Well, that's the question I am now asking myself.
As I mentioned before, it was because it was in my "notes" to
switch the order.  But I don't remember why exactly.

And yes, the passwd, shadow, and group content are all on my
nismaster and nisslave systems as NIS maps to override the
same files on all NIS clients.  There are no "real person" entries
in the password file on any of my systems, so real people login
to my systems using credentials from the NIS maps.

I believe the thinking for the 'nis files' order was in case some
app got installed that wanted to create a /sbin/nologin entry in
/etc/passwd and its own group in /etc/group that might conflict
with a users UID/GID from our NIS maps.

That used to happen in the old days before
system-config-users pretty much kept generated UIDs/GIDs well out
of the range that an installed piece of software might use.
I believe the rule is now that real people users get a UID > 500
and installed apps (like ntop, UID:103, GID:160) use UIDs < 500,
but I don't know if that's a hard and fast rule with apps or not.
I do the same thing with any local group I create - give it a
GID > 500.

I think it was many years ago (circa mid-90's) when I came on
board and we were transitioning from old Sun systems (that someone
else had set up) to RedHat that I discovered some legacy users
with UIDs/GIDs that conflicted with some stock entries in the
RedHat passwd file necessitating changing the users' UIDs/GIDs
everywhere.  Messy!

- Larry

On 3/3/15 1:41 PM, Ken Teh wrote:
> Just out of curiosity, why *do* you switch them around?  Are you
> overriding the password/group/etc, content?  My NIS maps only contain
> content that is local to the cluster.  Leaves the system accounts, etc,
> untouched.
>
>
> On 03/03/2015 01:33 PM, P. Larry Nelson wrote:
>> Hi Ken,
>>
>> On 3/3/15 1:06 PM, Ken Teh wrote:
>>> I wonder if the loopback shutdown is a red herring.  The "files nis"
>>> switch around seems more like a clue.  Perhaps some outstanding RPC
>>> after the network shutdowns (ethx's are down before the loop, no?)
>>
>> Correct - all other net interfaces go down first.
>>
>>> I'd try playing around the shutting down these bits manually in various
>>> permutations leaving the system running to see if it hangs.
>>>
>>> I have SL6.x systems running NIS without problems but then I did not
>>> reverse the "files nis" in nsswitch.conf.
>>
>> Actually, I think that is really the problem (but the "why" may just
>> have to wait until another day or just file it away in my big file
>> cabinet of unsolved linux weirdities).
>>
>> I took a look at a sampling of some older SL5.x nodes that have been up
>> and running for years and see that they all have 'files nis' order, all
>> apparently without any problems or complications.
>>
>> Thing is, I have in my "notes" on bringing up a new node, "Don't forget
>> to edit nsswitch.conf with 'nis files' order.  But the problem is I
>> just don't remember why I wrote that!  I'd like to think that my "notes"
>> are things I figured out once so I don't have to revisit the issue
>> every time.  Apparently I didn't figure it out well enough.
>>
>> So, I guess I'll just return to the default order of 'files nis' and
>> forget the whole thing and get some sleep.  :-)
>>
>> But it's still a weird bug, which bugs me......
>>
>> Thanks!
>> - Larry
>>


-- 
P. Larry Nelson (217-244-9855) | IT Administrator
461 Loomis Lab                 | High Energy Physics Group
1110 W. Green St., Urbana, IL  | Physics Dept., Univ. of Ill.
MailTo:[log in to unmask]    | http://www.brf-llc.com/lnelson/
-------------------------------------------------------------------
  "Information without accountability is just noise."  - P.L. Nelson