1YPSERV.CONF(5) NIS Reference Manual YPSERV.CONF(5)
2
3
4
6 ypserv.conf - configuration file for ypserv and rpc.ypxfrd
7
9 ypserv.conf is an ASCII file which contains some options for ypserv. It
10 also contains a list of rules for special host and map access for
11 ypserv and rpc.ypxfrd. This file will be read by ypserv and rpc.ypxfrd
12 at startup, or when receiving a SIGHUP signal.
13
14 There is one entry per line. If the line is a option line, the format
15 is:
16
17 option: argument
18
19 The line for an access rule has the format:
20
21 host:domain:map:security
22
23 All rules are tried one by one. If no match is found, access to a map
24 is allowed.
25
26 Following options exist:
27
28 files: 30
29 This option specifies, how many database files should be cached by
30 ypserv. If 0 is specified, caching is disabled. Decreasing this
31 number is only possible, if ypserv is restarted.
32
33 trusted_master: server
34 If this option is set on a slave server, new maps from the host
35 server will be accepted as master. The default is, that no trusted
36 master is set and new maps will not be accepted.
37
38 Example:
39
40 trusted_master: ypmaster.example.org
41
42
43 slp: [yes|<no>|domain]
44 If this option is enabled and SLP support compiled in, the NIS
45 server registers itself on a SLP server. If the variable is set to
46 domain, an attribute domain with a comma seperated list of supported
47 domainnames is set. Else this attribute will not be set. The default
48 is "no" (disabled).
49
50 xfr_check_port: [<yes>|no]
51 With this option enabled, the NIS master server have to run on a
52 port < 1024. The default is "yes" (enabled).
53
54 The field descriptions for the access rule lines are:
55
56 host
57 IP address. Wildcards are allowed.
58
59 Examples:
60
61 131.234. = 131.234.0.0/255.255.0.0
62 131.234.214.0/255.255.254.0
63
64
65 domain
66 specifies the domain, for which this rule should be applied. An
67 asterix as wildcard is allowed.
68
69 map
70 name of the map, or asterisk for all maps.
71
72 security
73 one of none, port, deny:
74
75 none
76 always allow access.
77
78 port
79 allow access if from port < 1024. Otherwise do not allow access.
80
81 deny
82 deny access to this map.
83
85 /etc/ypserv.conf
86
88 ypserv(8), rpc.ypxfrd(8)
89
91 The access rules for special maps are no real improvement in security,
92 but they make the life a little bit harder for a potential hacker.
93
94 Solaris clients don't use privileged ports. All security options which
95 depend on privileged ports cause big problems on Solaris clients.
96
98 Thorsten Kukuk <kukuk@thkukuk.de>
99
100
101
102NIS Reference Manual 08/02/2006 YPSERV.CONF(5)