Improvements of the NIS section

PR: docs/29215
svn path=/head/; revision=10860
2001-10-02 05:45:00 +00:00 · 2001-10-02 05:45:00 +00:00 · d4c848f394 · 2020-12-08 03:00:23 +00:00
commit d4c848f394
parent c017508f9c
1 changed files with 48 additions and 22 deletions
--- a/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.sgml
+++ b/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.sgml
@ -1,7 +1,7 @@
 <!--
     The FreeBSD Documentation Project

-     $FreeBSD: doc/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.sgml,v 1.96 2001/08/24 07:27:05 murray Exp $
+     $FreeBSD: doc/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.sgml,v 1.97 2001/09/21 22:18:39 chern Exp $
 -->

 <chapter id="advanced-networking">
@ -2028,25 +2028,33 @@ ISDN BRI line</literallayout>
            lines to <filename>/etc/rc.conf</filename>, and FreeBSD will
            do the rest for you.</para>

-          <itemizedlist>
-            <listitem>
+          <procedure>
+            <step>
              <para><programlisting>nisdomainname="test-domain"</programlisting>
                This line will set the NIS domainname to
                <emphasis>test-domain</emphasis>
                upon network setup (e.g. after reboot).</para>
-            </listitem>
-            <listitem>
+            </step>
+            <step>
              <para><programlisting>nis_server_enable="YES"</programlisting>
                This will tell FreeBSD to start up the NIS server processes
                when the networking is next brought up.</para>
-            </listitem>
-            <listitem>
+            </step>
+            <step>
              <para><programlisting>nis_yppasswdd_enable="YES"</programlisting>
                This will enable the <command>rpc.yppasswdd</command>
                daemon, which, as mentioned above, will allow users to
                change their NIS password from a client machine.</para>
-            </listitem>
-          </itemizedlist>
+            </step>
+          </procedure>
+
+          <note>
+            <para>Depending on your NIS setup, you may need to add
+              further entries.  See the <link
+              linkend="nis-server-is-client">section about NIS servers
+              that are also NIS clients</link>, below, for
+              details.</para>
+          </note>

          <para>Now, all you have to do is to run the command
            <command>/etc/netstart</command> as superuser.  It will
@ -2269,8 +2277,8 @@ Don't forget to update map ypservers on ellington.</screen>
 	  <para>Setting up a FreeBSD machine to be a NIS client is fairly
 	    straightforward.</para>
 	
-	  <itemizedlist>
-	    <listitem>
+	  <procedure>
+	    <step>
 	      <para>Edit the file <filename>/etc/rc.conf</filename> and
                add the following lines in order to set the NIS domainname
                and start <command>ypbind</command> upon network
@ -2278,13 +2286,14 @@ Don't forget to update map ypservers on ellington.</screen>

 	      <programlisting>nisdomainname="test-domain"
 nis_client_enable="YES"</programlisting>
-	    </listitem>
+	    </step>

-	    <listitem>
+	    <step>
 	      <para>To import all possible password entries from the NIS
-		server, add this line to your
-		<filename>/etc/master.passwd</filename> file, using
-		<command>vipw</command>:</para>
+		server, remove all user accounts from your
+		<filename>/etc/master.passwd</filename> file and use
+		<command>vipw</command> to add the following line to
+                the end of the file:</para>

 	      <programlisting>+:::::::::</programlisting>

@ -2297,16 +2306,26 @@ nis_client_enable="YES"</programlisting>
                  For more detailed reading see O'Reilly's book on
 		  <literal>Managing NFS and NIS</literal>.</para>
 	      </note>
-	    </listitem>

-	    <listitem>
+              <note>
+                <para>You should keep at least one local account (i.e.
+                  not imported via NIS) in your
+                  <filename>/etc/master.passwd</filename> and this
+                  account should also be a member of the group
+                  <groupname>wheel</groupname>.  If there is something
+                  wrong with NIS, this account can be used to log in
+                  remotely, become root, and fix things.</para>
+              </note>
+            </step>
+
+	    <step>
 	      <para>To import all possible group entries from the NIS
 		server, add this line to your
 		<filename>/etc/group</filename> file:</para>

 	      <programlisting>+:*::</programlisting>
-	    </listitem>
-	  </itemizedlist>
+	    </step>
+	  </procedure>

 	  <para>After completing these steps, you should be able to run
 	    <command>ypcat passwd</command> and see the NIS server's
@ -2906,7 +2925,7 @@ TWO       (,hotel,test-domain)
 	such servers still in use today.</para>
    </sect2>

-    <sect2>
+    <sect2 id="nis-server-is-client">
      <title>NIS Servers that are also NIS Clients</title>

      <para> Care must be taken when running ypserv in a multi-server
@ -2922,7 +2941,14 @@ TWO       (,hotel,test-domain)

      <para>You can force a host to bind to a particular server by running
 	<command>ypbind</command> with the <option>-S</option>
-	flag.</para>
+	flag.  If you do not want to do this manually each time you
+        reboot your NIS server, you can add the following lines to
+        your <filename>/etc/rc.conf</filename>:</para>
+
+      <programlisting>nis_client_enable="YES"	# run client stuff as well
+nis_client_flags="-S <replaceable>NIS domain</replaceable>,<replaceable>server</replaceable>"</programlisting>
+
+      <para>See &man.ypbind.8; for further information.</para>
    </sect2>

    <sect2>