ypserv.8 (14240) | ypserv.8 (14262) |
---|---|
1.\" Copyright (c) 1995 2.\" Bill Paul <wpaul@ctr.columbia.edu>. All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. --- 14 unchanged lines hidden (view full) --- 23.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29.\" SUCH DAMAGE. 30.\" | 1.\" Copyright (c) 1995 2.\" Bill Paul <wpaul@ctr.columbia.edu>. All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. --- 14 unchanged lines hidden (view full) --- 23.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29.\" SUCH DAMAGE. 30.\" |
31.\" $Id: ypserv.8,v 1.1.1.1 1995/12/16 20:54:17 wpaul Exp $ | 31.\" $Id: ypserv.8,v 1.2 1996/02/26 02:17:18 wpaul Exp $ |
32.\" 33.Dd February 4, 1995 34.Dt YPSERV 8 35.Os 36.Sh NAME 37.Nm ypserv 38.Nd "NIS database server" 39.Sh SYNOPSIS 40.Nm ypserv 41.Op Fl n 42.Op Fl d | 32.\" 33.Dd February 4, 1995 34.Dt YPSERV 8 35.Os 36.Sh NAME 37.Nm ypserv 38.Nd "NIS database server" 39.Sh SYNOPSIS 40.Nm ypserv 41.Op Fl n 42.Op Fl d |
43.Op Fl k | |
44.Op Fl p Ar path 45.Sh DESCRIPTION 46.Nm NIS 47is an RPC-based service designed to allow a number of UNIX-based 48machines to share a common set of configuration files. Rather than 49requiring a system administrator to update several copies of files 50such as 51.Pa /etc/hosts , --- 182 unchanged lines hidden (view full) --- 234.Pa /etc/hosts.deny ) 235for access control instead of 236.Pa /var/yp/securenets . 237.Pp 238Note: while both of these access control mechanisms provide some 239security, they, like the privileged port test, are both vulnerable 240to ``IP spoofing'' attacks. 241.Pp | 43.Op Fl p Ar path 44.Sh DESCRIPTION 45.Nm NIS 46is an RPC-based service designed to allow a number of UNIX-based 47machines to share a common set of configuration files. Rather than 48requiring a system administrator to update several copies of files 49such as 50.Pa /etc/hosts , --- 182 unchanged lines hidden (view full) --- 233.Pa /etc/hosts.deny ) 234for access control instead of 235.Pa /var/yp/securenets . 236.Pp 237Note: while both of these access control mechanisms provide some 238security, they, like the privileged port test, are both vulnerable 239to ``IP spoofing'' attacks. 240.Pp |
241.Ss NIS v1 compatibility 242This version of 243.Nm ypserv 244has some support for serving NIS v1 clients. FreeBSD's NIS 245implementation only uses the NIS v2 protocol, however other implementations 246include support for the vi protocol for backwards compatibility 247with older systems. The 248.Xr ypbind 8 249daemons supplied with these systems will try to establish a binding 250to an NIS v1 251server even though they may never actually need it (and they may 252persist in broadcasting in search of one even after they receive a 253response from a v2 server). Note that while 254support for normal client calls is provided, this version of 255.Nm ypserv 256does not handle v1 map transfer requests; consequently, it can not 257be used as a master or slave in conjunction with older NIS servers that 258only support the v1 protocol. Fortunately, there probably aren't any 259such servers still in use today. |
|
242.Ss NIS servers that are also NIS clients 243Care must be taken when running 244.Nm ypserv 245in a multi-server domain where the server machines are also 246NIS clients. It is generally a good idea to force the servers to 247bind to themselves rather than allowing them to broadcast bind 248requests and possibly become bound to each other: strange failure 249modes can result if one server goes down and --- 49 unchanged lines hidden (view full) --- 299request that it revceives. Also, while running in debug mode, 300.Nm ypserv 301will not spawn any additional subprocesses as it normally does 302when handling yp_all requests or doing DNS lookups. (These actions 303often take a fair amount of time to complete and are therefore handled 304in subprocesses, allowing the parent server process to go on handling 305other requests.) This makes it easier to trace the server with 306a debugging tool. | 260.Ss NIS servers that are also NIS clients 261Care must be taken when running 262.Nm ypserv 263in a multi-server domain where the server machines are also 264NIS clients. It is generally a good idea to force the servers to 265bind to themselves rather than allowing them to broadcast bind 266requests and possibly become bound to each other: strange failure 267modes can result if one server goes down and --- 49 unchanged lines hidden (view full) --- 317request that it revceives. Also, while running in debug mode, 318.Nm ypserv 319will not spawn any additional subprocesses as it normally does 320when handling yp_all requests or doing DNS lookups. (These actions 321often take a fair amount of time to complete and are therefore handled 322in subprocesses, allowing the parent server process to go on handling 323other requests.) This makes it easier to trace the server with 324a debugging tool. |
307.It Fl k 308This flag is provided for compatibility with SunOS 4. The 309.Xr ypbind 8 310command in SunOS 4 apparently expects to obtain a response from an 311NIS v1 server. Starting 312.Xr ypserv 8 313with the 314.Fl k 315flag causes it to register itself as an NIS v1 server and 316respond to YPPROC_DOMAIN_NONACK requests. Note carefully: this is 317merely a kludge (hence the 'k') to pacify SunOS 4's 318.Xr ypbind 8 319command: attempts to make the server actually handle NIS v1 queries 320will undoubtedly fail quite miserably. | |
321.It Fl p Ar path 322Normally, 323.Nm ypserv 324assumes that all NIS maps are stored under 325.Pa /var/yp . 326The 327.Fl p 328flag may be used to specify an alternate NIS root path, allowing --- 17 unchanged lines hidden (view full) --- 346.Xr ypcat 1 , 347.Xr yp 8 , 348.Xr db 3 349.Sh AUTHOR 350Bill Paul <wpaul@ctr.columbia.edu> 351.Sh HISTORY 352This version of 353.Nm ypserv | 325.It Fl p Ar path 326Normally, 327.Nm ypserv 328assumes that all NIS maps are stored under 329.Pa /var/yp . 330The 331.Fl p 332flag may be used to specify an alternate NIS root path, allowing --- 17 unchanged lines hidden (view full) --- 350.Xr ypcat 1 , 351.Xr yp 8 , 352.Xr db 3 353.Sh AUTHOR 354Bill Paul <wpaul@ctr.columbia.edu> 355.Sh HISTORY 356This version of 357.Nm ypserv |
354first appeared in FreeBSD 2.1. | 358first appeared in FreeBSD 2.2. |