Date: Wed, 19 Jun 2002 02:11:25 +0000 From: Jim Breton <jamesb-freebsd@alongtheway.com> To: freebsd-questions@FreeBSD.ORG Subject: troubles setting up NIS Message-ID: <20020619021124989698.G26060@alongtheway.com>
next in thread | raw e-mail | index | archive | help
Hi, I've got two x86 boxes running FreeBSD 4.6-RELEASE and I'm trying to
set up NIS for the first time.
On the 'server' machine I've added the user "nistest" and have put the
following NIS "wildcard" entry into master.passwd and group on the client:
+:::::::::/dev/null (tried also without the /dev/null shell override)
+:*::
In /etc/rc.conf I have the following:
Server:
nisdomainname="nis.alongtheway.com"
nis_server_enable="YES"
nis_server_flags=""
nis_yppasswdd_enable="YES"
nis_yppasswdd_flags=""
Client:
nisdomainname="nis.alongtheway.com"
nis_client_enable="YES"
nis_client_flags="-S nis.alongtheway.com,barrel"
I'm reluctant to reboot the machines remotely for fear of having
authentication troubles with the NIS daemons active so I've looked
through /etc/rc.network and followed the steps that the start scripts
take and did it by hand. i.e., on the server I ran the commands:
domainname nis.alongtheway.com
ypserv
cp /etc/master.passwd /var/yp/ (then edited to contain ONLY the line for
the test user "nistest")
ypinit (no errors, and the database is populated)
rpc.yppasswdd (I tried running this before ypinit as suggested in the
Handbook, but it failed saying it didn't know the domain name.. I had
to run it _after_ ypinit)
make (in /var/yp , although I suspect this was redundant)
I also added /var/yp/securenets to only allow localhost and the client
to access the maps.
On the client, _before_ I set 'domainname' I can verify the following:
# rpcinfo -p server
program vers proto port
100000 2 tcp 111 portmapper
100000 2 udp 111 portmapper
100004 1 udp 951 ypserv
100004 2 udp 951 ypserv
100004 1 tcp 1018 ypserv
100004 2 tcp 1018 ypserv
100009 1 udp 906 yppasswdd
100009 1 tcp 1017 yppasswdd
So then I run the following:
ypbind -m -S nis.alongtheway.com,server (where 'server' is in /etc/hosts)
However, once I run "domainname nis.alongtheway.com", rpcinfo -p hangs.
Other things also hang such as finger, ps (with the -u option), top,
etc..
I ran a sniffer on both the NIS server and the client while running
"ypbind" and "ypcat passwd" on the client and I didn't see ANY packets
coming from the client host.
The network connection between the two hosts is IPSec, enforced by ipf
rules -- no unencrypted packets are allowed. However I did try the same
setup with the IPSec disabled and the same symptoms occurred.
Help? :) Thanks. (Note: I'm not subscribed to this list, please Cc: me.)
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020619021124989698.G26060>