NIS : Configure Slave Server2019/10/17 |
Configure NIS Slave Server to continue NIS service if NIS master server would be down.
This example is based on the environment like follows. +----------------------+ | +----------------------+ | [ NIS Server ] |10.0.0.30 | 10.0.0.31| [ NIS Slave ] | | dlp.srv.world +----------+----------+ yp01.srv.world | | | | | | +----------------------+ | +----------------------+ +----------------------+ | | [ NIS Client ] |10.0.0.51 | | node01.srv.world +----------+ | | +----------------------+ |
[1] | |
[2] | Install Ypserv and Configure NIS Slave Server Host. |
[root@yp01 ~]#
dnf -y install ypserv rpcbind
[root@yp01 ~]#
vi /var/yp/securenets # create new # specify range of network you allow to access NIS clients 255.0.0.0 127.0.0.0 255.255.255.0 10.0.0.0
[root@yp01 ~]#
systemctl enable --now rpcbind ypserv ypxfrd yppasswdd nis-domainname
# synchronize databases with NIS master server [root@yp01 ~]# /usr/lib64/yp/ypinit -s dlp.srv.world We will need a few minutes to copy the data from dlp.srv.world. Transferring group.bygid... Trying ypxfrd ... success ... ... At this point, make sure that /etc/passwd and /etc/group have been edited so that when the NIS is activated, the data bases you have just created will be used, instead of the /etc ASCII files. |
[3] | If SELinux is enabled on NIS Slave Host, change boolean settings. |
[root@yp01 ~]# setsebool -P nis_enabled on [root@yp01 ~]# setsebool -P domain_can_mmap_files on
|
[4] | If Firewalld is running on NIS Slave Host, it needs to allow NIS services or ports. Some services listen different ports when they restart, so fix ports for them and allow by Firewalld. |
[root@yp01 ~]#
vi /etc/sysconfig/network # add to the end YPSERV_ARGS="-p 944" YPXFRD_ARGS="-p 945"
[root@yp01 ~]#
vi /etc/sysconfig/yppasswdd # add like follows YPPASSWDD_ARGS= "--port 950"
[root@yp01 ~]#
[root@yp01 ~]# systemctl restart rpcbind ypserv ypxfrd yppasswdd
firewall-cmd --add-service=rpc-bind --permanent [root@yp01 ~]# firewall-cmd --add-port={944-951/tcp,944-951/udp} --permanent [root@yp01 ~]# firewall-cmd --reload |
[5] |
NIS master server is also required to be a NIS client.
Configure NIS Master Host as a NIS Client, refer to here. |
[6] | Configure on NIS Master Host for new NIS Slave Host. |
[root@dlp ~]#
vi /var/yp/Makefile # line 23: change NOPUSH= false
# update NIS databases [root@dlp ~]# /usr/lib64/yp/ypinit -m At this point, we have to construct a list of the hosts which will run NIS servers. dlp.srv.world is in the list of NIS server hosts. Please continue to add the names for the other hosts, one per line. When you are done with the list, type a <control D>. next host to add: dlp.srv.world next host to add: yp01.srv.world # specify NIS slave host next host to add: # Ctrl + D key The current list of NIS servers looks like this: dlp.srv.world yp01.srv.world Is this correct? [y/n: y] y We need a few minutes to build the databases... Building /var/yp/srv.world/ypservers... Running /var/yp/Makefile... gmake[1]: Entering directory '/var/yp/srv.world' Updating passwd.byname... Updating passwd.byuid... Updating group.byname... Updating group.bygid... Updating hosts.byname... Updating hosts.byaddr... Updating rpc.byname... Updating rpc.bynumber... Updating services.byname... Updating services.byservicename... Updating netid.byname... Updating protocols.bynumber... Updating protocols.byname... Updating mail.aliases... gmake[1]: Leaving directory '/var/yp/srv.world' dlp.srv.world has been set up as a NIS master server. Now you can run ypinit -s dlp.srv.world on all slave server. |
[7] | Configure NIS Client to bind NIS Slave server, too. That's OK, NIS services will be continue by NIS Slave Host even if NIS master Host would be down. |
[root@node01 ~]#
vi /etc/yp.conf # add NIS slave to the end # [domain (NIS domain) server (NIS server)] domain srv.world server dlp.srv.world
domain srv.world server yp01.srv.world
systemctl restart ypbind |
Sponsored Link |
|