Ok, here’s a quick one.

I recently had the Ubuntu upgrade popup kick in on my desktop computer, prompting me to upgrade to Ubuntu 20.04. It was a rainy afternoon, so I went ahead.

Things seemed to go fine (even my dual screen Nvidia setup worked), but I could no longer log in from either the desktop or ssh. The local root account was fine, but none of the network users could log in.

So, this was an NIS / ypbind problem.

I logged in as root and ran ypwhich, which reported it could not connect to ypbind. However, networking was working, and I could ping the NIS server.

Running /etc/init.d/nis restart didn’t do anything, but when I ran ypbind manually, all of a sudden I was able to log in.

Ubuntu likes to change their startup scripts as often as politicians like to change their faces, so I wasn’t overly surprised. Most likely the startup order had changed, and maybe NIS was being brought up before networking was initialised.

My quick and dirty solution

Ok, so I’m getting old, and I don’t enjoy this as much as I once did. I’d rather not spend the entire day deep in the bowls of upstart or systemd or whatever the new thing Ubuntu is using today.

So, this isn’t the correct solution, but it works.

  1. Log in as root
  2. Edit the crontab: crontab -e
  3. Add this line: @reboot /usr/sbin/ypbind &

Save and reboot, and you should be able to log in.

Yes, I know this is dirty, but honestly life is too short!

Another quick update, I have added support for password grants to the Known OAuth2 server.

Logging in using a username and password is exactly the sort of thing that OAuth2 was developed to avoid, however support for the password grant is a handy thing to have.

For a start, it makes it a lot easier to use the API via a command line application, or to present a familiar UX for people using a custom Known client (e.g. a mobile app).

Having password grant support will also allow us to deprecate the built in HTTP Header authentication method. This method is simple, and works well enough, but it is far from being a standard, and so requires people to write their own libraries to use it!

Using OAuth will also let those clients make use of OpenID connect, and the future federation stuff I hope to get time to build one of these days.

Anyway, hope this is useful to you!

» Visit the project on Github...