NIS server relevant config file.docx

1、NIS server relevant config file一.NIS SERVER CONFIG1.rootmichael # rpm -qa | grep ypyp-tools-2.8-7ypserv-2.13-14ypbind-1.17.2-82. rootmichael # chkconfig -list | grep time time: off time-udp: off daytime-udp: off daytime: offrootmichael # chkconfig time on rootmichael # chkconfig time-udp onrootmicha

2、el # chkconfig -list | grep time time: on time-udp: on daytime-udp: off daytime: offrootmichael # service xinetd restartStopping xinetd: OK Starting xinetd: OK 注意：运行YPSERV要time ,time-udp for start and start xinetd . Tiem and tiem-udp is by（受） xinetd management(管理) 。3.建立NIS域名。 rootmichael # vi /etc/r

3、c.d/rc.local #!/bin/sh# This script will be executed *after* all the other init scripts.# You can put your own initialization stuff in here if you dont# want to do the full Sys V style init stuff.nisdomainname nisfungtouch /var/lock/subsys/local/etc/rc.d/rc.local 8L, 242C written rootmichael # vi /e

4、tc/sysconfig/networkNETWORKING=yesHOSTNAME=GATEWAY=192.168.1.1NISDOMAIN=nisfung/etc/sysconfig/network 4L, 79C written4. rootmichael # vi /etc/ypserv.conf# ypserv.conf In this file you can set certain options for the NIS server,# and you can deny or restrict access to certain maps based# on the origi

5、nating host.# See ypserv.conf(5) for a description of the syntax.# Some options for ypserv. This things are all not needed, if# you have a Linux net.# Should we do DNS lookups for hosts not found in the hosts table ?# This option is ignored in the moment.dns: no# How many map file handles should be

6、cached ?files: 30# Should we register ypserv with SLP ?slp: no# After how many seconds we should re-register ypserv with SLP ?slp_timeout: 3600# xfr requests are only allowed from ports 1024xfr_check_port: yes# ypserv.conf In this file you can set certain options for the NIS server,# and you can den

7、y or restrict access to certain maps based# on the originating host.# See ypserv.conf(5) for a description of the syntax.# Some options for ypserv. This things are all not needed, if# you have a Linux net.# Should we do DNS lookups for hosts not found in the hosts table ?# This option is ignored in

8、the moment.dns: no# How many map file handles should be cached ?files: 30# Should we register ypserv with SLP ?slp: no# After how many seconds we should re-register ypserv with SLP ?slp_timeout: 3600# xfr requests are only allowed from ports 1024xfr_check_port: yes# The following, when uncommented,

9、will give you shadow like passwords.# Note that it will not work if you have slave NIS servers in your# network that do not run the same server as you.# Host : Domain : Map : Security# * : * : passwd.byname : port# * : * : passwd.byuid : port# Not everybody should see the shadow passwords, not secur

10、e, since# under MSDOG everbody is root and can access ports 1024 !* : * : shadow.byname : port* : * : passwd.adjunct.byname : port# If you comment out the next rule, ypserv and rpc.ypxfrd will# look for YP_SECURE and YP_AUTHDES in the maps. This will make# the security check a little bit slower, but

11、 you only have to# change the keys on the master server, not the configuration files# on each NIS server.# If you have maps with YP_SECURE or YP_AUTHDES, you should create# a rule for them above, thats much faster. * : * : * : none(允许)5.安全配置文件rootmichael # vi /var/yp/securenets host 127.0.0.1255.255

12、.255.0 192.168.1.0255.255.255.0 192.168.5.06rootmichael # service portmap restartStopping portmap: OK Starting portmap: OK rootmichael # service ypserv restartStopping YP server services: FAILEDSetting NIS domain name nisfung: OK Starting YP server services: OK rootmichael # service yppasswdd restar

13、tStopping YP passwd service: FAILEDStarting YP passwd service: OK rootmichael # chkconfig -list | grep yp ypbind 0:off 1:off 2:off 3:off 4:off 5:off 6:offyppasswdd 0:off 1:off 2:off 3:off 4:off 5:off 6:offypxfrd 0:off 1:off 2:off 3:off 4:off 5:off 6:offypserv 0:off 1:off 2:off 3:off 4:off 5:off 6:of

14、frootmichael # chkconfig -level 35 ypserv onrootmichael # chkconfig -level 35 yppasswdd onrootmichael # chkconfig -list | grep ypypbind 0:off 1:off 2:off 3:off 4:off 5:off 6:offyppasswdd 0:off 1:off 2:off 3:on 4:off 5:on 6:offypxfrd 0:off 1:off 2:off 3:off 4:off 5:off 6:offypserv 0:off 1:off 2:off 3

15、:on 4:off 5:on 6:off 注意：NIS service running by portmap service support(支持).7.构建NIS DATABASE rootmichael # /usr/lib/yp/ypinit mAt this point, we have to construct a list of the hosts which will run NISservers. is in the list of NIS server hosts. Please continue to addthe names for the other hosts, one per line. When you are done with thelist, type a .