1ypserv(1M) System Administration Commands ypserv(1M)
2
3
4
6 ypserv, ypxfrd - NIS server and binder processes
7
9 /usr/lib/netsvc/yp/ypserv [-dv] [-i | -I] [-r | -R]
10
11
12 /usr/lib/netsvc/yp/ypxfrd
13
14
16 The Network Information Service (NIS) provides a simple network lookup
17 service consisting of databases and processes. The databases are ndbm
18 files in a directory tree rooted at /var/yp. See ndbm(3C). These files
19 are described in ypfiles(4). The processes are
20 /usr/lib/netsvc/yp/ypserv, the NIS database lookup server, and
21 /usr/lib/netsvc/yp/ypbind, the NIS binder. The programmatic interface
22 to the NIS service is described in ypclnt(3NSL). Administrative tools
23 are described in yppoll(1M), yppush(1M), ypset(1M), ypxfr(1M), and
24 ypwhich(1). Tools to see the contents of NIS maps are described in
25 ypcat(1), and ypmatch(1). Database generation and maintenance tools are
26 described in ypinit(1M), ypmake(1M), and makedbm(1M).
27
28
29 The ypserv utility is a daemon process typically activated at system
30 startup from svc:/network/nis/server:default. Alternatively, you can,
31 as the root user, start NIS services using ypstart(1M) from the com‐
32 mand-line. ypserv runs only on NIS server machines with a complete NIS
33 database. You can halt all NIS services using the ypstop(1M) command.
34
35
36 The ypxfrd utility transfers entire NIS maps in an efficient manner.
37 For systems that use this daemon, map transfers are 10 to 100 times
38 faster, depending on the map. To use this daemon, be sure ypxfrd is
39 running on the master server. See /usr/lib/netsvc/yp/ypstart. ypxfr
40 attempts to use ypxfrd first. If that fails, it prints a warning, then
41 uses the older transfer method.
42
43
44 The ypserv daemon's primary function is to look up information in its
45 local database of NIS maps.
46
47
48 The operations performed by ypserv are defined for the implementor by
49 the YP Protocol Specification, and for the programmer by the header
50 file <rpcsvc/yp_prot.h>.
51
52
53 Communication to and from ypserv is by means of RPC calls. Lookup func‐
54 tions are described in ypclnt(3NSL), and are supplied as C-callable
55 functions in the libnsl(3LIB) library. There are four lookup functions,
56 all of which are performed on a specified map within some NIS domain:
57 yp_match(3NSL), yp_first(3NSL), yp_next(3NSL), and yp_all(3NSL). The
58 yp_match operation takes a key, and returns the associated value. The
59 yp_first operation returns the first key-value pair from the map, and
60 yp_next can be used to enumerate the remainder. yp_all ships the entire
61 map to the requester as the response to a single RPC request.
62
63
64 A number of special keys in the DBM files can alter the way in which
65 ypserv operates. The keys of interest are:
66
67 YP_INTERDOMAIN The presence of this key causes ypserv to forward
68 to a DNS server host lookups that cannot be satis‐
69 fied by the DBM files.
70
71
72 YP_SECURE This key causes ypserv to answer only questions
73 coming from clients on reserved ports.
74
75
76 YP_MULTI_hostname This is a special key in the form, YP_MULTI_host‐
77 name addr1,...,addrN. A client looking for host‐
78 name receives the closest address.
79
80
81
82 Two other functions supply information about the map, rather than map
83 entries: yp_order(3NSL), and yp_master(3NSL). In fact, both order num‐
84 ber and master name exist in the map as key-value pairs, but the server
85 will not return either through the normal lookup functions. If you
86 examine the map with makedbm(1M), however, they are visible. Other
87 functions are used within the NIS service subsystem itself, and are not
88 of general interest to NIS clients. These functions include
89 do_you_serve_this_domain?, transfer_map, and reinitialize_inter‐
90 nal_state.
91
92
93 On start up, ypserv checks for the existence of the NIS to LDAP (N2L)
94 configuration file /var/yp/NISLDAPmapping. If it is present then a mas‐
95 ter server starts in N2L mode. If the file is not present it starts in
96 "traditional" (non N2L) mode. Slave servers always start in traditional
97 mode.
98
99
100 In N2L mode, a new set of map files, with an LDAP_ prefix, are gener‐
101 ated, based on the contents of the LDAP DIT. The old map files, NIS
102 source files and ypmake(1M) are not used.
103
104
105 It is possible that ypmake(1M) can be accidentally run in N2L mode. If
106 the occurs, the old style map files are overwritten. That the map files
107 are overwritten is harmless. However, any resulting yppush(1M) opera‐
108 tion will push information based on the DIT rather than the source
109 files. The user may not expect information based on the DIT. ypserv
110 keeps track of the last modification date of the old style map files.
111 If the map files have been updated, a warning is logged that suggests
112 that the user call yppush directly instead of ypmake.
113
114
115 If a server attempts to run in N2L mode and a LDAP server cannot be
116 contacted, it behaves as follows:
117
118 1. When ypserv is started, a warning will be logged.
119
120 2. When a NIS read access is made and the TTL entry has
121 expired, a warning is logged.Information that is returned
122 from the cache has not been updated.
123
124 3. When a NIS write access is made, a warning is logged. The
125 cache will not be updated, and a NIS failure will be
126 returned.
127
128
129 If ypxfrd is running in N2L mode and is asked to transfer a map, ypxfrd
130 first checks whether the map is out of date. If the map is out of date,
131 ypxfrd initiates an update from the DIT. ypxfrd cannot wait for the
132 update to complete. If ypxfrd waited, the client end ypxfr operation
133 could time out. To prevent ypxfrd from timing out, the existing map is
134 transferred from the cache. The most up to date map will be transferred
135 on subsequent ypxfrd operations.
136
138 ypserv
139 -d The NIS service should go to the DNS for more host information.
140 This requires the existence of a correct /etc/resolv.conf file
141 pointing to a DNS server. This option turns on DNS forwarding
142 regardless of whether or not the YP_INTERDOMAIN flag is set in
143 the hosts maps. See makedbm(1M). In the absence of an
144 /etc/resolv.conf file, ypserv complains, but ignores the -d
145 option.
146
147
148 -i If in N2L mode, initialize the NIS related parts of the DIT
149 based on the current, non LDAP_ prefixed, map files. The LDAP_
150 prefixed maps are not created or updated. If you require that
151 LDAP_ prefixed maps be updated or created, then use the -ir
152 option.
153
154 The -i option does not attempt to create any NIS domain or con‐
155 tainer objects. If any NIS domain or container objects have not
156 already been created, then errors will occur, as entries are
157 written to nonexistent containers.
158
159
160 -I Identical to -i, except that any missing domain and container
161 objects are created.
162
163
164 -r If in N2L mode, then refresh the LDAP_ prefixed map files based
165 on the contents of the DIT.
166
167
168 -ir If both -i and -r are specified in N2L mode, then the DIT will
169 first be initialized from the current non LDAP_ prefixed map
170 files. A new set of LDAP_ prefixed maps will then be generated
171 from the contents of the DIT. A new set of LDAP_ prefixed maps
172 is required when moving from traditional NIS to N2L mode NIS.
173
174
175 -Ir Identical to -ir, except that any missing domain and container
176 objects are created.
177
178
179 -v Operate in the verbose mode, printing diagnostic messages to
180 stderr.
181
182
183
184 When run with the -i, -r, -I, -ir or -Ir options, the ypserv command
185 runs in the foreground and exits once map initialization has been com‐
186 pleted. Once the ypserv command exits, the user knows the maps are
187 ready and can restart ypserv and the other yp daemons by running
188 ypstart(1M).
189
190
191 If there is a requirement to initialize the DIT from the NIS source
192 files, which may have been modified since the maps were last remade,
193 run ypmake before running ypserv -i or ypserv -ir. ypmake regenerated
194 old style NIS maps. Then ypserv -ir dumps them into the DIT. When the
195 -ir option is used, the LDAP_ prefixe maps are also generated or
196 updated. Since these maps will be more recent than the old style maps,
197 ypmake will not be reported as erroneous when it is run.
198
200 /var/yp/securenets
201
202 Defines the hosts and networks that are granted access to informa‐
203 tion in the served domain. It is read at startup time by both
204 ypserv and ypxfrd.
205
206
207 /var/yp/ypserv.log
208
209 If the /var/yp/ypserv.log file exists when ypserv starts up, log
210 information is written to it when error conditions arise.
211
212
213 /var/yp/binding/domainname/ypservers
214
215 Lists the NIS server hosts that ypbind can bind to.
216
217
219 See attributes(5) for descriptions of the following attributes:
220
221
222
223
224 ┌─────────────────────────────┬─────────────────────────────┐
225 │ ATTRIBUTE TYPE │ ATTRIBUTE VALUE │
226 ├─────────────────────────────┼─────────────────────────────┤
227 │Availability │SUNWypu │
228 └─────────────────────────────┴─────────────────────────────┘
229
231 svcs(1), ypcat(1), ypmatch(1), ypwhich(1), domainname(1M), makedbm(1M),
232 svcadm(1M), ypbind(1M), ypinit(1M), ypmake(1M), yppoll(1M), yppush(1M),
233 ypset(1M), ypstart(1M), ypstop(1M), ypxfr(1M), ndbm(3C), ypclnt(3NSL),
234 libnsl(3LIB), NISLDAPmapping(4), securenets(4), ypfiles(4), ypserv(4),
235 attributes(5), smf(5)
236
237
238
239
241 ypserv supports multiple domains. The ypserv process determines the
242 domains it serves by looking for directories of the same name in the
243 directory /var/yp. It replies to all broadcasts requesting yp service
244 for that domain.
245
246
247 The Network Information Service (NIS) was formerly known as Sun Yellow
248 Pages (YP). The functionality of the two remains the same; only the
249 name has changed. The name Yellow Pages is a registered trademark in
250 the United Kingdom of British Telecommunications PLC, and must not be
251 used without permission.
252
253
254 NIS uses ndbm() files to store maps. Therefore, it is subject to the
255 1024 byte limitations described in the USAGE and NOTES sections of the
256 ndbm(3C) man page.
257
258
259 The NIS server service is managed by the service management facility,
260 smf(5), under the service identifier:
261
262 svc:/network/nis/server:default
263
264
265
266
267 Administrative actions on this service, such as enabling, disabling, or
268 requesting restart, can be performed using svcadm(1M). The service's
269 status can be queried using the svcs(1) command.
270
271
272
273SunOS 5.11 15 Dec 2004 ypserv(1M)