[Solved] NIS + NFS network - Slackware and Salix

[lmello]

Hello,

I'm managing a network where, due to the lack of machines, my NFS server needs to be used with a common account. In this network, I was requested to make *all* the machines to login with the same user name and the same password. So I decided to try a NIS database for this network, and after a failed attempt to export the /home directory (in the command line it was fine, but due to the fact that the Slackware machine uses KDE and the Salix ones XFCE, I only got myself a headache (not to mention hours of testing). So I had the idea of creating a /home.export directory on the Slackware server and export that as the /home directory in the client machines. "What's the problem?' you may ask, well, I tried in two 13.37 brand-new installations, installed the yptools package, edited the /etc/rc.d/rc.yp file for a client configuration, replaced my /etc/nsswitch.conf and... in one machine it worked, but the boot got so slow I don't know what happened, and in another machine I did the exact same thing and the NIS authentication didn't work.

Ideas?

[witek]

I also manage a small network via NFS and also my NFS server is a typical machine used as desktop with common account (it is also http, smb and mysql server). Users are able to login on all the clients via the same username and password but I did not used NIS (as I did not know how it works when I was setting up the network). I just copied passwd, group, and shadow to /etc on all machines. In order to not make it manually every time something changes I use rdist.
To do so:
1. make sure root is able to login via ssh from the server to every client without password:
run ssh-keygen, then append the key from .ssh/id_rsa.pub to .ssh/authorized_keys on every machine
2. install rdist and create file called Distfile in /root directory containing something like this

Code: Select all

MACHINES= ( machine1 machine2 machine3)
FILES= (
          /etc/passwd
          /etc/group
          /etc/shadow
          /etc/resolv.conf
          /etc/cups/cups-pdf.conf 
        )
 ${FILES} -> ${MACHINES}
      install -owhole / ;

(machine1.... should be names of your computers listed in /etc/hosts)
You can update many other files, not only group or passwd as you can see above.

Run rdist -P `which ssh` (or just rdist -P /usr/bin/ssh )

I`m thinking from time to timeabout converting this system into NIS but have no time to read about it and test it. Besides why to fix something that works well?

[lmello]

Besides why to fix something that works well?

Because I want to learn how to implement NIS properly. I already know how to... in theory I mean.

[witek]

Because I want to learn how to implement NIS properly. I already know how to... in theory I mean.

Good luck then. When you`re through the problems then maybe add an entry to the wiki or at least to this thread so I could also implement NIS maybe

[lmello]

Because I want to learn how to implement NIS properly. I already know how to... in theory I mean.

Good luck then. When you`re through the problems then maybe add an entry to the wiki or at least to this thread so I could also implement NIS maybe

I almost got it working... at least the machine where NIS didn't work got the NIS maps correctly. The boot process also slowed down, particulary in the following steps:

Code: Select all

Starting system message bus (...)
(...)
Starting HAL daemon (...)

But I can wait. The real problem is that the NFS shares aren't being mounted on boot. Since Salix relies upon wicd for its network connections, these lines in /etc/rc.d/rc.M:

Code: Select all

# We need to wait 25 secs and try to mount everything not mounted
# already for networks shares, as network connections might not have
# established properly yet.
sleep 25 && {
        mount -a -v 2> /dev/null | grep -v "already mounted"
        /bin/rm -f /var/lock/* /var/spool/uucp/LCK..* /tmp/.X*lock /tmp/core /core 2> /dev/null
} &

Were supposed to mount nfs shares, but apparently they don't do it in my client machines. I'm exporting two directories in my server:

Code: Select all

/home/itcp.export x.x.x.x/255.255.255.128(rw,sync,no_subtree_check)
/mnt/itcp x.x.x.x/255.255.255.128(rw,sync,no_subtree_check)

And my clients' /etc/fstab:

Code: Select all

<host>:/home/itcp.export /home nfs rw,hard,intr 0    0
<host>:/mnt/itcp /mnt/itcp nfs rw,hard,intr 0    0

I have my host machine ip mapped in my clients' /etc/hosts.

If I log in as root and issue the 'mount -a' command manually I can get thing working, but this is unacceptable, as I'm not around all the time.

[aiya88]

Hi,

Does the RPC portmapper is launched while boot? NFS needs it before you can mount the shares...
(Just a guess...)

[thenktor]

Code: Select all

/home/itcp.export x.x.x.x/255.255.255.128(rw,sync,no_subtree_check)
/mnt/itcp x.x.x.x/255.255.255.128(rw,sync,no_subtree_check)

Did you x it out or is this the real content of the file? It should look like this:

Code: Select all

/home/itcp.export         192.168.1.0/25(rw,sync,no_subtree_check)

[lmello]

Does the RPC portmapper is launched while boot? NFS needs it before you can mount the shares...
(Just a guess...)

Yes, I chmod'ed +x the file /etc/rc.d/rc.rpc

Did you x it out or is this the real content of the file? It should look like this:

Code: Select all

/home/itcp.export         192.168.1.0/25(rw,sync,no_subtree_check)

No, for security reasons I wrote the IP of my network as x.x.x.x.

---

If I login as root and issue:

Code: Select all

mount -a

The nfs shares get mounted correctly. The major problem is that step should happen at boot time.

[thenktor]

Do you use DHCP and there is no IP assigned at mount time in boot process?

[witek]

No, for security reasons I wrote the IP of my network as x.x.x.x.

But your network is probably local and not routable from outside (192.168.*.* or 10.*.*.* or 172.16.0.0/12) so what security reasons you consider? If you try NFS on routable addresses then indeed you`re in trouble as NFS is unencrypted.