nis.debian.howto  3.2.1-3

miquels@cistron.nl
02-Mar-1998
 : ̹ shinsuk@ai-cse.sch.ac.kr
12-Dec-1998  

0. Ұ

     HOWTO   մϴ.

    1. NIS client-only ý  ϴ°
    2. NIS  ڿ  ̿ϴ°
    3. NIS master   ϴ°
    4. shadow passwords
    5. NIS slave   ϴ°

1.  NIS Ŭ̾Ʈ  ϴ°

    1.1 netbase, netstd, nis Ű ġմϴ.

    1.2 ġ NIS domainname  ϴ. ̰ NIS 
        ý۵ ׷ Ÿ ̸ hostname ٸϴ.

    1.3  NIS   Ʈũ ȿ    ̼
         ʿմϴ. ypbind μ /etc/yp.conf  
          ֽϴ. ⿡ NIS  ̸ ϴ. -
         ڼ  ypbind(8) ޴ ʽÿ.

    1.4 NIS մϴ.
        /etc/init.d/nis stop
        /etc/init.d/nis start

2. NIS  ڿ  ̿ϴ°

    2.1 FOR LIBC6
        
        /etc/nsswitch.conf  passwd, group, shadow, netgroup
        Ʈ   ٲߴϴ.

        passwd:   compat
        group:    compat
        shadow:   compat

        netgroup: nis

        libc6 Ϸκ netgroup  дµ   
        ֽϴ. ׷ netgroup Ʈ "db"  "files"  
        ʽÿ.  netgroup  NIS   
        ˴ϴ.

    2.2 USERS: NIS clients  /etc/passwd    ߰մϴ.
    
        +::::::

        (user) /  +  - ȣ  
        ֽϴ.  guest ܷ /etc/passwd Ͽ -guest 
        ߰մϴ.  linux ٸ  (e.g. ksh) ϱ
        Ѵٸ /etc/passwd  +linux::::::/bin/ksh  ߰ ָ
        ˴ϴ.   ʴ ʵ ä Ӵϴ.

        , miquels, dth, ed  α ϰ ٸ  
         Ϸ:

        +miguels::::::
        +ed::::::
        +dth::::::
        +:*::::::/etc/NoShell

           н ʵ嵵 override  
        ֽϴ.

    2.3 GROUPS: /etc/group    ߰մϴ.

        +:::

    2.4 HOSTS:

         NIS  host lookup ʰ DNS մϴ. 
        NIS  ؾ Ѵٸ ⼭ Ͻʽÿ.

    2.4.1 For libc5 applications:

        NIS  NIS host  Ϸ /etc/host.conf ؾ
        մϴ.   order ٿ nis ܾ ߰մϴ:

        order hosts,nis
        multi on

    2.4.2 For libc6 applications:

        /etc/nsswitch.conf  hosts Ʈ մϴ:

        hosts: nis files

3. NIS master   ϴ°

    3.1 nis Ű ġմϴ. RPC daemon  (rpc.portmap)
        ġϱ  netbase  netstd  ġؾ մϴ.

    3.2 master, slave о NIS    ý ̸ 
        /etc/hosts ϳ ־ մϴ.
         IP ּ ڿ ù° hostname  FQDN (Fully Qualified
        Domain Name) ̾ ϰ, ׿ ̾ domainname  
        hostname  մϴ.  :

        192.168.88.10   troi.cistron.nl troi

        NIS DNS  ʱ  NIS server  NIS host file
        ( /etc/hosts)    ؾմϴ. 

    3.3 /etc/defaultdomain  NIS domain մϴ. NIS domain
        NIS  ϴ ý۵ ׷ Ÿ ̸ hostname
         ٸϴ. ̰  DNS domainname ̰Ϳ
        մϴ.
    
        ̰  鿡    ǰ ֽϴ.
        domainname  ƴ ͸  NIS server query
         NIS ʵ  ɼ ֱ Դϴ. ̰
         ȣ domainname  ؼ ȵ˴ϴ. 
        /etc/ypserv.securenets  /etc/ypserv.conf   Ͽ
         Ʈũ ̿ܿ NIS     ϸ
        ˴ϴ.

    3.4 /etc/init.d/nis ϳ ypserv master (ypserv=master) մϴ. 

    3.5   Ͱ ,  Ʈũ ȣ
        /etc/ypserv.securenets  ߰մϴ. ⺻  ý
        NIS server     ֵ Ǿ  ̷  ʴ
         մϴ.

         ȭ  /etc/ypserv.conf  Ͽ password
          ʵ(mangle)   ֽϴ. (Ʈũ 
         ƴ slave server    ̰ ؼ
        ȵ˴ϴ.)
    
    3.6 "/usr/lib/yp/ypinit -m"  ԷϿ  մϴ.

    3.7  ԷϿ  մϴ.
        
        /etc/init.d/nis stop
        /etc/init.d/nis start

         (ypserv) н  (yppasswdd) ۵˴ϴ.

        NIS   ϱ⸦ ϸ NIS  Ŭ̾Ʈ
         ypbind  ϰ /etc/passwd  ߰
        plus-entries ߰Ͽ մϴ. ̺귯 Լ
        ù° NIS entry   normal entries  ϰ,
         NIS   ˴ϴ.   NIS  Ģ
        ϴ Դϴ.

        :

        root:x:0:0:root:/root:/bin/bash
        daemon:*:1:1:daemon:/usr/sbin:
        bin:*:2:2:bin:/bin:
        sys:*:3:3:sys:/dev:
        sync:*:4:100:sync:/bin:/bin/sync
        games:*:5:100:games:/usr/games:
        man:*:6:100:man:/var/catman:
        lp:*:7:7:lp:/var/spool/lpd:
        mail:*:8:8:mail:/var/spool/mail:
        news:*:9:9:news:/var/spool/news:
        uucp:*:10:50:uucp:/var/spool/uucp:
        nobody:*:65534:65534:noone at all,,,,:/dev/null:
        +miquels::::::
        +:*:::::/etc/NoShell
        [ All normal users AFTER this line! ]
        tester:*:299:10:Just a test account:/tmp:
        miquels:1234567890123:101:10:Miquel van Smoorenburg:/home/miquels:/bin/zsh

         tester  ,  /etc/NoShell  Ǿ
        ְ, miguels     ˴ϴ.

        ٸ , /var/yp/Makefile  ϰ NIS  ٸ
        н  ϵ   ֽϴ. ū
        ýۿ, NIS н ׷ Ϲ
        /var/yp/ypfiles/  մϴ. ̰  쿣 н
         ϴ "passwd", "chfn", "adduser" Ϲ 
         ̻   ԵǾ Ư   
        ؾ մϴ.

        ׷ yppasswd, ypchsh, ypchfn yppasswdd  -D ɼ NIS
        н  ġ ϸ   ֽϴ. 
        ƿƼ yppasswdd    ǥ Ȯ
         ֽϴ. "Root" root н带 Ͽ ٸ
         н, finger     ֽϴ.

        NIS н   ϰų ǥ /etc/passwd 
        Ѵٸ, NIS ҽ   ϳ   /var/yp
        丮 make   NIS  ؾ ϴ 
        Ͻʽÿ. ̰ cron 㿡  ֽ NIS 
        ϵ ϴ  մϴ.

4. SHADOW PASSWORDS
   
     libc5   NIS   ʽϴ. libc5
      α׷  쿣  NIS  ؼ
    ȵ˴ϴ.      ֽϴ.

    4.1 SHADOW-LIKE SECURITY

        NIS н带 ã  "mangling"Ͽ  
           ֽϴ. "ypserv.conf" 
        /etc/ypserv.conf  ּ оʽÿ.

    4.2 REAL SHADOW SUPPORT

        libc6 NIS    ԵǾ ֽϴ. ̰
         ϴ Ͱ    Դϴ; NIS κ
        츦 ޾ ϱ⸸ ϸ ˴ϴ.   makedbm
        ɼ "-s" (secure)  ָ ϴ. ̰  
        /var/yp/Makefile  ڵ ˴ϴ.

        )  н带 ϰ ִٸ 2.2   "plus"
        entries /etc/passwd  /etc/shadow ο ߰ų ʿ䰡
        ֽϴ. ùٸ · ߰Ͻʽÿ; passwd  shadow 
        ٸ ʵ  ֽϴ.

5. HOW TO SETUP A NIS SLAVE SERVER

    5.1 , ý NIS Ŭ̾Ʈ Ͻʽÿ. (1 ʽÿ)
        
    5.2 ̾  Ѵ 3.1  3.5  ϵ, 3.4
        /etc/init.d/nis ϳ ypserv slave (ypserv=slave)
        Ͻʽÿ.

    5.3  ϰ ʱȭϽʽÿ.

        /etc/init.d/nis stop
        /etc/init.d/nis start
        /usr/lib/yp/ypinit -s < NIS  ̸>

    5.4   NIS   NIS   մϴ.   NIS
         ִ NIS Makefile  Ͽ   ŵ
         ڵ  NIS  ϵ մϴ.
        /var/yp/Makefile  NOPUSH    Ͻʽÿ.

        NOPUSH="false"

            "/usr/lib/yp/ypinit -m"    
         մϴ.   ̸ ԷϽʽÿ.  ٽ 
          ڷḦ մϴ.

    5.5   Ʈ crontab  ߰մϴ. (crontab -e)

        20 *    * * *   /usr/lib/yp/ypxfr_1perhour
        40 6    * * *   /usr/lib/yp/ypxfr_1perday
        55 6,18 * * *   /usr/lib/yp/ypxfr_2perday

        ̰  NIS ʵ ֽ  ŵǵ ϸ,    
         ٿ   ŵ˴ϴ. 
