NIS学习笔记

平台：rhel5.4_x86

软件包：ypserv,ypbind,yp-tools

服务器：172.16.3.244

辅助：172.16.3.248

客户端：172.16.3.245

防火墙关闭

[root@rhel172_16_3_244 ~]# yum search yp |grep ^yp

ypbind.i386 : 把 NIS 客户绑定到 NIS 域的 NIS 守护进程。

yp-tools.i386 : NIS (或 YP) 客户程序。

ypserv.i386 : NIS (网络信息服务)服务器。

创建一个测试用户：

[root@rhel172_16_3_244 ~]# useradd talen -m

[root@rhel172_16_3_244 ~]# passwd talen

Changing password for user talen.

New UNIX password:

BAD PASSWORD: it is too short

Retype new UNIX password:

passwd: all authentication tokens updated successfully.

安装软件包：

做为服务器

[root@rhel172_16_3_244 ~]# yum install ypserv yp-tools -y

做为客户端

[root@rhel172_16_3_244 ~]# yum install yp-tools ypbind -y

设置NIS域名

[root@rhel172_16_3_244 ~]# vim /etc/sysconfig/network

NISDOMAIN=nis

重起服务器后生效。临时生效可以使用domainname命令

[root@rhel172_16_3_244 ~]# domainname nis

[root@rhel172_16_3_244 ~]# domainname

nis

与NIS有关的服务

ypbind 0:关闭 1:关闭 2:关闭 3:关闭 4:关闭 5:关闭 6:关闭

yppasswdd 0:关闭 1:关闭 2:关闭 3:关闭 4:关闭 5:关闭 6:关闭客户端开启修改域密码权限

ypserv 0:关闭 1:关闭 2:关闭 3:关闭 4:关闭 5:关闭 6:关闭 NIS必须开启的服务

ypxfrd 0:关闭 1:关闭 2:关闭 3:关闭 4:关闭 5:关闭 6:关闭主辅域服务器同步数据

[root@rhel172_16_3_244 ~]# service portmap start

Starting portmap: [ OK ]

[root@rhel172_16_3_244 ~]# netstat -natp

Active Internet connections (servers and established)

Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name

tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 5808/portmap

[root@rhel172_16_3_244 ~]# chkconfig ypserv on

[root@rhel172_16_3_244 ~]# service ypserv start

启动 YP 服务器的服务： [确定]

如果有辅助服务器，开启ypxfrd服务

[root@rhel172_16_3_244 ~]# service ypxfrd start

启动 YP 映射图服务器： [确定]

产生NIS数据库文件/var/yp/Makefile

[root@rhel172_16_3_244 ~]# vim /var/yp/Makefile

其中比较重要的是all:NIS要配置的数据

# If you don't want some of these maps built, feel free to comment

# them out from this list.

all: passwd group hosts rpc services netid protocols mail \

# netgrp shadow publickey networks ethers bootparams printcap \

# amd.home auto.master auto.home auto.local passwd.adjunct \

# timezone locale netmasks

初始化NIS数据库

[root@rhel172_16_3_244 ~]# /usr/lib/yp/ypinit --help

usage:

ypinit -m

ypinit -s master

where -m is used to build the data bases on a master NIS server,

and -s is used for a slave data base. master must be an existing

reachable NIS server.

由于本机是主服务器，加上-m选项

[root@rhel172_16_3_244 ~]# /usr/lib/yp/ypinit -m

At this point, we have to construct a list of the hosts which will run NIS

servers. rhel172_16_3_244 is in the list of NIS server hosts. Please continue to add

the names for the other hosts, one per line. When you are done with the

list, type a .

next host to add: rhel172_16_3_244 这里只有本机

next host to add: 输入CTRL＋D

The current list of NIS servers looks like this:

rhel172_16_3_244

Is this correct? [y/n: y] 回车

We need a few minutes to build the databases...

Building /var/yp/nis/ypservers...

gethostbyname(): Success

Running /var/yp/Makefile...

gmake[1]: Entering directory `/var/yp/nis'

Updating passwd.byname...

Updating passwd.byuid...

Updating group.byname...

Updating group.bygid...

Updating hosts.byname...

Updating hosts.byaddr...

Updating rpc.byname...

Updating rpc.bynumber...

Updating services.byname...

Updating services.byservicename...

Updating netid.byname...

Updating protocols.bynumber...

Updating protocols.byname...

Updating mail.aliases...

gmake[1]: Leaving directory `/var/yp/nis'

rhel172_16_3_244 has been set up as a NIS master server.

Now you can run ypinit -s rhel172_16_3_244 on all slave server.

此时在/var/yp目录下生成了域nis的数据文件。

[root@rhel172_16_3_244 ~]# ls -l /var/yp/*

-rw-r--r-- 1 root root 16669 2008-08-11 /var/yp/Makefile

-rw-r--r-- 1 root root 185 2006-07-13 /var/yp/nicknames

-rw-r--r-- 1 root root 17 08-26 14:26 /var/yp/ypservers

/var/yp/binding:

总计 0

/var/yp/nis:

总计 2196

-rw------- 1 root root 12418 08-26 14:27 group.bygid

-rw------- 1 root root 12419 08-26 14:27 group.byname

-rw------- 1 root root 12535 08-26 14:27 hosts.byaddr

-rw------- 1 root root 12549 08-26 14:27 hosts.byname

-rw------- 1 root root 13174 08-26 14:27 mail.aliases

-rw------- 1 root root 13092 08-26 14:27 netid.byname

-rw------- 1 root root 12484 08-26 14:27 passwd.byname

-rw------- 1 root root 12483 08-26 14:27 passwd.byuid

-rw------- 1 root root 29211 08-26 14:27 protocols.byname

-rw------- 1 root root 14573 08-26 14:27 protocols.bynumber

-rw------- 1 root root 16384 08-26 14:27 rpc.byname

-rw------- 1 root root 14236 08-26 14:27 rpc.bynumber

-rw------- 1 root root 766110 08-26 14:27 services.byname

-rw------- 1 root root 1470490 08-26 14:27 services.byservicename

-rw------- 1 root root 12376 08-26 14:27 ypservers

[root@rhel172_16_3_244 ~]# netstat -nap |grep ypserv

tcp 0 0 0.0.0.0:830 0.0.0.0:* LISTEN 6161/ypserv

udp 0 0 0.0.0.0:827 0.0.0.0:* 6161/ypserv

配置客户端

[root@rhel172_16_3_245 ~]# yum install ypbind yp-tools -y

[root@rhel172_16_3_245 ~]# chkconfig ypbind on

[root@rhel172_16_3_245 ~]# service ypbind start

Error: NIS domain name is not set. [FAILED]

[root@rhel172_16_3_245 ~]# vim /etc/sysconfig/network

[root@rhel172_16_3_245 ~]# domainname nis

[root@rhel172_16_3_245 ~]# domainname

Binding to the NIS domain: [ OK ]

Listening for an NIS domain server.rpcinfo: can't contact portmapper: RPC: Remote system error - Connection refused

[root@rhel172_16_3_245 ~]# service portmap status

portmap is stopped

[root@rhel172_16_3_245 ~]# service portmap start

[root@rhel172_16_3_245 ~]# netstat -natp

[root@rhel172_16_3_245 ~]# telnet 172.16.3.244 111 远程portmap端口是通的。

Trying 172.16.3.244...

Connected to 172.16.3.244 (172.16.3.244).

Escape character is '^]'.

[root@rhel172_16_3_245 ~]# rpcinfo -p 本机rpc注册OK

程序版本协议端口

100000 2 tcp 111 portmapper

100000 2 udp 111 portmapper

100004 2 udp 827 ypserv

100004 1 udp 827 ypserv

100004 2 tcp 830 ypserv

100004 1 tcp 830 ypserv

[root@rhel172_16_3_245 ~]# rpcinfo -p 172.16.3.244 远程服务器OK

program vers proto port

[root@rhel172_16_3_245 ~]# echo 'domain nis server 172.16.3.244' >> /etc/yp.conf

[root@rhel172_16_3_245 ~]# echo 'domain nis server 172.16.3.248' >> /etc/yp.conf

Listening for an NIS domain server.

也可以使用文本模式的配置工具

[root@rhel172_16_3_245 ~]# authconfig-tui

Stopping portmap: [ OK ]

Shutting down NIS services: [ OK ]

[root@rhel172_16_3_245 ~]# yptest -u talen

Test 1: domainname

Configured domainname is "nis"

Test 2: ypbind

Used NIS server: rhel172_16_3_244

Test 3: yp_match

talen:$1$hMJnBx70$3vBLoe3b6YpFiY1LH.ESz.:501:501::/home/talen:/bin/bash

Test 4: yp_first

sky sky:$1$lnUnTVK1$LxsUjGrGZvNJhGUWimpyZ/:500:500:skymobi:/home/sky:/bin/bash

Test 5: yp_next

talen talen:$1$hMJnBx70$3vBLoe3b6YpFiY1LH.ESz.:501:501::/home/talen:/bin/bash

Test 6: yp_master

Test 7: yp_order

1314343321

Test 8: yp_maplist

protocols.byname

rpc.bynumber

hosts.byaddr

services.byname

group.bygid

group.byname

passwd.byname

rpc.byname

netid.byname

services.byservicename

hosts.byname

protocols.bynumber

ypservers

passwd.byuid

mail.aliases

Test 9: yp_all

All tests passed

[root@rhel172_16_3_245 ~]# ypwhich 查询在哪个域注册

[root@rhel172_16_3_245 ~]# ypwhich -m 查询NIS对应数据

protocols.byname rhel172_16_3_244

rpc.bynumber rhel172_16_3_244

hosts.byaddr rhel172_16_3_244

services.byname rhel172_16_3_244

group.bygid rhel172_16_3_244

group.byname rhel172_16_3_244

passwd.byname rhel172_16_3_244

rpc.byname rhel172_16_3_244

netid.byname rhel172_16_3_244

services.byservicename rhel172_16_3_244

hosts.byname rhel172_16_3_244

protocols.bynumber rhel172_16_3_244

ypservers rhel172_16_3_244

passwd.byuid rhel172_16_3_244

mail.aliases rhel172_16_3_244

[root@rhel172_16_3_245 ~]# ypwhich -x 查询别名

Use "ethers" for map "ethers.byname"

Use "aliases" for map "mail.aliases"

Use "services" for map "services.byname"

Use "protocols" for map "protocols.bynumber"

Use "hosts" for map "hosts.byname"

Use "networks" for map "networks.byaddr"

Use "group" for map "group.byname"

Use "passwd" for map "passwd.byname"

查询数据库的内容：

[root@rhel172_16_3_245 ~]# ypcat passwd

sky:$1$lnUnTVK1$LxsUjGrGZvNJhGUWimpyZ/:500:500:skymobi:/home/sky:/bin/bash

ypcat如果查询量大的话会造成网络拥挤，可以使用ypmatch来对比数据

[root@rhel172_16_3_245 ~]# ypmatch talen passwd

更新数据库

如果服务器更改了数据，如新添加一个用户，NIS并没有更新，会造成客户端无法找到此用户

[root@rhel172_16_3_244 ~]# make -C /var/yp/

make: Entering directory `/var/yp'

make: Leaving directory `/var/yp'

添加辅助NIS

为防止只有一台NIS服务器带来的单点故障问题，可以使用多台辅助NIS容错，同时还有负载均衡的作用

[root@rhel172_16_3_248 ~]# yum install ypserv yp-tools -y

[root@rhel172_16_3_248 ~]# vi /etc/sysconfig/network

# vim /etc/sysconfig/network

[root@rhel172_16_3_248 ~]# domainname nis

[root@rhel172_16_3_248 ~]# service portmap start

[root@rhel172_16_3_248 ~]# service ypserv start

Starting YP server services: [ OK ]

[root@rhel172_16_3_248 ~]# /usr/lib/yp/ypinit -s 172.16.3.244

[root@rhel172_16_3_248 ~]# rpcinfo -p

100004 2 udp 870 ypserv

100004 1 udp 870 ypserv

100004 2 tcp 873 ypserv

100004 1 tcp 873 ypserv

[root@rhel172_16_3_248 ~]# rpcinfo -p 172.16.3.244

[root@rhel172_16_3_248 ~]# /usr/lib/yp/ypinit -s rhel172_16_3_244

We will need a few minutes to copy the data from rhel172_16_3_244.

Transferring protocols.byname...

Trying ypxfrd ... success

Transferring rpc.bynumber...

Transferring hosts.byaddr...

Transferring services.byname...

Transferring group.bygid...

Transferring group.byname...

Transferring passwd.byname...

Transferring rpc.byname...

Transferring netid.byname...

Transferring services.byservicename...

Transferring hosts.byname...

Transferring protocols.bynumber...

Transferring ypservers...

Transferring passwd.byuid...

Transferring mail.aliases...

rhel172_16_3_248's NIS data base has been set up.

If there were warnings, please figure out what went wrong, and fix it.

At this point, make sure that /etc/passwd and /etc/group have

been edited so that when the NIS is activated, the data bases you

have just created will be used, instead of the /etc ASCII files.

然后再回到主服务器

1,修改NOPUSH

[root@rhel172_16_3_244 ~]# sed -i 's/NOPUSH=true/NOPUSH=false/' /var/yp/Makefile 注意，一些注释内容也会更改

2，增加辅助NIS清单

[root@rhel172_16_3_244 ~]# echo 'rhel172_16_3_248' >>/var/yp/ypservers

[root@rhel172_16_3_248 ~]# service ypxfrd start

Starting YP map server: [ OK ]

NIS学习笔记

继续阅读

ERROR 1 (HY000): Can't create/write to file '/tmp/#sql_4188_1.MYI' (Errcode: 28)

艰难安装LDAP,SSL认证

《Linux命令行与Shell脚本编程大全第2版.布卢姆》pdf

MySQL的4种隔离级别？出现问题

nginx location中斜线的位置的重要性

ACS基本配置-权限等级管理

XX系统实施过程问题总结

无组件上传图片到数据库中，最完整解决方案

【MySQL数据库】数据库索引事务1.索引2.事务

27 Best Free Eclipse Plug-ins for Java Developer to be ProductiveCode Quality PluginsText Editor PluginsDependency ManagementVersion Control Integration PluginsFramework Development Continuous Integration Related PluginsOther Utility Plugins

neo4j之cypher使用文档

Bugku-WEB-web33

NOSQL安全攻击

mybatis_入门程序Mybatis入门

登录plsql 报错 the account is locked --用户被锁

SequoiaDB巨杉数据库C++驱动概述