How to configure NIS (Yellow Pages)

 

CLASS.SUN Network

All the computers are pure Darvins (Sun Ultra 5s).

SS7.master -
Sun Solaris 7, SunOS 5.7
hostname=student1, ip=192.168.0.1
SS7.slave -
Sun Solaris 7, SunOS 5.7
hostname=class, ip=192.168.0.10
COL23 -
Caldera OpenLinux 2.3, Linux 2.2.9
hostname=student2, ip=192.168.0.2
RHL62 -
Red Hat Linux 6.2 (KDE Workstation), Linux 2.2.14-5.0
hostname=student5, ip=192.168.0.5
 

SS7.master -- NIS master server

    1. Name Service Switch Configuration

      2. Copy /etc/nsswitch.nis file to /etc/nsswitch.conf (then edit, if necessary).

    2. Specifying NIS domain

      3. Specify NIS domain name, then save it in file [to obtain from on re-boot]. 

      # domainname class.sun
# domainname > /etc/defaultdomain
    3. Initializing data base

      4. Create directory (e.g. /etc/.ypfiles) and copy/symlink into there all necessary files from /etc directory (in my setup all users' home directories should be automounted from student1 server): 

      # touch /etc/ethers /etc/bootparams /etc/locale /etc/timezone
# mkdir /etc/.ypfiles ; cd /etc/.ypfiles
# grep -v ^+auto_master ../auto_master > auto_master
# echo "* student1:/export/home/&" > auto_home
# echo "* type:=nfs;rhost:=student1;rfs:=/export/home/${key}" > amd.home
# ln -s ../bootparams .
# ln -s ../ethers .
# ln -s ../group .
# ln -s ../inet/hosts .
# ln -s ../locale .
# ln -s ../netgroup .
# ln -s ../inet/netmasks .
# ln -s ../inet/networks .
# grep -v ^root: ../passwd > passwd
# ln -s ../inet/protocols .
# ln -s ../publickey .
# ln -s ../rpc .
# ln -s ../inet/services .
# grep -v ^root: ../shadow > shadow
# ln -s ../timezone .
    4. Editing the Makefile

      5. A few thing should be reflected in the /var/yp/Makefile file - new source directory (/etc/.ypfiles instead of /etc), paranoidal security requirements in sendmail MTA (since version 8.9.x, it insists [by default] that all the directories on the path to aliases file must be writable by owner ONLY!), and additional maps, locale.byname and amd.home (latter one for Linux-based clients, who use amd instead of Sun's automount). 

      # cd /var/yp
# patch -bcl Makefile < Makefile_diff.txt
    5. Building NIS master maps

      6. New master maps may be created with the following command: 

      # ypinit -m

      If you just changed one (or several) of source files, rebuild NIS maps this way: 

      # cd /var/yp ; /usr/ccs/bin/make
    6. Starting NIS services
      7. # /usr/lib/netsvc/yp/ypstart

      On system boot this command will be executed as part of /etc/rc2.d/S71rpc init script.

 

SS7.slave -- NIS client

    1. Name Service Switch Configuration

      2. Copy /etc/nsswitch.nis file to /etc/nsswitch.conf (then edit, if necessary).

    2. Specifying NIS domain and servers

      3. Specify NIS domain name, then save it in file [to obtain from on re-boot]. 

      # domainname class.sun
# domainname > /etc/defaultdomain

      Initialize the system as YP client. When prompted, enter names (or IP-addresses; but both name and IP-address must be present in /etc/inet/hosts file) of master server, then all slaves. If this host is supposed to become NIS slave server, enter its own name first, then name of master server, followed by names of other slave servers. 

      # ypinit -c
    3. Give a chance to automounter

      4. By default, automounter config files (/etc/auto_master and /etc/auto_home) provide references to NIS+ tables with right the same names, but NIS/YP maps have names with dots ('.') instead of underscores ('_'). 

      # cat >>/var/yp/nicknames <<EOF
auto_master auto.master
auto_home auto.home
EOF
    4. Starting naming service on boot

      5. NIS software will be started on boot (/usr/lib/netsvc/yp/ypstart) as part of /etc/rc2.d/S71rpc init script.

 

SS7.slave -- NIS slave server

      In addition to steps (1-2) listed few lines above:

    1. Initializing system as slave NIS server

      2. Enter ypinit command once again: 

      (class)# ypinit -s student1

      Then start YP services on slave by manually running /usr/lib/netsvc/yp/ypstart command.

    2. Re-configuring NIS master server

      3. Go to master server (student1 in our case) and run ypinit -m command once again, specifying newly configured host as one of slaves. Then restart YP services on master: 

      (student1)# /usr/lib/netsvc/yp/ypstop
(student1)# /usr/lib/netsvc/yp/ypstart
 

COL23 -- NIS client

    1. Prerequisites

      2. Both nis-client-2.0-7 package and /var/nis directory are installed/present on default installation.

     
  1. Using /bin/vi

    1. Specifying NIS domain and servers

      2. The following lines should be added to /etc/nis.conf file: 

      domain class.sun server 192.168.0.1
ypserver 192.168.0.10
    2. Starting naming service on boot

      3. By default, there are the following files in the /etc/rc.d/rc[345].d directories: 

      S15inet -> ../init.d/inet
S20netmount -> ../init.d/netmount
S21nis-client -> ../init.d/nis-client

      Guess, it would be better to try to mount NFS resources after start-up of naming services, so, the netmount should be started after nis-client, not before! 

      # cd /etc/rc.d
# rm rc[345].d/S20netmount
# ln -s ../init.d/netmount rc3.d/S22netmount
# ln -s ../init.d/netmount rc4.d/S22netmount
# ln -s ../init.d/netmount rc5.d/S22netmount

      But the S21nis-client file in appropriate directory is not enough to start service on boot! The following line should be placed into /etc/sysconfig/daemons/nis-client file: 

      ONBOOT=yes
    3. Give a chance to LISA/COAS

      4. The following section should be edited in the /etc/system.cnf file: 

      # NIS/YP Server:
#
CONF_NIS_DOMAIN="class.sun"
CONF_NIS_SERVER1_IP="192.168.0.1"
CONF_NIS_SERVER2_IP="192.168.0.10"
CONF_NIS_SERVER3_IP=""
      Although these two lines are present in the /etc/lst.cnf file 
      # NIS/YP setup
#
FILE_NIS_CONF=/etc/nis.conf
FILE_NIS_DEFAULTDOMAIN=/etc/defaultdomain
      the defaultdomain file will not be created by LISA, nor COAS, and this file isn't created by default, and even it's not necessary (as NIS domain name would be obtained from nis.conf file on boot).


     
  2. Using LISA

    1. Specifying NIS domain and servers

      2. Start OpenLinux Installation & System Administration program with "lisa --nis" command, then go to NIS client configuration menu:

      Specify NIS domain name (LISA2), then press Enter, and in the next three dialog windows specify up to three NIS servers (LISA3).

    2. Starting naming service on boot

      3. Start LISA with "lisa --daemons" command, find NIS (client part) service, select it with Space tab, then exit the program.



     
  3. Using COAS

    1. Specifying NIS domain and servers

      2. Press on COAS (Caldera Open Administration System) icon, choose Network, then TCP/IP, NIS.

      See 5th Chapter of OpenLinux eServer 2.3 System Administrator's Guide for future details (as I was unable to start this subsection of COAS on my Darvin, sorry about that).

    2. Starting naming service on boot

      3. Press on COAS icon, choose System, then Daemons (COAS2).

      Find "NIS ... (client part)" in the list of System services, tick it, then press on OK button:




 
By default, the /etc/nsswitch.conf file contains "compat" keyword in "passwd:", "shadow:", and "group:" entries, so, it may be necessary to replace existing entries with the following: 
passwd: files nis
shadow: files nis
group: files nis


     
  1. Amd (am-utils-6.0-6)

    2. The am-utils package is installed by default. The following section should be added to amd's configuration file (and daemon restarted): 

    # /etc/rc.d/init.d/amd stop
# cat >> /etc/am.d/conf <<EOF

[/home]
browsable_dirs = no
map_name       = amd.home
map_type       = nis

EOF
# /etc/rc.d/init.d/amd start
 

RHL62 -- NIS client

    1. Prerequisites

      2. Both ypbind-3.3-28 and yp-tools-2.4-1 packages and /var/yp directory were present on my KDE Workstation.

     
  1. Using /bin/vi

    1. Specifying NIS domain and servers

      2. Add the following in to /etc/sysconfig/network file: 

      NISDOMAIN=class.sun

      NIS servers should be listed in /etc/yp.conf: 

      ypserver 192.168.0.1
ypserver 192.168.0.10
    2. Starting naming service on boot

      3. Run control init scripts (/etc/rc.d/rc[345].d/S17ypbind, by default) should be created with the following command: 

      # chkonfig --level 345 ypbind on
     
  2. Using linuxconf --text

    1. Specifying NIS domain and servers

      2. Start linuxconf program in text mode and go to NIS client configuration section:

      Type in NIS domain and nearest server's IP address (LINUXCONF2 one server only :-(), and don't forget to activate your changes (LINUXCONF3) on exit.

    2. Starting naming service on boot

      3. All the tasks of chkconfig command (above) may be accomplished in more "visualized" fashion with "ntsysv --level 345" command:

      Mark "ypbind" service (by pressing Space tab), then confirm your choice with Ok.

     
  3. Using linuxconf --gui

    1. Specifying NIS domain and servers

      2. Using linuxconf program in GUI mode, one can specify (right as in text mode) one NIS server only :-( (LINUXCONF4).

    2. Starting naming service on boot

      3. Tksysv, the SYSV Runlevel Manager ("tksysv 3 4 5") may be used to place ypbind run control script into appropriate director(-y|-ies):

      Adding script, one has to specify an appropriate init level (TKSYSV2), and then choose sequence number (default value, as specified in the comment line in /etc/rc.d/init.d/ypbind, will be present to you by program) (TKSYSV3).

      Another program, SysV Init Editor, may be applied here as well:

      Select "ypbind" in the list of Available Services, then drag-and-drop it into appropriate Runlevel (SVIE2). Then Save Configuration in File pull-down menu.

       
    1. Switching to SunOS-compatible [encrypted] passwords

      2. To downgrade from MD5 hashes to en-crypt()-ed passwords (as we'll obtain passwords from SunOS/Solaris-based NIS-server!) the "md5" keyword to be removed from both /etc/pam.d/login ... 

      #%PAM-1.0
auth     required /lib/security/pam_securetty.so
auth     required /lib/security/pam_pwdb.so shadow nullok
auth     required /lib/security/pam_nologin.so
account  required /lib/security/pam_pwdb.so
password required /lib/security/pam_cracklib.so
password required /lib/security/pam_pwdb.so nullok use_authtok md5 shadow
session  required /lib/security/pam_pwdb.so
session  optional /lib/security/pam_console.so

      ... and /etc/pam.d/passwd files: 

      #%PAM-1.0
auth     required /lib/security/pam_pwdb.so shadow nullok
account  required /lib/security/pam_pwdb.so
password required /lib/security/pam_cracklib.so retry=3
password required /lib/security/pam_pwdb.so use_authtok nullok md5 shadow
       
    2. Configuring automounter (autofs-3.1.4-4)

      3. There are two options here - to add a line to default /etc/auto.master file (installed as part of RPM package), or fully rely on NIS maps provided by server(s): 

      # echo "/home yp auto.home" >> /etc/auto.master
      or 
      # mv /etc/auto.master /etc/auto.master~
      then 
      # chkconfig autofs on
# /etc/rc.d/init.d/autofs start

      /etc/rc.d/init.d/autofs run control script will read master map from /etc/auto.master file, if present, or try to retrieve the auto.master NIS map from server. In both cases, the auto.home indirect map will be retrieved from NIS server too, and autofs script will convert auto_home map name (as supplied by Solaris-based NIS master server in master map) to auto.home, so, no need to add anything to /var/yp/nicknames.

 

See Also

Man pages:
domainname(1M), nsswitch.conf(4), ypbind(1M), ypcat(1), ypxfr(1M), ypinit(1M), ypmatch(1), yppasswd(1), yppoll(1M), yppush(1M), ypserv(1M), ypset(1M), ypwhich(1), ypxfr(1M)
++ SunOS/Solaris:
automount(1M), securenets(4), ypclnt(3N), ypfiles(4), ypmake(1M), ypstart(1M), ypstop(1M)
++ Linux:
auto.master(5), autofs(5), autofs(8), automount(8), nicknames(5), ypserv.conf(5)





Last update: 09-Jun-2000




.
Hosted by www.Geocities.ws

1