NIS clients download the necessary username and password data from the NIS server to verify each user login.
For the school, call the domain NIS-SCHOOL-NETWORK. Once this is complete, you then have to update the NIS domain's authentication files by executing the make command in the /var/yp directory.
[[email protected] tmp]# service portmap start Starting portmapper: [ OK ] [[email protected] tmp]# service yppasswdd start Starting YP passwd service: [ OK ] [[email protected] tmp]# service ypserv start Setting NIS domain name NIS-SCHOOL-NETWORK: [ OK ] Starting YP server services: [ OK ] [[email protected] tmp]# [[email protected] tmp]# chkconfig portmap on [[email protected] tmp]# chkconfig yppasswdd on [[email protected] tmp]# chkconfig ypserv on [[email protected] tmp]# rpcinfo -p localhost program vers proto port 100000 2 tcp 111 portmapper 100000 2 udp 111 portmapper 100009 1 udp 681 yppasswdd 100004 2 udp 698 ypserv 100004 1 udp 698 ypserv 100004 2 tcp 701 ypserv 100004 1 tcp 701 ypserv [[email protected] tmp]# The ypbind and ypxfrd daemons won't start properly until after you initialize the NIS domain. This procedure makes all NIS-enabled, nonprivileged accounts become automatically accessible via NIS, not just newly created ones.
Edit the /etc/exports file to allow NFS mounts of the /home directory with read/write access.
[[email protected] tmp]# chkconfig nfslock on [[email protected] tmp]# chkconfig nfs on [[email protected] tmp]# chkconfig portmap on [[email protected] tmp]# service portmap start Starting portmapper: [ OK ] [[email protected] tmp]# service nfslock start Starting NFS statd: [ OK ] [[email protected] tmp]# service nfs start Starting NFS services: [ OK ] Starting NFS quotas: [ OK ] Starting NFS daemon: [ OK ] Starting NFS mountd: [ OK ] [[email protected] tmp]# After configuring the NFS server, we have to configure its clients, This will be covered next. Edit file /etc/to do the NFS mount whenever the /home directory is accessed.
All the packages required for NIS clients are a standard part of most Fedora installations. Install the package according to the steps outlined in Chapter 6,"Installing Linux Software". [[email protected] tmp]# service ypxfrd start Starting YP map server: [ OK ] [[email protected] tmp]# chkconfig ypbind on [[email protected] tmp]# chkconfig ypxfrd on [[email protected] tmp]# rpcinfo -p localhost program vers proto port 100000 2 tcp 111 portmapper 100000 2 udp 111 portmapper 100003 nfs 100003 nfs 100021 nlockmgr 100021 nlockmgr 100021 nlockmgr 100004 2 udp 784 ypserv 100004 1 udp 784 ypserv 100004 2 tcp 787 ypserv 100004 1 tcp 787 ypserv 100009 1 udp 798 yppasswdd 600100069 1 udp 850 fypxfrd 600100069 1 tcp 852 fypxfrd 100007 2 udp 924 ypbind 100007 1 udp 924 ypbind 100007 2 tcp 927 ypbind 100007 1 tcp 927 ypbind [[email protected] tmp]# New NIS users can be created by logging into the NIS server and creating the new user account.
You need to add the NIS domain you wish to use in the /etc/sysconfig/network file. In this case, you'll create a user account called nisuser and give it a new password.
You also need to configure the NFS clients to mount their /home directories on the NFS server. In a production environment in which the /home directory would be actively used, you'd have to force the users to log off, backup the data, restore it to the NFS server, and then follow the steps below. Edit your /etc/auto.master file to refer to file /etc/for mounting information whenever the /home directory is accessed. If the line is too long to view on your screen, you can add a \ character at the end to continue on the next line.
As this is a lab environment, these prerequisites aren't necessary. Make sure the required netfs, nfslock, and portmap daemons are running and configured to start after the next reboot. After doing this, you won't be able to see the contents of the /home directory on bigboy as user root.
It is for this reason that LDAP has become increasingly popular for this type of application.
LDAP is discussed in more detail in Chapter 31, "Centralized Logins Using LDAP and RADIUS".
Note: This automounter feature doesn't appear to function correctly in my preliminary testing of Fedora Core 3.