Linux NFS server configuration

Network Information Service (NIS) is a network product that centrally controls several systems for database management. NIS simplifies the management of UNIX and LINUX desktop users. The client can use it to manage files on the central server. Desktop users do not need to create their own etcpasswd. They simply use files maintained on the NIS server. Not mentioned in NIS

Network Information Service (NIS) is a network product that centrally controls several systems for database management. NIS simplifies the management of UNIX and LINUX desktop users. The client can use it to manage files on the central server. Desktop users do not need to create their own/etc/PasswdThey only use files maintained on the NIS server.
When it comes to NIS, you have to first describe the domain controller of WINDOWS2000. There is a WIN2000 Domain Controller in the LAN. Some machines are added to this domain. When you log on to the next machine, one option is to log in to the domain when you log on to the Local Machine (this should be the case, but I cannot remember it clearly). The local password for logon is controlled by the local machine, however, if you log on to the domain, the password is managed by the domain controller.
LINUX is also an operating system and has no essential difference with WIN2000. Therefore, read the previous section carefully to understand the principle of NIS. At this time, an important file/etc/nsswitch emerged. conf
NIS is a client/server system, and ypbind is a client process that defines the NIS server. Once the server location is determined, the client is bound to the server, so the client's accommodation query is sent to the server. Ypserv is a server process that answers client queries.
Install the ypbind Client
Rpm-ivh ypbind *
There is nothing to say.
Note: yum install ypbind yptooLs
Configure the NIS client
The NIS domain locating server of the Process ypbind, which includes all NIS servers and clients. It is different from DNS, although some administrators equate the NIS domain name with the DNS domain name. The NIS domain name only applies to the NIS server and client.
You can configure the NIS domain name in either of the following ways:
The nisdomainname definition displays the NIS domain name
Configure the NIS domain name in the yp. conf file.
# Nisdomainname gogo
# Nisdomainname
Gogo
By default, ypbind uses nisdomainnameCommandThe NIS domain name is returned. When a request is sent to the NIS server, the address is broadcast in the network.
Yp. conf file
/Etc/yp. conf defines the yp. conf configuration. If the yp. conf file cannot be found, the ypconf process uses the nisdomainname command to return the NIS domain name and broadcasts it to locate the NIS server. Ypbind is bound to the server of the first request.
Ypserver hostname
Domain nisdomain broadcast | server hostname
==========
Hostname, The nisdomain character is a variable.
Use the ypserver configuration option to specify a server for the client. When the yp. conf file includes the ypserver option, the client uses the NIS domain name returned by the command nisdomainname to send a request to the server specified by the hostname field of the ypserver command. The/etc/hosts file must contain the IP address of the host. Do you still remember what I said? DNS is replaced by HOSTS and can be set in DNS. The ypserver option forces the client to connect to a specific server.
In the yp. conf file, the domain option is used to define the NIS domain name, indicating whether the client is a broadcast location or directly sending a request to the server.
ExAmple:
#/Etc/yp. conf
#
Domain first server restart
==========
First is the domain name, and the region is the server region in this domain. The hosts must have the corresponding IP address.
Or login in a 192.168.1.1. Do you still remember what this command did?
------------------------
Create an NIS Server
Install ypserv
Rpm-ivh ypserv *
-----------
The database provided by the NIS server is called the NIS ing table.
Create an independent server
If you only have one NIS domain server and create an independent server, if you have multiple servers in the NIS domain, you need to select one of them as the primary server of the domain. Others are used as slave servers.
You can use the make command to initialize the independent server, create an NIS ing table, and file/var/yp/MakeFileContains commands for creating databases.
Example:
# NsIdOmainname first
#Cd/Var/yp
# Make
Gamke [1]: Entering directory '/var/yp/terns'
UpDateIng passd. byname ......
Updateing passwd. byuid .......
............
........
.....
...
---------
Master-slave server Innovation
Use the ypinit command to initialize the master server, which is a common NIS ing table. By default, the. ypinit operation is the same as that provided by the make command. To create a master server relative to the slave server, you must edit the/var/yp/Makefile file. In the Makefile file, set NOPUSH to NOPUSH = false.
After modification, run ypinit-m
Exmpale:
# Nisdomwiname first
# Cd/var/yp
#/Usr/lib/yp/ypinit m
...........
Next host toDd: 1111.first.myhome.com
Next host to add: 2222.first.myhome.com
..............
............
..............
Is this correct? [Y/n] y
..........
.........
Updateing passwd. byname .........
.............
..........
...........
Tired !!!!
The slave server configuration is simpler than the master server. The master server saves all the ing tables. The slave server only needs to know which is the master server. Ypinit-s Configuration slave server.
Example:
#/Usr/lib/yp/ypinit-s salve
The IP address of salve must also be saved in hosts.
----------
Security
You can define the security performance of the server in the/var/yp/securenets file.
Example:
255.255.255.0 192.168.1.0
Authorize users of the 192.168.1.0 subnet to access the server.
------
Ypserv. conf file
You must use the securenets file and do not use ypserv. conf to define security.
Syntax:
Host: map: security: [mangle []
The fields are as follows:
Host authorized or inaccessible computers. It is determined by the address/mask pair. For example, 192.168.1.0/255.255.255.0. * indicates all hosts.
Map this field indicates the name of the accessed NIS ing table. Example: passwd. byuid. * Indicates that all fields in the ing table are available.
Security authorized access type
Allow access without enhancing security.
Port allows privileged port access. Only connections with the source port less than 1024 are received.
Deny prohibits access.
Des authentication is required for access.
[Mangle [] specifies the fields that should be overwritten by "X" before the response is sent (not clear)
Example:
# Host: MAP: Security: mangle
192.168.1.0/255.255.255.0: *: none: no
*: Deny: no
Start the server
/Etc/init. d/ypserv restart
Start the NIS client
/Etc/init. d/ypbind restart
Test NIS
The NIS client should be bound to the server. YpWhichCommand to check whether the client is correctly connected to the server.
If the client is correctly bound to the server, use ypCatChecks the information provided by the server.
NIS and DNS are two sessions. You must understand them. Although domain names may be involved. But it is indeed a matter of two sessions, and there will be some connections between them. But it cannot be mixed together. Remember, remember.
==========================================
Nsswitch. conf file
The nsswitch. conf file can not only process the priority between the host table and DNS, but also handle other problems. It defines the source for several different system management databases (for more information, see "several different system management databases". It can be DNS or NIS. Think about it)
Database controlled by nsswitch. conf
AliasEMAIL alias
The ethernet address used by ehters for RARP.
Hosts host name and IP address
Password user account information.
There are still many, not listed.
Use nsswitch. conf without NIS
Example:
Password: files
Shadow: files
...........
Hosts: dns files
# This sentence is very important. dns comes first. After files is located, files here refer to the/etc/hosts file. If a client queries files, find dns first and then find files. Order is important.
Aliases: files

.........
.........
.........
Use nsswitch. conf with NIS
Example:
Hosts: files nis dns
ProtoColS: nis files
.........
........
........
Control Selection Process
The nsswitch. conf file provides several State keywords that can be used to query the test:
SuThe ccess (successful) query returns the expected results. The default action in this status is to return the result to the application that submits the query (think about it, in my DNS second lecture, when it comes to the parser, it can be the application that submits the query, but it is DNS query), and then exit the Query Process.
Nofound (not found) although the query is normal, the expected value is not found. The default action is to query the source of the next row.
The source for unavail (unavailable) to submit for query is unavailable. For example, the name server is not running.
TrYagain (severe) sources are temporarily unavailable. The default action is to continue to submit the query to the next source.
There are two keywords to identify the default action: return and continue. Return tells the parser to return the value to the application and end the query. Continue tells the parser to continue submitting the query to the next source.
The status and action keywords can be combined and added to the source ticket of the nsswitch. conf file to control when the Query Process is moved to the next source.
The status check syntax is:
[(! ?StatUs = action) +]
Question mark (?) Represents any status value; exclamation point (!) Returns the reverse of the status value .! SUCCESS is unsuccessful. Square brackets ([]) are used to include the entire Condition Statement. Parentheses () are optional. They are only used to contain each test condition. They can have multiple conditions. Each condition is included in parentheses and is connected by a plus sign.
For example:
[(NOFOUND = RETURN) + (TRYAGAIN + TRETURN)]
It is actually the relationship between "and" or "Non" in C.
The following is a row of hosts in nsswitch. conf:
Hosts: dns [! UNAVAIL = return] files
All States except UNAVAIL are described. The parser should return the value to the application and then exit.
The parser can query the host table only when the DNS name server is not running. If a conditional statement changes, the default action resume takes effect. The default action of UNAVAI is continue.
The nsswich. conf file has replaced hosts. conf because it provides more resource control methods. In LINUX, these two files usually exist, but what actually works is the nsswitch. conf file.