Date: Thu, 11 Jun 1998 15:51:35 -0700 (PDT) From: Tom <tom@uniserve.com> To: John Kenagy <jktheowl@bga.com> Cc: Atipa <freebsd@atipa.com>, freebsd-stable@FreeBSD.ORG Subject: Re: NIS client maintenance script Message-ID: <Pine.BSF.3.96.980611154546.10500B-100000@shell.uniserve.ca> In-Reply-To: <Pine.BSF.3.95q.980610194454.348B-100000@barnowl>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 10 Jun 1998, John Kenagy wrote:
> Thanks!
>
> I'll give this a try in a day or so and post it with the tutorial
> as well. Or, would you rather I posted a link to the source file?
>
> Also, please send me your full name, etc. so I can credit you.
> (I know I've seen it but can't find it now, oops.)
>
> John
There are several problems with the script as attached.
It assumes only one NIS server ($nis_host). You'd have to be mad to
have only one NIS server in a production environment, especially since
clients can automatically kick over to another if one fails.
Since all the *pwnam fuctions (getpwnam, getpwent, etc) are flawed in
that they can not return a temporary failure code, such functions should
block until NIS services are back up. This is critical for systems
running mail service, because you don't want all your users to disappear
when NIS goes down.
Tom
> > > Everyone,
> > >
> > > You may find this script to be of use for NIS clients. It can be run from
> > > crontab every minute or so to make sure NIS connections are up and
> > > running.
> > >
> > > It disables NIS authentication during network failures, and
> > > resets and enables NIS if the connection is restored.
> > >
> > > Must be run as root. May work with /bin/sh, but I like bash better.
> > >
> > > WARNING!!! This may modify your /etc/master.password file. If you can not
> > > understand what it does, do not use it! :)
> > >
> > > Kevin
> > >
> > >
> > > -----
> > > #!/usr/local/bin/bash
> > >
> > > # This script maintains NIS client connections on simple networks
> > > # Rev. 1.0, 05-09-98, Kevin McCarthy (kmcc@atipa.com)
> > >
> > > # It disables NIS authentication during network failures, and resets
> > > # and enables NIS if the connection is restored.
> > >
> > > # User defined variables
> > > nis_host="host.domain.tld" # required
> > > nis_domainname="freakazoid" # required
> > > ypbind_args="-s -ypsetme" # -s for security
> > > ypset_args="$nis_host" # "" for no ypset
> > >
> > > # Clearspace for readability
> > > echo " "
> > >
> > > # Find current state (bool) of NIS
> > > nis_state=`grep + /etc/master.passwd && ps ax |grep yp`
> > > if [ -n "$nis_state" ]; then
> > > echo NIS authentication is ON
> > > else
> > > echo NIS authentication is OFF
> > > fi
> > >
> > > # Set up NIS conditional functions
> > > function nis_down () {
> > > echo "Error: $nis_problem"
> > >
> > > if [ -n "$nis_state"]; then
> > > echo "Disabling NIS authentication"
> > > umask 077
> > > grep -v + /etc/master.passwd > /root/mp.nonis
> > > mv /etc/master.passwd /etc/master.passwd.nis
> > > mv /root/mp.nonis /etc/master.passwd
> > > pwd_mkdb -p /etc/master.passwd
> > > else
> > > echo "NIS remaining disabled"
> > > fi
> > >
> > > exit 1
> > > }
> > >
> > > function nis_reset () {
> > > if [ -n "$nis_problem"]; then
> > > echo "Error: $nis_problem"
> > > fi
> > >
> > > echo -n "Resetting NIS services... "
> > > killall ypbind >> /dev/null
> > > domainname $nis_domainname
> > > ypbind $ypbind_args
> > > if [ -n "$ypset_args"]; then
> > > ypset $ypset_args
> > > fi
> > > echo "Done"
> > >
> > > reset_done="true"
> > > }
> > >
> > > function nis_up () {
> > > if [ -z "$nis_state" ]; then
> > > echo "NIS services restored. Enabling NIS authentication"
> > > umask 077
> > > mv /etc/master.passwd.nis /etc/master.passwd
> > > pwd_mkdb -p /etc/master.passwd
> > > fi
> > >
> > > nis_working="true"
> > > }
> > >
> > > echo -n "Network connecion to $nis_host is "
> > > up=`ping -c1 $nis_host | grep transmitted | awk -F, '{print $2}' \
> > > | awk '{print $1}'`
> > > if [ "$up" = "1" ]; then
> > > echo ON
> > > else
> > > echo OFF
> > > nis_problem="host not reachable (ping failed)"
> > > nis_down
> > > fi
> > >
> > > while [ -z "$nis_working" ]; do
> > > # Check if NIS is bound
> > > nis_bound=`ypwhich`
> > >
> > > if [ "$nis_bound" = "$nis_host" ]; then
> > > echo NIS binding to $nis_bound is ON
> > > nis_up
> > > else
> > > if [ -z "$reset_done" ]; then
> > > nis_problem="NIS binding to $nis_host is OFF"
> > > nis_reset
> > > else
> > > echo "Reset Failed; disabling NIS services"
> > > nis_down
> > > fi
> > > fi
> > > done
> > >
> > > echo "Exiting"
> > > echo " "
> > >
> > >
> > > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > > with "unsubscribe freebsd-stable" in the body of the message
> > >
> >
> >
> >
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-stable" in the body of the message
>
>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980611154546.10500B-100000>