Lesson 6 | Integrating NIS into the system |
Objective | Describe how to integrate NIS into a UNIX system. |
Integrating NIS into System
In a network running NIS, many of the standard system configuration files (/etc/passwd, /etc/group, and others) are at least
partially replaced with information obtained from NIS. The programs and system calls that use this information must know to obtain it from NIS, rather than from the usual files. For example, if NIS distributes network passwords, the system libraries concerned with login procedures must “know” to consult the NIS database to verify a correct password, rather than using the file
/etc/passwd.
nsswitch.conf
This use of NIS is controlled by the /etc/nsswitch.conf file. The lines in the /etc/nsswitch.conf file tell the system where the corresponding configuration information should be obtained. For example, the lines:
passwd: files nis
group: files nis
mean that, for information about passwords and groups, first consult the local files (/etc/passwd and /etc/group), then consult NIS. By setting the order of keys in the /etc/nsswitch.conf file, you can cause local data in the /etc/passwd file to override information in an NIS map. The usual options for data sources in /etc/nsswitch.conf are
files
nis
nisplus
(to use the NIS+ improvement to NIS, if available)
dns
, an option for the hosts map only
The following paragraph discusses how Solaris integrates with NIS.
Solaris and NIS integration
On Solaris systems, you can use many commands to extract information from NIS (or more likely NIS+) maps.
The indicator of such behavior is a plus sign (+), which means “consult NIS or NIS+ for this piece of information.”
Here is a concrete example, with comments, from the startup script
/etc/rc2.d/S72inetsvc
on a Solaris machine:
# This is third phase of TCP/IP startup/configuration.
# This script runs after the NIS/NIS+ startup
# script. We run things here that may
# depend on NIS/NIS+ maps.
#
# XXX - We need to give ypbind time to
# bind to a server.
#
sleep 5
#
# Re-set the netmask and broadcast addr for all
# IP interfaces. This ifconfig is run here, after
# NIS has been started, so that netmask +" will
# find the netmask if it lives in a NIS map.
#
/usr/sbin/ifconfig -au netmask + broadcast +
Here Solaris passes the netmask +
and broadcast +
arguments to ifconfig
, which means the netmask will be extracted from the “netmasks” NIS map on
this Solaris machine, if NIS is running.
Solaris systems integrate NIS most strongly into the operations of the system.