7.1. The ypbind
daemon
After you have succesfully compiled the software you are now
ready to install it. A suitable place for the ypbind daemon is the
directory /usr/sbin. Some people may tell you that you don't need
ypbind on a system with NYS. This is wrong. ypwhich and ypcat need
it always.
You must do this as root of course. The other binaries (ypwhich,
ypcat, yppasswd, yppoll, ypmatch) should go in a directory
accessible by all users, normally /usr/bin.
Newer ypbind versions have a configuration file called
/etc/yp.conf. You can hardcode a NIS server there - for more info
see the manual page for ypbind(8). You also need this file for NYS.
An example:
ypserver 10.10.0.1
ypserver 10.0.100.8
ypserver 10.3.1.1
|
If the system can resolve the hostnames without NIS, you may use
the name, otherwise you have to use the IP address. ypbind 3.3 has
a bug and will only use the last entry (ypserver 10.3.1.1 in the
example). All other entries are ignored. ypbind-mt handle this
correct and uses that one, which answerd at first.
It might be a good idea to test ypbind before incorporating it
in the startup files. To test ypbind do the following:
-
Make sure you have your YP-domain name set. If it is not set
then issue the command:
/bin/domainname nis.domain
|
where nis.domain should be some string
_NOT_ normally associated with the DNS-domain name of your machine!
The reason for this is that it makes it a little harder for
external crackers to retreive the password database from your NIS
servers. If you don't know what the NIS domain name is on your
network, ask your system/network administrator.
-
Start up "/sbin/portmap" if it is not
already running.
-
Create the directory /var/yp if it
does not exist.
-
Start up /usr/sbin/ypbind
-
Use the command rpcinfo -p localhost to
check if ypbind was able to register its service with the
portmapper. The output should look like:
program vers proto port
100000 2 tcp 111 portmapper
100000 2 udp 111 portmapper
100007 2 udp 637 ypbind
100007 2 tcp 639 ypbind
|
or
program vers proto port
100000 2 tcp 111 portmapper
100000 2 udp 111 portmapper
100007 2 udp 758 ypbind
100007 1 udp 758 ypbind
100007 2 tcp 761 ypbind
100007 1 tcp 761 ypbind
|
Depending on the ypbind version you are using.
-
You may also run rpcinfo -u localhost
ypbind. This command should produce something like:
program 100007 version 2 ready and waiting
|
or
program 100007 version 1 ready and waiting
program 100007 version 2 ready and waiting
|
The output depends on the ypbind version you have installed.
Important is only the "version 2" message.
At this point you should be able to use NIS client programs like
ypcat, etc... For example, ypcat
passwd.byname will give you the entire NIS password
database.
IMPORTANT: If you skipped the test procedure then make sure you
have set the domain name, and created the directory
This directory MUST exist for ypbind to start up
succesfully.
To check if the domainname is set correct, use the /bin/ypdomainname from yp-tools 2.2. It uses the
yp_get_default_domain() function which is more restrict. It doesn't
allow for example the "(none)" domainname, which is the default
under Linux and makes a lot of problems.
If the test worked you may now want to change your startupd
files so that ypbind will be started at boot time and your system
will act as a NIS client. Make sure that the domainname will be set
before you start ypbind.
Well, that's it. Reboot the machine and watch the boot messages
to see if ypbind is actually started.
