Linux Project

NIS
Thursday, 25 Apr 2002

Network Information Services, NIS, and Network File Systems, NFS, were both developed at Sun Microsystems. Together they can add a great deal of cohesion to a group of otherwise disparate computers. Using NIS as an authentication server, one can arrange to login to any one of the participating machines and have the login verified at a single source. Changing one's password on one of the system's machines has the effect of changing it on all of the participating machines. And once logins and passwords (and pid's and gid's) are standardized throughout the system, NFS can be set up to export a user's home directory to any of the participating machines. Thus, the user will see his same home file system no matter which machine he logs into. Changes introduced while working on one machine become visible from any other. This lab explores how to set up and administer NIS on Linux.

A good reference for this material is Steve Shah's " Linux Administration, A Beginner's Guide," Network Professional's Library, Osborne/McGraw-Hill, 2001.

Alert! -- Reader Advisory. These notes are still a bit sketchy and incomplete. Wear a crash helmet.

1. Use the ksysv tool to start ypserv, yppasswd, and ypbind in run level 5. Drag and drop from the Services Available column to the Run Level 5 Start column.

2. Establish the NIS domain name from the commandline.

domainname csNISdomain.sewanee.edu

To have the name available after rebooting, edit the appropriate configuration file,

 emacs /etc/sysconfig/network &

... adding a line which establishes the NIS domainname:

NETWORKING=yes
HOSTNAME=pluto
GATEWAY=152.97.1.49
NIS_DOMAIN=csNISdomain.sewanee.edu

Alternatively, one could edit /etc/rc.d/init.d/ypserv, adding the same line anywhere near the first line of the file.

3. Start the ypserv daemon:

[root@pluto /root]# /etc/rc.d/init.d/ypserv start
Starting YP server services:                               [  OK  ]

4. Edit Makefile.

[root@pluto /root]# cd /var/yp
[root@pluto yp]# emacs Makefile &

Actually, I accepted all of the defaults.

5. Initialize the master NIS server with ypinit:

[root@pluto yp]# /usr/lib/yp/ypinit -m

At this point, we have to construct a list of the hosts which will run NIS
servers.  pluto is in the list of NIS server hosts.  Please continue to add
the names for the other hosts, one per line.  When you are done with the
list, type a .
	next host to add:  pluto
	next host to add:  
The current list of NIS servers looks like this:

pluto

Is this correct?  [y/n: y]  y
We need some  minutes to build the databases...
Building /var/yp/csNISdomain.sewanee.edu/ypservers...
Running /var/yp/Makefile...
gmake[1]: Entering directory `/var/yp/csNISdomain.sewanee.edu'
Updating passwd.byname...
Updating passwd.byuid...
Updating group.byname...
Updating group.bygid...
Updating hosts.byname...
Updating hosts.byaddr...
Updating rpc.byname...
Updating rpc.bynumber...
Updating services.byname...
Updating services.byservicename...
Updating netid.byname...
Updating protocols.bynumber...
Updating protocols.byname...
Updating mail.aliases...
gmake[1]: Leaving directory `/var/yp/csNISdomain.sewanee.edu'

Whenever we change any of the files being served by NIS, eg., by adding a new user to /etc/passwd, we must rerun make to push the new data into the databases (called maps in NIS lingo).

cd /var/yp; make

Setting Up an NIS Client

0. Set NIS domainname on client

domainname csNISdomain.sewanee.edu

and

emacs /etc/sysconfig/network &

and enter a line for domainname, as for the master server

1. Edit /etc/yp.conf

 /etc/yp.conf - ypbind configuration file
# Valid entries are
#
#domain NISDOMAIN server HOSTNAME
#	Use server HOSTNAME for the domain NISDOMAIN.
#

domain csNISdomain.sewanee.edu server pluto

#domain NISDOMAIN broadcast
#	Use  broadcast  on  the local net for domain NISDOMAIN
#
#ypserver HOSTNAME
#	Use server HOSTNAME for the  local  domain.  The
#	IP-address of server must be listed in /etc/hosts.
#

ypserver pluto

or use broadcast for clients after testing that the server responds to a broadcast ping:

ping -b 152.97.255.255

2. Set up the startup script.

Use ksysv to start ypbind in runlevels 3 and 5

Run startup script:

[root@pluto yp]# /etc/rc.d/init.d/ypbind start
Binding to the NIS domain:                                 [  OK  ]
Listening for an NIS domain server.

3. Edit /etc/nsswitch.conf

The relevant entries for now are as follows:

# Example:
#passwd:    db files nisplus nis
#shadow:    db files nisplus nis
#group:     db files nisplus nis

passwd:     files nisplus nis
shadow:     files nisplus nis
group:      files nisplus nis

#hosts:     db files nisplus nis dns

hosts:      files nisplus nis dns

Now test your implimentation.

[root@pluto yp]# ypcat passwd
johannsson:zFn1/Rzk.biEM:1003:500:Joi Johannsson:/home/johannsson:/bin/bash
ldale:zHm3CLC04Qyd.:1002:501:Lucia Dale:/home/ldale:/bin/bash
lankewicz:zyFQ6LXk4/i7E:1001:501:Linda Lankewicz:/home/lankewicz:/bin/bash
arshad:Ci2buxiT3A8jE:1004:600:Fahd Arshad:/home/arshad:/bin/bash
parrish:$1$A6/TehU.$Jdm1mli0dEoIlotsxKoqQ1:500:501:Chris Parrish:/home/parrish:/bin/bash

NIS and NFS Exercise. Now that both NIS and NFS are running on your system, arrange for user's home directories to be exported from the NFS server after a successful NIS login from anywhere on the system. Configuring a stable system of this sort is certainly worth mentioning in your next IT job interview!


cparrish@sewanee.edu