Re: Need help with NIS: close, but it don't work yet
On Fri, 11 Oct 1996, Rick Macdonald wrote: [...] ypbind checks that the NIS server is still there every minute (the period in the old version. The new man page just says periodically). The man page doesn't show an option to override this, so I may just put one in myself. Do you see any problem with this? No, there should be no problem. I've just been too lazy to add it myself. Greetings, Swen -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED]
Re: Need help with NIS: close, but it don't work yet
On Tue, 22 Oct 1996, Swen Thuemmler wrote: On Fri, 11 Oct 1996, Rick Macdonald wrote: [...] ypbind checks that the NIS server is still there every minute (the period in the old version. The new man page just says periodically). The man page doesn't show an option to override this, so I may just put one in myself. Do you see any problem with this? No, there should be no problem. I've just been too lazy to add it myself. I installed the new ypbind-3.0 and it works fine. While I was at it, I did a test and set #define PING_INTERVAL 86400 in ypbind.h. This stops it from pinging the server every 10 seconds, but it turns out that the nis server sends _me_ something every minute (or 6; I've forgotten now). The nis server is on a Solaris 2.4 host. Does anyone know offhand why it does this, or if it can be turned off? (It causes the isdn line to stay active unnecessarilly). ...RickM... -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED]
Re: Need help with NIS: close, but it don't work yet
In article [EMAIL PROTECTED], Rick Macdonald [EMAIL PROTECTED] wrote: A year ago I tried out NIS and had it working on my Slackware system. (I didn't actually need to use it, so I only ran it for a day.) I can't seem to get it to work now. When ypbind is running, commands that should trigger a name lookup don't even cause the lights on my modem (ppp) or ISDN box to blink with any activity. Same is true when I execute ypbind itself: no line activity. Routing is OK, since I can telnet, ftp, etc to remote hosts by using IP addresses rather than names. Ah I see what you want. You don't need NIS to resolve hostnames. In fact, I'm pretty sure the current Linux libc doesn't even support this. The only NIS support in the library is for password and group files. Not that I ever tried it ofcourse :) So, setup your /etc/resolv.conf to point to a valid DNS nameserver. # ps -auwwx|grep yp root 1527 0.0 1.2 828 388 ? S 23:55 0:00 /usr/sbin/ypbind root 1529 0.0 1.2 832 384 ? S 23:55 0:00 /usr/sbin/ypbind Is is strange that ypbind appears twice? No, it's forking a subprocess to try to bind to the domain. # ypcat passwd YPBINDPROC_DOMAIN: No bound server for domain veritas No such map passwd.byname. Reason: Can't bind to server which serves this domain Yep, ypbind doesn't see the NIS server. I get this message in /var/adm/daemon.log (remember, the lights never blink on the modem): Oct 10 00:06:01 localhost /usr/sbin/ypbind[28920]: Running in restricted mode -- request to bind domain veritas rejected. in case there's a problem with broadcasting. With my ISDN: # netstat -rn Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 192.168.49.00.0.0.0 255.255.255.0 U 1500 0 0 eth0 127.0.0.0 0.0.0.0 255.0.0.0 U 3584 0 0 lo 0.0.0.0 192.168.49.10.0.0.0 UG 1500 0 0 eth0 With my PPP: # netstat -rn Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 192.159.106.8 0.0.0.0 255.255.255.255 UH 1500 0 0 ppp0 127.0.0.0 0.0.0.0 255.0.0.0 U 3584 0 0 lo 0.0.0.0 192.159.106.8 0.0.0.0 UG 1500 0 0 ppp0 Note that with ppp, I'm on the same subnet as the NIS server, but with ISDN I'm on a different one. Both ways, I have this same problem. Yeah. The problem is that the broadcast of ypbind never leave your local network, which is ofcourse logical. So the ypserv that is on a completely different network never sees the broadcasts and never replies. The Slackware ypbind is the GPL'ed one. The Debian ypbind is one that I hacked up based on the BSD ypbind, because the GPL'ed one wasn't stable in a multiple-NIS server environment. The current debian ypbind is, in fact it's rock stable. The thing is that with the GPL'ed ypbind you could bind it to a NIS server manually through /etc/yp.conf. The BSD one relies on broadcasts, the -S option is only to restrict to which server it eventually binds. This week a new version of the GPL ypbind (3.00) was announced. I'll give it a try and I'll see if it is useable for Debian. If so I'll probably use it because it has more features and it's GPL instead of BSD which is in our case ofcourse preferable. Until then, you could get the new ypbind-3.00 yourself and put it in /usr/local/bin. That should get you started. Here's the announcement in case you missed it: From: Swen Thuemmler [EMAIL PROTECTED] Newsgroups: comp.os.linux.announce Subject: New version of ypbind (3.0) Date: Wed, 09 Oct 1996 20:13:37 GMT I've made a new version of ypbind available on ftp://ftp.uni-paderborn.de/pub/linux/local/yp/ypbind-3.0.tar.gz This version supersedes the ypbind which is included in yp-clients-2.2. It fixes some serious bugs, so please don't use the version from yp-clients anymore. There are some small improvements to the 2.99beta version which was available for a while from the same place. If you had problems with ypbind before, I'd encourage you to try the new version. ypbind is a daemon process, which locates a NIS server on your network and provides this information to the NIS lookup routines in libc. You need ypbind if you are using NIS (aka YP), unless you have the NYS enabled libc (e.g. RedHat distribution) - but you still need it if you run a NIS server. Greetings, Swen Mike. -- | Miquel van Smoorenburg \ The answer to Life, the Universe and Everything \ | [EMAIL PROTECTED] \ Just reinstall windows and try again, sir. \ -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED]
Re: Need help with NIS: close, but it don't work yet
On 11 Oct 1996, Miquel van Smoorenburg wrote: A year ago I tried out NIS and had it working on my Slackware system. (I didn't actually need to use it, so I only ran it for a day.) Ah I see what you want. You don't need NIS to resolve hostnames. In fact, I'm pretty sure the This week a new version of the GPL ypbind (3.00) was announced. I'll Until then, you could get the new ypbind-3.00 yourself and put it in /usr/local/bin. That should get you started. ftp://ftp.uni-paderborn.de/pub/linux/local/yp/ypbind-3.0.tar.gz I did see this announcement, but didn't think much of it. I'm so used to everything working well on my Linux system that the possibility of needing a newer version of ypbind didn't even cross my mind. So, within minutes of getting your mail I had downloaded, compiled and installed this new ypbind. And, it _works_, just fine! Thank-you! There is an issue, however. I'm on an ISDN line to the office. We like the feature that ISDN drops the line after a period of inactivity. Then, you just hit a key (or jiggle the mouse in an X-app window), and within a second the ISDN connection is back up. ypbind checks that the NIS server is still there every minute (the period in the old version. The new man page just says periodically). The man page doesn't show an option to override this, so I may just put one in myself. Do you see any problem with this? BTW, you mentioned that I should just use DNS. I agree, and would prefer to do so, but I can't seem to get past the firewall in the office to the DNS server at the ISP. With ppp I could, but not with this new isdn connection. The big difference is that I'm on a different subnet now. We've opened up the firewall to this subnet. All other services (ftp, telnet, etc) are OK but not DNS. That's why I've gone to NIS for now. The NIS server is on the inside of the firewall, and passes outside name resolution to the ISP's DNS server. Lastly, here are a couple of corrections to the nis.debian.howto: 3. If you don't trust your network, edit /etc/init.d/nis and add a list of your NIS servers after the call to ypbind like this: ypbind -S nisserver or ypbind -S nisserver1,nisserver2,nisserver3 Two things here. The man page says:-S domain,server... so your example should be ypbind -S domainname,nisserver, etc. Also, the /etc/init.d/nis file is calling start-stop-daemon, so the parameters actually need to be added like this: start-stop-daemon --start --quiet --exec ${NET}/ypbind -- -S veritas,192.159.106.123 The new ypbind version 3 doesn't use the -S option anymore, so these corrections are probably history anyway. ...RickM... -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED]
Need help with NIS: close, but it don't work yet
A year ago I tried out NIS and had it working on my Slackware system. (I didn't actually need to use it, so I only ran it for a day.) I can't seem to get it to work now. When ypbind is running, commands that should trigger a name lookup don't even cause the lights on my modem (ppp) or ISDN box to blink with any activity. Same is true when I execute ypbind itself: no line activity. Routing is OK, since I can telnet, ftp, etc to remote hosts by using IP addresses rather than names. Running the following commands: /etc/init.d/nis start rpcinfo -p localhost rpcinfo -u localhost ypbind domainname ps -auwwx|grep yp gives this output: # /etc/init.d/nis start Setting NIS domainname to: veritas Starting yellow page services: ypbind # rpcinfo -p localhost program vers proto port 102 tcp111 portmapper 102 udp111 portmapper 172 udp748 ypbind 172 tcp750 ypbind # rpcinfo -u localhost ypbind program 17 version 2 ready and waiting # domainname veritas # ps -auwwx|grep yp root 1527 0.0 1.2 828 388 ? S 23:55 0:00 /usr/sbin/ypbind root 1529 0.0 1.2 832 384 ? S 23:55 0:00 /usr/sbin/ypbind Is is strange that ypbind appears twice? Various commands give these error messages: # ypcat passwd YPBINDPROC_DOMAIN: No bound server for domain veritas No such map passwd.byname. Reason: Can't bind to server which serves this domain # ping rickm YPBINDPROC_DOMAIN: No bound server for domain veritas ping: unknown host rickm # ypwhich can't yp_bind: Reason: RPC failure I get this message in /var/adm/daemon.log (remember, the lights never blink on the modem): Oct 10 00:06:01 localhost /usr/sbin/ypbind[28920]: Running in restricted mode -- request to bind domain veritas rejected. I have +:: in /etc/passwd and +::: in /etc/group. /etc/host.conf: == order hosts,nis multi on In the file /etc/init.d/nis, I've tried start-stop-daemon --start --quiet --exec ${NET}/ypbind -- -S comsrv1,192.159.106.123 and just start-stop-daemon --start --quiet --exec ${NET}/ypbind in case there's a problem with broadcasting. I've installed the latest unstable versions of netbase, netstd and nis: -rw-rw-rw- 1 root 206560 Sep 1 08:26 netbase_2.06-1.deb -rw-rw-rw- 1 root 660206 Aug 30 18:27 netstd_2.07-1.deb -rw-rw-rw- 1 root90118 Oct 3 06:47 nis_2.00-1.deb With my ISDN: # netstat -rn Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 192.168.49.00.0.0.0 255.255.255.0 U 1500 0 0 eth0 127.0.0.0 0.0.0.0 255.0.0.0 U 3584 0 0 lo 0.0.0.0 192.168.49.10.0.0.0 UG 1500 0 0 eth0 With my PPP: # netstat -rn Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 192.159.106.8 0.0.0.0 255.255.255.255 UH 1500 0 0 ppp0 127.0.0.0 0.0.0.0 255.0.0.0 U 3584 0 0 lo 0.0.0.0 192.159.106.8 0.0.0.0 UG 1500 0 0 ppp0 Note that with ppp, I'm on the same subnet as the NIS server, but with ISDN I'm on a different one. Both ways, I have this same problem. The nis server is there: # ping 192.159.106.123 PING 192.159.106.123 (192.159.106.123): 56 data bytes 64 bytes from 192.159.106.123: icmp_seq=0 ttl=253 time=1037.5 ms 64 bytes from 192.159.106.123: icmp_seq=1 ttl=253 time=57.3 ms 64 bytes from 192.159.106.123: icmp_seq=2 ttl=253 time=27.6 ms 64 bytes from 192.159.106.123: icmp_seq=3 ttl=253 time=28.1 ms ...RickM... -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED]
Re: Need help with NIS: close, but it don't work yet
Don't you have to put entries starting with + characters at the end of your hosts, passwd, group, etc., files before NIS will be used to look stuff up? Just guessing... Thanks Bruce -- Bruce Perens, Pixar Animation Studios *** Toy Story video tape in U.S. stores October 30 *** Worldwide box office total for Toy Story: $353,275,005 -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED]
Re: Need help with NIS: close, but it don't work yet
Bruce Perens wrote: Don't you have to put entries starting with + characters at the end of your hosts, passwd, group, etc., files before NIS will be used to look stuff up? Just guessing... Thanks for the reply, Bruce. Buried deep in my verbose post was this line: I have +:: in /etc/passwd and +::: in /etc/group. The NIS HowTo says it isn't needed anymore, but the deb pacakge installation puts it in. Anyway, It doesn't seem to make a difference. I haven't ever seen mention of such an entry for the hosts file though. You wouldn't remember, but when I first installed Debian at the beginning of this year I used to get various RCP or clnt_rcp or some such errors coming out of nowhere. You and others (correctly) pointed out that I needed to remove the + entries in my passwd and group files. They were still there from when I had played with NIS last year. I had copied parts of my old passwd file to Debian! I hope somebody comes through with some ideas. I've spent hours at it and can't find anything else to tweek. :-( -- ...RickM... -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED]