  NIS Debian HOWTO

  Miquels, miquels@cistron.nl
  v3.2.1-3, 2 Mar 1998
  ̹shinsuk@ai-cse.sch.ac.kr
  12 Dec 1998

   HOWTO   մϴ.
  ______________________________________________________________________

  

  1.  NIS Ŭ̾Ʈ  ϴ°
  2. NIS  ڿ  ̿ϴ°
  3. NIS master   ϴ°
  4. SHADOW PASSWORDS
  5. HOW TO SETUP A NIS SLAVE SERVER

  ______________________________________________________________________

  1.   NIS Ŭ̾Ʈ  ϴ°

  1. netbase, netstd, nis Ű ġմϴ.

  2. ġ  NIS domainname ϴ. ̰ NIS 
     ý۵ ׷ Ÿ ̸ hostname ٸϴ.

  3.  NIS   Ʈũ ȿ     ̼
     ʿմϴ. ypbind μ /etc/yp.conf    
     ֽϴ.  ⿡ NIS  ̸ ϴ. -  ڼ 
     ypbind(8) Ŵ ʽÿ.

  4. NIS մϴ.

       /etc/init.d/nis stop
       /etc/init.d/nis start

  2.  NIS  ڿ  ̿ϴ°

  1. FOR libc6

     /etc/nsswitch.conf  passwd, group, shadow, netgroup Ʈ
       ٲߴϴ.

       passwd:   compat
       group:    compat
       shadow:   compat

       netgroup: nis

  libc6 Ϸκ netgroup  дµ    
  ֽϴ.  ׷ netgroup Ʈ "db" "files"  ʽÿ.
   netgroup  NIS    ˴ϴ.

  2. USERS: NIS clients /etc/passwd   ߰մϴ.

       +::::::

  (user) /  + - ȣ   ֽϴ.
   guest Ϸ /etc/passwd Ͽ -guest ߰մϴ.
   linux ٸ (e.g. ksg) ϱ Ѵٸ /etc/passwd
  +linux::::::/bin/ksh ߰ ָ ˴ϴ.   ʴ ʵ
  ä Ӵϴ.

  , miquels, dth, ed α ϰ ٸ   
  Ϸ:

       +miguels::::::
       +ed::::::
       +dth::::::
       +:*::::::/etc/NoShell

     н ʵ嵵 override  ֽϴ.

  3. GROUPS: /etc/group   ߰մϴ.

       +:::

  4. HOSTS:

      NIS  host lookup  ʰ DNS մϴ.  NIS
      ؾ Ѵٸ ⼭ Ͻʽÿ.

  o  For libc5 applications:

     NIS  NIS host  Ϸ /etc/host.conf ؾ
     մϴ.   order ٿ nis ܾ ߰մϴ:

          order hosts,nis
          multi on

  o  For libc6 applications:

     /etc/nsswitch.conf hosts Ʈ մϴ:

               hosts: nis files

  3.  NIS master   ϴ°

  1. nis Ű ġմϴ. RPC daemon(rpc.portmap) ġϱ 
     netbase netstd ġؾ մϴ.

  2. master, slave о NIS    ý ̸
     /etc/hosts ϳ ־ մϴ.   IP ּ ڿ ù °
     hostname FQDN(Fully Qualified Domain Name)̾ ϰ, ׿ ̾
     domainname  hostname մϴ.  :

       192.168.88.10   troi.cistron.nl troi

  NIS DNS  ʱ  NIS server  NIS host file(
  /etc/hosts)   ؾ մϴ.

  3. /etc/defaultdomain NIS domain մϴ. NIS domain NIS
     ϴ ý۵ ׷ Ÿ ̸ hostname ٸϴ.
     ̰  DNS domainname ̰Ϳ մϴ.

     ̰  鿡    ǰ ֽϴ.
     domainname ƴ ͸  NIS server query 
     NIS ʵ  ɼ ֱ Դϴ. ̰  ȣ
     domainname ؼ ȵ˴ϴ.   Ʈũ ̿ܿ NIS
         ϸ ˴ϴ.

  4. /etc/init.d/nis   ypserv master (ypserv=master)
     մϴ.

  5.   Ͱ ,  Ʈũ ȣ
     /etc/ypserv.securenets ߰մϴ. ⺻  ý NIS
     server   ֵ Ǿ  ̷  ʴ 
     մϴ.

      ȭ  /etc/ypserv.conf  Ͽ password
      ʵ(mangle)  ֽϴ. (Ʈũ   ƴ
     slave server   ̰ ؼ ȵ˴ϴ.)

  6. "/usr/lib/yp/ypinit -m" ԷϿ  մϴ.

  7.  ԷϿ  մϴ.

       /etc/init.d/nis stop
       /etc/init.d/nis start

  (ypserv) н (yppasswdd) ۵˴ϴ.

  NIS   ϱ⸦ ϸ NIS  Ŭ̾Ʈ
   ypbind ϰ /etc/passwd  ߰ plus-entries
  ߰Ͽ մϴ. ̺귯 Լ ù ° NIS entry  
  normal entries ϰ,  NIS   ˴ϴ.  
  NIS  Ģ ϴ Դϴ.

  :

               root:x:0:0:root:/root:/bin/bash
               daemon:*:1:1:daemon:/usr/sbin:
               bin:*:2:2:bin:/bin:
               sys:*:3:3:sys:/dev:
               sync:*:4:100:sync:/bin:/bin/sync
               games:*:5:100:games:/usr/games:
               man:*:6:100:man:/var/catman:
               lp:*:7:7:lp:/var/spool/lpd:
               mail:*:8:8:mail:/var/spool/mail:
               news:*:9:9:news:/var/spool/news:
               uucp:*:10:50:uucp:/var/spool/uucp:
               nobody:*:65534:65534:noone at all,,,,:/dev/null:
               +miquels::::::
               +:*:::::/etc/NoShell
               [ All normal users AFTER this line! ]
               tester:*:299:10: Just a test account:/tmp:
               miquels:1234567890123:101:10:Miquel van Smooreburg:/home/miquels:/bin/zsh

   tester ,  /etc/NoShell Ǿ ְ,
  miguels    ˴ϴ.

  ٸ , /var/yp/Makefile ϰ NIS ٸ н 
  ϵ   ֽϴ. ū ýۿ, NIS н
  ׷ Ϲ /var/yp/ypfiles/ մϴ. ̰ 
  쿣 н  ϴ "passwd", "chfn", "adduser" Ϲ
    ̻    Ǿ Ư   
  ؾ մϴ.

  ׷ yppasswd, ypchsh, ypchfn yppasswdd -D ɼ NIS
  н  ġ ϸ   ֽϴ. 
  ƿƼ yppasswdd    ǥ Ȯ 
  ֽϴ. "Root" root н带 Ͽ ٸ  н,
  finger     ֽϴ.
  NIS н   ϰų ǥ /etc/passwd 
  Ѵٸ, NIS ҽ    ϳ   /var/yp
  丮 make  NIS  ؾ ϴ  Ͻʽÿ.
  ̰ cron 㿡  ֽ NIS  ϵ ϴ 
  մϴ.

  4.  SHADOW PASSWORDS

   libc5  NIS   ʽϴ. libc5 
   α׷  쿣  NIS  ؼ ȵ˴ϴ.
       ֽϴ.

  1. SHADOW-LIKE SECURITY NIS н带 ã  "mangling"Ͽ
          ֽϴ. "ypserv.conf" 
     /etc/ypserv.conf ּ оʽÿ.

  2. REAL SHADOW SUPPORT libc6 NIS    ԵǾ
     ֽϴ. ̰  ϴ Ͱ   Դϴ; NIS
     κ 츦 ޾ ϱ⸸ ϸ ˴ϴ.   
     makedbm ɼ "-s"(secure) ָ  ϴ. ̰ 
      /var/yp/Makefile ڵ ˴ϴ.

     ) н带 ϰ ִٸ 2.2  "plus" entries
     /etc/passwd  /etc/shadow ο ߰ų ʿ䰡 ֽϴ. ùٸ
     · ߰Ͻʽÿ; passwd shadow ٸ ʵ 
     ֽϴ.

  5.  HOW TO SETUP A NIS SLAVE SERVER

  1. , ý NIS Ŭ̾Ʈ Ͻʽÿ(1 ʽÿ).

  2. ̾  ѵ 3.1 3.5 ϵ, 3.4
     /etc/init.d/nis ϳ ypserv slave(ypserv=slave)
     Ͻʽÿ.

  3.  ϰ ʱȭϽʽÿ.

       /etc/init.d/nis stop
       /etc/init.d/nis start
       /usr/lib/yp/ypinit -s < NIS  ̸>

  4.   NIS   NIS   մϴ.   NIS
      ִ NIS Makefile Ͽ   ŵ 
     ڵ  NIS  ϵ մϴ.  /var/yp/Makefile
     NOPUSH    Ͻʽÿ.

       NOPUSH="false"

     "/usr/lib/yp/ypinit -m"    
   մϴ.   ̸ ԷϽʽÿ.  ٽ 
    ڷḦ մϴ.
  5.   Ʈ crontab  ߰մϴ. (crontab -e)

       20 *     * * * /usr/lib/yp/ypxfr_1perhour
       40 5     * * * /usr/lib/yp/ypxfr_1perday
       55 6, 18 * * * /usr/lib/yp/ypxfr_2perday

  ̰  NIS ʵ ֽ  ŵǵ ϸ,  Ž 
   ٿ   ŵ˴ϴ.

