NIS server relevant config file.docx
《NIS server relevant config file.docx》由会员分享,可在线阅读,更多相关《NIS server relevant config file.docx(15页珍藏版)》请在冰豆网上搜索。
NISserverrelevantconfigfile
一.NISSERVERCONFIG
1.[root@michael~]#rpm-qa|grep^yp
yp-tools-2.8-7
ypserv-2.13-14
ypbind-1.17.2-8
2.[root@michael~]#chkconfig--list|greptime
time:
off
time-udp:
off
daytime-udp:
off
daytime:
off
[root@michael~]#chkconfigtimeon
[root@michael~]#chkconfigtime-udpon
[root@michael~]#chkconfig--list|greptime
time:
on
time-udp:
on
daytime-udp:
off
daytime:
off
[root@michael~]#servicexinetdrestart
Stoppingxinetd:
[OK]
Startingxinetd:
[OK]
注意:
运行YPSERV要time,time-udpforstartandstartxinetd.
Tiemandtiem-udpisby(受)xinetdmanagement(管理)。
3.建立NIS域名。
[root@michael~]#vi/etc/rc.d/rc.local
#!
/bin/sh
#
#Thisscriptwillbeexecuted*after*alltheotherinitscripts.
#Youcanputyourowninitializationstuffinhereifyoudon't
#wanttodothefullSysVstyleinitstuff.
nisdomainnamenisfung
touch/var/lock/subsys/local~
"/etc/rc.d/rc.local"8L,242Cwritten
[root@michael~]#vi/etc/sysconfig/network
NETWORKING=yes
HOSTNAME=
GATEWAY=192.168.1.1
NISDOMAIN=nisfung
~
"/etc/sysconfig/network"4L,79Cwritten
4.[root@michael~]#vi/etc/ypserv.conf
#
#ypserv.confInthisfileyoucansetcertainoptionsfortheNISserver,
#andyoucandenyorrestrictaccesstocertainmapsbased
#ontheoriginatinghost.
#
#Seeypserv.conf(5)foradescriptionofthesyntax.
#
#Someoptionsforypserv.Thisthingsareallnotneeded,if
#youhaveaLinuxnet.
#ShouldwedoDNSlookupsforhostsnotfoundinthehoststable?
#Thisoptionisignoredinthemoment.
dns:
no
#Howmanymapfilehandlesshouldbecached?
files:
30
#ShouldweregisterypservwithSLP?
slp:
no
#Afterhowmanysecondsweshouldre-registerypservwithSLP?
slp_timeout:
3600
#xfrrequestsareonlyallowedfromports<1024
xfr_check_port:
yes
#
#ypserv.confInthisfileyoucansetcertainoptionsfortheNISserver,
#andyoucandenyorrestrictaccesstocertainmapsbased
#ontheoriginatinghost.
#
#Seeypserv.conf(5)foradescriptionofthesyntax.
#
#Someoptionsforypserv.Thisthingsareallnotneeded,if
#youhaveaLinuxnet.
#ShouldwedoDNSlookupsforhostsnotfoundinthehoststable?
#Thisoptionisignoredinthemoment.
dns:
no
#Howmanymapfilehandlesshouldbecached?
files:
30
#ShouldweregisterypservwithSLP?
slp:
no
#Afterhowmanysecondsweshouldre-registerypservwithSLP?
slp_timeout:
3600
#xfrrequestsareonlyallowedfromports<1024
xfr_check_port:
yes
#Thefollowing,whenuncommented,willgiveyoushadowlikepasswords.
#NotethatitwillnotworkifyouhaveslaveNISserversinyour
#networkthatdonotrunthesameserverasyou.
#Host:
Domain:
Map:
Security
#
#*:
*:
passwd.byname:
port
#*:
*:
passwd.byuid:
port
#Noteverybodyshouldseetheshadowpasswords,notsecure,since
#underMSDOGeverbodyisrootandcanaccessports<1024!
!
!
*:
*:
shadow.byname:
port
*:
*:
passwd.adjunct.byname:
port
#Ifyoucommentoutthenextrule,ypservandrpc.ypxfrdwill
#lookforYP_SECUREandYP_AUTHDESinthemaps.Thiswillmake
#thesecuritycheckalittlebitslower,butyouonlyhaveto
#changethekeysonthemasterserver,nottheconfigurationfiles
#oneachNISserver.
#IfyouhavemapswithYP_SECUREorYP_AUTHDES,youshouldcreate
#aruleforthemabove,that'smuchfaster.
*:
*:
*:
none(允许)
5.安全配置文件
[root@michael~]#vi/var/yp/securenets
host127.0.0.1
255.255.255.0192.168.1.0
255.255.255.0192.168.5.0
6.[root@michael~]#serviceportmaprestart
Stoppingportmap:
[OK]
Startingportmap:
[OK]
[root@michael~]#serviceypservrestart
StoppingYPserverservices:
[FAILED]
SettingNISdomainnamenisfung:
[OK]
StartingYPserverservices:
[OK]
[root@michael~]#serviceyppasswddrestart
StoppingYPpasswdservice:
[FAILED]
StartingYPpasswdservice:
[OK]
[root@michael~]#chkconfig--list|grepyp
ypbind0:
off1:
off2:
off3:
off4:
off5:
off6:
off
yppasswdd0:
off1:
off2:
off3:
off4:
off5:
off6:
off
ypxfrd0:
off1:
off2:
off3:
off4:
off5:
off6:
off
ypserv0:
off1:
off2:
off3:
off4:
off5:
off6:
off
[root@michael~]#chkconfig--level35ypservon
[root@michael~]#chkconfig--level35yppasswddon
[root@michael~]#chkconfig--list|grepyp
ypbind0:
off1:
off2:
off3:
off4:
off5:
off6:
off
yppasswdd0:
off1:
off2:
off3:
on4:
off5:
on6:
off
ypxfrd0:
off1:
off2:
off3:
off4:
off5:
off6:
off
ypserv0:
off1:
off2:
off3:
on4:
off5:
on6:
off
注意:
NISservicerunningbyportmapservicesupport(支持).
7.构建NISDATABASE
[root@michael~]#/usr/lib/yp/ypinit–m
Atthispoint,wehavetoconstructalistofthehostswhichwillrunNIS
servers.isinthelistofNISserverhosts.Pleasecontinuetoadd
thenamesfortheotherhosts,oneperline.Whenyouaredonewiththe
list,typea.
升级会员 