Preamble
This document is intended to give idea about sample implementation of NIS. In the document will be used commands and files as they are in Solaris 10. For your flavour of UNIX or Linux refer to the documentation.
Implementation
1. We should set in the beginning the domain name of our new NIS
domain. Here will be used domain name “example”, for your configuration,
consult your infrastructure manager and documentation. With command
domainname we can set the domain, but until next reboot, so better edit
file /etc/defaultdomain and put in to the file the name of your domain.
Be careful to set the same name as you enter in domainname command.
# domainname example
# domainname > /etc/defaultdomain
2. It’s very wise to define dedicated repository for NIS files
instead of using original files of the machine. This can help in case of
problems with NIS server and avoid potential risk, based on usage of
the same root password on all NIS clients. And in some circumstances
it’s good to have local users like sys, adm, mail, so we should exclude
them from passwd file. For this purpose we will set up directory, named
nisfiles and /etc look a fine container for the directory.
# mkdir /etc/nisfiles
3. Here is the example list of files to be copied in our NIS
repository:
auto_home auto_master bootparams ethers group hosts ipnodes netgroup
netmasks networks passwd protocols rpc services shadow user_attr
publickey timezone
4. Next step is to go in directory /var/yp and edit Makefile. Change the line DIR =/etc to be DIR =/etc/nisfiles and if need the line started with all: to define services will be served by NIS. The actual creation of map files can be done via command make or ypinit –m
# ypinit -m
In order for NIS to operate sucessfully, we have to construct a list of the
NIS servers. Please continue to add the names for YP servers in order of
preference, one per line. When you are done with the list, type a <control D>
or a return on a line by itself.
next host to add: sol1
next host to add: ^D
The current list of yp servers looks like this:
sol1
Is this correct? [y/n: y]
Installing the YP database will require that you answer a few questions.
Questions will all be asked at the beginning of the procedure.
Do you want this procedure to quit on non-fatal errors? [y/n: n]
OK, please remember to go back and redo manually whatever fails. If you
don't, some part of the system (perhaps the yp itself) won't work.
The yp domain directory is /var/yp/example
There will be no further questions. The remainder of the procedure should take
5 to 10 minutes.
Building /var/yp/example/ypservers...
Running /var/yp /Makefile...
updated passwd
updated group
updated hosts
updated ipnodes
updated networks
updated rpc
updated services
updated protocols
/var/yp/example/mail.aliases: 12 aliases, longest 10 bytes, 138 bytes total
/usr/lib/netsvc/yp/mkalias /var/yp/`domainname`/mail.aliases /var/yp/`domainname`/mail.byaddr;
updated aliases
updated publickey
updated netid
/usr/sbin/makedbm /etc/nisfiles/netmasks /var/yp/`domainname`/netmasks.byaddr;
updated netmasks
updated timezone
updated auto.master
updated auto.home
updated ageing
updated auth_attr
updated exec_attr
updated prof_attr
updated user_attr
updated audit_user
updated bootparams
updated ethers
updated netgroup
sol1 has been set up as a yp master server without any errors.
If there are running slave yp servers, run yppush now for any data bases
which have been changed. If there are no running slaves, run ypinit on
those hosts which are to be slave servers.
5. Edit /var/yp/securenets to add networks, to be served by server. Record should look like
255.255.255.0 10.0.1.0
6. It’s time to start (restart) our NIS server and check if it running
# svcadm restart nis/server
# svcs -av|grep nis
disabled - 7:25:29 - svc:/network/rpc/nisplus:default
disabled - 7:25:30 - svc:/system/patch-finish:delete
online - 8:16:53 96 svc:/network/nis/xfr:default
online - 8:16:54 97 svc:/network/nis/passwd:default
online - 8:16:54 99 svc:/network/nis/update:default
online - 8:31:58 102 svc:/network/nis/client:default
online - 8:36:49 103 svc:/network/nis/server:default
# ps -efl|grep yp
0 S daemon 149 1 0 40 20 ? 1075 ? 07:25:42 ? 0:00 /usr/lib/crypto/kcfd
0 S root 2404 1 0 40 20 ? 1289 ? 08:36:49 ? 0:00 /usr/lib/netsvc/yp/ypserv
0 S root 1429 1 0 40 20 ? 1302 ? 08:16:54 ? 0:00 /usr/lib/netsvc/yp/ypxfrd
0 S root 1443 1 0 40 20 ? 468 ? 08:16:54 ? 0:00 /usr/lib/netsvc/yp/rpc.ypupdated
0 S root 1436 1 0 40 20 ? 1288 ? 08:16:54 ? 0:00 /usr/lib/netsvc/yp/rpc.yppasswdd -m
0 S root 2390 1 0 40 20 ? 526 ? 08:31:58 ? 0:00 /usr/lib/netsvc/yp/ypbind
7. Then we should set your server as client. This is usual situation
and only in special circumstances you should set one machine only as NIS
server, but not client. When you configure other servers as clients do
not forget to set /etc/defaultdomain and nsswitch.conf files
# ypinit -c
In order for NIS to operate sucessfully, we have to construct a list of the
NIS servers. Please continue to add the names for YP servers in order of
preference, one per line. When you are done with the list, type a <control D>
or a return on a line by itself.
next host to add: sol1
next host to add: ^D
The current list of yp servers looks like this:
sol1
Is this correct? [y/n: y]
8. And now is time to check if everything works fine. There is in
/etc/nisfiles/hosts record for host m1, but not in /etc/inet/hosts:
# getent hosts m1
10.0.1.51 m1
# ypcat hosts
127.0.0.1 localhost
10.0.1.10 sol1 loghost
10.0.1.53 m3
10.0.1.52 m2
10.0.1.51 m1
No comments:
Post a Comment