NIS(7P) NIS(7P)
NAME
nis, yp, ypbind - Network Information Services Protocol (Client)
SYNOPSIS
/var/ns/lib/libns_nis.so
DESCRIPTION
The Network Information Services Protocol (NIS) is a simple Sun RPC based
protocol to fetch keyed data from a remote host. It is typically used to
distribute name service information in medium sized organizations. The
data is maintained on a single host (designated the NIS master), and is
pushed occasionally to a list of slave servers. Client systems
dynamically locate a server and request data given a domain name, map
name and key. In Irix the daemon nsd(1M) acts as both the server and
client side proxy for the protocol. The server side is implemented in
the nsd extension library nisserv(7P) while the client side and binding
server are implemented in the nsd extension library nis(7P). This manual
page documents the behavior of the client side protocol library for the
nsd daemon. Applications which wish to make direct requests can still
use the NIS API routines documented in ypclnt(3Y).
The library /var/ns/lib/libnsnis.so is opened by the nsd(1M) daemon when
nis is listed as the protocol for some map in a nsswitch.conf file. On
first open the library initialization procedure sets up a port to handle
YPBIND RPC requests, determines the domain of the local system
(domainname(1)), and attempts to locate the servers for the domain.
The library contains code to fetch data from a remote NIS server and
present it as lines from the configuration file from which it came. The
nsd daemon then presents that data in the filesystem mounted under /ns.
Extended attributes in the nsswitch.conf file can be used to control the
behavior of the NIS protocol. Extended attributes are simply lists of
key/value pairs attached to each object in the nsd filesystem. The
attributes supported in this library are:
domain
This is the domainname given as a parameter to the remote name
server. This attribute is typically inherited from the daemon
depending on the nsswitch.conf file that is being read. Given the
configuration file /var/ns/domains/DOMAINNAME/nsswitch.conf the
attribute "domain" is set to DOMAINNAME. For the default domain,
represented by the file /etc/nsswitch.conf, the domain attribute is
the same as the current system-wide domain as set by the
domainname(1) command. Typically the script /etc/init.d/network
sets it using the value saved in /var/yp/ypdomain on system startup.
A client system can be a member of multiple domains by including
multiple instances of the nis keyword in the nsswitch.conf file
like:
hosts: nis(domain=engr) nis(domain=corp)
Page 1
NIS(7P) NIS(7P)
table
The table attribute is typically inherited from the daemon based on
the line from which this entry occurs in the nsswitch.conf file. In
the above example the table attribute would be set to hosts.byname
or hosts.byaddr depending on the context of the request. Because
the NIS protocol implementations historically did not contain all
the tables that are considered standard in UNS this implementation
will fake the tables: services.byport, rpc.byname, and
group.bymember. It will first try to fetch data from these tables,
and if returned the error YP_NOMAP it will walk through the opposite
map looking for the specific key. The attempted lookup of
services.byport, rpc.byname, and group.bymember can be skiped by the
nopseudomaps attribute. It will also swap services.byname with
services.byport since the NIS map which was called services.byname
in old implementation was really indexed by port/protocol.
key The key attribute is set by the daemon on each request, and is
passed directly on to the remote NIS server without change.
nismulticast
The nismulticast attribute is an integer hop count for the maximum
number of hops for multicast bind requests. By default this is 32.
Setting the nismulticast attribute to 0 will result in no multicast
binding requests being sent. This attribute must be set using the
-a command line option.
nistimeout
The nistimeout attribute is an integer that determines the amount
of time that a nis request can take. The default is 1 second.
nissecure
The nissecure attribute is a boolean which specifies that data can
only be sent to client requests originating on a priviledged port.
nissecurity
the nissecurity attribute determines if ypbind requests should be
honored. This attribute should be set to one of none, local, or
any. This attribute must be set using the -a command line option.
nisservers
The nis_servers attribute is a space separated list of IP addresses,
or locally resolvable host names for the systems which act as
servers for this domain. If the nisservers attribute is given then
the daemon will not send out a broadcast or multicast request for a
server, but will instead unicast binding requests to the listed
servers. This may also be set by creating the file
/var/yp/binding/DOMAINNAME/ypservers for the domain you wish to
control. This file is made up of a space separated list of
addresses, or locally resolvable names. See ypservers(4) for more
detailed information.
Page 2
NIS(7P) NIS(7P)
nullextendkey
The nullextendkey attribute specifies that the null character
which terminates the key is really part of the key. Some
applications (such as sendmail) have historically included the null
in the key so this attribute provides backward compatibility with
the old behavior.
nisenumeratekey
The nisenumeratekey attribute is a boolean value that controls the
inclusion of keys in table enumeration data. Specifying this
attribute is equivalent to the -k option to ypcat(1). If the
nullextendkey attribute is set, the null in the key will be
excluded from the enumeration result.
nopseudomaps
The nopseudomaps attribute specifies that the initial lookup of
services.byport, rpc.byname, and group.bymember should be skipped
and that NSD should attempt the workaround for these potentially
non-existent maps.
ENABLING
The NIS functionality of nsd must be enabled via the chkconfig yp
command.
NOTE
The daemon nsd(1M) uses this library to replace the ypbind daemon from
previous IRIX releases. Similarly, nsd uses the nisserv(7P) library to
replace the ypserv daemon from previous releases.
FILES
/var/yp/binding/DOMAINNAME/ypservers
SEE ALSO
chkconfig(1M), nsd(1M), nsswitch.conf(4), nisserv(7P), ypservers(4)
IRIX Admin: Networking and Mail
IRIX NIS Administration Guide
Page 3