  The Linux NIS(YP) / NYS / NIS+ HOWTO

  Thorsten Kukuk
  v1.0, 9 March 1999
   zenix@air.knu.ac.kr
  1999 10 3

     NIS(YP) Ȥ NIS+ Ŭ̾Ʈ  ϴ
  ׸ , NIS  ġϴ  Դϴ.
  ______________________________________________________________________

  

  1. 
     1.1    
     1.2 Ǹ 
     1.3    ǵ(Feedback)  ߸  Ͽ     ǰ̳  ִ , Thorsten Kukuk AURL CDATA mailto:kukuk@suse.deANAME CDATA kukuk@suse.de(HTMLURL)HTMLURL       ⸦ ٶ.   ̳ Ȥ  񳭵鵵 ȯѴ.       ߰Ͽ ,        ֵ  ˷ֱ⸦ ٶ.  մϴ.   ϴ  ǿ  Ư  ؼ      ⸦ ٶ.   Ϳ  ذå  ߰ϵ   ̴.
     1.4  Ͽ ϴ 

  2.  Ϲ ׵
     2.1 Ǵ  Ͽ
     2.2 Ϲ ׵

  3. NIS, NYS Ȥ NIS+?
     3.1 libc 4/5  traditional NIS Ȥ NYS ?
     3.2 glibc 2 ׸ NIS/NIS+
     3.3 NIS or NIS+ ? (    ΰ? )

  4.  ۵ϴ°
     4.1 NIS  ۵ϴ°
     4.2 NIS+  ۵ϴ°

  5. RPC PortmapperAID CDATA portmapper(LABEL)LABEL
  6. NIS ġϱ  ʿ ͵ ΰ?
     6.1  Server, SlaveȤ Client ϶.
     6.2 Ʈ
     6.3 ypbind 
     6.4 Traditional NIS NISϱ
     6.5 NYS NISϱ
     6.6 glibc 2.x NISϱ
     6.7 nsswitch.conf Ͽ ؼ
     6.8 NIS (Shadow) н
        6.8.1 Linux
        6.8.2 Solaris
        6.8.3 PAM

  7. NIS+ ġϱ  ʿ ͵ ΰ?
     7.1 ʿ Ʈ
     7.2 NIS+ Ŭ̾Ʈ ġϱ
     7.3 NIS+, keylogin, login ׸ PAM
     7.4 nsswitch.conf 

  8. NIS  ϱAID CDATA ypserv(LABEL)LABEL
     8.1  α׷ ypserv
     8.2  α׷ yps
     8.3 rpc.ypxfrd α׷
     8.4 rpc.yppasswdd α׷

  9. NIS/NYS ν Ȯϱ
  10. Ϲ  ذ
  11.  Ǵ ͵(FAQ)

  ______________________________________________________________________

  1.  

   ǻ Ʈ  μ ؼ ġǰ ִ.
  Ʈ   ϰ ϱ Ͽ, κ Ʈ(  
  Ʈ) Ʈ   (Network Information Service) ϰ
  ִ.   ϰ ִ NIS  񽺸   ְ, 
  װ͵ ü NIS      ִ.   NIS+
  Ŭ̾Ʈ    , ̰  Ÿ ̴ܰ.

      ӽ NIS(YP)  NIS+ ϴ  
  ñ ߿ Ϸ  ̴. RPC Portmapper κ д 
  ؾ  ``The RPC Portmapper''.

  NIS-Howto      ǰ ȴ.

               Thorstem Kukuk, <kukuk@suse.de>

   NIS-Howto    ְ 켱   
  ̴.

               Andrea Dell'Amico       <adellam@ZIA.ms.it>
               Mitchum DSouza          <Mitch.DSouza@NetComm.IE>
               Erwin Embsen            <erwin@nioz.nl>
               Peter Ericsson          <peter@ifm.liu.se>

   鿡    ù    ־  ؾ
  Ѵ.

  1.1.     

      ֱ   World Wide Web URL Ͽ
    ִ.  http://www.suse.de/~kukuk/linux/HOWTO/NIS-HOWTO.html
  <http://www.suse.de/~kukuk/linux/HOWTO/NIS-HOWTO.html>

    ο  , LDP(Linux Document Project) Ȩ
    پ Linux   Ʈ FTP Ʈ   ִ.

    پ   ũ  URL ã  ִ.

  http://www.suse.de/~kukuk/linux/nis-howto.html
  <http://www.suse.de/~kukuk/linux/nis-howto.html>

  1.2.  Ǹ 

      Ŀ   ּ Ͽ ϴ, 
   ɼ   .   ڼϰ Ȯ  
  Ͽ,   ϰ ִ   Ʈ 
  ԵǾ ִ README  бٶ.     
     ̴.

  1.3.     ǵ(Feedback)  ߸  Ͽ 
     ǰ̳  ִ , Thorsten Kukukkukuk@suse.de
        ⸦ ٶ.  
  ̳ Ȥ  񳭵鵵 ȯѴ.      
  ߰Ͽ ,        ֵ 
  ˷ֱ⸦ ٶ.  մϴ.   ϴ 
  ǿ  Ư  ؼ     
  ⸦  ٶ.   Ϳ  ذå  ߰ϵ  
  ̴.

  1.4.   Ͽ ϴ 

  γ      е鿡  ϰ
  Ѵ.  ĺ  ϸ:

               Byron A Jeff                    <byron@cc.gatech.edu>
               Markus Rex                      <msrex@suse.de>
               Miquel Van SmoorenBurg          <miquels@cirtron.nl>

  Theo de Raadt yp-client ڵ忡   å  ִ. Swen
  Thue mmler yp-client ڵ带  ,  yp-
  routine libc(T heo ۾ ) ϱ⵵ ߴ. Thorsten
  Kukuk ũġκ GN U libc 2.x  NIS(YP) ׸ NIS+ ƾ
  ۼϿԴ.

  2.   Ϲ ׵

  2.1.  Ǵ  Ͽ

     ιھ( DBMϸ Data Base
  Management)  Ѵ. ⿡  ߿ ιھ鿡
     ̴.

     DBM
        DataBase Management, ͺ̽ key-contents  
         Լ ̺귯̴.

     DLL
        Dynamic Linked Library, α׷ Ÿӽ( ), ũ
         ̺귯.

     domainname
        NIS Ŭ̾Ʈ Ǵ key ϴ ̸, dom
        ainname key ϴ NIS ġ ãµ ȴ.

     FTP
        File Transfer Protocol,   ǻͰ ۿ  Ծ.

     ibnsl
        Name  ̺귯, SVR4 н鿡 getpwnam, getservby
        name ȣѴ. GNU libc NIS(YP) NIS+Լ(,)
        Ͽ  ̺귯 Ѵ.

     libsocket
          ̺귯, SVR4 н鿡 socket, bind, lis
        ten ȣϴ   ̺귯̴.

     NIS
        Network Information Service, Ʈ Ͽ ˷ Ʈ
          ӽ鿡 Information ϴ ̴.  
        "traditional NIS" õ κп  ǥ libc
        ̺귯 NIS   ִ.

     NIS+
        Network Information Service (Plus :-), NIS Ƶ ε,
        NIS+  ũνý Inc.  NIS  
        , NIS  ȼ   Installation  ڵ鸵
        ϱ⿡   ̴.

     NYS
        ̰ Ʈ ̸, NIS+ Ÿ. YP Switch Peter
        Eri ksson <peter@ifm.liu.se>  ̲. NYS NYS
        ̺귯 Name Services Switch  ϴ NIS(=YP)ڵ带
          ٽ ۼ ̴.

     NSS
        Name Service Switch, /etc/nsswitch.conf   
        û  , Ǵ lookup  Ѵ.

     RPC
        Remote Procedure Call. RPC ƾ C α׷ Ʈ ٸ
        ӽ 󿡼 ν   ְ Ѵ.  Ϲ
        RPC  Ҷ , װ Sun RPC  ϴ ̴.

     YP Yellow Pages(tm),  British Telecom plc. ϻǥ̴.

     TCP-IP
        Transmission Control Protocol/Internet Protocol. ̰ н
        ӽ ̿  θ Ǵ   Ծ̴.

  2.2.  Ϲ ׵

   3   ũνý Ʈũ  ޴󿡼
    ̴.

               "NIS  Sun Yellow Pages(YP)  ˷,
               Yellow Pages(tm)̶ ̸ 뿵 British Telecom plc
                Ʈ̵帶ũ ϵǾ ־ 㰡 ̴   ."

  NIS Ʈũ  (Network Information Service) ǹѴ.
  װ   Ʈũ ִ  ӽ鿡, Ʈũ 
  ˷   ϴµ ִ. NIS  Ǵ  뷫
    ͵̴.

  o  login names/passwords/home directories (/etc/passwd)

  o  group information (/etc/group)

  ,  Ű н尡 NIS passwd ͺ̽
  ϵǾ  ٸ,  NIS Ŭ̾Ʈ α׷ ǰ ִ
  Ʈũ  ӽ  α-   ִ.

  (Sun) Ʈ(SunSoft, Inc.) ̼  ũνý(Sun
  Mic rosystems, Inc.) ϻǥ̴.

  3.  NIS, NYS Ȥ NIS+?

  3.1.  libc 4/5  traditional NIS Ȥ NYS ?

  " NIS" Ȥ NYS ̺귯 NIS ڵ带 ϴ ,
      ԰  迡 ȭ Ͱ ϴ.

  ǥ C ̺귯 ִ " NIS" ڵ  Ǿ
  ,  (?) ణ Զ  ϰ ִ.(ణ
   ִ)

  NYS ̺귯 ִ NIS ڵ NYS ڵ带 libc ̺귯
  ԽŰ   libc ̺귯 ٽ  ؾѴ.

   ٸ Ѱ,  NIS ڵ NIS Ʈũ ׷  
   .(NYS ȵ.) ݸ鿡, NYS ڵ   
  н  鸵ϴ  Ѵ. " NIS" ڵ ̷
   н带   ʴ´.

  3.2.  glibc 2 ׸ NIS/NIS+

    ο GNU C Library 2.x (aka libc6) ϰ ִٸ
  ǳ پ .     NSS(name switch service, ̰
  ſ  ϰ   NIS/NIS+ map Ѵ. : aliases, ethers,
  group, hosts, netgroups, networks, protocols, publickey, passwd, rpc,
  services and shado w) Ѵ. GNU C ̺귯 NIS  
  н带 ϴ  ƹ  .

  3.3.  NIS or NIS+ ? (    ΰ? )

  NIS NIS+   . NIS+  ʿ䰡 ų, 
     쿡 NIS ϶. NIS+  ڵ鿡 NIS
     Ÿ̴.(NIS+ Ŭ̾Ʈʿ ٷ ,
  ʿ ù ŭ ƴ.)  ٸ   ȯ濡
  NIS+  ̶  ̴. --  ֽŹ glibc 2.1
  ʿϴ. ű⿡ libc5  g libc NIS+   ʴ Ʈ
  ִ.

  4.   ۵ϴ°

  4.1.  NIS  ۵ϴ°

  Ʈũ 󿡼,  ϳ NIS   ̴.  ӽ
    ٸ NIS "ε"  NIS    ִ.
  Ȥ ϳ master NIS , ٸ ͵ slave NIS (Ư NIS
  "domain" ..  ) Ҹ ͵μ  NIS  
   ִ. Ȥ װ͵ ȥ    ִ.

  Slave   NIS ͺ̽ īǸ  , ̰͵
  ŵ , Master    īǵ ޴´.  Ʈũ
   ӽ  Ʈũ  , ϳ Ȥ  slave
   ġ   ϸ ȴ. NIS ٿ ǰų,
  Ŭ̾Ʈ  䱸   , NISŬ̾Ʈ ư
  ְų Ȥ   slave ӵǾ.

  NIS ͺ̽ ASCII ͺ̽κ ӵ DBM ˾ȿ
  ִ.   , /etc/passwd /etc/group   ASCI I-
  to-DBM  Ʈ( Ʈ Ե, "makedbm") Ͽ
  D BM   ִ. NIS ASCII ͺ̽ DBM
  ͺ  ÿ  ־ Ѵ.

  Slave  NIS  ("yppush"α׷ )   
    . ׸ װ͵ ͺ̽ Ǳ  ڵ
  ʿ  ׵ Ѵ. NIS Ŭ̾Ʈ ׻  
   DBM ͺ    б , ̷ ͵
  ʿ䰡 .

    ypbind α׷ NIS  ã  broadcast Ѵ.
  ̰   NIS ġϿ  broadcast    
  Ƿ   ϴ. ο  ypbind(yp-bind-3.3 or ypbind-
  mt) configuratio nϷ   ã  broadcast 
  ʿ䰡   ϴ.

  4.2.  NIS+  ۵ϴ°

  NIS+   ο  network information service̴.
  NIS NIS+   ū ̶ NIS+ secure RPC 
   ȣȭ  (encryption and authentication) Ѵٴ
  ̴.

  NIS+  tree ٰϰ ִ. Ʈ ϳ  ϳ
  NIS+  Ʈ Ѵ.  Ʈ  6 Ÿ 
  ִ.(direct ory, entry, group, link, table, private)

  NIS+ namespace  root ϴ NIS+丮 root 丮
  Ѵ. N IS+丮 Ư   ִ: org_dir  groups_dir.
  org_dir  丮 passwd, hosts ׸ mail_aliases 
  ̺ ̷ ִ.  groups_dir 丮  (access
  control)  Ǵ NIS+ ׷ Ʈ ̷ ִ.
  org_dir, groups_dir ׸ ׵    NIS+ domain 
  ȴ.

  5.  RPC Portmapper

   Ұ α׷(yp..) ϱؼ, 
  /usr/sbin/port map Ѿ Ѵ.   ǵ ̹
  /sbin/init.d/ Ȥ /etc /rc.d/ 丮ȿ ִ Ͽ portmap
   쵵 ڵǾ ִ.   ؾ   ̰
  ȰȭŰ ϴ ̴. ̰     ִ
     ϶.

  RPC portmapper (portmap(8)) RPC α׷ ȣ TCP/IP(Ȥ UDP/IP)
    Ʈ ȣ ȯϴ ̴. ̰ ӽ RPC
  (NIS Ȥ NI S+ )  RPC CALL(̰ NIS/NIS+
  Ŭ̾Ʈ Ʈ   ̴.) . RPC ۵Ǹ,
  ̰ Listenǰִ port ȣ  portmap ˷ش. Ŭ̾Ʈ
  ־ α׷ ȣ RPCα׷ ȣ   ,
  Ŭ̾Ʈ   Ͽ RPC Ŷ   ϴ
  Ѵ.

  , ǥ RPC  inetd(8)  ۵Ǳ , portmap
  inetd ۵Ǳ  Ǿ Ѵ.

  Secure(?) RPC Ͽ, portmapper Time Service ʿ Ѵ.
  Tim e Service  hosts  /etc/inetd.conf ϴٴ 
  Ȯ  ξ.

       #
       # Time service is used for clock syncronization
       #
       time    stream  tcp     nowait  root    internal
       time    dgram   udp     wait    root    internal

  ߿ : Configuration  Ŀ, inetd  ϴ 
  !

  6.  NIS ġϱ  ʿ ͵ ΰ?

  6.1.   Server, SlaveȤ Client ϶.

    ϱ ,  ΰ ؾ Ѵ.

  1.  ӽ ϴ NIS  Բϴ Ʈũ Ͽ 
      ̴.

  2.   Ʈũ NIS  .

  ù ° 쿡,  ypbind, ypswitch, ypcat, yppoll, ypmatch 
  Ŭ Ʈ α׷ ʿ Ѵ.  ߿ α׷
  ypbind̴.  α  ׻  ߿ ־ Ѵ. װ 
  α׷ ׻ μ  Ʈ ־ Ѵٴ ̴. ̰ 
  μ ý  Ͽ  ۵Ǿ Ѵ. (,
  /etc/init.d/nis, /sbin/init.d/ypclinet, /etc/rc.d/ init.d/ypbind,
  /etc/rc.local) ý ypbind ۵  NIS
  Ŭ̾Ʈ Ǵ ̴.

   ° 쿡, NIS    ,  и NIS 
  α ( ypserv Ҹ) ʿ ̴. ``NISϱ''
  κп Peter Eriksson Thorsten Kukuk   "ypserv" 
  ̿    ӽ NIS  ġϴ 
  ̴.  0.  14ʹ 4.1κп   ִ master-
  slave  ٴ    ξ.

   Tobias Reber  yps NIS  α׷ master-slave
    ,    ٸ  ִ.

  6.2.  Ʈ

  ý ̺귯 "/usr/lib/libc.a" ( 4.4.2 ) Ȥ,
   귯 "/lib/libc.so.x" NIS Ŭ̾Ʈ,  α׷
     ϱ  ý    ִ. GNU C
  ̺귯 2(glibc2) ؼ /lib/libnsl.so.1 ʿѴ.

   ̵ NIS  4.5.21 "/usr/lib/libc.a"͸ ۵ȴٰ
  ϱ , ϰ ۵ϱ Ѵٸ   libc 
  ʴ° .  NIS Ŭ̾Ʈ Ʈ  ҿ  
  ִ.

  Site                    Directory                       File Name

  ftp.kernel.org          /pub/linux/utils/net/NIS        yp-tools-2.2.tar.gz
  ftp.kernel.org          /pub/linux/utils/net/NIS        ypbind-mt-1.4.tar.gz
  ftp.kernel.org          /pub/linux/utils/net/NIS        ypbind-3.3.tar.gz
  ftp.kernel.org          /pub/linux/utils/net/NIS        ypbind-3.3-glibc5.diff.gz
  ftp.uni-paderborn.de    /linux/local/yp                 yp-clients-2.2.tar.gz

  Ʈ  , Ʈ Ե νƮ а 
  ٶ . yp-clients 2.2 libc4 libc5  5.4.20  ̴.
  libc 5.4 .21 glibc 2.x yp-tools 1.4.1    ʿ
  Ѵ. γ yp -tools 2.2   libc ۵ȴ. ,
  NIS ڵ忡 װ ־ ,  5.4.21 - 5.4.35  libc
  ϸ ȵȴ.  5.4.36   ϴ° . ׷
   κ YPα׷ ۵  ̴. ypbind 3.3 
   ̺귯 ۵Ѵ.  gcc 2.8.xȤ   ,egcs
  Ȥ glibc 2.x Ѵٸ, ypbind-3.3-glibc5.diff patc h
  ypbind-3.3 ߰ Ѵ. yp-clients 2.2  ypbind
   . ypbind-mt γ Ƽ  ̴. ̰
  Kernel 2.2 glibc 2.1Ȥ   ʿ Ѵ.

  6.3.  ypbind 

  Ʈ   ,  ν  غ 
   . ypbind   丮 /usr/sbin ̴.  ̵
  NYS ̿ ϴ ýۿ ypbind ʿ  ̶  
  ִ. ̰ Ʋ ̴. ypwhich ypcat ׻ ypbind ʿ Ѵ.

  ġ ܰ  ù° ̰ ؾѴ. ٸ ̳ʸ(ypwhich,
  ypcat , yppasswd, yppoll, ypmatch)  /usr/bin  ٸ 
       ־ Ѵ.

  ο  ypbind /etc/yp.conf   ִ.
    Ͽ NIS ϵڵ   ִ.   
   manual pa ge ypbind(8) ϱ ٶ. NYS ؼ 
   ʿϴ.  :

               ypserv votager
               ypserv defiant
               ypserv ds9

   ýۿ NIS ȣƮ  ˾Ƴ  ִٸ ׳  ̸
   ϸ , ׷  쿡 IP address ؾ Ѵ.
  ypbind 3.3 װ ־,    ypserv ds9 ؾ
  Ѵ.  ٸ   õȴ. ypbind-mt ̰ Ͽ
  Ѵ.

  ŸƮ  Ͽ   , ypbind ׽  
  .  ypbind ׽Ʈ        ִ.

  o  YP-domain name set  ִ  Ȯ ض. ̰  Ǿ
      ʴٸ   Ʈ  ִ.

                  /bin/domainname nis.domain

  nis.domain   ӽ DNS-domain  _ ʴ_
  ڿ̴!   ܺ ũĿ NIS н 
  ͺ̽ ϴµ      ְ Ǳ ̴. 
    Ʈũ NIS   𸥴ٸ, ý Ʈ
  ũ ڿ  .

  o   portmap  ȶ ִٸ, "/usr/bin/portmap"
     Ѷ.

  o   "/var/yp" 丮 ٸ װ .

  o  "/usr/bin/ypbind" Ѷ.

  o  ypbind portmapper 񽺿 ϵ  ִ 캸 
     "rpcin fo -p localhost" ϶ װ   
     ̴.

               program vers proto   port
                100000    2   tcp    111  portmapper
                100000    2   udp    111  portmapper
                100007    2   udp    637  ypbind
                100007    2   tcp    639  ypbind

  Ȥ

               program vers proto   port
                100000    2   tcp    111  portmapper
                100000    2   udp    111  portmapper
                100007    2   udp    758  ypbind
                100007    1   udp    758  ypbind
                100007    2   tcp    761  ypbind
                100007    1   tcp    761  ypbind

  ̰  ϴ ypbind   ణ ̰ ִ.

  o    "rpcinfo -u localhost ypbind"   ִ. 
     ɿ     ;߸ Ѵ.

               program 100007 version 2 ready and waiting

  Ȥ

               program 100007 vsrsion 1 ready and waiting
               program 100007 version 2 ready and waiting

    ġ ypbind  ޶  ִ. ߿ 
  "version 2" ޽̴.

    ypcat  NISŬ̾Ʈ α׷ ų 
  ִ.    "ypcat passwd.byname" п ü NIS н
  ͺ    ̴.

  ߿ :   ׽Ʈ ׳ ǳʶپٸ, domain 
    Ͱ,  丮   Ȯ ϶.

               /var/yp

   丮 ypbind  Ǳ Ͽ "ݵ" ؾ
  Ѵ.

  domainnmae ùٸ õǾ , yp-tools 2.2
  /bin/ypdomai nname  ϶. ̰  
  yp_get_default_domain()Լ  Ѵ. ̰  ⺻
  Ǿ   Ű (none) domain name  ʴ´.

   ׽Ʈ Ǿٸ,  ý ypbind Ǿ 
  ӽ NIS Ŭ̾Ʈ   ֵ   ϱ  
  𸥴. ypbin d ۵Ǳ  domainname õȴٴ  Ȯ
  ˾ .

  ٷ װŴ. ӽ Ʈϰ, ypbind  ۵Ǿ Ʈ
  ޽  캸ƶ.

  6.4.  Traditional NIS NISϱ

  ȣƮ lookup  /etc/host.conf  lookup order ٿ "nis" 
  ٿ ־. ڼ  Ͽ man "resolv+.8" ϶.

   NISŬ̾Ʈ /etc/passwdϿ   ߰Ͽ.

       +::::::

   + -ڵ Ͽ ڵ / Ȥ  
  ִ.   guest ϰ ʹٸ,  -guest
  /etc/passwdϿ ־ָ ȴ. "linux"  ksh  ٸ
   ϰ ϰ ʹص    . 
  "+linux::::::/bin/ksh" ( "" ϰ ) /etc/passwd  ߰ϸ
  ȴ. ϰ   ʵ忡 ؼ ׳ ĭ   
  ȴ.   ڵ ϱ  Netgroup   
  ִ.

   , miquels dth, ed ׸  sysadmin netgroup 
  鿡 Ը α  , ٸ    ͸
  밡 ·  α ؼ   ϸ ȴ.

               +miquels:::::::
               +ed:::::::
               +dth:::::::
               +@sysadmins::::::
               -ftp
               +:*::::::/etc/NoShell

      н ʵ带 ø   ִ. "ftp"
  α   ߱ , ̰ ̻ ˷ ʾ anonymous ftp
  ̻    ̴.

  netgroup  .

       sysadmins (-,software,) (-,kukuk,)

  ߿ : netgroup  libc 4.5.26  , 4.5.26
     ϰ ȴٸ, ypbind  ִ  NIS н
  ͺ̽  ִ     ӽ α  
  ִ!!!

  6.5.  NYS NISϱ

  NIS   /etc/yp.conf ʿ   ùٸ 
  Ű  ̴.  Name Services Switch  (
  /etc/nsswitch.conf )  ٸ ¾ Ǿ ־ Ѵ.

   ypbind ġؾ Ѵ. libc ̰ ʿ  ,
  NIS(Y P)  ̰ ʿ Ѵ.

    / (+/-guest/+@admins) ϱ
  Ѵٸ, n sswitch.conf Ͽ "passwd: compat" "group :compat"
  ؾ Ѵ.  "shadow: compat" ٴ  Ȯ ˾ . ̷
  쿡 װ  "sh adow: files nis" Ѵ.

  NYS ҽ libc 5 ҽ Ϻκ̴.   , ó "Values
  corr et"  "NO" ϰ, "Build a NYS libc from nys"
   "YES"  ϶.

  6.6.  glibc 2.x NISϱ

  glibc " NIS" Ѵ. ׷ ypbind ؾ ʿ䰡
  ִ ̴. Name Services Switch ( /etc/nsswitch.conf )
   ùٸ ¾ Ǿ ־ Ѵ.   passwd, 
  Ȥ group Ͽ co mpat 带 Ѵٸ    "+"
  ߰  Ѵ. ׷   /    ִ.
   ֶ󸮽 2.x ϴ Ͱ Ȯ ϰ ġѴ.

  6.7.  nsswitch.conf Ͽ ؼ

  /etc/host.conf ȣƮ ã  ϴ Ͱ , Network
  Service switch /etc/nsswitch.conf   䱸Ǿ ,
  lookupϴ   Ѵ.    

               hosts: files nis dns

  host lookup(ã)ϴ   NIS lookup  /etc/hosts
   ãƺ    ( /etc/resolv.conf
  named )  .  ,  쿡  Ѵ.  
    б  ־ Ѵ!  man-page
  nsswitch.5Ȥ nsswitch.conf.5        
  ̴.

  NIS  /etc/nsswitch.conf   ̴.

  #
  # /etc/nsswitch.conf
  #
  # An example Name Service Switch config file. This file should be
  # sorted with the most-used services at the beginning.
  #
  # The entry '[NOTFOUND=return]' means that the search for an
  # entry should stop if the search in the previous entry turned
  # up nothing. Note that if the search failed due to some other reason
  # (like no NIS server responding) then the search continues with the
  # next entry.
  #
  # Legal entries are:
  #
  #   nisplus or nis+     Use NIS+ (NIS version 3)
  #   nis or yp       Use NIS (NIS version 2), also called YP
  #   dns         Use DNS (Domain Name Service)
  #   files           Use the local files
  #   db          Use the local database (.db) files
  #   compat          Use NIS on compat mode
  #   [NOTFOUND=return]   Stop searching if not found so far
  #

  passwd:         compat
  group:          compat

  # For libc5, you must use shadow: files nis
  shadow:         compat

  passwd_compat: nis
  group_compat: nis
  shadow_compat: nis

  hosts:          nis files dns

  services:   nisplus [NOTFOUND=return] files
  networks:   nisplus [NOTFOUND=return] files
  protocols:  nisplus [NOTFOUND=return] files
  rpc:        nisplus [NOTFOUND=return] files
  ethers:     nisplus [NOTFOUND=return] files
  netmasks:   nisplus [NOTFOUND=return] files
  netgroup:   nisplus
  bootparams: nisplus [NOTFOUND=return] files
  publickey:  nisplus [NOTFOUND=return] files
  automount:  files nisplus
  aliases:    nisplus [NOTFOUND=return] files

  passwd_compat, group_compat ׸ shadow_compat glibc 2.x
   .  /etc/nsswitch.conf 쿡  Ģ ٸ,
  glibc look up  passwd Ģ  ̴. glibc 
  hesoid ٸ looku p  ִ.    , glibc
   ϱ ٶ.

  6.8.  NIS (Shadow) н

  NIS  н ׻   ̵̴. 찡 ִ
     Ӹ ƴ϶, ̰     C
  ̺귯  ȴ. NIS  н带 ϴ 
     ý   /etc/shadow ִ ̴. ̷
  ν  root α   ̿  ְ, Ϲ NIS
  鿡Դ  passwd     . ̰ 
  NISŬ̾Ʈ Բ ۵ϴ    ִ.
  6.8.1.  Linux

  NIS  н带 ϴ  libc GNU C Library 2.xۿ
   .  libc 5 ̰  Ѵ.  libc 5 NYS
   ڵ Բ  Ǿ,  ڵ  쿡 ־
  ɰϰ  ,  ùٸ  Ʈ Ͽ ۵
  ʴ´.

  6.8.2.  Solaris

  ֶ󸮽 NIS   н带  ʴ´.

  6.8.3.  PAM

  PAM  pam_pwdb/libpwdb NIS  н带 
  ʴ´.  ̰ RedHat 5.x 鿡 ־ ū ̴.  glibc
  PAM   ִٸ,  /etc/pam.d/* Ʈ  ʿ䰡
  ִ.  pam_p wdb Ģ pam_unix_*  üض.
  pam_unix_auth.so    , ̰  ۵ ʴ´.

  /etc/pam.d/login    ϴ:

       #%PAM-1.0
       auth       required     /lib/security/pam_securetty.so
       auth       required     /lib/security/pam_unix_auth.so
       auth       required     /lib/security/pam_nologin.so
       account    required     /lib/security/pam_unix_acct.so
       password   required     /lib/security/pam_unix_passwd.so
       session    required     /lib/security/pam_unix_session.so

   Ͽ  pam_unix_auth.so  ʿϴ. 
  ؼ p am_unix_acct.so ʿϰ н带 ؼ
  pam_unix_passwd.so ׸  ó  pam_unix_session.so
  ʿϴ.

  7.  NIS+ ġϱ  ʿ ͵ ΰ?

  7.1.  ʿ Ʈ

   NIS+ڵ GNU C ̺귯 2  . κ
    ø̼ǵ libc5 ũ ɾ  ־, 
  libc5ε  Ǿ ִ.  libc  װ ٽ
     . libc5 N IS+    ִ. static
  α׷ װͰ ũ   , ̺귯   
  α׷ ٸ libc5   ̴.

   ڱ ÷Ȩ , GNU C ̺귯 2.1 ϰ
   ؾ  ʿ䰡 ִ. 64bit ÷ GNU C ̺귯
  2.1.1 ؾѴ.  ٰ ýδ  2.x,  5.x,  6.x
   glibc ٰ   ʿ  ̴.

    Ͽ, gcc/g++ Ϸ libstc++, ncures ٽ
   ʿ䰡 ִ. ޿,    PAM 
  ϴ   ϰ ȴ.   6.0   Ű
  ٽ   ʿ䰡  .

  NIS+ Ŭ̾Ʈ Ʈ     ִ:

  Site            Directory                       File Name

  ftp.funet.fi    /pub/gnu/funet                  libc-*, glibc-crypt-*,
                                                  glibc-linuxthreads-*
  ftp.kerbel.org  /pub/linux/utils/net/NIS+       nis-utils-19990223.tar.gz
  ftp.kerbel.org  /pub/linux/utils/net/NIS+       pam_keylogin-1.2.tar.gz

   glibc   ġ  ִ.

       Site            Directory

       ftp.debian.org  /pub/debian/dists/slink
       ftp.redhat.com  /pub/redhat/redhat-5.2
       ftp.suse.de     /pub/SuSE-Linux/6.0

  GNU C ̺귯 ļ  Ʈ鿡 ؼ Ե ù
   о  ٶ.  NYS ٰ libc5 ġ ã  ִ.
  ǥ li bc5 ü  ҽ  ҿ ִ:

       Site            Directory               File Name

       ftp.kernel.org  /pub/linux/utils/NIS+   libc-5.4.44-nsl-0.4.10.tar.gz

   http://www.suse.de/~kukuk/linux/nisplus.html
  <http://www.suse.de/~kukuk/linux/nisplus.html>    
  ֽ  ҽ   ִ.

  7.2.  NIS+ Ŭ̾Ʈ ġϱ

  ߿ : NIS+ Ŭ̾Ʈ ϱ Ͽ ʿ  Ǵ
   ִ ֶ󸮽 NIS+  о!    Ŭ̾Ʈ
  ʿ   ϴ Ͽ ִ!

  ο glibc nis-tool ġ Ŀ, NIS+  ο
  Ŭ̾Ʈ  Ͽ  ض. portmap ư ִٴ 
  Ȯض. ׸   PC NIS+   ð
  Ǿ üũ ϶.   RPC ,  ȿ  3
   ϳ  츦 .   ȣƮ xntpd Ű
    ִ. ̰  Ŀ  ϶.

       domainname nisplus.domain.
       nisinit -c -H <NIS+ server>

  ƹ ɼ   ʱȭϱ , nisinit  
   . domainname ׻ Ʈ Ŀ  ȴٴ  ϶.
   Ʈ  NIS+    𸣸, 
  ý/Ʈũ ڿ ϶.
   /etc/nsswitch.conf ؾ Ѵ.  publickeyڿ 
    nisnisۿ ٴ  ϶. ( "publickey: nisnis" )

  ׸ keyserv Ѷ.   ̰ ý Ʈ ,
  portma p ǰ  ٷ ó Ǵ ̶ ̴.
  ýۿ roo t Ű ϱ ,   ϶.

       keylogin -r

  (  NIS+   ο ȣƮ  publickey ߰
   Ŷ Ѵ?)

  "niscat passwd.org_dir" н ͺ̽  Ʈ
  Ÿ Ѵ.

  7.3.  NIS+, keylogin, login ׸ PAM

   α  , keyserv    Ű  ʿ䰡
   . ̰ "keylogin"̶ Ϳ  ȴ.  Ű
  α glibc 2.1  ϵǾ ִٸ ˾Ƽ Ѵ. PAM aware
  α並 Ͽ,   NIS+  ʴ pwdb ƴ
  pam_unix_auth  ϱ , pam-keylogin-1.2.tar.gz ġϰ
  /etc/pam.d/login ؾ Ѵ.   :

       #%PAM-1.0
       auth            required        /lib/security/pam_securetty.so
       auth            required        /lib/security/pam_keylogin.so
       auth            required        /lib/security/pam_unix_auth.so
       auth            required        /lib/security/pam_nologin.so
       account         required        /lib/security/pam_unix_acct.so
       password        required        /lib/security/pam_unix_passwd.so
       session         required        /lib/security/pam_unix_session.so

  7.4.  nsswitch.conf 

  Ʈũ  ġ( network service switch ) 
  /etc/nsswitch.conf  /etc/host.conf ȣƮ ã 
  ϴ Ͱ ,   䱸 Ǿ, װ ã 
  Ѵ.      ,

               hosts: files nisplus dns

  ̰ ȣƮ ã ǿ   /etc/hosts Ͽ 
  ã,   NIS+  ã,   
  (/etc/resolv.conf  named)  ã´.   ´ 
  ã   ϵȴ.

   NIS+  /etc/nsswitch.conf  ̴.

       #
       # /etc/nsswitch.conf
       #
       # An example Name Service Switch config file. This file should be
       # sorted with the most-used services at the beginning.
       #
       # The entry '[NOTFOUND=return]' means that the search for an
       # entry should stop if the search in the previous entry turned
       # up nothing. Note that if the search failed due to some other reason
       # (like no NIS server responding) then the search continues with the
       # next entry.
       #
       # Legal entries are:
       #
       #   nisplus or nis+     Use NIS+ (NIS version 3)
       #   nis or yp       Use NIS (NIS version 2), also called YP
       #   dns         Use DNS (Domain Name Service)
       #   files           Use the local files
       #   db          Use the local database (.db) files
       #   compat          Use NIS on compat mode
       #   [NOTFOUND=return]   Stop searching if not found so far
       #

       passwd:         compat
       # for libc5: passwd: files nisplus
       group:          compat
       # for libc5: group: files nisplus
       shadow:         compat
       # for libc5: shadow: files nisplus

       passwd_compat: nisplus
       group_compat: nisplus
       shadow_compat: nisplus

       hosts:          nisplus files dns

       services:   nisplus [NOTFOUND=return] files
       networks:   nisplus [NOTFOUND=return] files
       protocols:  nisplus [NOTFOUND=return] files
       rpc:        nisplus [NOTFOUND=return] files
       ethers:     nisplus [NOTFOUND=return] files
       netmasks:   nisplus [NOTFOUND=return] files
       netgroup:   nisplus
       bootparams: nisplus [NOTFOUND=return] files
       publickey:  nisplus
       automount:  files
       aliases:    nisplus [NOTFOUND=return] files

  8.  NIS  ϱ

  8.1.   α׷ ypserv

    "ypserv" NIS  ÿ ؼ Ѵ.

  NIS  Ʈ    ִ:

  Site            Directory                       File Name

  ftp.kernel.org  /pub/linux/utils/net/NIS        ypserv-1.3.6.tar.gz

   http://www.suse.de/~kukuk/linux/nis.html
  <http://www.suse.de/~kukuk/linux/nis.html>      
  ִ.

   ¾  NIS NYS .

  ypserv makedbm α׷   Ʈ  ϶.
  securenet  Ȥ tcp_wrapper ϱ ؼ ypserv  
  ִ. tcp_wrapper   ϳ,  ̵ װ ̿ϴ 
  ־  Ų. ׸ tcp_wrapper    ޸
    ų  ִ.   tcp_wrapper   
  ypserv   ų , securenet  ̿Ͽ ٽ װ
   ϶. ypse rv --version     
  ִ   ̴.

    master ϰ ִٸ, NIS  ϰ ϱ
      䱸  ϰ, /var/yp/Makefile 
  rule    Ʈ ߰ϰų Ȥ ϶.  ׻
  Makefile    պκ ɼǵ ؾ Ѵ.

  ypserv 1.1  ypserv 1.2̿ ϳ ū ȭ ־. 
  1.2   ڵ ĳȴ. ̰  ο map
  鶧, ׻ -c ɼ  makedbm ȣؾѴٴ ǹ̴. 
  ypserv 1.2Ȥ  Ĺ  ο /var/yp/Makefile ϴ
  ƴϸ, Makefile m akedbm ϴ κп -c ÷׸ ߰
  Ѵ. ̷  , ypser v   map ϰ
  Ǿ Ʈ map   ̴.

   /var/yp/securents  /etc/ypserv.conf  ۼض .  
   Ͽ, ޴  ypserv(8) ypserv.conf(5)   ϶.

  portmapper (portmap(8)) ư ִ  Ȯ϶. ׸ 
  yp serv ϶. 

               % rpcinfo -u localhost ypserv

   ϸ    ؾ Ѵ.

               program 100004 version 1 ready and waiting
               program 100004 version 2 ready and waiting

  "version 1"  ypserv   confiuration  
    ִ. ̰   SunOS 4.x Ŭ̾Ʈ 
  ʿϴ.

   NIS (YP) ͺ̽ . master󿡼,  ϶.

          % /usr/lib/yp/ypinit -m

  slave ypwhich -m  ۵ϴ Ȯ϶. ̰  
  slave   ϱ NIS Ŭ̾Ʈμ configureǾ ϴ
   ǹѴ.   ȣƮ NIS slave ǵ νѴ.

               % /usr/lib/yp/ypinit -s masterhost

   п   ū  ִٸ,  ٸ xterm 
    ypserv ypbind   ִ.    п
   ߸Ǿ ش.

  map Ʈ ʿ䰡 ִٸ, NIS master /var/yp 丮
  make ش. ̰ ҽ  ο ̸ Ӱ Ʈ 
  ̰, slave 鿡 ϵ  ̴. map Ʈ ϴ
   ypinit  .

  *slave * Ʈ crontab ۼϱ⸦ Ѵٸ  ε
  ߰϶.

               20 *    * * *   /usr/lib/yp/ypxfr_1perhour
               40 6    * * *   /usr/lib/yp/ypxfr_1perday
               55 6,18 * * *   /usr/lib/yp/ypxfr_2perday

  ̰ master Ʈ   slave ٿ Ǿ
  Ʈ ȵ  κ NIS map ֱٰ Ǵ 
  Ѵ.

     slave ߰  ִ. ó, ο slave
   Ͽ NIS master  contact  ִٴ  Ȯ϶.
  ׸   slave   ϶.

               % /usr/lib/yp/ypinit -s masterhost

  master  /var/yp/ypservers  ο salve ߰ϰ /var/yp
  丮 make  map Ʈ϶.

   NIS  ڵ鿡 Ͽ  ΰ ʹٸ, NIS
    ypbind Ű, /etc/passwd н  ߰
  ÷ Ʈ ߰ϴ    Ѵ. ̺귯
  function NIS Ʈ     Ϲ Ʈ Ѵ.
  ׸ NIS Ͽ     Ѵ. ̷ NIS
   Ģ ȴ.  :

          root:x:0:0:root:/root:/bin/bash
          daemon:*:1:1:daemon:/usr/sbin:
          bin:*:2:2:bin:/bin:
          sys:*:3:3:sys:/dev:
          sync:*:4:100:sync:/bin:/bin/sync
          games:*:5:100:games:/usr/games:
          man:*:6:100:/usr/games:
          lp:*:7:7:lp:/var/spool/lpd:
          mail:*:8:8:mail:/var/spool/mail:
          news:*:9:9:news:/var/spool/news:
          uucp:*:10:50:uucp:/var/spool/uucp:
          nobody:*:65534:65534:noone at all....:/dev/null:
          +miquels::::::
          +:*:::::/etc/NoShell
          [ All normal users AFTER this line! ]
          tester:*:299:10:Just a test account:/tmp:
          miquels:1234567890123:101:10:Miquel van Smoorenburg:/home/miquels:/bin/zsh

  "tester"  , /etc/NoShell  ִ. miquels
  Ϲ  ׼   ִ.

  ٸ, /var/yp/Makefile ļ ٸ н  ҽ ̿
  ϵ NIS   ִ. Ը ū ýۿ NIS н
  ׷   /etc/yp/丮 Ǿ ִ.  ̷
  ϱ⸦ Ѵٸ passwd, chfn, adduser Ϲ   ̻
  ۵ ʴ´.  ̰͵   Ư   Ѵ.

  ׷ yppasswd, ypchsh ׸ ypchfn    ̴.

  8.2.   α׷ yps

  "yps" NIS  ,   ϱ ٶ. "yps" 
    ϴ. _׷_ Ȯϰ ġ ʱ  "ypserv"
   "yps"   õ   ض! "yps" 
  ڵ ͵   ,     
  ִ.   ̰ ϸ  ȴ!

  "yps" NIS  Ʈ  ã  ִ:

               Site                    Directory                       File Name

               ftp.lysator.liu.se      /pub/NYS/servers                yps-0.21.tar.gz
               ftp.kernel.org          /pub/linux/utils/net/NIS        yps-0.21.tar.gz

  8.3.  rpc.ypxfrd α׷

  rpc.ypxfrd NIS master NIS slave ۵Ǵ ſ ū NIS
  map鿡   ӵ Ű  ̴.  NIS slave
  ο map    ޽ ޾ , ̰ ο map
   ؼ ypxfr  ų ̴. ypxfr yp_all()Լ
  Ͽ, masterκ map   ̴.  μ
  ͺ̽ ̺귯  Ǿ map   ū ͵̶ 
    ҿȴ.

  rpc.ypxfrd NIS slave 鿡  scartch  ϴ
  ͺ   master  map ϵ ϴ  ν
   μ  ӵ Ų. rpc.ypxfrd RPC  
  Ծ Ѵ.   ٽ Ӱ map   ʾƵ ȴ.

  rpc.ypxfrd inted ؼ ۵  ִ.  ̰ ſ ʰ
  ۵ ̱ , ypserv  ۵Ǿ Ѵ. 
  rpc.ypxfrd NIS ma ster Ѿ Ѵ.

  8.4.  rpc.yppasswdd α׷

  ڵ ׵ н带 ٲܶ, NIS н ͺ̽
  ׿ ϴ ٸ NIS ͺ̽ Ʈ Ǿ Ѵ.
  "rpc.yppasswdd" α׷ н  ٷ NIS 
  ϰ Ʈ ǵ   ϴ ̴. rpc.yppasswd  
  ypserv յǾ ִ.    иǾ 
  yppasswd-0.9.tar.gz Ȥ yppasswd-0.10.tar.gz   ʴ´.
  ׸ ̻ װ ϸ ȵȴ. ypserv 1.3.2 ִ
  rpc.yppasswdd shadow   Ѵ. yppasswd  yp-
  tools-2.2.  tar.gz κ̴.

   NIS master rpc.yppasswdd Ű ȴ.
  ⺻, ڵ ׵  ̸̳ α  ٲ
  ϵ Ǿִ.   -e chfn Ȥ -e chshɼ ̰
  ϰ   ִ.

    passwd shadowϵ ٸ 丮  /etc
  ִٸ,   -D ɼ ߰ϸ ȴ.    ҽ
  ϵ /etc/yp ְ ڵ ׵  ٲٴ  ϰ
  Ѵٸ, rpc.yppasswdd    ĶͿ Բ Ű ȴ.

               rpc.yppasswdd -D /etc/yp -e chsh

  Ȥ

               rpc.yppasswdd -s /etc/yp/shadow -p /etc/yp/passwd -e chsh

  ̻ Ұ .   rpc.yppasswdd /var/yp/Make
  file ϴ   Ѵٴ ͸ Ȯ  θ ȴ. 
   syslog  ϵ ̴.

  9.  NIS/NYS ν Ȯϱ

    Ǿٸ( ׷ Ǵ ó),   
    ν Ѱ   ־Ѵ.  , 
  passwd NIS  ȴٰ ϰ ɾ

               % ypcat passwd

   NIS passwd     Ѵ. ɾ

               % ypmatch userid passwd

  (userid   α ̸̴.) NIS н Ͽ ִ
   Ʈ  ־ Ѵ. "ypcat" "ypmatch" α׷
     NIS Ȥ NYSǿ ԵǾ ִ.

     α    ,   α׷
  Ŭ̾Ʈ   .

       #include <stdio.h>
       #include <pwd.h>
       #include <sys/types.h>

       int
       main(int argc, char *argv[])
       {
           struct passwd *pwd;

           if(argc != 2)
             {
               fprintf(stderr,"Useage: getwpnam username\n");
               exit(1);
             }

           pwd=getpwnam(argv[1]);

           if(pwd != NULL)
             {
               printf("name.....: [%s]\n",pwd->pw_name);
               printf("password.: [%s]\n",pwd->pw_passwd);
               printf("user id..: [%s]\n",pwd->pw_uid);
               printf("group id.: [%s]\n",pwd->pw_gid);
               printf("gecos....: [%s]\n",pwd->pw_gecos);
               printf("directory: [%s]\n",pwd->pw_dir);
               printf("shell....: [%s]\n",pwd->pw_shell);
             }
           else
             fprintf(stderr,"User \"%s\" not found!\n",argv[1]);

           exit(0);
       }

   ̸ ĶͿ Բ  α׷ Ű,   
  getpw namԼ ˷  ִ   Ѵ. ̰
  п   Ʈ ߸ Ǿ ˷ ̴.  Ϲ
  , н ʵ尡 "*" Բ ߺ ̴.

  GNU C ̺귯 2.1 (glibc 2.1) getent Ҹ   ´.
      ִ ýۿ     α׷ ϶.
      ִ.

               getent passwd

  Ȥ

               getent passwd login

  10.  Ϲ  ذ

  ⿡ پ ڵ  ˷ Ϲ   ִ.

  1.  4.5.19  ̺귯 . NIS ̰ ۵
      ´.

  2.  4.5.19 4.5.24 ̺귯 ׷̵ ϴ  su
     ɾ  .  slackware 1.2.0 κ su
     ɾ   ȴ. ٿ ϸ, װ Ʈ
     ̺귯   ִ ̴.

  3. NIS  ׾µ ypbind   ޽  찡
     ִ.

             yp_match: client_call:
                             RPC: Unable to receive: errno = Connection refused

             ׸ NIS ͺ̽ ϵ ڵ α   
              ִ. ̷ root α õϰ ypbind δ ٽ 
             Ѷ. ׸ ypbind 3.3 Ȥ  ̻ Ʈϴ ͵
               ̴.

     <item>libc 5.4.20̻ ׷̵带 ϸ, YP  ̻ ۵ 
              ̴. libc >= 5.4.21  glibc 2.x yp-tools 1.2 ̻
              䱸Ѵ.   libc ؼ yp-clients 2.2  ʿϴ
             . yp-tools 2.x  ̺귯  ۵Ѵ.

     <item>libc 5.4.21 - 5.4.35 yp_maplist . 5.4.36   ʿ
             . ׷   ypwhich YP α׷ segfault ų
             ̴.

     <item> NIS Բ ̴ libc 5 NIS   н带 
              ʴ´. ̰ ؼ libc + NYS Ȥ glibc 2.x ʿϴ.

     <item>ypcat shadow  map  Ѵ. ̰   
              map ̸ shadow.byname shadow ƴϴ.

     <item>ֶ󸮽(Solaris) ׻ Ư  Ʈ  ʴ´. 
             ֶ󸮽 Ŭ̾Ʈ  ִ , н带 и 
              ٶ.

  11.   Ǵ ͵(FAQ)

   κ  .  ذ  ǹ
   ٸ  ׷쿡 ñ   ȴ.

               comp.os.linux.networking

