1YPSERV.CONF(5)                 Reference Manual                 YPSERV.CONF(5)
2
3
4

NAME

6       ypserv.conf - configuration file for ypserv and rpc.ypxfrd
7

DESCRIPTION

9       ypserv.conf is an ASCII file which contains some options for ypserv. It
10       also contains a list of rules for  special  host  and  map  access  for
11       ypserv  and rpc.ypxfrd. This file will be read by ypserv and rpc.ypxfrd
12       at startup, or when receiving a SIGHUP signal.
13
14       There is one entry per line. If the line is a option line,  the  format
15       is:
16
17              option: <argument>
18
19       The line for an access rule has the format:
20
21              host:domain:map:security
22
23       All  rules  are tried one by one. If no match is found, access to a map
24       is allowed.
25
26       Following options exist:
27
28       files: 30
29              This option specifies, how many database files should be  cached
30              by  ypserv.   If 0 is specified, caching is disabled. Decreasing
31              this number is only possible, if ypserv is restarted.
32
33       trusted_master: server
34              If this option is set on a slave server, new maps from the  host
35              server  will  be  accepted  as  master.  The default is, that no
36              trusted master is set and new maps will not be accepted.
37              Example:
38              trusted_master: ypmaster.example.org
39
40       slp: [yes|<no>|domain]
41              If this option is enabled and SLP support compiled in,  the  NIS
42              server  registers itself on a SLP server. If the variable is set
43              to domain, an attribute domain with a comma  seperated  list  of
44              supported  domainnames  is  set. Else this attribute will not be
45              set.
46
47       xfr_check_port: [<yes>|no]
48              With this option enabled, the NIS master server have to run on a
49              port < 1024. The default is "yes" (enabled).
50
51       The field descriptions for the access rule lines are:
52
53       host   IP address. Wildcards are allowed.
54              Examples:
55              131.234. = 131.234.0.0/255.255.0.0
56              131.234.214.0/255.255.254.0
57
58       domain specifies  the domain, for which this rule should be applied. An
59              asterix as wildcard is allowed.
60
61       map    name of the map, or asterisk for all maps.
62
63       security
64              one of none, port, deny:
65
66       none   always allow access.
67
68       port   allow access if from port < 1024. Otherwise do not allow access.
69
70       deny   deny access to this map.
71

FILES

73       /etc/ypserv.conf
74

SEE ALSO

76       ypserv(8), rpc.ypxfrd(8)
77

WARNINGS

79       The access rules for special maps are no real improvement in  security,
80       but they make the life a little bit harder for a potential hacker.
81

BUGS

83       Solaris  clients don't use privileged ports. All security options which
84       depend on privileged ports cause big problems on Solaris clients.
85

AUTHOR

87       Thorsten Kukuk <kukuk@suse.de>
88
89
90
91YP Server                        October 2002                   YPSERV.CONF(5)
Impressum