LinuxSA Mailing list archives

  From: Andrew Whyte <andrew.whyte@netregistry.au.com>
  To  : Andreja Zivkovic <andy@zt.zivkotech.net.au>
  Date: Mon, 08 Nov 1999 08:20:05 +1100

Re: ypserv

Andreja Zivkovic wrote:
> 
> Hi,
> 
> Last night I was playing around a bit with my LAN, and decided to give a
> shot at using NIS (so all computers have the same user names/passwords).
> Anyway, all went well (i hope) with the help of the NIS HOWTO, but I just
> realised that the ypserv processes are taking up all the idle time of the
> processor.
> 
> Is this normal (i don't see why it would be)? What could be possible
> problems?

Erm, no it's not normal :)

> The server is on a P133, running RH 6.0, but with a few rpms from the 6.1
> CD. I updated the ypserv, ypbind and yp-tools packages, as well as glibc and
> libc (and quite a few others, but I don't they have anything to do with
> NIS).

I have a set of 5 machines running NIS on RH6.0 just fine, so there should be no
real problems with it.

> Also, when setting it up, /var/yp/Makefile looked for a /etc/gshadow (and
> /etc/group) to make the groups database, however, gshadow doesn't exist on
> my system. I ended up copying group to gshadow, and it works, but I don't
> know if this is a good solution. Finally, it looked for a /etc/netgroups
> file, for some reason, and that file didn't exist. I did a touch
> /etc/netgroups, and now the yp Makefile completes successfully, but I don't
> know if that file is important.
> 

You are supposed to change the Makefile in /var/yp so that it only serves up the
nis maps you want.

have a look in /etc/nsswitch.conf for a start, this will set the search order for your info,
on the server and slaves you'll need to have passwd, and group set to 'files nis' (or nisplus if you used that)

you can happily (read: SHOULD) comment out lines refering to Shadow passwords and group files, if your system
isn't running shadowed.

You can also, of course set up NIS to just serve Password/Group info and not host maps. (a good idea since DNS is better).
So again, comment out all the lines to do with hots, and networks and stuff. You just want passwd/group lines.

Now have a look at /var/yp/Makefile, you need to modify the "all:" line to include only the options you want, again passwd and
group. (unless you are after hosts etc, which is pointless.)

There are also some other settings you should do, NOPUSH=true if you only have one NIS server, i.e. no slave servers or
"repeaters".  This is most likely your case. and MINUID, MINGID these will set from which UID and GID in the server passwd/group
files to serve via the nis maps.  You don't want to be serving root's account or other accounts that
may be required by the system if NIS was to fail.

anyway, I hope some of that is usefull, good luck with it :)


oh, and remember to always change your password with yppasswd even on the server once you're running a NIS domain.
Or you'll modify passwords incorrectly, and you can cause nis to hang ;-) (this isn't a linux trait, it does it on Solaris too)



-- 
Andrew Whyte
Senior System Administrator
_____________________________________________
NetRegistry     http://www.netregistry.au.com
Tel: +61 2 9699 6099  |  Fax: +61 2 9699 6088
PO Box 2088   Sydney   NSW   1043   Australia

-- 
Check out the LinuxSA web pages at http://www.linuxsa.org.au/
To unsubscribe from the LinuxSA list:
  mail linuxsa-request@linuxsa.org.au with "unsubscribe" as the subject