Lesson 7 | Testing the NIS Client Machine |
Objective | Test the NIS Client Machine |
Testing the NIS Client Machine
Once you have installed and configured NIS, you will want to check it. You can accomplish this with the NIS command ypcat
.
ypcat
acts just like the cat
command, except instead of listing the contents of a certain file, it prints the file on the NIS server associated with a certain NIS map. For example, let us say you type ypcat passwd
at a command prompt. You receive the message "cannot bind to server which serves this domain
". This indicates a problem in the NIS configuration. If the configuration is correct, you should see a listing of the NIS server's /etc/passwd.yp
file.
To check your computer's interaction with the NIS system, use the ypwhich
command. For example, to check which server your computer relies on for protocol information, type ypwhich -m protocol
. The four run-time "yp"commands ypcat
, ypwhich
, yppoll
, and ypmatch
are very powerful. Check the man pages for each command for more detailed information about these commands.
The next lesson concludes this module.
Setting Up Red Hat Linux as an NIS Master Server
To configure your Red Hat Linux system as an NIS master server, you should first configure it as an NIS client (That is, set the NIS domain name, set up /etc/yp.conf, and configure client daemons as described earlier.) Then you create the NIS maps and configure the NIS master server daemon processes (ypserv and rpc.yppasswdd). The next sections describe these procedures
Creating NIS maps
To create NIS maps so that your Red Hat Linux system can be an NIS master server, start from the /var/yp directory from a Terminal window as root user. In that directory, a Makefile enables you to configure which files are being shared with NIS. The files that are shared by default are listed near the beginning of this chapter and within the Makefile itself.
Choosing files to map
If you don't want to share any file that is set up in the Makefile, you can prevent it from being built. Do this by finding the following line in the Makefile and simply adding a comment character in front of the file you want excluded:
all: passwd group hosts rpc services netid protocols mail \
# netgrp shadow publickey networks ethers bootparams printcap \
# amd.home auto.master auto.home auto.local passwd.adjunct \
# timezone locale netmasks
You may notice that not all the names in the all: line represent the exact filename.
For example, netgrp is for
the /etc/netgroup file. The files that each name represents are listed a few lines below the all: line in the Makefile.
You may also notice that many of the files are already commented out, including the shadow file.
Tip: The NIS-HOWTO document suggests that using shadow passwords with NIS is always a bad idea.
Options in the Makefile (described in the next section) enable you to automatically merge the shadow and gshadow files into the passwd and group files, respectively.
Choosing mapping options
Within the Makefile, several options are set. You can choose to change these options or leave them as they are. Here are the options:
- B= You can use the B= option to allow NIS to use the domain name resolver to find hosts that are
not in the current domain. By default, B= is not set. To turn on this feature, set it to -b (B=-b).
- NOPUSH=true: When set to true (the default), the NOPUSH option prevents the maps from being pushed to a slave server. This implies that the NIS master server is the only server for the NIS domain. Set this to false, and place the hostnames of slave servers into the /var/yp/ypservers file if
you do not want the NIS master to be the only server for the domain.
- MINUID=500: To prevent password entries from being distributed for administrative users, the MINUID is set to 500. This assumes that all regular user accounts on the system that you want to share have UIDs that are 500 or above.
- MINGID=500: To prevent password entries from being distributed for administrative groups, the
MINGID is set to 500. This assumes that all regular groups that you want to share have GIDs that are
500 or above.
- MERGE_PASSWD=true: Keep this option set to true if you want each user's password to be merged from the shadow file back into the passwd file that is shared by NIS.
- MERGE_GROUP=true: Keep this option set to true if you want each group's password to be merged from the gshadow file back into the group file that is shared by NIS. To build the NIS maps, your system must have the awk, make, and umask commands. In the Makefile, the locations of these commands are /usr/bin/gawk, /usr/bin/gmake, and umask, respectively. (The umask
command is a shell built-in command, so you don't have to look for its location.)
You can use comparable commands in different locations by changing the values of the AWK, MAKE, and UMASK variables in the
Makefile.
Besides the options just mentioned, there are several variables you can set to change the location of NIS files. For example, the locations of password files (YPPWDDIR) and other source files (YPSRCDIR) are both set to /etc by default. The location of YP commands (YPBINDIR) is set to /usr/lib/yp. If you want to change the values of these or other variables, you can do so in the Makefile.