The Linux NIS(YP) / NYS / NIS+ HOWTO

:Thorsten Kukuk

ѱ۹ :  ( E-M@il : zenix@air.knu.ac.kr )

v1.0, 9 March 1999
 : 1999 10 3

---------------------------------------------------------------------------------------
     NIS(YP) Ȥ NIS+ Ŭ̾Ʈ  ϴ ׸, NIS
  ġϴ  Դϴ.
---------------------------------------------------------------------------------------

1. 

   1.1    
   1.2 Ǹ 
   1.3    ǵ(Feedback)  ߸  Ͽ
   1.4  Ͽ ϴ 

2.  Ϲ ׵

   2.1 Ǵ  Ͽ
   2.2 Ϲ ׵

3. NIS, NYS Ȥ NIS+

   3.1 libc 4/5  traditional NIS Ȥ NYS ?
   3.2 glibc 2 ׸ NIS/NIS+
   3.3 NIS Ȥ NIS+ ? (   ΰ?)

4.  ۵ϴ°

   4.1 NIS  ۵ϴ°
   4.2 NIS+  ۵ϴ°

5. RPC Portmapper

6. NIS ġϱ  ʿ ͵ ΰ?

   6.1  Server, SlaveȤ Client ϶.
   6.2 ʿ Ʈ
   6.3 ypbind 
   6.4 Traditional NIS NISϱ
   6.5 NYS NISϱ
   6.6 glibc 2.x NISϱ
   6.7 nsswitch.conf Ͽ ؼ
   6.8 NIS (Shadow) н

7. NIS+ ġϱ  ʿ ͵ ΰ?

   7.1 ʿ Ʈ
   7.2 NIS+ Ŭ̾Ʈ ġϱ
   7.3 NIS+, keylogin, login ׸ PAM
   7.4 nsswitch.conf 

8. NIS  ϱ

   8.1  α׷ ypserv
   8.2  α׷ yps
   8.3 rpc.ypxfrd
   8.4 rpc.yppasswdd

9. NIS/NYS ν Ȯϱ

10. Ϲ  ذ

11.  Ǵ ͵(FAQ)

---------------------------------------------------------------------------------------
1. 

   ǻ Ʈ  μ ؼ ġǰ ִ. Ʈ  ϰ 
ϱ Ͽ, κ Ʈ(   Ʈ) Ʈ  (Network 
Information Service) ϰ ִ.  ϰ ִ NIS  񽺸   ְ,
 װ͵ ü NIS 񽺸    ִ.   NIS+ Ŭ̾Ʈ 
  , ̰  Ÿ ̴ܰ.

      ӽ NIS(YP)  NIS+ ϴ   ñ߿ Ϸ
 ̴. RPC Portmapper κ д  ؾ .

  NIS-Howto      ǰ ȴ.

	Thorstem Kukuk, <kukuk@suse.de>

   NIS-Howto    ְ 켱    ̴.

	Andrea Dell'Amico	<adellam@ZIA.ms.it>
	Mitchum DSouza		<Mitch.DSouza@NetComm.IE>
	Erwin Embsen		<erwin@nioz.nl>
	Peter Ericsson		<peter@ifm.liu.se>

   鿡    ù    ־  ؾ Ѵ.

1.1    

      ֱ   World Wide Web URL Ͽ   ִ.

	http://www.suse.de/~kukuk/linux/HOWTO/NIS-HOWTO.html

    ο  , LDP(Linux Document Project) Ȩ  پ Linux
  Ʈ FTP Ʈ   ִ.

    پ   ũ  URL ã  ִ.

	http://www.suse.de/~kukuk/linux/nis-howto.html

1.2 Ǹ 

      Ŀ   ּ Ͽ ϴ,   ɼ  
.   ڼϰ Ȯ   Ͽ,   ϰ ִ   Ʈ
 ԵǾ ִ README  бٶ.         ̴.

1.3    ǵ(Feedback)  ߸  Ͽ

      ǰ̳  ִ , Thorsten Kukuk ( kukuk@suse.de ) 
    ⸦ ٶ.   ̳ Ȥ 񳭵鵵 ȯѴ.  
    ߰Ͽ ,        ֵ  ˷ֱ
 ٶ. մϴ.

    ϴ  ǿ  Ư  ؼ ϱ   
⸦ ٶ.   Ϳ  ذå ߰ϵ   ̴.

1.4  Ͽ ϴ 

  γ      е鿡  ϰ Ѵ. ĺ  ϸ:

	Byron A Jeff			<byron@cc.gatech.edu>
	Markus Rex			<msrex@suse.de>
	Miquel Van SmoorenBurg		<miquels@cirtron.nl>

  Theo de Raadt yp-client ڵ忡   å  ִ. Swen Thuemmler yp-client ڵ带
 ,  yp-routine libc(Theo ۾ ) ϱ⵵ ߴ. Thorsten Kukuk
ũġκ GNU libc 2.x  NIS(YP) ׸ NIS+ ƾ ۼϿԴ.

---------------------------------------------------------------------------------------
2.  Ϲ ׵

2.1 Ǵ  Ͽ

     ιھ( DBMϸ Data Base Management) Ѵ.
⿡  ߿ ιھ鿡    ̴.

  DBM
	DataBase Management, ͺ̽ key-contents  ϴ Լ ̺귯
	̴.

  DLL
	Dynamic Linked Library, α׷ Ÿӽ( ), ũǴ ̺귯.

  domainname
	NIS Ŭ̾Ʈ Ǵ key ϴ ̸, domainname key ϴ
	NIS ġ ãµ ȴ.

  FTP
	File Transfer Protocol,   ǻͰ ۿ  Ծ.

  libnsl
	Name  ̺귯, SVR4 н鿡 getpwnam, getservbyname ȣѴ.
	GNU libc NIS(YP) NIS+Լ(,) Ͽ  ̺귯 Ѵ.

  libsocket
	  ̺귯, SVR4 н鿡 socket, bind, listen ȣϴ 
	 ̺귯̴.

  NIS
	Network Information Service, Ʈ Ͽ ˷ Ʈ  ӽ鿡 
	Information ϴ ̴.   "traditional NIS" õ κ
	  ǥ libc ̺귯 NIS   ִ.

  NIS+
	Network Information Service (Plus :-), NIS Ƶ ε, NIS+  ũ
	ý Inc.  NIS   , NIS ȼ   Installation
	  ڵ鸵 ϱ⿡   ̴.

  NYS
	̰ Ʈ ̸, NIS+ Ÿ. YP Switch Peter Eriksson <peter@ifm.liu.se>
	  ̲. NYS NYS ̺귯 Name Services Switch  ϴ NIS(=YP)ڵ
	   ٽ ۼ ̴.

  NSS
	Name Service Switch, /etc/nsswitch.conf    ûǾ , Ǵ lookup
	  Ѵ.

  RPC
	Remote Procedure Call. RPC ƾ C α׷ Ʈ ٸ ӽ󿡼 ν  
	 ְ Ѵ.  Ϲ RPC  Ҷ, װ Sun RPC  ϴ
	̴.

  YP
	Yellow Pages(tm),  British Telecom plc. ϻǥ̴.

  TCP-IP
	Transmission Control Protocol/Internet Protocol. ̰ н ӽ ̿  θ
	Ǵ   Ծ̴.

2.2 Ϲ ׵

   3   ũνý Ʈũ  ޴󿡼  ̴.

	"NIS  Sun Yellow Pages(YP)  ˷,
	Yellow Pages(tm)̶ ̸ 뿵 British Telecom plc
	 Ʈ̵帶ũ ϵǾ ־ 㰡 ̴   ."

  NIS Ʈũ  (Network Information Service) ǹѴ. װ  Ʈũ
   ִ  ӽ鿡, Ʈũ  ˷  ϴµ ִ. NIS  
  Ǵ  뷫   ͵̴.

	* login names/passwords/home directories (/etc/passwd)
	* group information (/etc/group)

  ,  Ű н尡 NIS passwd ͺ̽ ϵǾ ִٸ,  NIS
  Ŭ̾Ʈ α׷ ǰ ִ Ʈũ  ӽ α-   ִ.

  (Sun)   Ʈ(Sun Soft, Inc.) ̼  ũνý(Sun Microsystems, Inc.) 
   ϻǥ̴.

---------------------------------------------------------------------------------------
3. NIS, NYS Ȥ NIS+?

3.1 libc 4/5  traditional NIS Ȥ NYS ?

  " NIS" Ȥ NYS ̺귯 NIS ڵ带 ϴ ,    ԰ 
  迡 ȭ Ͱ ϴ.

  ǥ C ̺귯 ִ " NIS" ڵ  Ǿ , (?) ణ
  Զ  ϰ ִ.(ణ  ִ)

  NYS ̺귯 ִ NIS ڵ NYS ڵ带 libc ̺귯 ԽŰ  libc ̺귯
  ٽ  ؾѴ.

   ٸ Ѱ,  NIS ڵ NIS Ʈũ ׷   Ѵ.(NYS ȵ.)
  ݸ鿡, NYS ڵ    н ڵ鸵ϴ  Ѵ. " NIS"
  ڵ ̷  н带  ʴ´.

3.2 glibc 2 ׸ NIS/NIS+

    ο GNU C Library 2.x (aka libc6) ϰ ִٸ ǳʶپ .   
    NSS(name switch service, ̰ ſ ϰ   NIS/NIS+ map Ѵ. :
  aliases, ethers, group, hosts, netgroups, networks, protocols, publickey, passwd, rpc, services and
  shadow ) Ѵ. GNU C ̺귯 NIS   н带 ϴ  ƹ 
  .

3.3 NIS or NIS+ ? (    ΰ? )

  NIS NIS+   . NIS+  ʿ䰡 ų,   ʿ 쿡 NIS
  ϶. NIS+  ڵ鿡 NIS   Ÿ̴.(NIS+ Ŭ̾Ʈʿ ٷ
  , ʿ ù ŭ ƴ.)  ٸ   ȯ濡 NIS+ 
  ̶ ̴. --  ֽŹ glibc 2.1 ʿϴ. ű⿡ libc5  glibc
  NIS+   ʴ Ʈ ִ.

---------------------------------------------------------------------------------------
4.  ۵ϴ°

4.1 NIS  ۵ϴ°

  Ʈũ 󿡼,  ϳ NIS   ̴.  ӽ  ٸ NIS
  "ε"  NIS    ִ. Ȥ ϳ master NIS , ٸ ͵
  slave NIS (Ư NIS "domain" ..) Ҹ ͵μ  NIS  
   ִ. Ȥ װ͵ ȥ    ִ.

  Slave   NIS ͺ̽ īǸ  , ̰͵ ŵ , Master
     īǵ ޴´.  Ʈũ  ӽ  Ʈũ  ,
  ϳ Ȥ  slave  ġ  ϸ ȴ. NIS ٿ ǰų, Ŭ
  ̾Ʈ  䱸  , NISŬ̾Ʈ ư ְų Ȥ   slave 
  ӵǾ.

  NIS ͺ̽ ASCII ͺ̽κ ӵ DBM ˾ȿ ִ.  , /etc/passwd
   /etc/group   ASCII-to-DBM  Ʈ( Ʈ Ե, "makedbm")
   Ͽ DBM   ִ. NIS ASCII ͺ̽ DBM ͺ̽
  ÿ  ־ Ѵ.

  Slave  NIS  ("yppush"α׷ )     ִ. ׸ װ͵
  ͺ̽ Ǳ  ڵ ʿ ׵ Ѵ. NIS Ŭ̾Ʈ ׻
     DBM ͺ̽   б , ̷ ͵ ʿ䰡 .

    ypbind α׷ NIS  ã  broadcast Ѵ. ̰  NIS
  ġϿ  broadcast     Ƿ  ϴ. ο  ypbind
  (yp-bind-3.3 or ypbind-mt) configurationϷ   ã  broadcast  ʿ䰡
    ϴ.

4.2 NIS+  ۵ϴ°

  NIS+   ο  network information service̴. NIS NIS+   ū
  ̶ NIS+ secure RPC   ȣȭ (encryption and authentication)
  Ѵٴ ̴.

  NIS+  tree ٰϰ ִ. Ʈ ϳ  ϳ NIS+ Ʈ Ѵ.
   Ʈ  6 Ÿ  ִ.(directory, entry, group, link, table, private)

  NIS+ namespace  root ϴ NIS+丮 root 丮 Ѵ. NIS+丮 Ư
    ִ: org_dir  groups_dir. org_dir 丮 passwd, hosts ׸ mail_aliases
   ̺ ̷ ִ. groups_dir 丮  (access control)  Ǵ
  NIS+ ׷ Ʈ ̷ ִ. org_dir, groups_dir ׸ ׵  丮 NIS+
  domain  ȴ.

---------------------------------------------------------------------------------------
5. RPC Portmapper

   Ұ α׷(yp..) ϱؼ,  /usr/sbin/portmap Ѿ Ѵ.
    ǵ ̹ /sbin/init.d/ Ȥ /etc/rc.d/ 丮ȿ ִ Ͽ
  portmap  쵵 ڵǾ ִ.  ؾ   ̰ ȰȭŰ
  ϴ ̴. ̰    ִ    ϶.

  RPC portmapper (portmap(8)) RPC α׷ ȣ TCP/IP(Ȥ UDP/IP)  Ʈ
  ȣ ȯϴ ̴. ̰ ӽ RPC (NIS Ȥ NIS+ )  RPC
  CALL(̰ NIS/NIS+ Ŭ̾Ʈ Ʈ ϴ ̴.) . RPC ۵Ǹ,
  ̰ Listenǰִ port ȣ portmap ˷ش. Ŭ̾Ʈ ־ α׷ ȣ
  RPCα׷ ȣ   , Ŭ̾Ʈ   Ͽ RPC Ŷ  
  ϴ Ѵ.

  , ǥ RPC  inetd(8)  ۵Ǳ , portmap inetd ۵Ǳ 
  Ǿ Ѵ.

  Secure(?) RPC Ͽ, portmapper Time Service ʿ Ѵ. Time Service  hosts 
   /etc/inetd.conf ϴٴ  Ȯ  ξ.

	#
	# Time service is used for clock syncronization
	#
	time	stream	tcp	nowait	root	internal
	time	dgram	udp	wait	root	internal

  ߿ : Configuration  Ŀ, inetd  ϴ  !

---------------------------------------------------------------------------------------
6. NIS ġϱ  ʿ ͵ ΰ?

6.1  Server, SlaveȤ Client ϶.

    ϱ ,  ΰ ؾ Ѵ.

	1.  ӽ ϴ NIS  Բϴ Ʈũ Ͽ  ̴.
	2.   Ʈũ NIS  .

  ù ° 쿡,  ypbind, ypswitch, ypcat, yppoll, ypmatch  Ŭ̾Ʈ α׷
   ʿ Ѵ.  ߿ α׷ ypbind̴.  α׷ ׻  ߿ ־ Ѵ.
  װ  α׷ ׻ μ Ʈ ־ Ѵٴ ̴. ̰  μ
  ý  Ͽ  ۵Ǿ Ѵ.
  (, /etc/init.d/nis, /sbin/init.d/ypclinet, /etc/rc.d/init.d/ypbind, /etc/rc.local )
   ý ypbind ۵  NIS Ŭ̾Ʈ Ǵ ̴.

   ° 쿡, NIS    ,  и NIS  α׷( ypserv Ҹ)
   ʿ ̴. "NISϱ" κп Peter Eriksson Thorsten Kukuk  
  "ypserv"  ̿Ͽ   ӽ NIS  ġϴ  ̴.  0.14ʹ
  4.1κп   ִ master-slave  ٴ   ξ.

   Tobias Reber  yps NIS  α׷ master-slave  , 
    ٸ  ִ.

6.2 Ʈ

  ý ̺귯 "/usr/lib/libc.a" ( 4.4.2 ) Ȥ, ̺귯 "/lib/libc.so.x"
  NIS Ŭ̾Ʈ,  α׷   ϱ  ý    ִ.
  GNU C ̺귯 2(glibc2) ؼ /lib/libnsl.so.1 ʿѴ.

   ̵ NIS  4.5.21 "/usr/lib/libc.a"͸ ۵ȴٰ ϱ , ϰ ۵ϱ
  Ѵٸ   libc  ʴ° . NIS Ŭ̾Ʈ Ʈ  ҿ   ִ.

	Site			Directory			File Name

	ftp.kernel.org		/pub/linux/utils/net/NIS	yp-tools-2.2.tar.gz
	ftp.kernel.org		/pub/linux/utils/net/NIS	ypbind-mt-1.4.tar.gz
	ftp.kernel.org		/pub/linux/utils/net/NIS	ypbind-3.3.tar.gz
	ftp.kernel.org		/pub/linux/utils/net/NIS	ypbind-3.3-glibc5.diff.gz
	ftp.uni-paderborn.de	/linux/local/yp			yp-clients-2.2.tar.gz

  Ʈ  , Ʈ Ե νƮ а  ٶ. yp-clients 2.2 libc4
  libc5  5.4.20  ̴. libc 5.4.21 glibc 2.x yp-tools 1.4.1    ʿ Ѵ.
  γ yp-tools 2.2   libc ۵ȴ. , NIS ڵ忡 װ ־,  5.4.21 - 5.4.35
   libc ϸ ȵȴ.  5.4.36   ϴ° . ׷  κ YPα׷
  ۵  ̴. ypbind 3.3   ̺귯 ۵Ѵ.  gcc 2.8.xȤ   ,egcs
  Ȥ glibc 2.x Ѵٸ, ypbind-3.3-glibc5.diff patch ypbind-3.3 ߰ Ѵ. yp-clients 2.2
   ypbind  . ypbind-mt γ Ƽ  ̴. ̰ Kernel 2.2 glibc 2.1Ȥ 
   ʿ Ѵ.

6.3 ypbind 

  Ʈ   ,  ν  غ  ̴. ypbind   丮
  /usr/sbin ̴.  ̵ NYS ̿ϴ ýۿ ypbind ʿ  ̶   ִ. 
  ̰ Ʋ ̴. ypwhich ypcat ׻ ypbind ʿ Ѵ.

  ġ ܰ  ù° ̰ ؾѴ. ٸ ̳ʸ(ypwhich, ypcat, yppasswd, yppoll, ypmatch) 
  /usr/bin  ٸ      ־ Ѵ.

  ο  ypbind /etc/yp.conf   ִ.   Ͽ NIS ϵڵ  
  ִ.     manual page ypbind(8) ϱ ٶ. NYS ؼ   ʿϴ.
  :

	ypserv votager
	ypserv defiant
	ypserv ds9

   ýۿ NIS ȣƮ  ˾Ƴ  ִٸ ׳  ̸ ϸ , ׷  쿡
  IP address ؾ Ѵ. ypbind 3.3 װ ־,    ypserv ds9 ؾ Ѵ. 
  ٸ ͵ õȴ. ypbind-mt ̰ Ͽ Ѵ.

  ŸƮ  Ͽ   , ypbind ׽   .
  ypbind ׽Ʈ        ִ.

	* YP-domain name set  ִ  Ȯ ض. ̰  Ǿ  ʴٸ  
 	Ʈ  ִ.

		/bin/domainname nis.domain

	nis.domain   ӽ DNS-domain  _ʴ_ ڿ̴!   ܺ ũĿ
	NIS н ͺ̽ ϴµ      ְ Ǳ ̴.  
	 Ʈũ NIS   𸥴ٸ, ý Ʈũ ڿ  .
	*  portmap  ȶ ִٸ, "/usr/bin/portmap" Ѷ.
	*  "/var/yp" 丮 ٸ װ .
	* "/usr/bin/ypbind" Ѷ.
	* ypbind portmapper 񽺿 ϵ  ִ 캸  "rpcinfo -p localhost" ϶
	װ    ̴.

		program vers proto   port
		 100000    2   tcp    111  portmapper
		 100000    2   udp    111  portmapper
		 100007    2   udp    637  ypbind
	 	 100007    2   tcp    639  ypbind

	Ȥ

		program vers proto   port
		 100000    2   tcp    111  portmapper
		 100000    2   udp    111  portmapper
		 100007    2   udp    758  ypbind
	 	 100007    1   udp    758  ypbind
		 100007    2   tcp    761  ypbind
	 	 100007    1   tcp    761  ypbind

	̰  ϴ ypbind   ణ ̰ ִ.
	*   "rpcinfo -u localhost ypbind"   ִ.  ɿ    
	;߸ Ѵ.

		program 100007 version 2 ready and waiting

	Ȥ

		program 100007 vsrsion 1 ready and waiting
		program 100007 version 2 ready and waiting

	  ġ ypbind  ޶  ִ. ߿  "version 2" ޽̴.

    ypcat  NISŬ̾Ʈ α׷ ų  ִ.   "ypcat passwd.byname"
  п ü NIS н ͺ̽   ̴.

  ߿:  ׽Ʈ ׳ ǳʶپٸ, domain  ϴ Ͱ,  丮  
  Ȯ ϶.

	/var/yp

   丮 ypbind  Ǳ Ͽ "ݵ" ؾ Ѵ.

  domainnmae ùٸ õǾ , yp-tools 2.2 /bin/ypdomainname  ϶.
  ̰   yp_get_default_domain()Լ Ѵ. ̰  ⺻ Ǿ 
   Ű (none) domainname  ʴ´. 

   ׽Ʈ Ǿٸ,  ý ypbind Ǿ  ӽ NIS Ŭ̾Ʈ   ֵ
    ϱ   𸥴. ypbind ۵Ǳ  domainname õȴٴ  Ȯ ˾ .

  ٷ װŴ. ӽ Ʈϰ, ypbind  ۵Ǿ Ʈ ޽ 캸ƶ.

6.4 Traditional NIS NISϱ
  
  ȣƮ lookup  /etc/host.conf  lookup order ٿ "nis"  ٿ־. ڼ  Ͽ
  man "resolv+.8" ϶.

   NISŬ̾Ʈ /etc/passwdϿ   ߰Ͽ.

	+::::::

   + -ڵ Ͽ ڵ / Ȥ   ִ.  guest ϰ ʹٸ,
   -guest /etc/passwdϿ ־ָ ȴ. "linux"  ksh  ٸ  ϰ ϰ ʹ
  ص ƹ  .  "+linux::::::/bin/ksh" ( "" ϰ ) /etc/passwd ߰ϸ ȴ. ϰ
    ʵ忡 ؼ ׳ ĭ  θ ȴ.   ڵ ϱ  Netgroup
     ִ.

   , miquels dth, ed ׸  sysadmin netgroup  鿡Ը α  ,
  ٸ    ͸ 밡 ·  α ؼ   ϸ ȴ.

	+miquels:::::::
	+ed:::::::
	+dth:::::::
	+@sysadmins::::::
	-ftp
	+:*::::::/etc/NoShell 

      н ʵ带 ø   ִ. "ftp" α  ߱ , ̰ ̻
  ˷ ʾ anonymous ftp ̻ ۵  ̴.

  netgroup  .

	sysadmins (-,software,) (-,kukuk,)

  ߿:netgroup  libc 4.5.26  , 4.5.26   ϰ ȴٸ, ypbind 
   ִ  NIS н ͺ̽ ִ     ӽ α   ִ!!!

6.5 NYS NISϱ

  NIS   /etc/yp.conf ʿ   ùٸ  Ű ̴.  Name Services Switch
   ( /etc/nsswitch.conf ) ùٸ ¾ Ǿ ־ Ѵ.

   ypbind ġؾ Ѵ. libc ̰ ʿ  , NIS(YP)  ̰ ʿ Ѵ.

    / (+/-guest/+@admins) ϱ Ѵٸ, nsswitch.conf Ͽ
  "passwd: compat" "group :compat" ؾ Ѵ. "shadow: compat" ٴ  Ȯ ˾ .
  ̷ 쿡 װ  "shadow: files nis" Ѵ.

  NYS ҽ libc 5 ҽ Ϻκ̴.   , ó "Values corret"  "NO" ϰ,
  "Build a NYS libc from nys"  "YES" ϶.

6.6 glibc 2.x NISϱ
  
  glibc " NIS" Ѵ. ׷ ypbind ؾ ʿ䰡 ִ ̴. Name Services Switch
  ( /etc/nsswitch.conf )  ùٸ ¾ Ǿ ־ Ѵ.   passwd,  Ȥ group
  Ͽ compat 带 Ѵٸ    "+" ߰  Ѵ. ׷  / 
    ִ.  ֶ󸮽 2.x ϴ Ͱ Ȯϰ ġѴ.

6.7 nsswitch.conf Ͽ ؼ

  /etc/host.conf ȣƮ ã  ϴ Ͱ , Network Service switch /etc/nsswitch.conf
    䱸Ǿ , lookupϴ  Ѵ.    

	hosts: files nis dns

  host lookup(ã)ϴ   NIS lookup  /etc/hosts  ãƺ 
    ( /etc/resolv.conf named ) Ѵ.  ,  쿡  Ѵ.
      б  ־ Ѵ!  man-page nsswitch.5Ȥ nsswitch.conf.5
          ̴.

  NIS  /etc/nsswitch.conf   ̴.

	#
	# /etc/nsswitch.conf
	#
	# An example Name Service Switch config file. This file should be
	# sorted with the most-used services at the beginning.
	#
	# The entry '[NOTFOUND=return]' means that the search for an
	# entry should stop if the search in the previous entry turned
	# up nothing. Note that if the search failed due to some other reason
	# (like no NIS server responding) then the search continues with the
	# next entry.
	#
	# Legal entries are:
	#
	#   nisplus or nis+     Use NIS+ (NIS version 3)
	#   nis or yp       Use NIS (NIS version 2), also called YP
	#   dns         Use DNS (Domain Name Service)
	#   files           Use the local files
	#   db          Use the local database (.db) files
	#   compat          Use NIS on compat mode
	#   [NOTFOUND=return]   Stop searching if not found so far
	#

	passwd:		compat
	group:		compat

	# For libc5, you must use shadow: files nis
	shadow:		compat

	passwd_compat: nis
	group_compat: nis
	shadow_compat: nis

	hosts:		nis files dns

	services:   nisplus [NOTFOUND=return] files
	networks:   nisplus [NOTFOUND=return] files
	protocols:  nisplus [NOTFOUND=return] files
	rpc:        nisplus [NOTFOUND=return] files
	ethers:     nisplus [NOTFOUND=return] files
	netmasks:   nisplus [NOTFOUND=return] files
	netgroup:   nisplus
	bootparams: nisplus [NOTFOUND=return] files
	publickey:  nisplus [NOTFOUND=return] files 
	automount:  files nisplus
	aliases:    nisplus [NOTFOUND=return] files

  passwd_compat, group_compat ׸ shadow_compat glibc 2.x ȴ.  /etc/nsswitch.conf
  쿡  Ģ ٸ, glibc lookup  passwd Ģ  ̴. glibc  hesoid
  ٸ lookup  ִ.    , glibc  ϱ ٶ.

6.8 NIS (Shadow) н

  NIS  н ׻   ̵̴. 찡 ִ   Ӹ ƴ϶, ̰
      C ̺귯  ȴ. NIS  н带 ϴ  
    ý  /etc/shadow ִ ̴. ̷ ν  root α 츦 ̿
    ְ, Ϲ NIS 鿡Դ  passwd    ִ. ̰  NISŬ̾Ʈ Բ
  ۵ϴ    ִ.

  Linux

  NIS  н带 ϴ  libc GNU C Library 2.xۿ .  libc 5 ̰
   Ѵ.  libc 5 NYS  ڵ Բ  Ǿ,  ڵ  쿡
  ־ ɰϰ ,  ùٸ  Ʈ Ͽ ۵ ʴ´.

  Solaris

  ֶ󸮽 NIS   н带  ʴ´.

  PAM

  PAM  pam_pwdb/libpwdb NIS  н带  ʴ´. ̰ RedHat 5.x 
   ־ ū ̴.  glibc PAM  ִٸ,  /etc/pam.d/* Ʈ
   ʿ䰡 ִ.  pam_pwdb Ģ pam_unix_*  üض. pam_unix_auth.so 
   , ̰  ۵ ʴ´.

  /etc/pam.d/login    ϴ:

	#%PAM-1.0
	auth       required 	/lib/security/pam_securetty.so
	auth       required 	/lib/security/pam_unix_auth.so
	auth       required 	/lib/security/pam_nologin.so
	account    required     /lib/security/pam_unix_acct.so
	password   required 	/lib/security/pam_unix_passwd.so
	session    required 	/lib/security/pam_unix_session.so

   Ͽ  pam_unix_auth.so  ʿϴ.  ؼ pam_unix_acct.so ʿϰ
  н带 ؼ pam_unix_passwd.so ׸ ó  pam_unix_session.so ʿϴ.

---------------------------------------------------------------------------------------
7. NIS+ ġϱ  ʿ ͵ ΰ?

7.1 ʿ Ʈ

   NIS+ڵ GNU C ̺귯 2  . κ  ø̼ǵ libc5
  ũ ɾ  ־,  libc5ε õǾ ִ.  libc  װ ٽ 
    . libc5 NIS+    ִ. static α׷ װͰ ũ  ,
   ̺귯    α׷ ٸ libc5   ̴.

   ڱ ÷Ȩ , GNU C ̺귯 2.1 ϰ  ؾ  ʿ䰡 ִ. 64bit
  ÷Ȩ GNU C ̺귯 2.1.1 ؾѴ. ٰ ýδ  2.x,  5.x,  6.x 
  glibc ٰ  ʿ  ̴.

    Ͽ, gcc/g++ Ϸ libstc++, ncures ٽ  ʿ䰡 ִ. ޿,
     PAM  ϴ   ϰ ȴ.   6.0   Ű
  ٽ   ʿ䰡 ִ.

  NIS+ Ŭ̾Ʈ Ʈ     ִ:

	Site		Directory			File Name

	ftp.funet.fi	/pub/gnu/funet			libc-*, glibc-crypt-*,
							glibc-linuxthreads-*
	ftp.kerbel.org	/pub/linux/utils/net/NIS+	nis-utils-19990223.tar.gz
	ftp.kerbel.org	/pub/linux/utils/net/NIS+	pam_keylogin-1.2.tar.gz

   glibc   ġ  ִ.

	Site		Directory

	ftp.debian.org	/pub/debian/dists/slink
	ftp.redhat.com	/pub/redhat/redhat-5.2
	ftp.suse.de	/pub/SuSE-Linux/6.0

  GNU C ̺귯 ļ  Ʈ鿡 ؼ Ե ù  о  ٶ.
   NYS ٰ libc5 ġ ã  ִ. ǥ libc5 ü  ҽ  ҿ
  ִ:

	Site		Directory		File Name

	ftp.kernel.org	/pub/linux/utils/NIS+	libc-5.4.44-nsl-0.4.10.tar.gz

   http://www.suse.de/~kukuk/linux/nisplus.html    ֽ  ҽ
    ִ.

7.2 NIS+ Ŭ̾Ʈ ġϱ

  ߿: NIS+ Ŭ̾Ʈ ϱ Ͽ ʿ  Ǵ ִ ֶ󸮽 NIS+
   о!    Ŭ̾Ʈ ʿ  ϴ Ͽ ִ!

  ο glibc nis-tool ġ Ŀ, NIS+  ο Ŭ̾Ʈ Ͽ  ض.
  portmap ư ִٴ  Ȯض. ׸  PC NIS+   ð Ǿ
  üũ ϶.  RPC ,  ȿ  3  ϳ  츦 .  ȣƮ
  xntpd Ű   ִ. ̰  Ŀ  ϶.

	domainname nisplus.domain.
	nisinit -c -H <NIS+ server>

  ƹ ɼ   ʱȭϱ , nisinit   ϶. domainname ׻ Ʈ
  Ŀ  ȴٴ  ϶.  Ʈ NIS+    𸣸,  ý/
  Ʈũ ڿ ϶.

   /etc/nsswitch.conf ؾ Ѵ.  publickeyڿ  񽺴 nisnisۿ ٴ 
  ϶. ( "publickey: nisnis" )

  ׸ keyserv Ѷ.   ̰ ý Ʈ , portmap ǰ  ٷ ó
   Ǵ ̶ ̴. ýۿ root Ű ϱ ,   ϶.

	keylogin -r

   (  NIS+   ο ȣƮ  publickey ߰ Ŷ Ѵ?)

   "niscat passwd.org_dir" н ͺ̽  Ʈ Ÿ Ѵ.

7.3 NIS+, keylogin, login ׸ PAM

   α  , keyserv    Ű  ʿ䰡 ִ. ̰ "keylogin"̶ Ϳ
   ȴ.  Ű α glibc 2.1  ϵǾ ִٸ ˾Ƽ Ѵ. PAM aware α並
  Ͽ,  NIS+  ʴ pwdb ƴ pam_unix_auth  ϱ , pam-keylogin-1.2.tar.gz
  ġϰ /etc/pam.d/login ؾ Ѵ.  :

	#%PAM-1.0
	auth		required	/lib/security/pam_securetty.so
	auth		required	/lib/security/pam_keylogin.so
	auth		required	/lib/security/pam_unix_auth.so
	auth		required	/lib/security/pam_nologin.so
	account		required	/lib/security/pam_unix_acct.so
	password	required	/lib/security/pam_unix_passwd.so
	session		required	/lib/security/pam_unix_session.so

7.4 nsswitch.conf 

  Ʈũ  ġ( network service switch )  /etc/nsswitch.conf /etc/host.conf
  ȣƮ ã  ϴ Ͱ ,   䱸 Ǿ, װ ã  Ѵ.
      ,

	hosts: files nisplus dns

  ̰ ȣƮ ã ǿ   /etc/hosts Ͽ  ã, ״ NIS+  ã, 
    (/etc/resolv.conf  named)  ã´.   ´  ã   ϵȴ.

   NIS+  /etc/nsswitch.conf  ̴.

	#
	# /etc/nsswitch.conf
	#
	# An example Name Service Switch config file. This file should be
	# sorted with the most-used services at the beginning.
	#
	# The entry '[NOTFOUND=return]' means that the search for an
	# entry should stop if the search in the previous entry turned
	# up nothing. Note that if the search failed due to some other reason
	# (like no NIS server responding) then the search continues with the
	# next entry.
	#
	# Legal entries are:
	#
	#   nisplus or nis+     Use NIS+ (NIS version 3)
	#   nis or yp       Use NIS (NIS version 2), also called YP
	#   dns         Use DNS (Domain Name Service)
	#   files           Use the local files
	#   db          Use the local database (.db) files
	#   compat          Use NIS on compat mode
	#   [NOTFOUND=return]   Stop searching if not found so far
	#

	passwd:		compat
	# for libc5: passwd: files nisplus
	group:		compat
	# for libc5: group: files nisplus
	shadow:		compat
	# for libc5: shadow: files nisplus
 
	passwd_compat: nisplus
	group_compat: nisplus
	shadow_compat: nisplus

	hosts:		nisplus files dns

	services:   nisplus [NOTFOUND=return] files
	networks:   nisplus [NOTFOUND=return] files
	protocols:  nisplus [NOTFOUND=return] files
	rpc:        nisplus [NOTFOUND=return] files
	ethers:     nisplus [NOTFOUND=return] files
	netmasks:   nisplus [NOTFOUND=return] files
	netgroup:   nisplus
	bootparams: nisplus [NOTFOUND=return] files
 	publickey:  nisplus
 	automount:  files
	aliases:    nisplus [NOTFOUND=return] files

---------------------------------------------------------------------------------------
8. NIS  ϱ

8.1  α׷ ypserv

    "ypserv" NIS  ÿ ؼ Ѵ.

  NIS  Ʈ    ִ:

	Site		Directory			File Name

	ftp.kernel.org	/pub/linux/utils/net/NIS	ypserv-1.3.6.tar.gz

   http://www.suse.de/~kukuk/linux/nis.html      ִ.

   ¾  NIS NYS .

  ypserv makedb α׷   Ʈ ϶. securenet  Ȥ tcp_wrapper
  ϱ ؼ ypserv   ִ. tcp_wrapper   ϳ,  ̵ װ ̿ϴ
   ־  Ų. ׸ tcp_wrapper    ޸  ų  ִ. 
   tcp_wrapper    ypserv  ų , securenet  ̿Ͽ ٽ
  װ  ϶. ypserv --version      ִ   ̴.

    master ϰ ִٸ, NIS  ϰ ϱ    䱸 
  ϰ, /var/yp/Makefile  rule   Ʈ ߰ϰų Ȥ ϶. 
  ׻ Makefile   պκ ɼǵ ؾ Ѵ.

  ypserv 1.1  ypserv 1.2̿ ϳ ū ȭ ־.  1.2  ڵ ĳȴ.
  ̰  ο map 鶧, ׻ -c ɼ makedbm ȣؾѴٴ ǹ̴. 
  ypserv 1.2Ȥ  Ĺ ο /var/yp/Makefile ϴ ƴϸ, Makefile makedbm
   ϴ κп -c ÷׸ ߰ Ѵ. ̷  , ypserv  
  map ϰ Ǿ Ʈ map   ̴.

   /var/yp/securents  /etc/ypserv.conf  ۼض.    Ͽ, ޴ 
  ypserv(8) ypserv.conf(5)  ϶.

  portmapper (portmap(8)) ư ִ  Ȯ϶. ׸  ypserv ϶.
  

		% rpcinfo -u localhost ypserv

   ϸ    ؾ Ѵ.

		program 100004 version 1 ready and waiting
		program 100004 version 2 ready and waiting

  "version 1"  ypserv   confiuration    ִ. ̰  
  SunOS 4.x Ŭ̾Ʈ  ʿϴ.

   NIS (YP) ͺ̽ . master󿡼,  ϶.

		% /usr/lib/yp/ypinit -m

  slave ypwhich -m  ۵ϴ Ȯ϶. ̰  slave   ϱ NIS 
  Ŭ̾Ʈμ configureǾ ϴ ǹѴ.   ȣƮ NIS slave ǵ νѴ.

		% /usr/lib/yp/ypinit -s masterhost

   п   ū  ִٸ,  ٸ xterm   ypserv ypbind   ִ.
    п  ߸Ǿ ش.

  map Ʈ ʿ䰡 ִٸ, NIS master /var/yp 丮 make ش. ̰ ҽ  ο
  ̸ Ӱ Ʈ  ̰, slave 鿡 ϵ  ̴. map Ʈ ϴµ ypinit
    .

  *slave * Ʈ crontab ۼϱ⸦ Ѵٸ  ε ߰϶.

	20 *	* * *	/usr/lib/yp/ypxfr_1perhour
	40 6	* * *	/usr/lib/yp/ypxfr_1perday
	55 6,18 * * *	/usr/lib/yp/ypxfr_2perday

  ̰ master Ʈ   slave ٿ Ǿ Ʈ ȵ  κ NIS map
  ֱٰ Ǵ  Ѵ.

     slave ߰  ִ. ó, ο slave  Ͽ NIS master  contact
   ִٴ  Ȯ϶. ׸ ο slave   ϶.

	% /usr/lib/yp/ypinit -s masterhost

  master  /var/yp/ypservers  ο salve ߰ϰ /var/yp 丮 make  map
  Ʈ϶.

   NIS  ڵ鿡 Ͽ  ΰ ʹٸ, NIS  ypbind Ű, /etc/passwd
  н  ߰ ÷ Ʈ ߰ϴ    Ѵ. ̺귯 function NIS Ʈ
  ڿ   Ϲ Ʈ Ѵ. ׸ NIS Ͽ     Ѵ. ̷ NIS
   Ģ ȴ.  :

	root:x:0:0:root:/root:/bin/bash
	daemon:*:1:1:daemon:/usr/sbin:
	bin:*:2:2:bin:/bin:
	sys:*:3:3:sys:/dev:
	sync:*:4:100:sync:/bin:/bin/sync
	games:*:5:100:games:/usr/games:
	man:*:6:100:/usr/games:
	lp:*:7:7:lp:/var/spool/lpd:
	mail:*:8:8:mail:/var/spool/mail:
	news:*:9:9:news:/var/spool/news:
	uucp:*:10:50:uucp:/var/spool/uucp:
	nobody:*:65534:65534:noone at all....:/dev/null:
	+miquels::::::
	+:*:::::/etc/NoShell
	[ All normal users AFTER this line! ]
	tester:*:299:10:Just a test account:/tmp:
	miquels:1234567890123:101:10:Miquel van Smoorenburg:/home/miquels:/bin/zsh

  "tester"  , /etc/NoShell  ִ. miquels Ϲ ׼   ִ.

  ٸ, /var/yp/Makefile ļ ٸ н  ҽ ̿ϵ NIS   ִ.
  Ը ū ýۿ NIS н ׷ϵ  /etc/yp/ 丮 Ǿ ִ.  ̷
  ϱ⸦ Ѵٸ passwd, chfn, adduser Ϲ  ̻ ۵ ʴ´.  ̰͵
    Ư  Ѵ.

  ׷, yppasswd, ypchsh ׸ ypchfn  ۵ ̴.

8.2  α׷ yps

  "yps" NIS  ,   ϱ ٶ. "yps"   ϴ. _׷_ Ȯϰ
  ġ ʱ  "ypserv"  "yps"  õ   ض! "yps"  ڵ
  ͵  ,      ִ.   ̰ ϸ ȵȴ!

  "yps" NIS  Ʈ  ã  ִ:

	Site			Directory			File Name

	ftp.lysator.liu.se	/pub/NYS/servers		yps-0.21.tar.gz
	ftp.kernel.org		/pub/linux/utils/net/NIS	yps-0.21.tar.gz

8.3 rpc.ypxfrd

  rpc.ypxfrd NIS master NIS slave ۵Ǵ ſ ū NIS map鿡   ӵ
  Ű  ̴.  NIS slave ο map   ޽ ޾ , ̰
  ο map  ؼ ypxfr ų ̴. ypxfr yp_all()Լ Ͽ, master
  κ map   ̴.  μ ͺ̽ ̺귯  Ǿ map 
  ū ͵̶    ҿȴ.

  rpc.ypxfrd NIS slave 鿡  scartch  ϴ ͺ  master
   map ϵ ϴ  ν  μ ӵ Ų. rpc.ypxfrd
  RPC   Ծ Ѵ.  ٽ Ӱ map   ʾƵ ȴ.

  rpc.ypxfrd inted ؼ ۵  ִ.  ̰ ſ ʰ ۵ ̱ , 
  ypserv  ۵Ǿ Ѵ.  rpc.ypxfrd NIS master Ѿ Ѵ.

8.4 rpc.yppasswdd

  ڵ ׵ н带 ٲܶ, NIS н ͺ̽ ׿ ϴ ٸ NIS
  ͺ̽ Ʈ Ǿ Ѵ. "rpc.yppasswdd"α׷ н  ٷ NIS
   ϰ Ʈ ǵ ϰ ϴ ̴. rpc.yppasswd   ypserv յǾ ִ.
    иǾ  yppasswd-0.9.tar.gz Ȥ yppasswd-0.10.tar.gz ʿ ʴ´.
  ׸ ̻ װ ϸ ȵȴ. ypserv 1.3.2 ִ rpc.yppasswdd shadow   Ѵ.
  yppasswd  yp-tools-2.2.tar.gz κ̴.

   NIS master rpc.yppasswdd Ű ȴ. ⺻, ڵ ׵ 
  ̸̳ α  ٲ ϵ Ǿִ.  -e chfn Ȥ -e chshɼ ̰ ϰ   ִ.

    passwd shadowϵ ٸ 丮  /etc ִٸ,  -D ɼ ߰ϸ ȴ.
     ҽ ϵ /etc/yp ְ ڵ ׵  ٲٴ  ϰ Ѵٸ, 
  rpc.yppasswdd   ĶͿ Բ Ű ȴ.

	rpc.yppasswdd -D /etc/yp -e chsh

  Ȥ

	rpc.yppasswdd -s /etc/yp/shadow -p /etc/yp/passwd -e chsh

  ̻ Ұ .   rpc.yppasswdd /var/yp/Makefile ϴ  
  Ѵٴ ͸ Ȯ  θ ȴ.  syslog  ϵ ̴.

---------------------------------------------------------------------------------------
9. NIS/NYS ν Ȯϱ

    Ǿٸ( ׷ Ǵ ó),     ν
   Ѱ   ־Ѵ.  ,  passwd NIS  ȴٰ
  ϰ ɾ

	% ypcat passwd

   NIS passwd     Ѵ. ɾ

	% ypmatch userid passwd

  (userid   α ̸̴.) NIS н Ͽ ִ  Ʈ
   ־ Ѵ. "ypcat" "ypmatch" α׷   NIS Ȥ NYS
  ǿ ԵǾ ִ.

     α    ,   α׷ Ŭ̾Ʈ 
  .

	#include <stdio.h>
	#include <pwd.h>
	#include <sys/types.h>

	int
	main(int argc, char *argv[])
	{
	    struct passwd *pwd;

	    if(argc != 2)
	      {
		fprintf(stderr,"Useage: getwpnam username\n");
		exit(1);
	      }

	    pwd=getpwnam(argv[1]);

	    if(pwd != NULL)
	      {
		printf("name.....: [%s]\n",pwd->pw_name);
		printf("password.: [%s]\n",pwd->pw_passwd);
		printf("user id..: [%s]\n",pwd->pw_uid);
		printf("group id.: [%s]\n",pwd->pw_gid);
		printf("gecos....: [%s]\n",pwd->pw_gecos);
		printf("directory: [%s]\n",pwd->pw_dir);
		printf("shell....: [%s]\n",pwd->pw_shell);
	      }
	    else
	      fprintf(stderr,"User \"%s\" not found!\n",argv[1]);

	    exit(0);
	}

   ̸ ĶͿ Բ  α׷ Ű,    getpwnamԼ
  ˷  ִ   Ѵ. ̰ п  Ʈ ߸ Ǿ
  ˷ ̴.  Ϲ , н ʵ尡 "*" Բ ߺ ̴.

  GNU C ̺귯 2.1 (glibc 2.1) getent Ҹ   ´. Ʊ  
   ִ ýۿ     α׷ ϶.     ִ.

	getent passwd

  Ȥ

	getent passwd login

---------------------------------------------------------------------------------------
10. Ϲ  ذ

  ⿡ پ ڵ  ˷ Ϲ   ִ.

	1.  4.5.19  ̺귯 . NIS ̰ ۵ ʴ´.
	2.  4.5.19 4.5.24 ̺귯 ׷̵ ϴ  su ɾ
	   .  slackware 1.2.0 κ su ɾ  ȴ.
	   ٿ ϸ, װ Ʈ ̺귯   ִ ̴.
	3. NIS  ׾µ ypbind   ޽  찡 ִ.

		yp_match: client_call:
				RPC: Unable to receive: errno = Connection refused

	   ׸ NIS ͺ̽ ϵ ڵ α   찡 ִ.
	   ̷ root α õϰ ypbind δ ٽ Ѷ. ׸
	   ypbind 3.3 Ȥ  ̻ Ʈϴ ͵   ̴.
	4. libc 5.4.20̻ ׷̵带 ϸ, YP  ̻ ۵ 
	   ̴. libc >= 5.4.21  glibc 2.x yp-tools 1.2 ̻ 䱸
	   Ѵ.   libc ؼ yp-clients 2.2  ʿϴ. yp-tools 2.x
	     ̺귯  ۵Ѵ.
	5. libc 5.4.21 - 5.4.35 yp_maplist . 5.4.36   ʿϴ. 
	   ׷   ypwhich YP α׷ segfault ų ̴.
	6.  NIS Բ ̴ libc 5 NIS   н带 
	   ʴ´. ̰ ؼ libc + NYS Ȥ glibc 2.x ʿϴ.
	7. ypcat shadow  map  Ѵ. ̰    map
	    ̸ shadow.byname shadow ƴϴ.
	8. ֶ󸮽(Solaris) ׻ Ư  Ʈ  ʴ´.  ֶ󸮽
	   Ŭ̾Ʈ  ִ , н带 и ⸦ ٶ.

---------------------------------------------------------------------------------------
11.  Ǵ ͵(FAQ)

   κ  .  ذ  ǹ ִٸ  
  ׷쿡 ñ   ȴ.

	comp.os.linux.networking