linux-nis&autofs1

NIS网络信息服务

 

38-1

注：

1)rpc 远程进程调用

2)Ypserv验证用户身份

       3)yppasswd 用户更改服务器的口令

NIS、域、工作组的区别：

1).NIS网络信息服务

NIS：MASTER,SLAVE

2).域：

是集中管理的。DC（域的管理者）

--NIS管理类似于域管理。

3).工作组：

是管理分散的的

 

1.安装NIS服务相关的包

安装ypserver,yppasswdd，默认portmap是安装过的。

[root@myhost ~]# mount /dev/cdrom /mnt/cdrom

[root@myhost ~]# rpm -qa ypserver

[root@myhost ~]# rpm -qa |grep portmap

portmap-4.0-65.2.2.1

[root@myhost ~]# LANG=en_US.UTF-8

--查看portmap 是否正常工作的 （后跟地址可以查看某一服务器的）

[root@myhost ~]# rpcinfo -p

   program vers proto   port

    100000    2   tcp    111  portmapper

    100000    2   udp    111  portmapper

    100024    1   udp    789  status

    100024    1   tcp    792  status

--查包是否已安装

[root@myhost ~]# rpm -qa |grep ypser

[root@myhost ~]# rpm -qa |grep yppass

[root@myhost ~]# cd /mnt/cdrom/

[root@myhost cdrom]# cd /mnt/cdrom/Server/

[root@myhost Server]# ll ypser*

-r--r--r-- 99 root root 137048 Aug 12  2008 ypserv-2.19-5.el5.i386.rpm

--查看yppass 服务是否存在

[root@myhost Server]# chkconfig --list |grep yppass

 

-- ypass 包裹在ypserver

[root@myhost Server]# rpm -qlp ypserv-2.19-5.el5.i386.rpm |less|grep yppass*

/etc/rc.d/init.d/yppasswdd

/etc/sysconfig/yppasswdd

/usr/sbin/rpc.yppasswdd

/usr/share/man/man8/rpc.yppasswdd.8.gz

/usr/share/man/man8/yppasswdd.8.gz

[root@myhost Server]# rpm -ivh ypserv-2.19-5.el5.i386.rpm

 

2.启动服务

[root@myhost Server]# chkconfig

chkconfig version 1.3.30.1 - Copyright (C) 1997-2000 Red Hat, Inc.

This may be freely redistributed under the terms of the GNU Public License.

 

usage:   chkconfig --list [name]

         chkconfig --add <name>

         chkconfig --del <name>

         chkconfig [--level <levels>] <name> <on|off|reset|resetpriorities>

--启动ypserv

[root@myhost Server]# chkconfig ypserv on

--chkconfig --level 35 yppasswdd on 可以设置在某一基本启动

[root@myhost Server]# chkconfig --list |grep ypserv

ypserv            0:off       1:off       2:on 3:on 4:on 5:on 6:off

--启动yppasswd

[root@myhost Server]# chkconfig yppasswdd on

[root@myhost Server]# chkconfig --list |grep yppass

yppasswdd        0:off       1:off       2:on 3:on 4:on 5:on 6:off

[root@myhost Server]#

 

 

3.创建本地账号导入到nis server 的资料库

3.1创建本地账号

[root@myhost ~]# useradd user1

[root@myhost ~]# passwd user1

[root@myhost ~]# useradd user2

[root@myhost ~]# passwd user2

[root@myhost ~]# cat /etc/passwd

[root@myhost ~]# cat /etc/shadow

3.2编辑Makefile文件

[root@myhost Server]# cd /var/yp

[root@myhost yp]# vim Makefile

# If we have only one server, we don't have to push the maps to the

# slave servers (NOPUSH=true). If you have slave servers, change this

# to "NOPUSH=false" and put all hostnames of your slave servers in the file

# /var/yp/ypservers.

 23 NOPUSH=true

--不使用推，默认不推。master主动拷贝资料给slave服务器时是推的关系。

# MINGID is the lowest gid that will be included in the group maps.

 32 MINUID=500

 33 MINGID=500

--500及之后的用户导入到nis server资料库

 

 55 # These are the source directories for the NIS files; normally

 56 # that is /etc but you may want to move the source for the password

 57 # and group files to (for example) /var/yp/ypfiles. The directory

 58 # for passwd, group and shadow is defined by YPPWDDIR, the rest is

 59 # taken from YPSRCDIR.

 60 #

 61 YPSRCDIR = /etc

 62 YPPWDDIR = /etc

 63 YPBINDIR = /usr/lib/yp

 64 YPSBINDIR = /usr/sbin

 65 YPDIR = /var/yp

 66 YPMAPDIR = $(YPDIR)/$(DOMAIN)

117 all:  passwd group hosts \

4.定义nis域名

[root@myhost yp]# vim /etc/sysconfig/network

--添加一行

NISDOMAIN=nisexample

[root@myhost yp]#init 6

--重启

 

5.设置NIS服务器类型

[root@nisexample yp]# /usr/lib/yp/ypinit

usage:

  ypinit -m          --master server

  ypinit -s master        --slave server

 

where -m is used to build the data bases on a master NIS server,

and -s is used for a slave data base. master must be an existing

reachable NIS server.

[root@nisexample ~]# /usr/lib/yp/ypinit -m

 

At this point, we have to construct a list of the hosts which will run NIS

servers.  nisexample is in the list of NIS server hosts.  Please continue to add

the names for the other hosts, one per line.  When you are done with the

list, type a <control D>.

        next host to add:  nisexample

        next host to add:               --添加其他主机，如果没有ctr+d 跳过

The current list of NIS servers looks like this:

 

nisexample

 

Is this correct?  [y/n: y]  y

We need a few minutes to build the databases...

Building /var/yp/nisexample/ypservers...

gethostbyname(): Success

Running /var/yp/Makefile...

gmake[1]: Entering directory `/var/yp/nisexample'

Updating passwd.byname...

Updating passwd.byuid...

Updating group.byname...

Updating group.bygid...

Updating hosts.byname...

Updating hosts.byaddr...

gmake[1]: Leaving directory `/var/yp/nisexample'

 

nisexample has been set up as a NIS master server.

 

Now you can run ypinit -s nisexample on all slave server.

[root@nisexample ~]# cd /var/yp/nisexample/

[root@nisexample nisexample]# ll

total 112

-rw------- 1 root root 12450 Oct  5 13:16 group.bygid

-rw------- 1 root root 12456 Oct  5 13:15 group.byname

-rw------- 1 root root 12499 Oct  5 13:16 hosts.byaddr

-rw------- 1 root root 12520 Oct  5 13:16 hosts.byname

-rw------- 1 root root 12637 Oct  5 13:15 passwd.byname

-rw------- 1 root root 12631 Oct  5 13:15 passwd.byuid

-rw------- 1 root root 12358 Oct  5 13:15 ypservers

[root@nisexample nisexample]#