aurelien, when you have "shadow ldap", then pam_unix does the authentication retrieving the password info from nss.

– Stéphane Chazelas
Jan 17 '13 at 15:29




1




1





I think you're off track suspecting PAM. More likely a NIS problem. PAM has no idea of groups at all; it's all done through libc when sshd calls initgroups.

– Nicholas Wilson
Jan 19 '13 at 11:27





I think you're off track suspecting PAM. More likely a NIS problem. PAM has no idea of groups at all; it's all done through libc when sshd calls initgroups.

– Nicholas Wilson
Jan 19 '13 at 11:27




1




1





Actually, I slightly modify that: apparently some modules hook the pam_setcred call to establish user groups, which is why sshd calls initgroups before pam_setcred. Hmmm.

– Nicholas Wilson
Jan 19 '13 at 12:29





Actually, I slightly modify that: apparently some modules hook the pam_setcred call to establish user groups, which is why sshd calls initgroups before pam_setcred. Hmmm.

– Nicholas Wilson
Jan 19 '13 at 12:29










4 Answers
4






active

oldest

votes


















3














I took heart today and finally solved it. The pam chain works like this





  • /etc/pam.d/sshd includes:



    • /etc/pam.d/system-remote-login that includes:



      • /etc/pam.d/system-login that includes:



        • /etc/pam.d/system-auth which has an optional requirement








Apparently the last include does not work for some reason. The reason why I was so puzzled so far was that I trusted that these includes would work, which wasn't the case. If someone can explain why I'd be very grateful. I know this because if i add the line 



auth    optional  pam_group.so


into the /etc/pam.d/system-login then it works.






share|improve this answer

































    1














    The login program (which sets up your environment, including UID, GID and supplemental groups) gets data on username <--> UID, GID and the supplementary groups to which username belongs, from some sort of database. Traditionally from the /etc/passwd and /etc/groups files, today also from LDAP. Depending on the data source, the groups you get assigned can vary.



    Be careful, if different sources are mixed you can very well end up with an account with the same name but different UIDs (the system really uses UID internally), or different sets of groups. The result is normally very entertaining for the casual onlooker, while leading to premature baldness due to extensive hair-pulling for the parties in charge. (Been there.)






    share|improve this answer































      0














      Into nsswitch.conf: 




      
    group:          compat ldap


      afaik this calls getgrent, which gets the groups (group entries)



      EDIT: another thing is to add the following to /etc/pam.d/common-auth: 



      auth    required     pam_group.so use_first_pass


      for more information have a look here: Assign local groups to users and maybe this newgrp-and-groups-assigned-via-pam-group-so






      share|improve this answer


























      • That line is already present just like that.

        – Max
        Feb 14 '13 at 11:02











      • maybe add it to "Relevant entries from nsswitch.conf" in your question.

        – xx4h
        Feb 14 '13 at 18:08













      • done and the edit didn't help unfortunately.

        – Max
        Feb 14 '13 at 18:45











      • did you do pam-auth-update and a nscd restart?

        – xx4h
        Feb 14 '13 at 19:14



















      0














      I had an almost similar problem: when logged in using ssh, some groups were missing. It has been solved by changing /etc/nsswitch.conf:



      group:      compat  -> group:      files nis





      share|improve this answer


























        Your Answer








        StackExchange.ready(function() {
        var channelOptions = {
        tags: "".split(" "),
        id: "106"
        };
        initTagRenderer("".split(" "), "".split(" "), channelOptions);

        StackExchange.using("externalEditor", function() {
        // Have to fire editor after snippets, if snippets enabled
        if (StackExchange.settings.snippets.snippetsEnabled) {
        StackExchange.using("snippets", function() {
        createEditor();
        });
        }
        else {
        createEditor();
        }
        });

        function createEditor() {
        StackExchange.prepareEditor({
        heartbeatType: 'answer',
        autoActivateHeartbeat: false,
        convertImagesToLinks: false,
        noModals: true,
        showLowRepImageUploadWarning: true,
        reputationToPostImages: null,
        bindNavPrevention: true,
        postfix: "",
        imageUploader: {
        brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
        contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
        allowUrls: true
        },
        onDemand: true,
        discardSelector: ".discard-answer"
        ,immediatelyShowMarkdownHelp:true
        });


        }
        });














        draft saved

        draft discarded


















        StackExchange.ready(
        function () {
        StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f60285%2fgroups-differ-from-the-local-ones-when-logging-in-remotely%23new-answer', 'question_page');
        }
        );

        Post as a guest















        Required, but never shown

























        4 Answers
        4






        active

        oldest

        votes








        4 Answers
        4






        active

        oldest

        votes









        active

        oldest

        votes






        active

        oldest

        votes









        3














        I took heart today and finally solved it. The pam chain works like this





        • /etc/pam.d/sshd includes:



          • /etc/pam.d/system-remote-login that includes:



            • /etc/pam.d/system-login that includes:



              • /etc/pam.d/system-auth which has an optional requirement








        Apparently the last include does not work for some reason. The reason why I was so puzzled so far was that I trusted that these includes would work, which wasn't the case. If someone can explain why I'd be very grateful. I know this because if i add the line 



        auth    optional  pam_group.so


        into the /etc/pam.d/system-login then it works.






        share|improve this answer






























          3














          I took heart today and finally solved it. The pam chain works like this





          • /etc/pam.d/sshd includes:



            • /etc/pam.d/system-remote-login that includes:



              • /etc/pam.d/system-login that includes:



                • /etc/pam.d/system-auth which has an optional requirement








          Apparently the last include does not work for some reason. The reason why I was so puzzled so far was that I trusted that these includes would work, which wasn't the case. If someone can explain why I'd be very grateful. I know this because if i add the line 



          auth    optional  pam_group.so


          into the /etc/pam.d/system-login then it works.






          share|improve this answer




























            3












            3








            3







            I took heart today and finally solved it. The pam chain works like this





            • /etc/pam.d/sshd includes:



              • /etc/pam.d/system-remote-login that includes:



                • /etc/pam.d/system-login that includes:



                  • /etc/pam.d/system-auth which has an optional requirement








            Apparently the last include does not work for some reason. The reason why I was so puzzled so far was that I trusted that these includes would work, which wasn't the case. If someone can explain why I'd be very grateful. I know this because if i add the line 



            auth    optional  pam_group.so


            into the /etc/pam.d/system-login then it works.






            share|improve this answer















            I took heart today and finally solved it. The pam chain works like this





            • /etc/pam.d/sshd includes:



              • /etc/pam.d/system-remote-login that includes:



                • /etc/pam.d/system-login that includes:



                  • /etc/pam.d/system-auth which has an optional requirement








            Apparently the last include does not work for some reason. The reason why I was so puzzled so far was that I trusted that these includes would work, which wasn't the case. If someone can explain why I'd be very grateful. I know this because if i add the line 



            auth    optional  pam_group.so


            into the /etc/pam.d/system-login then it works.







            share|improve this answer














            share|improve this answer



            share|improve this answer








            edited 2 hours ago









            Rui F Ribeiro

            41.9k1483142




            41.9k1483142










            answered Jun 18 '13 at 13:29









            MaxMax

            662414




            662414

























                1














                The login program (which sets up your environment, including UID, GID and supplemental groups) gets data on username <--> UID, GID and the supplementary groups to which username belongs, from some sort of database. Traditionally from the /etc/passwd and /etc/groups files, today also from LDAP. Depending on the data source, the groups you get assigned can vary.



                Be careful, if different sources are mixed you can very well end up with an account with the same name but different UIDs (the system really uses UID internally), or different sets of groups. The result is normally very entertaining for the casual onlooker, while leading to premature baldness due to extensive hair-pulling for the parties in charge. (Been there.)






                share|improve this answer




























                  1














                  The login program (which sets up your environment, including UID, GID and supplemental groups) gets data on username <--> UID, GID and the supplementary groups to which username belongs, from some sort of database. Traditionally from the /etc/passwd and /etc/groups files, today also from LDAP. Depending on the data source, the groups you get assigned can vary.



                  Be careful, if different sources are mixed you can very well end up with an account with the same name but different UIDs (the system really uses UID internally), or different sets of groups. The result is normally very entertaining for the casual onlooker, while leading to premature baldness due to extensive hair-pulling for the parties in charge. (Been there.)






                  share|improve this answer


























                    1












                    1








                    1







                    The login program (which sets up your environment, including UID, GID and supplemental groups) gets data on username <--> UID, GID and the supplementary groups to which username belongs, from some sort of database. Traditionally from the /etc/passwd and /etc/groups files, today also from LDAP. Depending on the data source, the groups you get assigned can vary.



                    Be careful, if different sources are mixed you can very well end up with an account with the same name but different UIDs (the system really uses UID internally), or different sets of groups. The result is normally very entertaining for the casual onlooker, while leading to premature baldness due to extensive hair-pulling for the parties in charge. (Been there.)






                    share|improve this answer













                    The login program (which sets up your environment, including UID, GID and supplemental groups) gets data on username <--> UID, GID and the supplementary groups to which username belongs, from some sort of database. Traditionally from the /etc/passwd and /etc/groups files, today also from LDAP. Depending on the data source, the groups you get assigned can vary.



                    Be careful, if different sources are mixed you can very well end up with an account with the same name but different UIDs (the system really uses UID internally), or different sets of groups. The result is normally very entertaining for the casual onlooker, while leading to premature baldness due to extensive hair-pulling for the parties in charge. (Been there.)







                    share|improve this answer












                    share|improve this answer



                    share|improve this answer










                    answered Jan 17 '13 at 23:32









                    vonbrandvonbrand

                    14.3k22745




                    14.3k22745























                        0














                        Into nsswitch.conf: 




                        
    group:          compat ldap


                        afaik this calls getgrent, which gets the groups (group entries)



                        EDIT: another thing is to add the following to /etc/pam.d/common-auth: 



                        auth    required     pam_group.so use_first_pass


                        for more information have a look here: Assign local groups to users and maybe this newgrp-and-groups-assigned-via-pam-group-so






                        share|improve this answer


























                        • That line is already present just like that.

                          – Max
                          Feb 14 '13 at 11:02











                        • maybe add it to "Relevant entries from nsswitch.conf" in your question.

                          – xx4h
                          Feb 14 '13 at 18:08













                        • done and the edit didn't help unfortunately.

                          – Max
                          Feb 14 '13 at 18:45











                        • did you do pam-auth-update and a nscd restart?

                          – xx4h
                          Feb 14 '13 at 19:14
















                        0














                        Into nsswitch.conf: 




                        
    group:          compat ldap


                        afaik this calls getgrent, which gets the groups (group entries)



                        EDIT: another thing is to add the following to /etc/pam.d/common-auth: 



                        auth    required     pam_group.so use_first_pass


                        for more information have a look here: Assign local groups to users and maybe this newgrp-and-groups-assigned-via-pam-group-so






                        share|improve this answer


























                        • That line is already present just like that.

                          – Max
                          Feb 14 '13 at 11:02











                        • maybe add it to "Relevant entries from nsswitch.conf" in your question.

                          – xx4h
                          Feb 14 '13 at 18:08













                        • done and the edit didn't help unfortunately.

                          – Max
                          Feb 14 '13 at 18:45











                        • did you do pam-auth-update and a nscd restart?

                          – xx4h
                          Feb 14 '13 at 19:14














                        0












                        0








                        0







                        Into nsswitch.conf: 




                        
    group:          compat ldap


                        afaik this calls getgrent, which gets the groups (group entries)



                        EDIT: another thing is to add the following to /etc/pam.d/common-auth: 



                        auth    required     pam_group.so use_first_pass


                        for more information have a look here: Assign local groups to users and maybe this newgrp-and-groups-assigned-via-pam-group-so






                        share|improve this answer















                        Into nsswitch.conf: 




                        
    group:          compat ldap


                        afaik this calls getgrent, which gets the groups (group entries)



                        EDIT: another thing is to add the following to /etc/pam.d/common-auth: 



                        auth    required     pam_group.so use_first_pass


                        for more information have a look here: Assign local groups to users and maybe this newgrp-and-groups-assigned-via-pam-group-so







                        share|improve this answer














                        share|improve this answer



                        share|improve this answer








                        edited Apr 13 '17 at 12:36









                        Community

                        1




                        1










                        answered Feb 13 '13 at 6:26









                        xx4hxx4h

                        1,9171216




                        1,9171216













                        • That line is already present just like that.

                          – Max
                          Feb 14 '13 at 11:02











                        • maybe add it to "Relevant entries from nsswitch.conf" in your question.

                          – xx4h
                          Feb 14 '13 at 18:08













                        • done and the edit didn't help unfortunately.

                          – Max
                          Feb 14 '13 at 18:45











                        • did you do pam-auth-update and a nscd restart?

                          – xx4h
                          Feb 14 '13 at 19:14



















                        • That line is already present just like that.

                          – Max
                          Feb 14 '13 at 11:02











                        • maybe add it to "Relevant entries from nsswitch.conf" in your question.

                          – xx4h
                          Feb 14 '13 at 18:08













                        • done and the edit didn't help unfortunately.

                          – Max
                          Feb 14 '13 at 18:45











                        • did you do pam-auth-update and a nscd restart?

                          – xx4h
                          Feb 14 '13 at 19:14

















                        That line is already present just like that.

                        – Max
                        Feb 14 '13 at 11:02





                        That line is already present just like that.

                        – Max
                        Feb 14 '13 at 11:02













                        maybe add it to "Relevant entries from nsswitch.conf" in your question.

                        – xx4h
                        Feb 14 '13 at 18:08







                        maybe add it to "Relevant entries from nsswitch.conf" in your question.

                        – xx4h
                        Feb 14 '13 at 18:08















                        done and the edit didn't help unfortunately.

                        – Max
                        Feb 14 '13 at 18:45





                        done and the edit didn't help unfortunately.

                        – Max
                        Feb 14 '13 at 18:45













                        did you do pam-auth-update and a nscd restart?

                        – xx4h
                        Feb 14 '13 at 19:14





                        did you do pam-auth-update and a nscd restart?

                        – xx4h
                        Feb 14 '13 at 19:14











                        0














                        I had an almost similar problem: when logged in using ssh, some groups were missing. It has been solved by changing /etc/nsswitch.conf:



                        group:      compat  -> group:      files nis





                        share|improve this answer






























                          0














                          I had an almost similar problem: when logged in using ssh, some groups were missing. It has been solved by changing /etc/nsswitch.conf:



                          group:      compat  -> group:      files nis





                          share|improve this answer




























                            0












                            0








                            0







                            I had an almost similar problem: when logged in using ssh, some groups were missing. It has been solved by changing /etc/nsswitch.conf:



                            group:      compat  -> group:      files nis





                            share|improve this answer















                            I had an almost similar problem: when logged in using ssh, some groups were missing. It has been solved by changing /etc/nsswitch.conf:



                            group:      compat  -> group:      files nis






                            share|improve this answer














                            share|improve this answer



                            share|improve this answer








                            edited Aug 27 '14 at 14:22









                            Networker

                            6,076104170




                            6,076104170










                            answered Aug 27 '14 at 14:02









                            Jean-Francois BocquetJean-Francois Bocquet

                            1




                            1






























                                draft saved

                                draft discarded




















































                                Thanks for contributing an answer to Unix & Linux Stack Exchange!


                                • Please be sure to answer the question. Provide details and share your research!

                                But avoid



                                • Asking for help, clarification, or responding to other answers.

                                • Making statements based on opinion; back them up with references or personal experience.


                                To learn more, see our tips on writing great answers.




                                draft saved


                                draft discarded














                                StackExchange.ready(
                                function () {
                                StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f60285%2fgroups-differ-from-the-local-ones-when-logging-in-remotely%23new-answer', 'question_page');
                                }
                                );

                                Post as a guest















                                Required, but never shown





















































                                Required, but never shown














                                Required, but never shown












                                Required, but never shown







                                Required, but never shown

































                                Required, but never shown














                                Required, but never shown












                                Required, but never shown







                                Required, but never shown







                                -

                                Popular posts from this blog

                                CARDNET

                                Image
                                CARDNET は日本カードネットワークが運営するクレジット決済ネットワーク。日本カードネットワークの略称としてもCARDNETが使用されている。 事件・事故 2017年4月15日午前11時8分からクレジットカードの決済がしづらくなる障害が発生した。障害は同日午後5時18分に復旧した。原因は、複数あるCARDNETセンターの拠点のうち1つで、2重化してあるL3スイッチの片方が故障し、1系統にトラフィックが集中したことによる輻輳が発生したため。対処としては、故障したL3スイッチ交換とシステム再起動が行われた [1] 。 出典 ^ 金子寛人 ( 2017年4月17日 ). “CARDNETのクレジット決済に6時間強障害、原因はL3スイッチ故障”. 日経コンピュータ. 2018年10月18日 閲覧。 この項目は、コンピュータに関連した 書きかけの項目 です。この項目を加筆・訂正などしてくださる協力者を求めています(PJ:コンピュータ/P:コンピュータ)。 この項目は、経済に関連した 書きかけの項目 です。この項目を加筆・訂正などしてくださる協力者を求めています(ポータル 経済学、プロジェクト 経済)。 This page is only for reference, If you need detailed information, please check here
                                Read more

                                Boot-repair Failure: Unable to locate package grub-common:i386

                                Image
                                0 I am on a system dual-booting Windows and Debian (usually using the latter), and a recent Windows update appears to have wreaked havoc on the Debian boot system. I managed to boot Windows again, but not Linux. Following online suggestions, I created a Live USB of Ubuntu, and booted from that. Then I have installed and run the boot-repair utility. The utility instructs me to type several lines including sudo chroot "/mnt/boot-sav/sda6" apt-get purge -y grub*-common grub-common:i386 To which I receive the error E: Unable to locate package grub-common:i386 I am given to understand the issue may have to do with having UEFI vs BIOS (I believe I have UEFI), but do not understand this well. In any case I have subsequently run the boot-repair BootInfo Summary utility which created the following file h
                                Read more

                                濃尾地震

                                Image
                                濃尾地震 『岐阜市街大地震之図』 歌川国利画 本震 発生日 1891年(明治24年)10月28日 発生時刻 6時38分50秒(JST) 震央 日本 岐阜県本巣郡西根尾村(現・本巣市) 北緯35度35分 東経136度20分( 地図 ) 規模    マグニチュード(M)8.0 最大震度    震度7: 注1 福井県今立郡鯖江町、愛知県葉栗郡大田島村、東春日井郡勝川村 地震の種類 直下型地震 被害 死傷者数 死者7,273人、負傷者17,175人 注1:当時の震度階級では「激烈」 プロジェクト:地球科学 プロジェクト:災害 テンプレートを表示 濃尾地震 (のうびじしん)は、1891年(明治24年)10月28日に濃尾地方で発生した、日本史上最大の内陸地殻内地震。「 美濃・尾張地震 (みの・おわりじしん)」とも呼ばれている。辛卯の年に発生したことから 辛卯震災 と呼んでいる報告書もある。 目次 1 概要 1.1 震源断層 2 被害 3 各地の震度 4 前兆現象 5 報道 6 学術的な意義 7 地震防災 8 脚注 9 関連項目 10 外部リンク 概要 濃尾地震発生当時の根尾谷断層 濃尾地震を引き起こした根尾谷断層 写真中央を斜めに走る段差が根尾谷断層 濃尾地震は、1891年10月28日6時38分50秒に発生した。震源は、岐阜県本巣郡西根尾村(現・本巣市)、北緯35度35分、東経136度20分付近。河角廣 (1951) は岐阜市付近(北緯35.6度、東経136.6度)に震央を仮定し規模 M K = 7.0 を与え [1] 、マグニチュードは M = 8.4 に換算されているが、明治・大正期の地震については0.5程度大きく見積もられているとされる [2] 。また、震央距離と震度との関係など当時のデータから後にM8.0 [3] とも推定される。アメリカ地質調査所 (USGS) でも8.0としている [4] 。「根尾谷断層帯」が活動した典型的な内陸地殻内地震(いわゆる直下型地震)であり、これは記録が残っている日本の内陸
                                Read more