System Administration Commands ypserv(1M)
NAME
ypserv, ypxfrd - NIS server and binder processes
SYNOPSIS
/usr/lib/netsvc/yp/ypserv [-dv] [-i -I] [-r -R]
/usr/lib/netsvc/yp/ypxfrd
DESCRIPTION
The Network Information Service (NIS) provides a simple net-
work lookup service consisting of databases and processes.
The databases are ndbm files in a directory tree rooted at
/var/yp. See ndbm(3C). These files are described in
ypfiles(4). The processes are /usr/lib/netsvc/yp/ypserv, the
NIS database lookup server, and /usr/lib/netsvc/yp/ypbind,
the NIS binder. The programmatic interface to the NIS ser-
vice is described in ypclnt(3NSL). Administrative tools are
described in yppoll(1M), yppush(1M), ypset(1M), ypxfr(1M),
and ypwhich(1). Tools to see the contents of NIS maps are
described in ypcat(1), and ypmatch(1). Database generation
and maintenance tools are described in ypinit(1M),
ypmake(1M), and makedbm(1M).
The ypserv utility is a daemon process typically activated
at system startup from svc:/network/nis/server:default.
Alternatively, you can, as the root user, start NIS services
using ypstart(1M) from the command-line. ypserv runs only on
NIS server machines with a complete NIS database. You can
halt all NIS services using the ypstop(1M) command.
The ypxfrd utility transfers entire NIS maps in an efficient
manner. For systems that use this daemon, map transfers are
10 to 100 times faster, depending on the map. To use this
daemon, be sure ypxfrd is running on the master server. See
/usr/lib/netsvc/yp/ypstart. ypxfr attempts to use ypxfrd
first. If that fails, it prints a warning, then uses the
older transfer method.
The ypserv daemon's primary function is to look up informa-
tion in its local database of NIS maps.
The operations performed by ypserv are defined for the
implementor by the YP Protocol Specification, and for the
programmer by the header file .
SunOS 5.11 Last change: 15 Dec 2004 1
System Administration Commands ypserv(1M)
Communication to and from ypserv is by means of RPC calls.
Lookup functions are described in ypclnt(3NSL), and are sup-
plied as C-callable functions in the libnsl(3LIB) library.
There are four lookup functions, all of which are performed
on a specified map within some NIS domain: ypmatch(3NSL),
ypfirst(3NSL), ypnext(3NSL), and ypall(3NSL). The
ypmatch operation takes a key, and returns the associated
value. The ypfirst operation returns the first key-value
pair from the map, and ypnext can be used to enumerate the
remainder. ypall ships the entire map to the requester as
the response to a single RPC request.
A number of special keys in the DBM files can alter the way
in which ypserv operates. The keys of interest are:
YPINTERDOMAIN The presence of this key causes ypserv
to forward to a DNS server host lookups
that cannot be satisfied by the DBM
files.
YPSECURE This key causes ypserv to answer only
questions coming from clients on
reserved ports.
YPMULTIhostname This is a special key in the form,
YPMULTIhostname addr1,...,addrN. A
client looking for hostname receives
the closest address.
Two other functions supply information about the map, rather
than map entries: yporder(3NSL), and ypmaster(3NSL). In
fact, both order number and master name exist in the map as
key-value pairs, but the server will not return either
through the normal lookup functions. If you examine the map
with makedbm(1M), however, they are visible. Other functions
are used within the NIS service subsystem itself, and are
not of general interest to NIS clients. These functions
include doyouservethisdomain?, transfermap, and
reinitializeinternalstate.
On start up, ypserv checks for the existence of the NIS to
LDAP (N2L) configuration file /var/yp/NISLDAPmapping. If it
is present then a master server starts in N2L mode. If the
file is not present it starts in "traditional" (non N2L)
mode. Slave servers always start in traditional mode.
SunOS 5.11 Last change: 15 Dec 2004 2
System Administration Commands ypserv(1M)
In N2L mode, a new set of map files, with an LDAP prefix,
are generated, based on the contents of the LDAP DIT. The
old map files, NIS source files and ypmake(1M) are not used.
It is possible that ypmake(1M) can be accidentally run in
N2L mode. If the occurs, the old style map files are
overwritten. That the map files are overwritten is harmless.
However, any resulting yppush(1M) operation will push infor-
mation based on the DIT rather than the source files. The
user may not expect information based on the DIT. ypserv
keeps track of the last modification date of the old style
map files. If the map files have been updated, a warning is
logged that suggests that the user call yppush directly
instead of ypmake.
If a server attempts to run in N2L mode and a LDAP server
cannot be contacted, it behaves as follows:
1. When ypserv is started, a warning will be logged.
2. When a NIS read access is made and the TL entry
has expired, a warning is logged.Information that
is returned from the cache has not been updated.
3. When a NIS write access is made, a warning is
logged. The cache will not be updated, and a NIS
failure will be returned.
If ypxfrd is running in N2L mode and is asked to transfer a
map, ypxfrd first checks whether the map is out of date. If
the map is out of date, ypxfrd initiates an update from the
DIT. ypxfrd cannot wait for the update to complete. If
ypxfrd waited, the client end ypxfr operation could time
out. To prevent ypxfrd from timing out, the existing map is
transferred from the cache. The most up to date map will be
transferred on subsequent ypxfrd operations.
OPTIONS
ypserv
-d The NIS service should go to the DNS for more host
information. This requires the existence of a correct
/etc/resolv.conf file pointing to a DNS server. This
option turns on DNS forwarding regardless of whether
or not the YPINTERDOMAIN flag is set in the hosts
maps. See makedbm(1M). In the absence of an
/etc/resolv.conf file, ypserv complains, but ignores
the -d option.
SunOS 5.11 Last change: 15 Dec 2004 3
System Administration Commands ypserv(1M)
-i If in N2L mode, initialize the NIS related parts of
the DIT based on the current, non LDAP prefixed, map
files. The LDAP prefixed maps are not created or
updated. If you require that LDAP prefixed maps be
updated or created, then use the -ir option.
The -i option does not attempt to create any NIS
domain or container objects. If any NIS domain or
container objects have not already been created, then
errors will occur, as entries are written to nonex-
istent containers.
-I Identical to -i, except that any missing domain and
container objects are created.
-r If in N2L mode, then refresh the LDAP prefixed map
files based on the contents of the DIT.
-ir If both -i and -r are specified in N2L mode, then the
DIT will first be initialized from the current non
LDAP prefixed map files. A new set of LDAP prefixed
maps will then be generated from the contents of the
DIT. A new set of LDAP prefixed maps is required
when moving from traditional NIS to N2L mode NIS.
-Ir Identical to -ir, except that any missing domain and
container objects are created.
-v Operate in the verbose mode, printing diagnostic mes-
sages to stderr.
When run with the -i, -r, -I, -ir or -Ir options, the ypserv
command runs in the foreground and exits once map initiali-
zation has been completed. Once the ypserv command exits,
the user knows the maps are ready and can restart ypserv and
the other yp daemons by running ypstart(1M).
If there is a requirement to initialize the DIT from the NIS
source files, which may have been modified since the maps
were last remade, run ypmake before running ypserv -i or
ypserv -ir. ypmake regenerated old style NIS maps. Then
ypserv -ir dumps them into the DIT. When the -ir option is
used, the LDAP prefixe maps are also generated or updated.
Since these maps will be more recent than the old style
SunOS 5.11 Last change: 15 Dec 2004 4
System Administration Commands ypserv(1M)
maps, ypmake will not be reported as erroneous when it is
run.
FILES
/var/yp/securenets
Defines the hosts and networks that are granted access
to information in the served domain. It is read at
startup time by both ypserv and ypxfrd.
/var/yp/ypserv.log
If the /var/yp/ypserv.log file exists when ypserv starts
up, log information is written to it when error condi-
tions arise.
/var/yp/binding/domainname/ypservers
Lists the NIS server hosts that ypbind can bind to.
ATRIBUTES
See attributes(5) for descriptions of the following attri-
butes:
ATRIBUTE TYPE ATRIBUTE VALUE
Availability SUNWypu
SEE ALSO
svcs(1), ypcat(1), ypmatch(1), ypwhich(1), domainname(1M),
makedbm(1M), svcadm(1M), ypbind(1M), ypinit(1M), ypmake(1M),
yppoll(1M), yppush(1M), ypset(1M), ypstart(1M), ypstop(1M),
ypxfr(1M), ndbm(3C), ypclnt(3NSL), libnsl(3LIB), NISLDAPmap-
ping(4), securenets(4), ypfiles(4), ypserv(4), attri-
butes(5), smf(5)
NOTES
ypserv supports multiple domains. The ypserv process deter-
mines the domains it serves by looking for directories of
the same name in the directory /var/yp. It replies to all
broadcasts requesting yp service for that domain.
SunOS 5.11 Last change: 15 Dec 2004 5
System Administration Commands ypserv(1M)
The Network Information Service (NIS) was formerly known as
Sun Yellow Pages (YP). The functionality of the two remains
the same; only the name has changed. The name Yellow Pages
is a registered trademark in the United Kingdom of British
Telecommunications PLC, and must not be used without permis-
sion.
NIS uses ndbm() files to store maps. Therefore, it is sub-
ject to the 1024 byte limitations described in the USAGE and
NOTES sections of the ndbm(3C) man page.
The NIS server service is managed by the service management
facility, smf(5), under the service identifier:
svc:/network/nis/server:default
Administrative actions on this service, such as enabling,
disabling, or requesting restart, can be performed using
svcadm(1M). The service's status can be queried using the
svcs(1) command.
SunOS 5.11 Last change: 15 Dec 2004 6
|
