0269-0271.html

来自「linux-unix130.linux.and.unix.ebooks130 l」· HTML 代码 · 共 379 行

<HTML>
<HEAD>
<TITLE>Developer.com - Online Reference Library - 0672311739:RED HAT LINUX 2ND EDITION:TCP/IP Network Management</TITLE>
<META NAME="ROBOTS" CONTENT="NOINDEX, NOFOLLOW">
<SCRIPT>
<!--
function displayWindow(url, width, height) {
        var Win = window.open(url,"displayWindow",'width=' + width +
',height=' + height + ',resizable=1,scrollbars=yes');
}
//-->
</SCRIPT>
</HEAD>

 -->


<!-- ISBN=0672311739 //-->
<!-- TITLE=RED HAT LINUX 2ND EDITION //-->
<!-- AUTHOR=DAVID PITTS ET AL //-->
<!-- PUBLISHER=MACMILLAN //-->
<!-- IMPRINT=SAMS PUBLISHING //-->
<!-- PUBLICATION DATE=1998 //-->
<!-- CHAPTER=13 //-->
<!-- PAGES=0243-0298 //-->
<!-- UNASSIGNED1 //-->
<!-- UNASSIGNED2 //-->




<P><CENTER>
<a href="0266-0268.html">Previous</A> | <a href="../ewtoc.html">Table of Contents</A> | <a href="0272-0274.html">Next</A>
</CENTER></P>

<A NAME="PAGENUM-269"><P>Page 269</P></A>




<!-- CODE //-->
<PRE>
192.168.42.1    IN PTR    numark
192.168.42.2    IN PTR    mtx
192.168.42.3    IN PTR    pioneer
192.168.42.4    IN PTR    denon
192.168.42.5    IN PTR    atus
192.168.42.6    IN PTR    technics
192.168.42.7    IN PTR    vestax
192.168.42.8    IN PTR    rane
</PRE>
<!-- END CODE //-->






<P>Finally, Listing 13.3 contains the
local.reverse file.
</P>




<P>Listing 13.3. The local.reverse file.
</P>


<!-- CODE //-->
<PRE>
; local.reverse
@           IN SOA    domain.com. hostmaster.domain.com. (
                      1997080600    ; serial number
                      10800        ; refresh rate (3 hours)
                      1800            ; retry (30 minutes)
                      1209600        ; expire (2 weeks)
                      604800 )        ; minimum (1 week)
            IN NS     ns1.domain.com
            IN NS     ns2.domain.com
1           IN PTR    localhost.domain.com.
</PRE>
<!-- END CODE //-->






<H3><A NAME="ch13_ 30">
The Network Information Service
</A></H3>




<P>The Network Information Service (NIS) is a simple client/server database system. The
protocol itself is generic and can be used for anything. Under Linux, however, the most
common uses of it are the sharing of password and group files across the network. This section
covers the setup of both master and slave NIS servers as well as the configuration needed to
make clients use them.
</P>




<H4><A NAME="ch13_ 31">
A Brief History
</A></H4>




<P>NIS, developed by Sun Microsystems as part of their SunOS operating system, was
originally known as &quot;The Yellow Pages,&quot; or YP for short. Unfortunately, the name &quot;Yellow Pages&quot;
had already been trademarked and the resulting lawsuit forced the name to be changed to
NIS. You will soon see, however, that all of the NIS commands are still prefixed with
yp.
</P>




<P>The NIS protocol was made public and implementations of it quickly spread to other
variations of UNIX. Linux has had support for NIS from its onset. Because Linux follows the
NIS standard, it can work with other flavors of UNIX as either the NIS server or client.
</P>




<P>Recently, NIS has been updated in the form of NIS+. NIS+ addresses many of the
concerns with NIS, most notably in the areas of security. As of this writing, however, Linux support
for NIS+ through the NIS libraries has been weak. Server support is not ready, and the client
software isn't complete. Because it is still developmental, NIS+ is not covered
here.
</P>

<A NAME="PAGENUM-270"><P>Page 270</P></A>






<H4><A NAME="ch13_ 32">
Understanding NIS
</A></H4>




<P>As you configure your network, you will find that some of your configuration files are not
host specific, but they require frequent updating.
/etc/passwd and /etc/group are two that quickly come to mind. NIS enables you to set up a master server where these files are stored and
then configure each machine on your network as clients to this server. Whenever a client needs
to fetch an entry from the /etc/passwd file, it consults the NIS server instead.
</P>




<P>In order for a file to be sharable via NIS, two prerequisites must be met. First, the file must
be tabular with at least one entry that is unique across the entire file. In the
/etc/passwd file, this entry is either the login or UID. Second, the file in its raw form must be a straight text file.
</P>




<P>With the criteria met, these files are converted into DBM files, a simple database format
allowing for quick searches. A separate DBM needs to be created for each key to be searched. In
the /etc/passwd file, for instance, you need the database to be searchable by login and by
UID. The result is the DBM files passwd.byname and
passwd.byuid.
</P>




<P>The original text file, along with the DBM files created from it, are maintained at the
NIS master server. Clients that connect to the server to obtain information do not cache any
returned results.
</P>




<H4><A NAME="ch13_ 33">
NIS Domains
</A></H4>




<P>NIS servers and clients must be in the same NIS domain if they want to communicate
with one another. Note that the NIS domain is not the same as a DNS domain, although it is
valid for them to share the same name.
</P>

<CENTER>
<TABLE BGCOLOR="#FFFF99">
<TR><TD><B>
TIP
</B></TD></TR>
<TR><TD>
<BLOCKQUOTE>
You should maintain separate names for your NIS and DNS domains for two reasons:
First, it is easier for you to differentiate what you're talking about when discussing problems
with anyone else. Second, it makes it just that much more difficult for potential intruders
to understand the internal workings of your machines from the outside.
</BLOCKQUOTE></TD></TR>
</TABLE></CENTER>
<BR>

<P>Both the clients and servers bind themselves to a domain; hence, a client can belong to
only one NIS domain at a given time. Once bound, clients send a broadcast to find the NIS
server for the given domain.
</P>




<H4><A NAME="ch13_ 34">
The Different Servers
</A></H4>




<P>So far, you might have noticed that I've referenced the NIS server explicitly as the
&quot;master&quot; server. This is because there are two kinds of NIS servers: master servers and slave servers.
</P>




<P>Master NIS servers are the actual truthholders. They contain the text files used to generate
the DBM files, and any changes to the database must be made to these files.
</P>

<A NAME="PAGENUM-271"><P>Page 271</P></A>






<P>Slave NIS servers are designed to supplement master NIS servers by taking some of the load
off of them. When a file is updated on the server, a server push is initiated, and the slave NIS
server gets an updated copy of the DBM files.
</P>




<H4><A NAME="ch13_ 35">
Configuring a Master NIS Server
</A></H4>




<P>By default, the Red Hat distribution does not come with an NIS server. You can either
download it from <a href="http://www.redhat.com">http://www.redhat.com</A> or use the distribution on the CD-ROM that comes
with this book. The filename for the NIS server on the CD-ROM is
ypserv-1.1.7-1.i386.rpm.
</P>




<P>Before you configure the server software, you need to decide whether you are going to set
up any slave servers. If you are, you need to know their hostnames before continuing. Along
with the names of your NIS servers, you will need to decide on a domain name at this point.
Remember that this domain name is not the same as your DNS domain name and for
clarity purposes should be set differently.
</P>




<P>With this information at hand, you are ready to begin. First, you need to set the domain
name. This is done with the domainname command&#151;for example,
</P>


<!-- CODE SNIP //-->
<PRE>
[root@vestax /etc]# domainname audionet.domain.com
</PRE>
<!-- END CODE SNIP //-->





<P>Although this will work for the moment, you do need to change a startup configuration file
so that this will be done every time your system reboots. The
/etc/rc.d/init.d/ypserv.init script that was installed as part of the RPM looks for the domain name to be set in the
/etc/sysconfig/network file. Simply add the following line:
</P>


<!-- CODE SNIP //-->
<PRE>
NIS_DOMAIN=audionet.domain.com
</PRE>
<!-- END CODE SNIP //-->





<P>With the domain name set, you can now decide what files you want to share via NIS as well
as their filenames. This is done by editing
/var/yp/Makefile. As the name implies, NIS maintains its maps by using the
make utility. While familiarity with how this tool works
is useful, it isn't mandatory to configure NIS.
</P>




<P>Begin by loading /var/yp/Makefile into your favorite editor. Scroll down past the lines
that read
</P>


<!-- CODE //-->
<PRE>
# These are files from which the NIS databases are built. You may edit
# these to taste in the event that you don't wish to keep your NIS source files
# separate from your NIS server's actual configuration files.
</PRE>
<!-- END CODE //-->



<P>Below this segment of text you will see lines that resemble the following:
</P>


<!-- CODE SNIP //-->
<PRE>
GROUP      = $(YPPWDDIR)/group
PASSWD     = $(YPPWDDIR)/passwd
etc...
</PRE>
<!-- END CODE SNIP //-->





<P>This section tells NIS where your database files are located. The
$(YPPWDDIR) string is a variable that was set to
/etc at the top of the Makefile. Although it is possible to change this
to another directory, you will most likely want to keep it there for consistency. The string
that comes after $(YPPWDDIR) is the name of the file in
/etc that will become shared through NIS.
</P>

<P><CENTER>
<a href="0266-0268.html">Previous</A> | <a href="../ewtoc.html">Table of Contents</A> | <a href="0272-0274.html">Next</A>
</CENTER></P>




</td>
</tr>
</table>
<!-- begin footer information -->



</body></html>