Setting up a NIS client

tested on slackware linux current (oct 2020)

Install

slackpkg install yptools rpcbind glibc-2
cat /var/log/packages/yptools-*

Note glibc-2 for getent

Client setup

nisdomainname DOMAIN.TLD
echo DOMAIN.TLD > /etc/defaultdomain

nmap -sTUV -p 111 NIS-SERVER

more ports

111/tcp  open  rpcbind   2-4 (RPC #100000)
1021/tcp open  ypserv    1-2 (RPC #100004)
111/udp  open  rpcbind   2-4 (RPC #100000)
1019/udp open  yppasswdd 1 (RPC #100009)
1020/udp open  ypbind    2 (RPC #100007)

proceed

mv -i /etc/yp.conf /etc/yp.conf.dist
echo domain DOMAIN.TLD server NIS-SERVER > /etc/yp.conf
echo domain DOMAIN.TLD server NIS-SERVER2 >> /etc/yp.conf

cd /etc/
    mv -i nsswitch.conf nsswitch.conf.dist
    grep -vE '^#|^$' nsswitch.conf.dist > nsswitch.conf
    vi nsswitch.conf

passwd:       files nis
#NOT shadow
group:        files nis

Ready to go

simply launch the daemons manually (no statd nor -broadcast required)

chmod -x /etc/rc.d/rc.rpc
chmod -x /etc/rc.d/rc.yp

interestingly enough the folder ownership is not rpc:rpc but root:rpc by default

ls -ldF /var/run/rpcbind/

/sbin/rpcbind -l -h BIND-TO-IP-ADDRESS
/usr/sbin/ypbind

status

pgrep -a rpcbind
pgrep -a ypbind

stop

pkill ypbind
pkill rpcbind

Acceptance

getent passwd
getent group

Note we are not trying login somehow to validate authentication, as we are now using shadowed NIS passwords.

On BSD you can also do

yptest

TODO

Resources

man rpcbind
man rpc.statd
man 5 hosts_access

http://docs.slackware.com/howtos:network_services:roaming_profiles

https://www.linuxquestions.org/questions/linux-server-73/nfsv4-and-hosts-deny-hosts-allow-735312/

https://www.slackbook.org/html/security-host.html

https://tldp.org/HOWTO/NIS-HOWTO/settingup_client.html

https://wiki.archlinux.org/index.php/NIS

http://shekel.jct.ac.il/~roman/linux/pam/pam-nis.html

https://www.linuxtopia.org/online_books/network_administration_guides/NIS_HOWTO_guide/settingup_client_008.html