NIS is a protocol developed by Sun to allow one to defer user authentication to a server. The server software is in the ypserv package, and the client software is in the yp-tools package. ypbind-mt is also available, which is a multi threaded version of the client daemon.
Note: obviously this article is far from finished. hopefully in the future that will change, but in the meantime check the More resources section.
The first step is to install the tools that you need. This provides the configuration files and general tools needed to use NIS.
# pacman -S yp-tools ypbind-mt
Next put your NIS domain name into the file /etc/conf.d/nisdomainname.
Now edit the /etc/yp.conf file and add your ypserver or nis server.
Start the rpcbind and ypbind daemons (add them to your rc.conf file if you want it to start automatically).
# /etc/rc.d/rpcbind start # /etc/rc.d/ypbind start
To test the setup so far you can run the command yptest:
If it works you will, among other things, see the contents of the NIS user database (which is printed in the same format as /etc/passwd).
To actually use NIS to log in you have to edit /etc/nsswitch.conf. Modify the lines for passwd, group and shadow to read:
passwd: files nis group: files nis shadow: files nis
And then do not forget
# /etc/rc.d/ypbind restart
See section 7 of The Linux NIS HOWTO for further information on configuring NIS clients.
Make sure packages ypbind-mt, ypserv, and yp-tools are installed:
# pacman -S ypbind-mt yp-tools ypserv
Add the domain name to /etc/conf.d/nisdomainname:
Add rules to /etc/ypserv.conf for your your nis clients of this form:
# ip-address-of-client : nis-domain-name : rule : security
# 192.168. : home-domain : * : port
For more information see Template:Code.
Add or remove files you would like NIS to use to /var/yp/Makefile under the "all" rule.
# all: passwd group hosts rpc services netid protocols netgrp \ # shadow # publickey networks ethers bootparams printcap mail \ # # amd.home auto.master auto.home auto.local passwd.adjunct \ # # timezone locale netmasks
Due to recent changes in networking in Archlinux you have to change the line:
# LOCALDOMAIN = `/bin/domainname`
# LOCALDOMAIN = `/bin/hostname -d`
After that you have to build your NIS database:
# cd /var/yp # make
Add rules to /var/yp/securenets to restrict access:
# 255.255.0.0 192.168.0.0 # Gives access to anyone in 192.168.0.0/16
Be sure to comment out this line, as it gives access to anyone.
# 0.0.0.0 0.0.0.0
Add the domain name of your server to /var/yp/ypservers:
Start NIS Daemons
Start rpcbind if it isn't already started:
# rc.d start rpcbind
# rc.d start ypbind
# rc.d start ypserv
If you want these to start automatically on startup, add them to your DAEMONS array in rc.conf:
DAEMONS=(... rpcbind ypbind ypserv ...)
Make sure they go after network in the array.
Simply use the systemctl command to enable and start the ypbind service:
# systemctl enable ypbind.service