NIS Client
yum -y install ypbind rpcbind
ypdomainname lab
echo 'NISDOMAIN=lab' >> /etc/sysconfig/network
authconfig \
--enablenis \
--nisdomain=lab \
--nisserver=192.168.240.72 \
--update
grep 'session optional pam_mkhomedir.so skel=/etc/skel umask=077' /etc/pam.d/system-auth || \
echo 'session optional pam_mkhomedir.so skel=/etc/skel umask=077' >> /etc/pam.d/system-auth
for i in rpcbind ypbind
do
service $i restart
chkconfig $i on
done
sed -i -e 's|^group:.*|group: nis files|g' /etc/nsswitch.conf
grep '^%ma.*ALL=(ALL).*ALL' /etc/sudoers || echo '%ma ALL=(ALL) ALL' >> /etc/sudoers
NIS Server
https://www.server-world.info/en/note?os=CentOS_6&p=nis&f=1
https://www.server-world.info/en/note?os=CentOS_7&p=nis&f=1
yum -y install ypserv rpcbind
ypdomainname lab
echo 'NISDOMAIN=lab' >> /etc/sysconfig/network
[root@dlp ~]# vi /var/yp/Makefile
# MERGE_PASSWD=true|false
# line 42: change
MERGE_PASSWD=false
# MERGE_GROUP=true|false
# line 46: change
MERGE_GROUP=false
for i in rpcbind ypserv ypxfrd yppasswdd
do
service restart $i
chkconfig $i on
done
systemctl start rpcbind ypserv ypxfrd yppasswdd
systemctl enable rpcbind ypserv ypxfrd yppasswdd
# update NIS database
[root@dlp ~]# /usr/lib64/yp/ypinit -m
At this point, we have to construct a list of the hosts which will run NIS servers. dlp is in the list of NIS server hosts. Please continue to add the names for the other hosts, one per line. When you are done with the
list, type a
next host to add: dlp
next host to add: # Ctrl + D key
The current list of NIS servers looks like this:
[2] It's neccessary to update NIS database like follows if new user is added in the System.
[root@dlp ~]# cd /var/yp
[root@dlp yp]# make
[3] If IPTables is running, it needs to allow NIS service ports. Some services listen different ports when they restart, so fix ports for them and allow them by IPTables.
For "-I INPUT 5" section below, Replace it to your own environment.
[root@dlp ~]# vi /etc/sysconfig/network
# add to the end
YPSERV_ARGS="-p 944"
YPXFRD_ARGS="-p 945"
[root@dlp ~]# vi /etc/sysconfig/yppasswdd
# add it
YPPASSWDD_ARGS="--port 946"
[root@dlp ~]# for service in rpcbind ypserv ypxfrd yppasswdd
do
/etc/rc.d/init.d/$service restart
done
[root@dlp ~]# iptables -I INPUT 5 -p tcp -m state --state NEW -m tcp --dport 111 -j ACCEPT
[root@dlp ~]# iptables -I INPUT 6 -p udp -m state --state NEW -m udp --dport 111 -j ACCEPT
[root@dlp ~]# iptables -I INPUT 7 -p tcp -m state --state NEW -m tcp --dport 944 -j ACCEPT
[root@dlp ~]# iptables -I INPUT 8 -p udp -m state --state NEW -m udp --dport 944 -j ACCEPT
[root@dlp ~]# iptables -I INPUT 9 -p tcp -m state --state NEW -m tcp --dport 945 -j ACCEPT
[root@dlp ~]# iptables -I INPUT 10 -p udp -m state --state NEW -m udp --dport 945 -j ACCEPT
[root@dlp ~]# iptables -I INPUT 11 -p udp -m state --state NEW -m udp --dport 946 -j ACCEPT
RHEL 5.0 need
需更新以下列套件
---
yum update glibc
yum update pam
yum update authconfig
沒有留言:
張貼留言