This will explain the basic steps for configuring your OpenSlug box to be an NIS (master) server with a focus on the steps specific to OpenSlug. OpenSlug 2.7 was used at the time of this writing.
* NIS Howto: this is a badly written and barely helpful guide, but read it anyways
* Linux Administrators Guide ch13: fills in some gaps
Install these packages:
Additionally the make package is needed for configuration (no other development packages, just make).
Where Things Are At (and aren't)
- This makefile generates the maps (databases) that get served to your clients. You can control which databases are available by editing the "all" target. Mine looks like this currently: "all: passwd group hosts"
- Also change the MERGE_PASSWD and MERGE_GROUP to false. The login subsystem that OpenSlug uses isn't entirely compatible with NIS. This is ok since your master is essentially serving data from files to your clients; it doesn't itself need to use those files.
- /etc/init.d/nis: This script doesn't exist. It should but it doesn't. Right now I'm just starting ypserv myself.
- /etc/ypserv.con: Another no-show. You have to create this yourself. Read up on it, it has some security implications. You might make it look like this:
# host : domain : map : security
192.168.1. : yourdomain : passwd.byname : port
192.168.1. : yourdomain : passwd.byuid : port
192.168.1. : yourdomain : passwd : port
192.168.1. : yourdomain : group : port
- /etc/yp.conf: Also nonexistent. A single line will do here: domain yourdomain server yoursslug. This is optional (as is the ypbind package) but it will allow you to do a little bit of testing entirely with your slug. On your client machine you'll add an identical line to tell it to use your slug as its NIS master.
Trying Things Out
- In one terminal run ypserv -d. This starts the daemon. Eventually this should be automated to start at boot time, but you have bigger problems now, right? rpcinfo -u localhost ypserv should return a couple ypserv entries.
- cd into /var/yp and run make. Resolve any problems at this point.
- Run ypbind on whichever box you decided to do testing on. That box must have a good /etc/yp.conf.
- ypcat one of the maps you've enabled (group, passwd, etc). You should see something like this:
root@jabba:~# ypcat group
This is the data that the makefile gleaned from /etc/group and put into an NIS map and is now being served by the ypserv daemon.
- If you've gotten this far, edit the /etc/nsswitch.conf to let passwd come first from files and second from nis. Try to login as a user that exists only in your NIS master's passwd map. It should work.