差異處
這裏顯示兩個版本的差異處。
| 下次修改 | 前次修改 | ||
|
nis [2017/01/04 21:36] 127.0.0.1 建立 |
nis [2017/01/12 21:11] (目前版本) jz |
||
|---|---|---|---|
| 行 3: | 行 3: | ||
| ===== server ===== | ===== server ===== | ||
| + | add to rc.conf | ||
| - | rc.conf | ||
| <code> | <code> | ||
| nisdomainname="csna" | nisdomainname="csna" | ||
| - | nis_server_enable="YES" | + | nis_server_enable="YES" |
| nis_yppasswdd_enable="YES" | nis_yppasswdd_enable="YES" | ||
| nis_client_enable="YES" | nis_client_enable="YES" | ||
| - | nis_client_flags="-S NIS domain,server" | + | nis_client_flags="-S csna,csna1" |
| </code> | </code> | ||
| + | start yp service | ||
| + | <code> | ||
| + | domainname csna | ||
| service ypserv start | service ypserv start | ||
| + | </code> | ||
| + | init master | ||
| + | <code> | ||
| cp /etc/master.passwd /var/yp/master.passwd | cp /etc/master.passwd /var/yp/master.passwd | ||
| + | cp /etc/group /var/yp/group | ||
| cd /var/yp | cd /var/yp | ||
| - | vi master.passwd | + | vi master.passwd # delete admin account |
| + | vi group # delete admin group | ||
| vi Makefile | vi Makefile | ||
| - | comment out | + | # comment out this line: NOPUSH = "True" |
| - | NOPUSH = "True" | + | make |
| + | ypinit -m | ||
| <code> | <code> | ||
| - | freebsd@csna:/var/yp % sudo ypinit -m csna | ||
| Server Type: MASTER Domain: csna | Server Type: MASTER Domain: csna | ||
| 行 34: | 行 40: | ||
| Ok, please remember to go back and redo manually whatever fails. | Ok, please remember to go back and redo manually whatever fails. | ||
| If you don't, something might not work. | If you don't, something might not work. | ||
| + | |||
| + | Can we destroy the existing /var/yp/csna and its contents? [y/n: n] y | ||
| At this point, we have to construct a list of this domains YP servers. | At this point, we have to construct a list of this domains YP servers. | ||
| 行 44: | 行 52: | ||
| csna | csna | ||
| + | |||
| + | Is this correct? [y/n: y] y | ||
| </code> | </code> | ||
| + | start yp password daemon | ||
| + | <code> | ||
| + | service yppasswdd start | ||
| + | </code> | ||
| ===== client ===== | ===== client ===== | ||
| - | ypinit -s ellington test-domain | + | add to rc.conf |
| + | |||
| + | <code> | ||
| + | nisdomainname="csna" | ||
| + | nis_client_enable="YES" | ||
| + | nis_client_flags="nis_yppasswdd_flags="-t /etc/master.passwd" -S csna,csna1" | ||
| + | </code> | ||
| + | |||
| + | <code> | ||
| + | domainname csna | ||
| + | service ypbind start | ||
| + | </code> | ||
| + | |||
| + | ==== allow nis account to login to client ==== | ||
| + | |||
| + | install mkhomedir pam | ||
| + | <code> | ||
| + | sudo pkg install pam_mkhomedir | ||
| + | </code> | ||
| + | |||
| + | add following to the session section of /etc/pam.d/system | ||
| + | <code> | ||
| + | session required /usr/local/lib/pam_mkhomedir.so | ||
| + | </code> | ||
| + | |||
| + | ==== allow nis account to login to client ==== | ||
| + | |||
| + | ''vipw'' and add following line | ||
| + | <code> | ||
| + | +:*:::::::: | ||
| + | </code> | ||
| + | |||
| + | ''vi /etc/group'' and add following line | ||
| + | <code> | ||
| + | +:*:: | ||
| + | </code> | ||
| + | |||
| + | or edit ''/etc/nsswitch.conf'' | ||
| + | remove | ||
| + | <code> | ||
| + | group: compat | ||
| + | group_compat: nis | ||
| + | passwd: compat | ||
| + | passwd_compat: nis | ||
| + | </code> | ||
| + | |||
| + | add | ||
| + | <code> | ||
| + | group: files nis | ||
| + | passwd: files nis | ||
| + | </code> | ||
| + | |||
| + | ===== debug ===== | ||
| + | <code> | ||
| + | rpcinfo -p serverhost | ||
| + | ypwhich | ||
| + | ypcat -x | ||
| + | ypcat passwd | ||
| + | ps aux | grep yp # must have only one process for ypbind | ||
| + | </code> | ||
| - | nis_yppasswdd_flags="-t /var/yp/master.passwd" //指定 NIS 密碼檔路徑 | + | **ref** |
| - | rpcbind_enable="YES" //4.x 為啟動 portmap | + | |
| + | [[http://mail.lsps.tp.edu.tw/~gsyan/freebsd2001/pam_ldap.html]] | ||
