lsg33.htm

linux-unix130.linux.and.unix.ebooks130 linux and unix ebookslinuxLearning Linux - Collection of 12 E

1 0% 24 0% 1 0% 0 0% 10123 0% 0 0% 5 0%



wrcache write create remove rename link symlink



0 0% 2 0% 0 0% 1 0% 0 0% 1 0% 0 0%</FONT></PRE>



<P>The output from nfsstat is useful for diagnosing connection problems. The number shown as badcalls shows the number of defective RPC messages processed by the system. The numbers for nullrecv and badlen show the number of empty or incomplete messages. The number for xdrcall shows the number of errors in understanding messages.



<BR>



<P>For the client side, badxid shows the number of received messages that did not match with a sent request (based on the identification numbers). The timeout and retrans numbers show the number of times a message had to be resent. If these numbers are high it usually means the connection is too slow or there is a fault with UDP. The wait number shows the number of times a process had to be delayed due to a lack of available ports.



<BR>



<P>These types of statistics are useful for configuring RPC properly. System administrators can adjust (tweak) values for the NFS system and monitor their effect on performance over time.



<BR>



<BR>



<A NAME="E68E189"></A>



<H3 ALIGN=CENTER>



<CENTER>



<FONT SIZE=5 COLOR="#FF0000"><B>What Are NIS and YP</B><B>?</B></FONT></CENTER></H3>



<BR>



<P>The Yellow Pages (YP) protocol is an RPC application service (like NFS) that provides a directory service. Due to copyright requirements, Yellow Pages was renamed to Network Information Service (NIS), although both terms are in common use and mean much the same thing. YP was developed for several reasons, but the one that affects users the most is access permissions.



<BR>



<P>If you are a user on a large network and you connect to other machines (through Telnet or FTP, for example), you must maintain accounts on each machine you connect to. You therefore would need user accounts on every machine you could conceivably want to access. Maintaining the passwords on a large number of machines is awkward, because you must log in to each one to perform password changes. Yellow Pages was developed to allow one central password file to be shared over the network.



<BR>



<P>NIS is a distributed access system in that each machine on the network that uses NIS accesses a central server, called the NIS master or ypmaster, for access permission. On larger networks, a number of other machines can be designated as slaves or ypslaves, maintaining up-to-date access information. In case of a failure of the master server, a slave takes up the validation functions.



<BR>



<BLOCKQUOTE>



<BLOCKQUOTE>



<HR ALIGN=CENTER>



<BR>



<NOTE>Two versions of YP or NIS are in general use. The first release (Version 1) had serious problems under certain circumstances, so Version 2 was quickly released. However, some systems use the older version.</NOTE>



<BR>



<HR ALIGN=CENTER>



</BLOCKQUOTE></BLOCKQUOTE>



<P>The YP or NIS protocol (both names are valid, although NIS should be used if you have a choice) has a set of procedures that allow a search for master servers, access to the user files, and system management functions. Another procedure is used to transfer copies of master access files. With NIS, a number of machines are grouped together into one NIS subnetwork called a &quot;domain&quot; (not to be confused with the Internet domain). Each domain has master and slave machines of their own.



<BR>



<P>NIS keeps access information in a set of &quot;maps,&quot; each map corresponding to a particular area or domain of a network. This allows several groups to use the same NIS master but have different access permissions. The NIS maps do not have to correspond to DNS domains, which allows more versatility in configuration. Maps consist of a set of records in ASCII format, each with an index for fast lookup (the index is usually the user name). The records have the same structure as a normal /etc/passwd file), for compatibility and simplicity.



<BR>



<BLOCKQUOTE>



<BLOCKQUOTE>



<HR ALIGN=CENTER>



<BR>



<NOTE>The use of NIS does not negate the need for a complete set of access files on each machine, since NIS or YP is loaded after the machine has been booted. The stand-alone files should have access for a system administrator at least, although it is good practice to also include the most frequent users in case of a network crash preventing access to the NIS directories.</NOTE>



<BR>



<HR ALIGN=CENTER>



</BLOCKQUOTE></BLOCKQUOTE>



<P>NIS is not restricted to just users. Any file can be set up to use NIS, such as the list of machines on a network (/etc/hosts file). Thus, only one change needs to be made to these files on any network. A set of aliases can also be managed by NIS or YP.



<BR>



<P>Several YP/NIS-specific commands are involved with the protocol, although most system administrators set up aliases to minimize the impact on users. For most users, only one command is necessary on a regular basis: yppasswd to change a password. This is usually aliased to passwd, the normal password change command.



<BR>



<P>Some implementations of NIS for Linux are better than others. A new release is appearing, called NYS, that offers the most flexibility. NYS (or an earlier version of one of the Linux NIS versions) is included with most CD-ROM distributions of Linux.



<BR>



<BR>



<A NAME="E68E190"></A>



<H3 ALIGN=CENTER>



<CENTER>



<FONT SIZE=5 COLOR="#FF0000"><B>Installing NIS</B></FONT></CENTER></H3>



<BR>



<P>NIS has two components: the server and the client. If an NIS server is already on your network, you need only to install the client portions. However, to set up a Linux server system, you need both.



<BR>



<P>You can choose between two NIS server products currently in general distribution for Linux: ypserv and yps. The choice of which server to use is not important, since both provide complete services. If anything, though, the ypserv system has a slightly better security system than yps. You can obtain the NIS software from Linux FTP and BBS sites.



<BR>



<P>To install either server program, copy it to /usr/sbin (or some other commonly accessed binary file location). Next, create a directory specifically to hold the map files for your domain (remember, that's an NIS domain, not an Internet domain). Usually, the map files go in a directory such as /var/yp/tpci (the last component of the pathname is the name of your domain).



<BR>



<P>Your NIS server can support several map files. In general, the files are mirrors of standard Linux files, but named to reflect whether they are accessed by name or by some other criteria (such as IP address or user name). For example, there are two copies of the /etc/passwd file maintained by NIS: passwd.byname and passwd.byuid. The following files are handled by NIS and their corresponding maps:



<BR>







<TABLE  BORDERCOLOR=#000040 BORDER=1 CELLSPACING=2 WIDTH="100%" CELLPADDING=2 >



<TR>



<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>



/etc/group



</FONT>



<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>



group.byname, group.bygid</FONT>



<TR>



<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>



/etc/hosts



</FONT>



<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>



hosts.byname, hosts.byaddr</FONT>



<TR>



<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>



/etc/networks



</FONT>



<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>



networks.byname, networks.byaddr</FONT>



<TR>



<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>



/etc/passwd



</FONT>



<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>



passwd.byname, passwd.byuid</FONT>



<TR>



<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>



/etc/protocols



</FONT>



<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>



protocols.byname, protocols.bynumber</FONT>



<TR>



<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>



/etc/rpc



</FONT>



<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>



rpc.byname, rpc.bynumber</FONT>



<TR>



<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>



/etc/services



</FONT>



<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>



service.byname, services.bynumber</FONT>



</TABLE><P>All these map files are stored in a format called DBM (a simple database program). Linux systems often include a GNU version of DBM called gdbm.



<BR>



<P>If you are using ypserv, use the ypMakefile utility to build the database files for NIS. Copy the file to the directory containing the map files, rename it to Makefile, and edit it to show the maps you want on your domain. This is handled by one of the first few lines, which looks like this:



<BR>



<BR>



<PRE>



<FONT COLOR="#000080">all: hosts networks protocols rpc services passwd group</FONT></PRE>



<P>Remove the entries you don't want map files for. If you choose to use the yps server, you have to use the makedbm program to build the indexes from the map files.



<BR>



<P>To set up the client software on your Linux system (allowing it to connect through a ypmaster on another server), you have to instruct your kernel to use the NIS system. Begin by setting up the name of the ypmaster in the /etc/yp.conf file. This file will have a line that looks like this:



<BR>



<BR>



<PRE>



<FONT COLOR="#000080">ypserver wizard.tpci.com</FONT></PRE>



<P>This line tells the local machine where to reach the ypserver. (Some versions of Linux use the word server interchangeably with ypserver in the yp.conf file.) Some older Linux systems use a two-line /etc/yp.conf file that lists the domain name and the server on separate lines, like this:



<BR>



<PRE>



<FONT COLOR="#000080">domainname tpci.com



server wizard</FONT></PRE>



<P>Set the yp.conf file to readable by user, group, and other. Then test the NIS installation by using the ypcat command:



<BR>



<BR>



<PRE>



<FONT COLOR="#000080">ypcat passwd.byname</FONT></PRE>



<P>This command should list the master server's passwd.byname map. If you get error messages, it is probably because the local machine has not contacted the remote server properly. If you see the message:



<BR>



<BR>



<PRE>



<FONT COLOR="#000080">Can't bind to server which serves domain</FONT></PRE>



<P>you either have a faulty server or the wrong name in the /etc/yp.conf file. To check the server, use the ping command to verify that the network connection is intact.



<BR>



<P>Once you are sure the NIS connection is functioning properly, you can decide which files you want to retrieve from the ypmaster and which are to be kept local. In most cases, you want to get the passwd and group files from the server, but the rest of the files can be kept locally. The order in which the local and NIS server machines are checked for each type of map file is controlled by the file /etc/nsswitch.conf. This file looks like this:



<BR>



<PRE>



<FONT COLOR="#000080">hosts: nis files



networks: nis files



services: files



rpc: files



protocols: files</FONT></PRE>



<P>Each line starts with the name of a file, followed by keywords that control where the Linux system looks for the file. The following are valid values in the list (which are read and processed in order):



<BR>







<TABLE  BORDERCOLOR=#000040 BORDER=1 CELLSPACING=2 WIDTH="100%" CELLPADDING=2 >



<TR>



<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>



dbm



</FONT>



<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>



Use a file in the DBM files under /var/dbm</FONT>



<TR>



<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>



dns



</FONT>



<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>



Use the domain name server</FONT>



<TR>



<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>



files



</FONT>



<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>



Use local files</FONT>



<TR>



<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>



nis



</FONT>



<TD VALIGN=top  BGCOLOR=#80FFFF ><FONT COLOR=#000080>



Use NIS server</FONT>



</TABLE><P>Many more options are available with some feature-laden versions of NIS, but these are the primary choices (and should be sufficient for most Linux systems).



<BR>



<BR>



<A NAME="E68E191"></A>



<H3 ALIGN=CENTER>



<CENTER>



<FONT SIZE=5 COLOR="#FF0000"><B>Summary</B></FONT></CENTER></H3>



<BR>



<P>As you have seen, NFS is quite easy to implement on a local area network. It is especially handy for sharing files between machines if you have two or more networked together. In most cases, there is no reason not to use NFS with a LAN, especially since the code is linked into the server anyway. NFS does provide a flexible way of transferring files across operating systems, <A NAME="I2"></A>too, if you can find a TCP/IP NFS implementation for the other operating systems (such as DOS or Windows).



<BR>



<P>NIS is often useful on large networks, but is seldom necessary for small Linux-based systems, except when you move around your LAN a lot. However, NIS is quite easy to install and use, so it remains an option for those with larger networks.



<P ALIGN=LEFT>



























</td>
</tr>
</table>
<!-- begin footer information -->


</body></html>