Setting up NIS consists of three general procedures: setting up the master server, setting up the slave servers, and setting up the clients. The instructions in this chapter explain how to set up NIS by guiding you through procedures on sample NIS systems in a sample NIS domain.
This chapter contains these sections:
This sample setup in this chapter is representative of what must be done to set up NIS on any network, regardless of its specific characteristics. When you use these instructions, substitute your own values for the ones shown in our examples. In our examples, NIS entities have these names:
The domain name is shapes.
The master server name is circles.
Slave server names are squares and triangles.
There are four parts to the procedure for setting up the NIS master server.
Setting the master server's domain name
Building the master maps
Starting NIS on the master server
Testing the NIS master server
Set the system's domain name based on your site's configuration. Recall that the domain name for this example is shapes. As you do this step, replace shapes with the domain name you chose for your site.
If your site configuration consists of only NIS domains and/or the NIS domain names are not the same as the Internet domain names, do the following:
-
# echo shapes > /var/yp/ypdomain # domainname shapes
Verify the domain name setting with domainname(1):
# domainname shapes
If the domain name is correctly set, the domainname command returns the domain name you specified in instruction 1 of this step. If your output is not correct, reissue the commands in instruction 1.
If your site configuration consists of NIS domains and Internet domains with the same names, do the following (the example assumes that the NIS and Internet domains are both named widgets.com):
The /var/yp/ypdomain file is not required if the domain names for the NIS and Internet domains are the same. Also, the domain name must be part of the official host name set in the /etc/sys_id file. If a /var/yp/ypdomain file exists, the domain name set in the /var/yp/ypdomain file overrides the domain name specified in the /etc/sys_id file.
The command ypinit(1M) builds NIS maps using the text files and the /var/yp/make.script. (See Chapter 2, “Preparing to Manage NIS,” for a list of the default files that are converted to maps in this step.)
Start building the master NIS maps with the ypinit command:
# cd /var/yp # ./ypinit -m Installing the NIS data base will require that you answer a few questions.Questions will all be asked at the beginning of the procedure.
The –m flag denotes that this is an NIS master server.
You do not want this procedure to quit on nonfatal errors, so answer n (no) to this prompt:
Do you want this procedure to quit on nonfatal errors? [y/n: n] n OK, please remember to go back and redo manually whatever fails. If you don't, some part of the system (perhaps the NIS itself) won't work.
Enter the names of all NIS slave servers for the domain shapes followed by <Ctrl-D> in response to this prompt:
At this point, we have to construct a list of the hosts which will run NIS servers. circles is in the list of NIS server hosts. Please continue to add the names for the other hosts, one per line. When you are done with the list, type a <ctl D>. next host to add: circles next host to add: squares next host to add: triangles next host to add: <Ctrl-D> The current list of NIS servers looks like this: circles squares triangles
The NIS master server (circles for this example, shown in the prompt) is automatically added to the list of NIS servers. The NIS slave server names you specify must be the servers' official names, not their nicknames. The official names are the names returned by the hostname(1) command.
The names supplied here are put in the ASCII file /var/yp/ypservers.
Confirm that list of NIS slave servers is correct:
Is this correct? [y/n: y] y
If the output in instruction 3 shows any errors, enter n (no) and repeat that instruction.
After your response, ypinit reads /var/yp/make.script to determine which maps to make. It takes a few minutes to build the maps. The amount of time required depends on the size of your input files. When the maps are complete, you see this output:
There will be no further questions. The remainder of the procedure should take 5 to 10 minutes. Building NIS databases: > updated passwd (14:10:10 08/15/93) > updated group (14:10:11 08/15/93) > updated hosts (14:10:18 08/15/93) > updated ethers (14:10:19 08/15/93) > updated networks (14:10:21 08/15/93) > updated rpc (14:10:21 08/15/93) > updated services (14:10:22 08/15/93) > updated protocols (14:10:23 08/15/93) > updated netgroup (14:10:24 08/15/93) 3 aliases, longest 11 bytes, 44 bytes total > updated aliases (14:10:26 08/15/93) > updated bootparams (14:10:26 08/15/93) > updated netid (14:10:29 08/15/93) > updated ypservers (14:10:30 08/15/93)
When the NIS master server circles is set up without any errors, you see a message like this one:
circles has been set up as the NIS master server without any errors.
Any other message suggests that the master server's maps may be corrupt. If there is any doubt about the integrity of the database maps, always go back to instruction 1 of this step to rebuild the maps from scratch.
Answer y (yes) to this prompt so the NIS master server daemons start when this master server is booted:
Start NIS master daemons during system startup? [y/n: y] y
This does a chkconfig(1M) on the appropriate NIS daemons. It does not start the daemons unless the system is rebooted.
Run yppush(1M) and ypinit, if needed:
If there are running slave NIS servers, run yppush now for any data bases which have been changed. If there are no running slaves, run ypinit on those hosts which are to be slave servers.
If you are creating a new master server for an already existing domain with functioning slave servers, you must run yppush to propagate the new maps to the slave servers (see Chapter 5, “Maintaining NIS,” for details on changing a master server). If this setup is new, you must run ypinit on the selected systems to build the slave server databases.
The NIS service is available to clients as soon as you start it on the master server. You can start NIS by any one of these methods: rebooting the NIS master server, stopping and restarting the network with the /etc/init.d/network script, or starting the daemons manually by giving these commands:
# /usr/etc/ypserv # /usr/etc/ypbind # /usr/etc/rpc.passwd /etc/passwd.nis -m passwd |
To specify a DNS database lookup for host name resolution, add the –i option to the ypserv(1M) command (see “Using ypserv –i” in Chapter 3 for more information). Note that the rpc.passwd(1M) process initiated in this command sequence assumes the existence of a specific NIS password file called /etc/passwd.nis. See “Selecting the NIS Master Server” in Chapter 3 for details on setting up a nonstandard NIS password file.
Finally, to ensure that NIS services are functioning properly on the NIS master server, give the ypwhich(1) command. Since the NIS master server is also a client, it should return with the name of the server to which it is bound. Remember, an NIS master server is bound to itself, and it returns its own name.
# ypwhich localhost |
The response localhost indicates that ypbind(1M) is correctly bound to the NIS server on the local system. Instead of localhost, it may return its name as reported by hostname(1).
There are five parts to the procedure for setting up the NIS slave server. If you have more than one NIS slave server, repeat each part of the procedure for each slave server.
Setting the slave server's domain name
Binding to an NIS server
Building the duplicate maps
Starting NIS on the slave server
Testing the NIS slave server
Follow the instructions in “Setting the Master Server's Domain Name” in this chapter to complete this step.
To propagate NIS database maps from the NIS master server to a NIS slave server, the slave server must be bound to a valid NIS server in its domain.
Since circles is a valid NIS server, this slave server binds to circles. Binding need not be to a master server, however.
If the slave is on the same network as circles, start the binding process:
# /usr/etc/ypbind
If the slave is not on the same network as circles, verify that the master server has an entry in /etc/hosts on the slave server, and give the ypset(1M) command:
# grep circles /etc/hosts 192.0.2.4 circles circles.rad.sgx.com # ypset circles
Verify that the server is bound by giving the ypwhich command:
# ypwhich circles
The output of ypwhich returns the name of the NIS server to which this server is currently bound. The example shows that this slave server is successfully bound to circles.
The command ypinit builds the duplicate database maps by transferring a copy of the original maps from the NIS master server.
Determine which system is the master server with the ypwhich command:
# ypwhich -m
Each line of output contains the name of a map and the name of the master server where the map was created.
Start building NIS slave server maps with the ypinit command:
# cd /var/yp # ./ypinit -s circles
The –s flag specifies that this system is to be an NIS slave server and circles is the master server.
Installing the NIS data base will require that you answer a few questions. Questions will all be asked at the beginning of the procedure.
You do not want this procedure to quit on non-fatal errors, so answer n (no) to this prompt:
Do you want this procedure to quit on non-fatal errors? [y/n: n] n OK, please remember to go back and redo manually whatever fails. If you don't, some part of the system (perhaps the NIS itself) won't work. There will be no further questions. The remainder of the procedure should take a few minutes, to copy the data bases from circles. Transferring ypservers... Transferred map ypservers from master (4 entries). . . . Transferring passwd.byuid... Transferring map passwd.byuid from master (17 entries). Transferring passwd.byname... Transferred map passwd.byname from master (24 entries).
When the NIS slave server squares is set up without any errors, you see a message like this one:
squares's NIS database has been set up without any errors.
Any other message suggests that the slave server's maps may be corrupt. If there is any doubt about the integrity of the database maps, always go back to instruction 1 of this step to rebuild the maps from scratch.
Answer y (yes) to the prompt so that the NIS slave server daemons start when this slave server is booted:
Start NIS slave daemons during system startup? [y/n: y] y At this point, make sure that /etc/passwd, /etc/hosts, /etc/networks, /etc/group, /etc/protocols, /etc/services, /etc/rpc and /etc/netgroup have been edited so that when the NIS is activated, the data bases you have just created will be used.
Answering yes does a chkconfig on the appropriate NIS daemons. It does not start the daemons unless the system is rebooted.
The NIS service is available to clients as soon as you start it on this slave server. You can start NIS by any one of these methods: rebooting the NIS master server, stopping and restarting the network with the /etc/init.d/network script, or start the daemons manually by giving these commands:
# /etc/killall ypbind # /usr/etc/ypserv # /usr/etc/ypbind |
Finally, to ensure that NIS services are functioning properly on the NIS slave server, give the ypwhich command. Since the NIS slave server is also a client, it should return with the name of the server to which it is bound. This server can be bound to either itself or to the NIS master server you set up in the previous section: either result is acceptable.
# ypwhich localhost |
The response, localhost, indicates that ypbind is correctly bound to the NIS server on the local system. The response could have also been the name of another NIS server within the same domain on the same local area network.
There are four parts to the procedure for setting up the NIS client. Repeat these steps for each NIS client you need to set up:
Setting the domain
Configuring NIS on the client
Starting NIS on the client
Testing the NIS client
Follow the instructions in “Setting the Master Server's Domain Name” in this chapter to complete this step.
If the NIS service is to start automatically when this client is booted, the NIS environment must be configured with the chkconfig command. The yp flag allows this system to access NIS database information from an NIS server. This flag starts up the ypbind daemon, which must be running to access NIS database information. Give this command to set the flag on:
# /etc/chkconfig yp on |
The NIS service operates on this client as soon as you start it. You can start NIS by any one of these methods: rebooting this client, stopping and restarting the network with the /etc/init.d/network script, or start the NIS daemon manually by giving this command:
# /usr/etc/ypbind |
Finally, to ensure that the NIS services are functioning properly on the NIS client, give the ypwhich command. It should return with the name of the server to which it is bound, for example:
# ypwhich squares |
The client can be bound to any NIS server on the same network as the ypbind request is broadcast. This client is currently bound to the server squares, which means that squares must be on the same network as the client. If more than one NIS server is on the same network, the client binds to the server that responds first.