Minicluster:NIS
É necessário informar um nome de domínio NIS (que pode ser diferente do domínio DNS matrix). Foi informado nismatrix
Servidor NIS
- Instale o servidor NIS
yp-tools ypbind ypserv portmap [one]# yum install yp-tools [one]# yum install ypbind [one]# yum install ypserv [one]# yum install rpcbind # antigamente portmap
- Setar o serviço time para rodar via inetd/xinetd, ou configure xntpd, ou de outro modo certifique-se que o relógio do host esteja sincronizado.
- Edite /etc/yp.conf:
domain internal server ip.of.nis.server domain nismatrix server 192.168.0.99
- Edite /etc/ypserv.conf:
.. dns: no files: 30 xfr_check_port: yes * : * : shadow.byname : port * : * : passwd.adjunct.byname : port
- Edite /etc/sysconfig/network:
NISDOMAIN="nismatrix"
- Setar o nome do domínio NIS:
[one]# domainname nismatrix [one]# ypdomainname nismatrix
- Crie o arquivo /var/yp/securenets:
host 127.0.0.1 255.255.255.0 10.0.0.0
- Certifique-se que o serviço rpcbind está rodando
[one]# service rpcbind start [one]# chkconfig rpcbind on
- Portmap will need a rule in /etc/hosts.allow to allow access from localhost and any hosts that need to access NIS.
- Editar linhas em
[one]$ vi /var/yp/Makefile .. ALIASES = $(YPSRCDIR)/aliases # aliases could be in /etc or /etc/mail #ALIASES = /etc/mail/aliases
- Inicie o serviço ypserv:
[one]# service ypserv start
- Verifique se está escutando
[one]# rpcinfo -u localhost ypserv program 100004 version 1 ready and waiting program 100004 version 2 ready and waiting
- Inicialize o mapeamento NIS (especifique one.matrix, Ctrl-D, y, e deixe finalizar):
[one]$ /usr/lib64/yp/ypinit -m
- Inicie ypbind, yppasswdd, ypxfrd:
[one]# service ypbind start [one]# service yppasswdd start [one]# service ypxfrd start
- Configure os serviços YP para iniciar no boot:
[one]# chkconfig ypserv on [one]# chkconfig ypbind on [one]# chkconfig yppasswdd on [one]# chkconfig ypxfrd on
Cliente NIS
[root@cell100]$ chkconfig --level 345 ypbind on nisdomainname nismatrix [root@cell100] ~ # nisdomainname
NIS client host setup
Required packages: yp-tools ypbind portmap
Edit /etc/sysconfig/network:
NISDOMAIN=internal
Edit /etc/yp.conf:
domain internal server ip.of.master.server
Edit /etc/hosts:
ip.of.master.server hostname.domain hostname
Set NIS domain-name:
client# domainname internal client# ypdomainname internal
Edit /etc/nsswitch.conf:
passwd: files nis shadow: files nis group: files nis
Make sure the portmap service is running:
client# service portmap start client# chkconfig portmap on
The /etc/hosts.allow file will need rules allowing access from localhost and the NIS master server.
Start ypbind service:
client# service ypbind start client# chkconfig ypbind on
Test it out:
client# rpcinfo -u localhost ypbind client# ypcat passwd
Gerenciando usuários
- adicionar usuário: (como root no servidor NIS)
useradd -g grupo usuario
ou criando diretório home
useradd -m -g grupo usuario
Para funcionar foi preciso a opção -p password (que cria senha padrão)
useradd -m -p password -g grupo usuario
- Atualizar o banco de dados NIS
make -C /var/yp
- Trocando a senha para o usuário
yppasswd -p usuario
User password management: Users will now change their passwords using the NIS password command yppasswd instead of the local password file affected command, passwd. When using an NIS slave (described below), then do not modify the password while logged into the NIS master.
Referências
- http://bradthemad.org/tech/notes/redhat_nis_setup.php, walkthrough completo
- http://under-linux.org/wiki/Tutoriais/LDAP/LDAP-NIS-NFS
- http://www.wellho.net/solutions/general-what-are-nis-ldap-dns-and-bind.html
- http://bradthemad.org/tech/notes/redhat_nis_setup.php
- http://www.yolinux.com/TUTORIALS/NIS.html
- http://www.tldp.org/HOWTO/NIS-HOWTO/ypserv.html