RHEL / Centos NIS 認證

NIS Client

yum -y install ypbind rpcbind

ypdomainname lab
echo 'NISDOMAIN=lab' >> /etc/sysconfig/network
authconfig \
--enablenis \
--nisdomain=lab \
--nisserver=192.168.240.72 \
--update

grep 'session optional pam_mkhomedir.so skel=/etc/skel umask=077' /etc/pam.d/system-auth || \
echo 'session optional pam_mkhomedir.so skel=/etc/skel umask=077' >> /etc/pam.d/system-auth

for i in rpcbind ypbind
do
service $i restart
chkconfig $i on
done

sed -i -e 's|^group:.*|group: nis files|g' /etc/nsswitch.conf
grep '^%ma.*ALL=(ALL).*ALL' /etc/sudoers || echo '%ma ALL=(ALL) ALL' >> /etc/sudoers


NIS Server

https://www.server-world.info/en/note?os=CentOS_6&p=nis&f=1
https://www.server-world.info/en/note?os=CentOS_7&p=nis&f=1

yum -y install ypserv rpcbind
ypdomainname lab
echo 'NISDOMAIN=lab' >> /etc/sysconfig/network

[root@dlp ~]# vi /var/yp/Makefile
# MERGE_PASSWD=true|false
# line 42: change
MERGE_PASSWD=false
# MERGE_GROUP=true|false
# line 46: change
MERGE_GROUP=false


for i in rpcbind ypserv ypxfrd  yppasswdd
do
service restart $i
chkconfig $i on
done

systemctl start rpcbind ypserv ypxfrd yppasswdd
systemctl enable rpcbind ypserv ypxfrd yppasswdd


# update NIS database
[root@dlp ~]# /usr/lib64/yp/ypinit -m
At this point, we have to construct a list of the hosts which will run NIS servers. dlp is in the list of NIS server hosts. Please continue to add the names for the other hosts, one per line. When you are done with the
list, type a .
next host to add: dlp
next host to add: # Ctrl + D key
The current list of NIS servers looks like this:


[2] It's neccessary to update NIS database like follows if new user is added in the System.
[root@dlp ~]# cd /var/yp
[root@dlp yp]# make

[3] If IPTables is running, it needs to allow NIS service ports. Some services listen different ports when they restart, so fix ports for them and allow them by IPTables.
For "-I INPUT 5" section below, Replace it to your own environment.
[root@dlp ~]# vi /etc/sysconfig/network
# add to the end
YPSERV_ARGS="-p 944"
YPXFRD_ARGS="-p 945"
[root@dlp ~]# vi /etc/sysconfig/yppasswdd
# add it
YPPASSWDD_ARGS="--port 946"
[root@dlp ~]# for service in rpcbind ypserv ypxfrd yppasswdd
do
/etc/rc.d/init.d/$service restart
done
[root@dlp ~]# iptables -I INPUT 5 -p tcp -m state --state NEW -m tcp --dport 111 -j ACCEPT
[root@dlp ~]# iptables -I INPUT 6 -p udp -m state --state NEW -m udp --dport 111 -j ACCEPT
[root@dlp ~]# iptables -I INPUT 7 -p tcp -m state --state NEW -m tcp --dport 944 -j ACCEPT
[root@dlp ~]# iptables -I INPUT 8 -p udp -m state --state NEW -m udp --dport 944 -j ACCEPT
[root@dlp ~]# iptables -I INPUT 9 -p tcp -m state --state NEW -m tcp --dport 945 -j ACCEPT
[root@dlp ~]# iptables -I INPUT 10 -p udp -m state --state NEW -m udp --dport 945 -j ACCEPT
[root@dlp ~]# iptables -I INPUT 11 -p udp -m state --state NEW -m udp --dport 946 -j ACCEPT 


RHEL 5.0 need
需更新以下列套件
---

yum update glibc
yum update pam
yum update authconfig

Rhel 7 Centos7 set time zone

https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/system_administrators_guide/chap-configuring_the_date_and_time






timedatectl list-timezones

timedatectl set-timezone time_zone


timedatectl set-timezone  Asia/Taipei

user setting

tzselect

Please identify a location so that time zone rules can be set correctly.
Please select a continent or ocean.
1) Africa
2) Americas
3) Antarctica
4) Arctic Ocean
5) Asia
6) Atlantic Ocean
7) Australia
8) Europe
9) Indian Ocean
10) Pacific Ocean

5
43
1