Please consider a donation to the Higher Intellect project. See https://preterhuman.net/donate.php or the Donate to Higher Intellect page for more info. |
Difference between revisions of "NIS"
(One intermediate revision by the same user not shown) | |||
Line 1: | Line 1: | ||
Distributed access control system like LDAP or Active Directory. | Distributed access control system like LDAP or Active Directory. | ||
+ | |||
+ | ==Transfer NIS Master In IRIX== | ||
+ | You need to tar up the directory your NIS flat files live in (I keep mine | ||
+ | in /etc/yp, but there's no standard) and copy it over to the machine you | ||
+ | want to be the new master (assuming you aren't running right out of /etc, | ||
+ | which is also possible, in that case, just copy the relevant files over). | ||
+ | Personally, I recommend against using the files directly in /etc, but | ||
+ | that's personal preference because it makes my life easier. | ||
+ | <pre> | ||
+ | 8:12am dragon /etc/yp %ls | ||
+ | aliases local.make.script.pre-6.5.x | ||
+ | auto.direct mac | ||
+ | auto.home netgroup | ||
+ | auto.master netid | ||
+ | auto.net networks | ||
+ | auto_master nsswitch.conf.nisserv | ||
+ | automount.options passwd | ||
+ | bootparams protocols | ||
+ | capability rpc | ||
+ | clearance rpc.passwd.options | ||
+ | ethers services | ||
+ | group ypdomain | ||
+ | hosts ypmaster.options | ||
+ | jlimits ypservers | ||
+ | local.make.script | ||
+ | </pre> | ||
+ | I keep a copy of the various system files I've created or changed in there | ||
+ | too, as you can see. | ||
+ | |||
+ | Check /var/yp/ for the presence of custom local scripts : | ||
+ | <pre> | ||
+ | 8:13am dragon /var/yp %ls | ||
+ | local.make.script ypmake | ||
+ | local.make.script.pre-6.5.x ypmake.log | ||
+ | make.script ypxfr_1pd | ||
+ | mdbm_dump ypxfr_1perday | ||
+ | mdbm_parse ypxfr_1perhour | ||
+ | updaters ypxfr_1ph | ||
+ | ypdomain ypxfr_2pd | ||
+ | ypinit ypxfr_2perday | ||
+ | </pre> | ||
+ | as you're going to want those as well. If you didn't set this up | ||
+ | initially, check make.script to verify that it hasn't been hand edited. | ||
+ | If it has, you'll be spending quality time with the manual. I recommend | ||
+ | against duplicating any changes you find in there on the new master. Read | ||
+ | the docs, and do it right using normal methods. It makes your life easier | ||
+ | when you need to figure out how and why things work, and any who follow | ||
+ | you should you leave don't have to try and figure out your klu(d)ges. | ||
+ | |||
+ | You'll also need to check /etc/config/yp* : | ||
+ | <pre> | ||
+ | 8:15am dragon /etc/config %foreach f ( yp* ) | ||
+ | |||
+ | foreach? echo $f ; cat $f ; echo "\n" | ||
+ | foreach? end | ||
+ | yp | ||
+ | on | ||
+ | |||
+ | |||
+ | ypmaster | ||
+ | on | ||
+ | |||
+ | |||
+ | ypmaster.options | ||
+ | DIR=/etc/yp | ||
+ | PWFILE=/etc/yp/passwd | ||
+ | ALIASES=/etc/yp/aliases | ||
+ | |||
+ | |||
+ | ypserv | ||
+ | on | ||
+ | |||
+ | |||
+ | 8:18am dragon /etc/config %grep yp * | grep -v typ | grep -v Typ | ||
+ | rpc.passwd.options:/etc/yp/passwd | ||
+ | ypmaster.options:DIR=/etc/yp | ||
+ | ypmaster.options:PWFILE=/etc/yp/passwd | ||
+ | ypmaster.options:ALIASES=/etc/yp/aliases | ||
+ | </pre> | ||
+ | The rpc.passwd.options isn't obvious, and if the person who set this up | ||
+ | originally didn't read the docs and you aren't using the passwd file | ||
+ | directly out of /etc, they've more than likely hacked up something to make | ||
+ | yppasswd work the way they want. Dump this and do it right if that turns | ||
+ | to have been the case. | ||
+ | |||
+ | Once you've checked the relevant files and moved everything over, run | ||
+ | ypinit -m on the new server and follow up with a ypinit -s on any slaves | ||
+ | you may have. This will take care of changing the yp/ypmaster/ypserv | ||
+ | file contents from off to on. The one thing ypinit will not do is create | ||
+ | /var/yp/ypdomain. This file needs to exist and the only thing it should | ||
+ | contain is your NIS domain name. You'll need to create this file on all | ||
+ | machines in this domain on your own, be they the master, the slaves, or | ||
+ | the clients. Since you're already running NIS, it should already be | ||
+ | there. | ||
+ | |||
+ | One last thing: | ||
+ | <pre> | ||
+ | 8:40am dragon /etc/yp %cat nsswitch.conf.nisserv | ||
+ | # | ||
+ | # Cat this file onto the end of /var/ns/nsswitch.conf.nisserv | ||
+ | # and /var/ns/domains/<nisdomain>/nsswitch.conf | ||
+ | # | ||
+ | auto.master: nisserv | ||
+ | auto.direct: nisserv | ||
+ | auto.net: nisserv | ||
+ | auto.home: nisserv | ||
+ | </pre> | ||
+ | If you're using maps that aren't in the default list, you'll need to do | ||
+ | this on your master after you run ypinit -m. You have to do this before | ||
+ | you run ypinit -s on the slaves. They won't accept maps they don't | ||
+ | already have copies of, and the easiest way to make sure propagation | ||
+ | occurs properly is to have everything in place when you init them (there | ||
+ | are ways to add maps to slaves after the fact, but this is much more | ||
+ | straightforward). | ||
+ | |||
+ | ==See Also== | ||
+ | * [[Integrating Mac OS X in an NIS network]] | ||
+ | |||
[[Category:SGI]] | [[Category:SGI]] |
Latest revision as of 15:25, 28 July 2019
Distributed access control system like LDAP or Active Directory.
Transfer NIS Master In IRIX
You need to tar up the directory your NIS flat files live in (I keep mine in /etc/yp, but there's no standard) and copy it over to the machine you want to be the new master (assuming you aren't running right out of /etc, which is also possible, in that case, just copy the relevant files over). Personally, I recommend against using the files directly in /etc, but that's personal preference because it makes my life easier.
8:12am dragon /etc/yp %ls aliases local.make.script.pre-6.5.x auto.direct mac auto.home netgroup auto.master netid auto.net networks auto_master nsswitch.conf.nisserv automount.options passwd bootparams protocols capability rpc clearance rpc.passwd.options ethers services group ypdomain hosts ypmaster.options jlimits ypservers local.make.script
I keep a copy of the various system files I've created or changed in there too, as you can see.
Check /var/yp/ for the presence of custom local scripts :
8:13am dragon /var/yp %ls local.make.script ypmake local.make.script.pre-6.5.x ypmake.log make.script ypxfr_1pd mdbm_dump ypxfr_1perday mdbm_parse ypxfr_1perhour updaters ypxfr_1ph ypdomain ypxfr_2pd ypinit ypxfr_2perday
as you're going to want those as well. If you didn't set this up initially, check make.script to verify that it hasn't been hand edited. If it has, you'll be spending quality time with the manual. I recommend against duplicating any changes you find in there on the new master. Read the docs, and do it right using normal methods. It makes your life easier when you need to figure out how and why things work, and any who follow you should you leave don't have to try and figure out your klu(d)ges.
You'll also need to check /etc/config/yp* :
8:15am dragon /etc/config %foreach f ( yp* ) foreach? echo $f ; cat $f ; echo "\n" foreach? end yp on ypmaster on ypmaster.options DIR=/etc/yp PWFILE=/etc/yp/passwd ALIASES=/etc/yp/aliases ypserv on 8:18am dragon /etc/config %grep yp * | grep -v typ | grep -v Typ rpc.passwd.options:/etc/yp/passwd ypmaster.options:DIR=/etc/yp ypmaster.options:PWFILE=/etc/yp/passwd ypmaster.options:ALIASES=/etc/yp/aliases
The rpc.passwd.options isn't obvious, and if the person who set this up originally didn't read the docs and you aren't using the passwd file directly out of /etc, they've more than likely hacked up something to make yppasswd work the way they want. Dump this and do it right if that turns to have been the case.
Once you've checked the relevant files and moved everything over, run ypinit -m on the new server and follow up with a ypinit -s on any slaves you may have. This will take care of changing the yp/ypmaster/ypserv file contents from off to on. The one thing ypinit will not do is create /var/yp/ypdomain. This file needs to exist and the only thing it should contain is your NIS domain name. You'll need to create this file on all machines in this domain on your own, be they the master, the slaves, or the clients. Since you're already running NIS, it should already be there.
One last thing:
8:40am dragon /etc/yp %cat nsswitch.conf.nisserv # # Cat this file onto the end of /var/ns/nsswitch.conf.nisserv # and /var/ns/domains/<nisdomain>/nsswitch.conf # auto.master: nisserv auto.direct: nisserv auto.net: nisserv auto.home: nisserv
If you're using maps that aren't in the default list, you'll need to do this on your master after you run ypinit -m. You have to do this before you run ypinit -s on the slaves. They won't accept maps they don't already have copies of, and the easiest way to make sure propagation occurs properly is to have everything in place when you init them (there are ways to add maps to slaves after the fact, but this is much more straightforward).