Improvements of the NIS section
PR: docs/29215
This commit is contained in:
Udo Erdelhoff
parent
c017508f9c
commit
d4c848f394
Notes:
svn2git
2020-12-08 03:00:23 +00:00
svn path=/head/; revision=10860
1 changed files with 48 additions and 22 deletions
|
|
@ -1,7 +1,7 @@
|
||||||
<!--
|
<!--
|
||||||
The FreeBSD Documentation Project
|
The FreeBSD Documentation Project
|
||||||
|
|
||||||
$FreeBSD: doc/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.sgml,v 1.96 2001/08/24 07:27:05 murray Exp $
|
$FreeBSD: doc/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.sgml,v 1.97 2001/09/21 22:18:39 chern Exp $
|
||||||
-->
|
-->
|
||||||
|
|
||||||
<chapter id="advanced-networking">
|
<chapter id="advanced-networking">
|
||||||
|
|
@ -2028,25 +2028,33 @@ ISDN BRI line</literallayout>
|
||||||
lines to <filename>/etc/rc.conf</filename>, and FreeBSD will
|
lines to <filename>/etc/rc.conf</filename>, and FreeBSD will
|
||||||
do the rest for you.</para>
|
do the rest for you.</para>
|
||||||
|
|
||||||
<itemizedlist>
|
<procedure>
|
||||||
<listitem>
|
<step>
|
||||||
<para><programlisting>nisdomainname="test-domain"</programlisting>
|
<para><programlisting>nisdomainname="test-domain"</programlisting>
|
||||||
This line will set the NIS domainname to
|
This line will set the NIS domainname to
|
||||||
<emphasis>test-domain</emphasis>
|
<emphasis>test-domain</emphasis>
|
||||||
upon network setup (e.g. after reboot).</para>
|
upon network setup (e.g. after reboot).</para>
|
||||||
</listitem>
|
</step>
|
||||||
<listitem>
|
<step>
|
||||||
<para><programlisting>nis_server_enable="YES"</programlisting>
|
<para><programlisting>nis_server_enable="YES"</programlisting>
|
||||||
This will tell FreeBSD to start up the NIS server processes
|
This will tell FreeBSD to start up the NIS server processes
|
||||||
when the networking is next brought up.</para>
|
when the networking is next brought up.</para>
|
||||||
</listitem>
|
</step>
|
||||||
<listitem>
|
<step>
|
||||||
<para><programlisting>nis_yppasswdd_enable="YES"</programlisting>
|
<para><programlisting>nis_yppasswdd_enable="YES"</programlisting>
|
||||||
This will enable the <command>rpc.yppasswdd</command>
|
This will enable the <command>rpc.yppasswdd</command>
|
||||||
daemon, which, as mentioned above, will allow users to
|
daemon, which, as mentioned above, will allow users to
|
||||||
change their NIS password from a client machine.</para>
|
change their NIS password from a client machine.</para>
|
||||||
</listitem>
|
</step>
|
||||||
</itemizedlist>
|
</procedure>
|
||||||
|
|
||||||
|
<note>
|
||||||
|
<para>Depending on your NIS setup, you may need to add
|
||||||
|
further entries. See the <link
|
||||||
|
linkend="nis-server-is-client">section about NIS servers
|
||||||
|
that are also NIS clients</link>, below, for
|
||||||
|
details.</para>
|
||||||
|
</note>
|
||||||
|
|
||||||
<para>Now, all you have to do is to run the command
|
<para>Now, all you have to do is to run the command
|
||||||
<command>/etc/netstart</command> as superuser. It will
|
<command>/etc/netstart</command> as superuser. It will
|
||||||
|
|
@ -2269,8 +2277,8 @@ Don't forget to update map ypservers on ellington.</screen>
|
||||||
<para>Setting up a FreeBSD machine to be a NIS client is fairly
|
<para>Setting up a FreeBSD machine to be a NIS client is fairly
|
||||||
straightforward.</para>
|
straightforward.</para>
|
||||||
|
|
||||||
<itemizedlist>
|
<procedure>
|
||||||
<listitem>
|
<step>
|
||||||
<para>Edit the file <filename>/etc/rc.conf</filename> and
|
<para>Edit the file <filename>/etc/rc.conf</filename> and
|
||||||
add the following lines in order to set the NIS domainname
|
add the following lines in order to set the NIS domainname
|
||||||
and start <command>ypbind</command> upon network
|
and start <command>ypbind</command> upon network
|
||||||
|
|
@ -2278,13 +2286,14 @@ Don't forget to update map ypservers on ellington.</screen>
|
||||||
|
|
||||||
<programlisting>nisdomainname="test-domain"
|
<programlisting>nisdomainname="test-domain"
|
||||||
nis_client_enable="YES"</programlisting>
|
nis_client_enable="YES"</programlisting>
|
||||||
</listitem>
|
</step>
|
||||||
|
|
||||||
<listitem>
|
<step>
|
||||||
<para>To import all possible password entries from the NIS
|
<para>To import all possible password entries from the NIS
|
||||||
server, add this line to your
|
server, remove all user accounts from your
|
||||||
<filename>/etc/master.passwd</filename> file, using
|
<filename>/etc/master.passwd</filename> file and use
|
||||||
<command>vipw</command>:</para>
|
<command>vipw</command> to add the following line to
|
||||||
|
the end of the file:</para>
|
||||||
|
|
||||||
<programlisting>+:::::::::</programlisting>
|
<programlisting>+:::::::::</programlisting>
|
||||||
|
|
||||||
|
|
@ -2297,16 +2306,26 @@ nis_client_enable="YES"</programlisting>
|
||||||
For more detailed reading see O'Reilly's book on
|
For more detailed reading see O'Reilly's book on
|
||||||
<literal>Managing NFS and NIS</literal>.</para>
|
<literal>Managing NFS and NIS</literal>.</para>
|
||||||
</note>
|
</note>
|
||||||
</listitem>
|
|
||||||
|
|
||||||
<listitem>
|
<note>
|
||||||
|
<para>You should keep at least one local account (i.e.
|
||||||
|
not imported via NIS) in your
|
||||||
|
<filename>/etc/master.passwd</filename> and this
|
||||||
|
account should also be a member of the group
|
||||||
|
<groupname>wheel</groupname>. If there is something
|
||||||
|
wrong with NIS, this account can be used to log in
|
||||||
|
remotely, become root, and fix things.</para>
|
||||||
|
</note>
|
||||||
|
</step>
|
||||||
|
|
||||||
|
<step>
|
||||||
<para>To import all possible group entries from the NIS
|
<para>To import all possible group entries from the NIS
|
||||||
server, add this line to your
|
server, add this line to your
|
||||||
<filename>/etc/group</filename> file:</para>
|
<filename>/etc/group</filename> file:</para>
|
||||||
|
|
||||||
<programlisting>+:*::</programlisting>
|
<programlisting>+:*::</programlisting>
|
||||||
</listitem>
|
</step>
|
||||||
</itemizedlist>
|
</procedure>
|
||||||
|
|
||||||
<para>After completing these steps, you should be able to run
|
<para>After completing these steps, you should be able to run
|
||||||
<command>ypcat passwd</command> and see the NIS server's
|
<command>ypcat passwd</command> and see the NIS server's
|
||||||
|
|
@ -2906,7 +2925,7 @@ TWO (,hotel,test-domain)
|
||||||
such servers still in use today.</para>
|
such servers still in use today.</para>
|
||||||
</sect2>
|
</sect2>
|
||||||
|
|
||||||
<sect2>
|
<sect2 id="nis-server-is-client">
|
||||||
<title>NIS Servers that are also NIS Clients</title>
|
<title>NIS Servers that are also NIS Clients</title>
|
||||||
|
|
||||||
<para> Care must be taken when running ypserv in a multi-server
|
<para> Care must be taken when running ypserv in a multi-server
|
||||||
|
|
@ -2922,7 +2941,14 @@ TWO (,hotel,test-domain)
|
||||||
|
|
||||||
<para>You can force a host to bind to a particular server by running
|
<para>You can force a host to bind to a particular server by running
|
||||||
<command>ypbind</command> with the <option>-S</option>
|
<command>ypbind</command> with the <option>-S</option>
|
||||||
flag.</para>
|
flag. If you do not want to do this manually each time you
|
||||||
|
reboot your NIS server, you can add the following lines to
|
||||||
|
your <filename>/etc/rc.conf</filename>:</para>
|
||||||
|
|
||||||
|
<programlisting>nis_client_enable="YES" # run client stuff as well
|
||||||
|
nis_client_flags="-S <replaceable>NIS domain</replaceable>,<replaceable>server</replaceable>"</programlisting>
|
||||||
|
|
||||||
|
<para>See &man.ypbind.8; for further information.</para>
|
||||||
</sect2>
|
</sect2>
|
||||||
|
|
||||||
<sect2>
|
<sect2>
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue