nis-master | (netbsd) | nis-slave | nis-client | nis-ops
tested on slack150
slackpkg install yptools rpcbind glibc-2 ls -lF /var/log/packages/yptools-* /var/log/packages/glibc-2* which getent
domain=DOMAIN.TLD cat /etc/defaultdomain # not yet echo $domain > /etc/defaultdomain
this will be handled by the ypbind (client) daemon
#domainname $domain #nisdomainname $domain
check
domainname # gnu/linux nisdomainname
a few ports should be available from the servers
111/tcp open rpcbind 2-4 (RPC #100000) 1021/tcp open ypserv 1-2 (RPC #100004) 111/udp open rpcbind 2-4 (RPC #100000) 1019/udp open yppasswdd 1 (RPC #100009) 1020/udp open ypbind 2 (RPC #100007)
check with
nmap -sTUV -p 111 ypmaster nmap -sTUV -p 111 ypslave
and proceed
mv -i /etc/yp.conf /etc/yp.conf.dist
echo domain $domain server ypmaster > /etc/yp.conf
echo domain $domain server ypslave >> /etc/yp.conf
cat /etc/yp.conf
mv -i /etc/nsswitch.conf /etc/nsswitch.conf.dist
grep -vE '^#|^$' /etc/nsswitch.conf.dist > /etc/nsswitch.conf.clean
grep -vE '^#|^$' /etc/nsswitch.conf.dist > /etc/nsswitch.conf
vi /etc/nsswitch.conf
passwd: compat nis
group: compat nis
no need to enable shadow as we are NOT planning to use password-based authentication.
alternatively, use the provided sample for nis – but that would require to enable far more maps than just passwd and group.
#mv -i nsswitch.conf nsswitch.conf.dist #grep -vE '^#|^$' nsswitch.conf-nis > nsswitch.conf-nis.clean #grep -vE '^#|^$' nsswitch.conf-nis > nsswitch.conf #cat nsswitch.conf
simply launch the daemons manually (no statd nor -broadcast required)
ls -lF /etc/rc.d/rc.yp /etc/rc.d/rc.rpc /etc/rc.d/rc.yp stop /etc/rc.d/rc.rpc stop chmod -x /etc/rc.d/rc.yp chmod -x /etc/rc.d/rc.rpc vi /etc/rc.d/rc.local # rpc int=`grep ^int= /etc/rc.d/rc.inet1.conf | cut -f2 -d= | cut -f1 -d/` echo -n rpc on $int ... /sbin/rpcbind -s -w -l -h $int && echo done || echo FAIL /sbin/rpc.statd unset int
# nis client domainname `cat /etc/domainname` /usr/sbin/ypbind # w/o bcast
however it seems the daemon is still listening on all interfaces
netstat -lntup | grep rpcbind netstat -lntup | grep ypbind
status
ls -lF /var/run/rpc* /var/run/yp* pgrep -a rpcbind pgrep -a ypbind ps auxfw | grep rpcbind # as daemon ps auxfw | grep ypbind # as root
stop
pkill ypbind pkill rpcbind
yptest getent passwd | tail getent group | tail
while trying to use sudo from a nis user
(log) unix_chkpwd[21544]: could not obtain user info sudo: PAM account management error: Authentication service cannot retrieve authentication info sudo: a password is required
==> tried to tune PAM with no success
\7. Setting Up the NIS Client https://tldp.org/HOWTO/NIS-HOWTO/settingup_client.html
[fw] PAM, NIS, and Shadow Passwords http://shekel.jct.ac.il/~roman/linux/pam/pam-nis.html