How to install and configure NIS server, client and NIS slave machine?

How to install and configure NIS server, client and NIS slave machine?

Lets first configure NFS server and client :-

NFS server installation and configuration(For NFSv2 and 3) :

Environment : RHEL 5

--------
1. #yum install nfs-utils
--------
The nfs-utils package provide a daemon for the kernel NFS server and related tools. The daemons are "portmap", "nfslock" and "nfs". Once installation is complete, please do the following :

2. Service start :
--------
#service portmap start
#service nfslock start
#service nfs start
#chkconfig portmap on
#chkconfig nfslock on
#chkconfig nfs on
--------

3. modify /etc/exports file, add following lines into it. Note that /home will be exported to all from the server.

-------
/home *(rw,sync,all_squash)
-------

4. Execute the following command to export without restarting the service :

------
#exportfs -va
------

5. Check whether it has exported or not :

------
#showmount -e
------

6. Check status and daemons :

-------
#nfsstat
#rpcinfo -p localhost
-------

NFS client setup and configuration :

1. Install nfs-utils on client like :

----
#yum install nfs-utils
----

Here necessary daemons are portmap and nfslock.

2. Start them and make chkconfig:

-----
#service portmap start
#service nfslock start
#chkconfig portmap on
#chkconfig nfslock on
-----

3. Check NFS server from the client :

------
#showmount -e nfs_server_IP
------

4. mount -t nfs nfs_server_IP:/home /home

Note that last /home is a directory on the client machine and forst :/home on the NFS server and that has been mounted.

Thats't it. Now create any file inside the /home on NFS server and check the /home on client. It will be created.

======================

Note : autofs has been introduced to make automount the NFS shared directory. This is basically a daemon which calls the binary automount to automatically mount the remote drive. If you configure this daemon additionally you don't need to manualy mount the directory. Here are the steps to configure that daemon :

On client machine :
------
1. #yum install autofs
------

2. vi /etc/auto.master and add the following line (This is an example on my m/c)

------
/home /etc/auto.home --timeout 600
------

3. vi /etc/auto.home //Note that naming will be like that (starting with auto.somthing)

-----
* -fstype=nfs,soft,intr,rsize=8192,wsize=8192,nosuid,tcp IP_of_NFS_server:/home/&
-----

here "*" is subdirectory or key value that will be mounted to /home/& (ie auto temorary created user home). As an example mapping will be like :

NFS_server_IP:/home/user_on_nfs_server to /home/user_on_nfs_client with the above options.

4. That's it. Save the file and restart and chkconfig the autofs like :

-----
#service autofs restart
#chkconfig autofs on
-----

That's it.

=======================
For NFSv4 : You need to install following packages on the NFS server :

On server continuing...
1.
----
nfs-utils
portmap
nfs4-acl-tools
----

Install them using yum like

----
#yum install nfs-utils nfs4-acl-tools portmap
----

2. Use the option fsid=0 in the /etx/exports file. Export a directory over NFS v4. NFSv4 has a concept of a root of the overall exported filesystem. The export point exported with fsid=0 will be used as this root.For example, if you got /sales/mumbai, /sales/pune subdir, then client would see them as /mumbai and /pune directory. Please note that this can only export one directory with the fsid=0 option.

Start NFS service as above.

On NFSv4 Client Configuration :

1. mount the remote directory using file type : -t nfs4 like > mount -t nfs4 servername:/home /home

These are the difference with NFSv3 and 4.

And NFSv4 has following advantages :

1. Performance improvements
2. Mandates security and ACL
3. NFS v4 by default works over TCP s
4. Easy to setup firewall option

======================

Installing and configuring NIS server :

1. Install following packages on NIS server like :

----
#yum -y install ypserv ypbind portmap yp-tools
----

2. Edit /etc/sysconfig/network File

----
NISDOMAIN="vm156.gsslab.pnq.example.com"
----

3. Edit /etc/yp.conf File

----
ypserver 127.0.0.1
----

4. Start The Key NIS Server Related Daemons :

-----
#for i in portmap yppasswdd ypserv ; do service $i start; chkconfig $i on; done
-----

5. Check the daemons :

-----
#rpcinfo -p localhost
-----

6. Initialize NIS Domain :

-----
#updatedb; locate ypinit
#/usr/lib64/yp/ypinit -m
-----

Press Ctrl+D and press "y".

7. Start The ypbind(For making bind with the client) and ypxfrd(For making mapping more faster) Daemons :

------
#service ypbind start
#service ypxfrd start
#chkconfig ypbind on
#chkconfig ypxfrd on
------

8. Check the daemons whether they are running : #rpcinfo -p localhost
9. Adding New NIS Users on NIS server :

------
#useradd -g mynisgroup mynisuser
#passwd mynisuser
#cd /var/yp; make
------

here make will update the authentication files of the NIS.

10. Check to see if the user's authentication information has been updated by using the ypmatch command like : ypmatch mynisuser passwd; getent passwd mynisuser

-------------------------

Configuring The NIS Client :

1. Install following packages on the client machine.

----
ypbind
yp-tools
----

2. execute the command :

----
#authconfig-tui
----

Go to NIS authentication and press TAB key to select it. Then press NEXT. Now it'll ask for NISDOMAIN and IP of th NIS server. Provide these here and press OK.

3. Make sure following files has been updated like :
/etc/yp.conf , /etc/sysconfig/network and /etc/nsswitch.conf

Example on my system :

------
[root@vm91 yp]# cat /etc/yp.conf |grep domain
domain vm156.gsslab.pnq.example.com server 10.65.211.156
[root@vm91 yp]#
------
[root@vm91 yp]#cat /etc/sysconfig/network
NISDOMAIN=vm156.gsslab.pnq.example.com
[root@vm91 yp]#

[root@vm91 yp]# cat /etc/nsswitch.conf|egrep "group|passwd|shadow"
#passwd: db files nisplus nis
#shadow: db files nisplus nis
#group: db files nisplus nis
passwd: files nis
shadow: files nis
group: files nis
netgroup: files nis
[root@vm91 yp]#

4. Start The NIS Client Related Daemons :

------
#service portmap start
#service ypbind start
#chkconfig ypbind on
#chkconfig portmap on
------

5. Verify Name Resolution of the hostname :
vi /etc/hosts
------
IP_of_NIS_server hostname_name_of_NIS_server
IP_of_NIS_client hostname_name_of_NIS_client
------

6. Testing NIS server from NIS client : Execute follwoign command which will give correct o/p :

-----
#ypcat passwd
-----

Like :

[root@vm91 yp]# ypcat passwd
mynisuser:$1$R5H0B1OS$iunkOZOibH097ohZlOOsT0:500:100::/home/mynisuser:/bin/bash
[root@vm91 yp]#

7. Finally access the account from NIS client :

Logging In Via SSH
-----
#ssh -l mynisuser IP_of_NIS_client //client will access nis server and mount the home directory of the user.
-----

You'll see home directory has been mounted to the client machine.

That's it.

================================

NIS slave configuration :

1. Install follwoing packages on slave machine :

-----
ypserv
ypbind
portmap
yp-tools
-----

2. On NIS master : vi /etc/hosts and add NIS slave IP and name

-----
slave_IP slave_host_name
-----

3. On NIS slave : vi /etc/hosts and add NIS master IP and name

------
NIS_master_IP master_name
------

4. On both master and slave following file content will be same :

cat /etc/yp.conf
-----
ypserver 127.0.0.1
-----
cat /etc/sysconfig/network

----
NISDOMAIN="nis_domain_name"
----

5. Run following daemon like :

-----
#for i in portmap ypbind ypxfrd ; do service $i start; chkconfig $i on; done
-----

6. Test database query from slave to master like :

------
#ypwhich -m
------

You'll get like :

-----
[root@vm91 yp]# ypwhich -m
mail.aliases vm156.gsslab.pnq.example.com
ypservers vm156.gsslab.pnq.example.com
hosts.byaddr vm156.gsslab.pnq.example.com
group.byname vm156.gsslab.pnq.example.com
netid.byname vm156.gsslab.pnq.example.com
rpc.byname vm156.gsslab.pnq.example.com
group.bygid vm156.gsslab.pnq.example.com
passwd.byname vm156.gsslab.pnq.example.com
protocols.bynumber vm156.gsslab.pnq.example.com
passwd.byuid vm156.gsslab.pnq.example.com
rpc.bynumber vm156.gsslab.pnq.example.com
services.byservicename vm156.gsslab.pnq.example.com
protocols.byname vm156.gsslab.pnq.example.com
hosts.byname vm156.gsslab.pnq.example.com
services.byname vm156.gsslab.pnq.example.com
[root@vm91 yp]#
-----

7. Download initial db from master :

----
#/usr/lib64/yp/ypinit -s IP_nis_master
----

8. Now that the data has been successfully downloaded, it's time to make the slave server serve NIS clients with ypserv.

-----
#service ypserv start
-----

9. Go to nis master and vi /var/yp/ypservers. add the slave name or ip like :

-----
[root@vm156 mynisuser]# cat /var/yp/ypservers
vm156.gsslab.pnq.example.com
vm91.gsslab.pnq.example.com
[root@vm156 nisuser]#
-----

10 Do followings on master :

-----
#cd /var/yp
#cp Makefile Makefile.old
#vi /var/vp/Makefile and set following :
NOPUSH=false
#make
-----

Here make command automatically pushes database updates to the servers listed in the /var/yp/servers file.

11. set cron to sync the slave with master like :

-----
vi /etc/cron.d/nis_sync

20 * * * * /usr/lib64/yp/ypxfr_1perhour
40 6 * * * /usr/lib64/yp/ypxfr_1perday
55 6,18 * * * /usr/lib64/yp/ypxfr_2perday
-----

12 Atlast configure all the clients with the slave as well as master:

like :

----
Edit the /etc/yp.conf file on all the clients to include nisslave, and restart ypbind.

domain nis_domain_name server nis_master_ip
domain nis_domain_name server nis_slave_ip
-----

#service ypbind restart.

that's all.....

Client can change their password using the command : yppasswd


try :)

Read More

How to exclude packages in yum.conf ?

Guys,

vi /etc/yum.conf and append following line :

----
exclude=pkgname*
----

Then save it and execute : #yum update

Example :

----
exclude=php* kernel*
----
exclude=gdm grub
----

Try :)

Read More

/usr/bin/ld: cannot open output file mplayer: Is a directory

Guys,

I got the same error message when I was compiling mplayer. I traced the system call but didn't get any clue at the first attempt. It was same o/p as it is at the subject like :

-----
wait4(-1, /usr/bin/ld: cannot open output file mplayer: Is a directory
-----

"ld" binary is basically makes link with various object file and at the end of the compilation it usually does it. It was linking other object files with mplayer binary but there was a mplayer directory inside the current directory. That's made this error. I have renamed the directory and copied the mplayer binary from the renamed directory to the current directory. Then successfully recompiled and installed the mplayer.

Try :)

Read More

Fatal Python error: pycurl: libcurl link-time version is older than compile-time version

Guys,

I got the same error messages when I was installing another packages using yum. However to sort it out this error it took around 4 hours. As per the error message I know that old libcurl is being used rather than compiled libcurl. The reason is that I had to installed curl using source and I knew that curl already existed. My intention was to install updated curl on my WS. However, this made the problem to use the pycurl. Yum uses python-pycurl and curl depends on libcurl. This is the basic scenario. I sated this so that you can also sort it out this type issues by yourself using basic concept.

Here are the steps that I followed.

Issue :

#yum update

Fatal Python error: pycurl: libcurl link-time version is older than compile-time version
Aborted

Environment :

Affected m/c : RHEL 6 workstation, 64 bits,
libcurl.so.4.1.1 copied from RHEL 6 server, 64 bits
used Pkg : libcurl-7.19.7-16.el6.x86_64


1.
------------
# locate libcurl
------------

2. Then removed/renamed all the libraries of libcurl.

3.

------------
#cd /usr/lib64/
#ln -s libcurl.so.4 libcurl.so.4.1.1
------------

4. Copied libcurl.so.4.1.1 from remote RHEL 6 server :

------------
#cd /usr/lib64/
#scp -r root@remote_RHEL6_server_ip:/usr/lib64/libcurl.so.4.1.1 ./
------------

5. Checked md5sum of the files on both machine(You'll get a md5 ID and both will be same. This is to make it sure that data has not been lost. If both IDs are different then data has corrupted or lost. Need to copy in another way) :

------------
#md5sum libcurl.so.4.1.1
------------

6.

-----
#cd /usr/local/src/
-----

Download libcurl-7.19.7-16.el6.x86_64 from the internet inside the above directory like :

-------
#wget url_of_the_above_package
-------

7.

-------
#rpm -Uvh libcurl-7.19.7-16.el6.x86_64.rpm
-------

8.

-------
#updatedb
#ldconfig
-------

9. Now, you need to register your machine(if RHEL) with the RHN repo. Just execute following command and provide your RHN login details and proceed.

-------
#rhn_register
-------

10. Once you re-register the system execute the following command :

-------
#yum clean all
#yum -y upgrade yum yum-rhn-plugin;
#yum update
-------

11. Now you can install your desired package.

===========

That's it. Try :)

Read More

How to chroot(change root) for all user on linux?

Env :
SSH : 4.3p2
Linux : RHEL 5.5
Kernel : 2.6.18-194.32.1.el5
Arch : 64 bit

BE VERY CAREFUL BEFORE DOING THIS :
Here is what I did :

On SSH server :

1. Add the following in /etc/ssh/sshd_config

ChrootDirectory /test

2.

# mkdir /test
# cd /test; mkdir bin lib64 [ on 32 bit server create 'lib' instead of lib64 ]
# cp /bin/bash /test/bin

# ldd /bin/bash
libtermcap.so.2 => /lib64/libtermcap.so.2 (0x000000387f800000)
libdl.so.2 => /lib64/libdl.so.2 (0x000000387fc00000)
libc.so.6 => /lib64/libc.so.6 (0x000000387f400000)
/lib64/ld-linux-x86-64.so.2 (0x000000387f000000)

Then copy all libraries under /lib64 to /test/lib64/ [ for example # cp /lib64/libtermcap.so.2 /test/lib64/ ]

3. If customer want to use 'ls' command in chrooted environment, repeat the same steps for ls too.

4. Restart sshd server like : /etc/init.d/sshd restart

Try :)

Read More