ypserv(1m) - osol9

1ypserv(1M)              System Administration Commands              ypserv(1M)
2
3
4

NAME

6       ypserv, ypxfrd - NIS server and binder processes
7

SYNOPSIS

9       /usr/lib/netsvc/yp/ypserv [-dv] [-i | -I] [-r | -R]
10
11
12       /usr/lib/netsvc/yp/ypxfrd
13
14

DESCRIPTION

16       The  Network Information Service (NIS) provides a simple network lookup
17       service consisting of databases and processes. The databases  are  ndbm
18       files  in a directory tree rooted at /var/yp. See ndbm(3C). These files
19       are     described     in     ypfiles(4).     The     processes      are
20       /usr/lib/netsvc/yp/ypserv,   the   NIS   database  lookup  server,  and
21       /usr/lib/netsvc/yp/ypbind, the NIS binder. The  programmatic  interface
22       to  the  NIS service is described in ypclnt(3NSL). Administrative tools
23       are described in  yppoll(1M),  yppush(1M),  ypset(1M),  ypxfr(1M),  and
24       ypwhich(1).  Tools  to  see  the  contents of NIS maps are described in
25       ypcat(1), and ypmatch(1). Database generation and maintenance tools are
26       described in ypinit(1M), ypmake(1M), and makedbm(1M).
27
28
29       The  ypserv  utility  is a daemon process typically activated at system
30       startup from svc:/network/nis/server:default. Alternatively,  you  can,
31       as  the  root  user, start NIS services using ypstart(1M) from the com‐
32       mand-line. ypserv runs only on NIS server machines with a complete  NIS
33       database. You can halt all NIS services using the ypstop(1M) command.
34
35
36       The  ypxfrd  utility  transfers entire NIS maps in an efficient manner.
37       For systems that use this daemon, map transfers are  10  to  100  times
38       faster,  depending  on  the  map. To use this daemon, be sure ypxfrd is
39       running on the master  server.  See  /usr/lib/netsvc/yp/ypstart.  ypxfr
40       attempts  to use ypxfrd first. If that fails, it prints a warning, then
41       uses the older transfer method.
42
43
44       The ypserv daemon's primary function is to look up information  in  its
45       local database of NIS maps.
46
47
48       The  operations  performed by ypserv are defined for the implementor by
49       the YP Protocol Specification, and for the  programmer  by  the  header
50       file <rpcsvc/yp_prot.h>.
51
52
53       Communication to and from ypserv is by means of RPC calls. Lookup func‐
54       tions are described in ypclnt(3NSL), and  are  supplied  as  C-callable
55       functions in the libnsl(3LIB) library. There are four lookup functions,
56       all of which are performed on a specified map within some  NIS  domain:
57       yp_match(3NSL),  yp_first(3NSL),  yp_next(3NSL),  and yp_all(3NSL). The
58       yp_match operation takes a key, and returns the associated  value.  The
59       yp_first  operation  returns the first key-value pair from the map, and
60       yp_next can be used to enumerate the remainder. yp_all ships the entire
61       map to the requester as the response to a single RPC request.
62
63
64       A  number  of  special keys in the DBM files can alter the way in which
65       ypserv operates. The keys of interest are:
66
67       YP_INTERDOMAIN       The presence of this key causes ypserv to  forward
68                            to a DNS server host lookups that cannot be satis‐
69                            fied by the DBM files.
70
71
72       YP_SECURE            This key causes ypserv to  answer  only  questions
73                            coming from clients on reserved ports.
74
75
76       YP_MULTI_hostname    This  is a special key in the form, YP_MULTI_host‐
77                            name addr1,...,addrN. A client looking  for  host‐
78                            name receives the closest address.
79
80
81
82       Two  other  functions supply information about the map, rather than map
83       entries: yp_order(3NSL), and yp_master(3NSL). In fact, both order  num‐
84       ber and master name exist in the map as key-value pairs, but the server
85       will not return either through the  normal  lookup  functions.  If  you
86       examine  the  map  with  makedbm(1M),  however, they are visible. Other
87       functions are used within the NIS service subsystem itself, and are not
88       of   general   interest   to   NIS  clients.  These  functions  include
89       do_you_serve_this_domain?,   transfer_map,   and    reinitialize_inter‐
90       nal_state.
91
92
93       On  start  up, ypserv checks for the existence of the NIS to LDAP (N2L)
94       configuration file /var/yp/NISLDAPmapping. If it is present then a mas‐
95       ter  server starts in N2L mode. If the file is not present it starts in
96       "traditional" (non N2L) mode. Slave servers always start in traditional
97       mode.
98
99
100       In  N2L  mode, a new set of map files, with an LDAP_ prefix, are gener‐
101       ated, based on the contents of the LDAP DIT. The  old  map  files,  NIS
102       source files and ypmake(1M) are not used.
103
104
105       It  is possible that ypmake(1M) can be accidentally run in N2L mode. If
106       the occurs, the old style map files are overwritten. That the map files
107       are  overwritten  is harmless. However, any resulting yppush(1M) opera‐
108       tion will push information based on the  DIT  rather  than  the  source
109       files.  The  user  may  not expect information based on the DIT. ypserv
110       keeps track of the last modification date of the old style  map  files.
111       If  the  map files have been updated, a warning is logged that suggests
112       that the user call yppush directly instead of ypmake.
113
114
115       If a server attempts to run in N2L mode and a  LDAP  server  cannot  be
116       contacted, it behaves as follows:
117
118           1.     When ypserv is started, a warning will be logged.
119
120           2.     When  a  NIS  read  access  is  made  and  the TTL entry has
121                  expired, a warning is logged.Information  that  is  returned
122                  from the cache has not been updated.
123
124           3.     When  a  NIS  write access is made, a warning is logged. The
125                  cache will not  be  updated,  and  a  NIS  failure  will  be
126                  returned.
127
128
129       If ypxfrd is running in N2L mode and is asked to transfer a map, ypxfrd
130       first checks whether the map is out of date. If the map is out of date,
131       ypxfrd  initiates  an  update  from the DIT. ypxfrd cannot wait for the
132       update to complete. If ypxfrd waited, the client  end  ypxfr  operation
133       could  time out. To prevent ypxfrd from timing out, the existing map is
134       transferred from the cache. The most up to date map will be transferred
135       on subsequent ypxfrd operations.
136

OPTIONS

138   ypserv
139       -d     The  NIS service should go to the DNS for more host information.
140              This requires the existence of a correct  /etc/resolv.conf  file
141              pointing  to  a  DNS server. This option turns on DNS forwarding
142              regardless of whether or not the YP_INTERDOMAIN flag is  set  in
143              the   hosts   maps.  See  makedbm(1M).  In  the  absence  of  an
144              /etc/resolv.conf file, ypserv  complains,  but  ignores  the  -d
145              option.
146
147
148       -i     If  in  N2L  mode,  initialize  the NIS related parts of the DIT
149              based on the current, non LDAP_ prefixed, map files.  The  LDAP_
150              prefixed  maps  are  not created or updated. If you require that
151              LDAP_ prefixed maps be updated or  created,  then  use  the  -ir
152              option.
153
154              The  -i option does not attempt to create any NIS domain or con‐
155              tainer objects. If any NIS domain or container objects have  not
156              already  been  created,  then  errors will occur, as entries are
157              written to nonexistent containers.
158
159
160       -I     Identical to -i, except that any missing  domain  and  container
161              objects are created.
162
163
164       -r     If  in N2L mode, then refresh the LDAP_ prefixed map files based
165              on the contents of the DIT.
166
167
168       -ir    If both -i and -r are specified in N2L mode, then the  DIT  will
169              first  be  initialized  from  the current non LDAP_ prefixed map
170              files. A new set of LDAP_ prefixed maps will then  be  generated
171              from  the  contents of the DIT. A new set of LDAP_ prefixed maps
172              is required when moving from traditional NIS to N2L mode NIS.
173
174
175       -Ir    Identical to -ir, except that any missing domain  and  container
176              objects are created.
177
178
179       -v     Operate  in  the  verbose  mode, printing diagnostic messages to
180              stderr.
181
182
183
184       When run with the -i, -r, -I, -ir or -Ir options,  the  ypserv  command
185       runs  in the foreground and exits once map initialization has been com‐
186       pleted. Once the ypserv command exits, the  user  knows  the  maps  are
187       ready  and  can  restart  ypserv  and  the  other yp daemons by running
188       ypstart(1M).
189
190
191       If there is a requirement to initialize the DIT  from  the  NIS  source
192       files,  which  may  have been modified since the maps were last remade,
193       run ypmake before running ypserv -i or ypserv -ir.  ypmake  regenerated
194       old  style  NIS maps. Then ypserv -ir dumps them into the DIT. When the
195       -ir option is used, the  LDAP_  prefixe  maps  are  also  generated  or
196       updated.  Since these maps will be more recent than the old style maps,
197       ypmake will not be reported as erroneous when it is run.
198

FILES

200       /var/yp/securenets
201
202           Defines the hosts and networks that are granted access to  informa‐
203           tion  in  the  served  domain.  It  is read at startup time by both
204           ypserv and ypxfrd.
205
206
207       /var/yp/ypserv.log
208
209           If the /var/yp/ypserv.log file exists when ypserv  starts  up,  log
210           information is written to it when error conditions arise.
211
212
213       /var/yp/binding/domainname/ypservers
214
215           Lists the NIS server hosts that ypbind can bind to.
216
217

ATTRIBUTES

219       See attributes(5) for descriptions of the following attributes:
220
221
222
223
224       ┌─────────────────────────────┬─────────────────────────────┐
225       │      ATTRIBUTE TYPE         │      ATTRIBUTE VALUE        │
226       ├─────────────────────────────┼─────────────────────────────┤
227       │Availability                 │SUNWypu                      │
228       └─────────────────────────────┴─────────────────────────────┘
229

NOTES

241       ypserv  supports  multiple  domains.  The ypserv process determines the
242       domains it serves by looking for directories of the same  name  in  the
243       directory  /var/yp.  It replies to all broadcasts requesting yp service
244       for that domain.
245
246
247       The Network Information Service (NIS) was formerly known as Sun  Yellow
248       Pages  (YP).  The  functionality  of the two remains the same; only the
249       name has changed. The name Yellow Pages is a  registered  trademark  in
250       the  United  Kingdom of British Telecommunications PLC, and must not be
251       used without permission.
252
253
254       NIS uses ndbm() files to store maps. Therefore, it is  subject  to  the
255       1024  byte limitations described in the USAGE and NOTES sections of the
256       ndbm(3C) man page.
257
258
259       The NIS server service is managed by the service  management  facility,
260       smf(5), under the service identifier:
261
262         svc:/network/nis/server:default
263
264
265
266
267       Administrative actions on this service, such as enabling, disabling, or
268       requesting restart, can be performed using  svcadm(1M).  The  service's
269       status can be queried using the svcs(1) command.
270
271
272
273SunOS 5.11                        15 Dec 2004                       ypserv(1M)