From owner-freebsd-stable  Thu Jun 11 16:45:00 1998
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id QAA02793
          for freebsd-stable-outgoing; Thu, 11 Jun 1998 16:45:00 -0700 (PDT)
          (envelope-from owner-freebsd-stable@FreeBSD.ORG)
Received: from pop.uniserve.com (pop.uniserve.com [204.244.156.3])
          by hub.freebsd.org (8.8.8/8.8.8) with SMTP id QAA02647
          for <freebsd-stable@freebsd.org>; Thu, 11 Jun 1998 16:44:33 -0700 (PDT)
          (envelope-from tom@uniserve.com)
Received: from shell.uniserve.ca [204.244.186.218] 
	by pop.uniserve.com with smtp (Exim 1.82 #4)
	id 0ykH14-0000BP-00; Thu, 11 Jun 1998 16:44:22 -0700
Date: Thu, 11 Jun 1998 16:44:19 -0700 (PDT)
From: Tom <tom@uniserve.com>
X-Sender: tom@shell.uniserve.ca
To: Atipa <freebsd@atipa.com>
cc: John Kenagy <jktheowl@bga.com>, freebsd-stable@FreeBSD.ORG
Subject: Re: NIS client maintenance script
In-Reply-To: <Pine.BSF.3.96.980611162450.14678A-100000@altrox.atipa.com>
Message-ID: <Pine.BSF.3.96.980611163854.10500F-100000@shell.uniserve.ca>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG


On Thu, 11 Jun 1998, Atipa wrote:

> >   There are several problems with the script as attached.
> > 
> >   It assumes only one NIS server ($nis_host).  You'd have to be mad to
> > have only one NIS server in a production environment, especially since
> > clients can automatically kick over to another if one fails.
> 
> Correct. This script is not dynamic. I am using it primarily for machines
> w/o NIS servers on their network. Setting up slave servers would eliminate
> several problems.

  Yes, but the new ypbind has no problems handling multiple non-local
servers.  I'm hoping to see it committed before 2.2.7.

> >   Since all the *pwnam fuctions (getpwnam, getpwent, etc) are flawed in
> > that they can not return a temporary failure code, such functions should
> > block until NIS services are back up.  This is critical for systems
> > running mail service, because you don't want all your users to disappear
> > when NIS goes down.
> 
> But you don't want to have to wait 14 minutes (7 minutes each for user
> login, then su) to remedy problems. 

  Yes, but admin users should be listed in the system /etc/master.passwd
so they can always login.  The current yplib is bit broken in that it
depends on YP even if all necessary info for login is in /etc.  For
example, if you only have a "+" in master.passwd, root should be able to
login without delay, even if YP is down.

> If no network services are available, your users will go away period,
> unless they are somehow cached (eg slave server).

  For example, it is better that e-mail be delayed until YP is back up,
rather than to bounce all e-mail as "user unknown" while YP is down.

> Suggestions?
> 
> Kevin

Tom


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message