Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

problems with NIS/NYS ypserv and yppasswd

862 views
Skip to first unread message

Georg P. Israel

unread,
Nov 11, 1996, 3:00:00 AM11/11/96
to

Hallo,

I'm trying to set up a Linux machine as a NIS server (but unfortunately
without much success). I installed the following packages on my machine:

yp-clients-2.2
yppasswd-0.9
ypserv-1.1.0

The init scripts in rc3.d appear to run properly i.e.

S65ypserve:
>domainname ${NIS_DOMAIN}
>daemon ypserv

S67yppasswd
>daemon rpc.yppasswdd -e chsh -e chfn

S68ypclient
>daemon /usr/sbin/ypbind


Now, if I want to execute >yppasswd< it just says:
yppasswd: can't get local yp domain: local domain name not set

but >ypdomainname< returns the right domain name

Is there anybody that can help me with this problem??

Thanks

Georg

--


----------------------------------------------------------------------
Georg P. Israel Phone: +41-1-6324583
IBT Fax: +41-1-6321214
Moussonstr. 18 E-mail: isr...@biomed.ee.ethz.ch
8044 Zuerich g.is...@ieee.org
SWITZERLAND

Georg P. Israel

unread,
Nov 13, 1996, 3:00:00 AM11/13/96
to

In article <328738B9...@ieee.org> you wrote:
: Hallo,

: I'm trying to set up a Linux machine as a NIS server (but
unfortunately
: without much success). I installed the following packages on my
machine:

: yp-clients-2.2
: yppasswd-0.9
: ypserv-1.1.0

Looks liek a RedHat System to me. Even it looks like the rpm's I've
made.

: init scripts in rc3.d appear to run properly i.e.

: S65ypserve:
: >domainname ${NIS_DOMAIN}
: >daemon ypserv

OK. First. Your ypserv.conf file in /etc/ypserv.conf has to be set
up. After that, you didn't read the Docu to yp-clients. In fact,
yppasswd and everything that runs with the NIS-Stuff built into the
libc depends of a file called /etc/yp.conf that _HAS_ to exist.
Mine here is:

domain Wandering_between_Galaxys
ypserver stargate

Where domain is your NIS Domain also set as ${NIS_DOMAIN} in
/etc/sysconfig/network and ypserver mus have the Server name
behind. After that, everything should work fine.
BTW: /etc/nsswitch has to exist too, since it is the Configuration
file for the libc-part of NIS.

: S67yppasswd


: >daemon rpc.yppasswdd -e chsh -e chfn

: S68ypclient
: >daemon /usr/sbin/ypbind

No. Don't ever Run ypbind on a Client or Server System that has NIS
built into the libc. Deactivate it. Don't start it.

: Now, if I want to execute >yppasswd< it just says:
: yppasswd: can't get local yp domain: local domain name not set

Right. Unfortunatly, yppasswd looks first in the /etc/yp.conf file, if
it doesn't find it, it complains.

: but >ypdomainname< returns the right domain name

Yes, but this has to be set in /etc/yp.conf too.

: Is there anybody that can help me with this problem??

Yep. Read again what I wrote ;)

PS: IF you can Post my reply to the list, please do. Would be great,
since
I have a Read-Only newsfeeds for comp.os.linux.* :(

Georg P. Israel

unread,
Nov 13, 1996, 3:00:00 AM11/13/96
to

----- Transcript of session follows -----
While talking to subnet.sub.net:
>>> RCPT To:<smu...@stargate.bln.sub.org>
<<< 553 <smu...@stargate.bln.sub.org>... smu...@stargate.bln.sub.org
is not allowed to receive mail
550 <smu...@stargate.bln.sub.org>... User unknown

----- Unsent message follows -----
Received: from zaphod.ethz.ch by colombo.ethz.ch with SMTP id AA19868
(5.65c/BioMed-1.1 for <smu...@stargate.bln.sub.org>); Wed, 13 Nov
1996 17:12:19 +0100
Sender: ge...@biomed.ee.ethz.ch
Message-Id: <3289F5AA...@ieee.org>
Date: Wed, 13 Nov 1996 17:22:02 +0100
From: "Georg P. Israel" <g.is...@ieee.org>
Organization: IBT - ETH
X-Mailer: Mozilla 3.0 (X11; I; Linux 2.0.18 i586)
Mime-Version: 1.0
To: Joerg Mertin <smu...@stargate.bln.sub.org>
Subject: Re: problems with NIS/NYS ypserv and yppasswd
References: <m0vNKBM...@stargate.bln.sub.org>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

Hallo Joerg,

great to receive your e-mail.

You are right about the assumptions.
Yes I run a RedHat system and
yes I installed your rpm's (BTW, thanks for your effort :-)

Now to the not so great news.
Even thought, I would love to run a YP server on my machine, it is still
not running. I believe I did all that you told me to do i.e.

1. removed ypbind (S65ypserver and S67yppasswdd)
2. generated /etc/yp.conf
>domain magrathea
>ypserver zaphod

Then, after I did all this editing stuff, the machine was booting very
slowly. It seemed that all network operations took ages. But finally
when I got to the login screen, the machine did not let me in again.
After typing in my password the machine took approximately 1 minute for
the verification. So, I believe I did probably something very stupid, I
just don't know.
If you have a clue, please let me know.
Additionally, I have the feeling that I was reading the wrong HOWTOs.
Are there any HOWTOs which are specific for this package?

I'm looking forward to your e-mail

Georg

Anmin Deng

unread,
Nov 14, 1996, 3:00:00 AM11/14/96
to

Georg P. Israel (g.is...@ieee.org) wrote:
:> Even thought, I would love to run a YP server on my machine, it is still

:> not running. I believe I did all that you told me to do i.e.
:> 1. removed ypbind (S65ypserver and S67yppasswdd)
:> 2. generated /etc/yp.conf
:> >domain magrathea
:> >ypserver zaphod
:> ...............

Here is my tips..
0. set yp-domain-name on all the yphosts. (you have done this)
1. Edit /etc/{passwd,group}. (remove the users/groups that are supposed
to be on YP in all-the-ypclients, and append a "+" sign at tails of
all-the-yphosts:/etc/{passwd,group}.
"+:*::...." decribed in NIS-HOWTO is obsolete).
2. Correctly set /etc/yp.conf. Here is my /etc/yp.conf as an example..
ypserver:/etc/yp.conf=====
ypserver 127.0.0.1
all-the-ypclients:/etc/yp.conf=====
ypserver 111.222.333.444 # assume my ypserver ip== 111.222.333.444.
3. Run "cd /var/yp; make" on ypserver.
4. Edit ypserver:/etc/hosts.{allow,deny} or /var/yp/securenet.
5. Run ypserv, yppasswdd -e ..., and ypbind on ypserver, then run
ypbind on all the ypclients.
6. If it works, put 0 and 5 at rc file.

NOTE..
1. Make users change their passwd, fn, and sh by yppasswd in package
yppasswdd.
2. YP-account maintainers should always keep the "+" sign at the very
last line of /etc/{passwd,group}. Many adduser utilities fail to
do that since they put new user/group entries below "+" sign.


Arndt Hinueber

unread,
Nov 14, 1996, 3:00:00 AM11/14/96
to

On 14 Nov 1996, Anmin Deng wrote:

> NOTE..
> 1. Make users change their passwd, fn, and sh by yppasswd in package
> yppasswdd.

you should set permissions for passwd, chfn, chsh to 700 so that only root
can use them. For a yp-user, change of passwd with 'passwd' doesn't work
(on our standard installation) *by default* -- system recognizes that it
is a yp-account.

The 3 command should if possible also be avoided by root on a NIS client,
because when using them the '+' in /etc/passwd is replaced with the
yp-entries of the NIS server (those you also get by 'ypcat passwd'), and
as a result the former yp-users get local-users.

> 2. YP-account maintainers should always keep the "+" sign at the very
> last line of /etc/{passwd,group}. Many adduser utilities fail to
> do that since they put new user/group entries below "+" sign.

Arndt

+----------------------------------------------------------------------------+
| Arndt Hinueber email: hinu...@irs.uni-stuttgart.de |
+----------------------------------------------------------------------------+


Georg P. Israel

unread,
Nov 15, 1996, 3:00:00 AM11/15/96
to

Salute Everybody,

thanks for all the suggestions that I got :-).
This, really, did help me allot.
I'm now a step further in the process to set up a NYS server.
However, to me, it appears to be rather unusually difficult.
So fare, I was reading throe allot of misleading HOWTOS e.g. the
"+:0::::::" stuff that did initially scrough up my system for an hour or
so :-/.
However, after reading all the e-mail I have come so fare:

I'm running RedHat 4.0 (upgrade from 3.0.3)

additionally installed RPMs:
yp-clients-2.2
yppasswd-0.9
ypserv-1.1.0

(the rpm had been made available by Joerg Mertin, but I can't reach him
because of some strange e-mail problems :-/ )

My system looks currently something like this:

rc3.d:
======

S90ypserv:
>domainname $(NIS_DOMAIN)
>daemon ypserv

S91yppasswd:


>daemon rpc.yppasswdd -e chsh -e chfn

/etc/yp.conf:
>ypserver 127.0.0.1
>domain myYPdomain

/etc/ypserv.conf:
>sunos_kludge: no
>tryresolve: no
>dns: no
> * : passwd.byname : port : yes
> * : passwd.byuid : port : yes
> * : shadow.byname : port : yes
> * : * : none

/etc/passwd:
>....
>+

/etc/group:
>....
>+

/etc/sysconfig/network:
>....
>NIS_DOMAIN=mydomain

/etc/nsswitch.conf:
>passwd: compat
>shadow: files nisplus nis
>group: compat
>hosts: files nisplus nis dns
>services: nisplus [NOTFOUND=return] files
>networks: nisplus [NOTFOUND=return] files
>protocols: nisplus [NOTFOUND=return] files
>rpc: nisplus [NOTFOUND=return] files
>ethers: nisplus [NOTFOUND=return] files
>netmasks: nisplus [NOTFOUND=return] files
>bootparams: nisplus [NOTFOUND=return] files
>netgroup: nisplus
>publickey: nisplus
>automount: files nisplus
>aliases: files nisplus

/var/yp/mydomain OK

/var/yp/ypservers:
>zaphod.ethz.ch

/var/yp/securenets:
255.255.255.192 129.132.82.0

additionally:
after all this work, I did end up having a /var/yp and /var/nis
directory. I think they should be pretty much the same.

-------------------------------------------------------

Now:

- ypdomain is returning the right domain name.

- yppasswd returns:
>yppasswd: can't find the master ypserver: internal NIS server or
client error

- ypwhich returns:
>can't yp_bind: Reason: RPC failure on NIS operation

- ypwhich -x returns:
>Use "passwd" for "passwd.byname"
>Use "group" for "group.byname"
>Use "networks" for "networks.byaddr"
>Use "hosts" for "hosts.byaddr"
>Use "protocols" for "protocols.bynumber"
>Use "services" for "services.byname"
>Use "aliases" for "mail.aliases"
>Use "ethers" for "ethers.byname"

- ypcat passwd returns nothing at all!!


So, if anybody has some bright idea about what is going wrong at my
site, then pleas let me know

Georg (in pain)

Martin Spott

unread,
Nov 16, 1996, 3:00:00 AM11/16/96
to

Georg P. Israel (g.is...@ieee.org) wrote:
> Salute Everybody,
> /etc/nsswitch.conf:
[...]

Change 'nisplus' to 'nis' in nsswitch.conf . As far as I know ypbind is a
'nis'-server, not a 'nisplus'-server. Anyway, to use /etc/nsswitch.conf, you
have to compile libc with NYS-support, then you don't have to add any dotted
line to /etc/passwd.

Martin.
--
EMail: I prefer correspondence to: Martin...@onyx.dirnet.com
If necessary, business mail can be sent to: Martin...@uni-duisburg.de
--------------------------------------------------------------------------
Unix _IS_ user friendly - it's just selective about who its friends are !
--------------------------------------------------------------------------

0 new messages