linux -nis&autofs-038

 NIS网络信息服务


38-1

注:

1)rpc 远程进程调用

2)Ypserver 验证用户身份

       3)yppasswd 用户更改服务器的口令

NIS、域、工作组的区别:

1).NIS网络信息服务

NISMASTER,SLAVE

2).域:

是集中管理的。DC(域的管理者)

--NIS管理类似于域管理。

3).工作组:

是管理分散的的

 

1.安装NIS服务相关的包

安装ypserver,yppasswdd,默认portmap是安装过的。

[root@myhost ~]# mount /dev/cdrom /mnt/cdrom

[root@myhost ~]# rpm -qa ypserver

[root@myhost ~]# rpm -qa |grep portmap

portmap-4.0-65.2.2.1

[root@myhost ~]# LANG=en_US.UTF-8

--查看portmap 是否正常工作的 (后跟地址可以查看某一服务器的)

[root@myhost ~]# rpcinfo -p

   program vers proto   port

    100000    2   tcp    111  portmapper

    100000    2   udp    111  portmapper

    100024    1   udp    789  status

    100024    1   tcp    792  status

--查包是否已安装

[root@myhost ~]# rpm -qa |grep ypser

[root@myhost ~]# rpm -qa |grep yppass

[root@myhost ~]# cd /mnt/cdrom/

[root@myhost cdrom]# cd /mnt/cdrom/Server/

[root@myhost Server]# ll ypser*

-r--r--r-- 99 root root 137048 Aug 12  2008 ypserv-2.19-5.el5.i386.rpm

--查看yppass 服务是否存在

[root@myhost Server]# chkconfig --list |grep yppass

 

-- ypass 包裹在ypserver

[root@myhost Server]# rpm -qlp ypserv-2.19-5.el5.i386.rpm |less|grep yppass*

/etc/rc.d/init.d/yppasswdd

/etc/sysconfig/yppasswdd

/usr/sbin/rpc.yppasswdd

/usr/share/man/man8/rpc.yppasswdd.8.gz

/usr/share/man/man8/yppasswdd.8.gz

[root@myhost Server]# rpm -ivh ypserv-2.19-5.el5.i386.rpm

 

2.启动服务

[root@myhost Server]# chkconfig

chkconfig version 1.3.30.1 - Copyright (C) 1997-2000 Red Hat, Inc.

This may be freely redistributed under the terms of the GNU Public License.

 

usage:   chkconfig --list [name]

         chkconfig --add <name>

         chkconfig --del <name>

         chkconfig [--level <levels>] <name> <on|off|reset|resetpriorities>

--启动ypserv

[root@myhost Server]# chkconfig ypserv on

--chkconfig --level 35 yppasswdd on 可以设置在某一基本启动

[root@myhost Server]# chkconfig --list |grep ypserv

ypserv            0:off       1:off       2:on 3:on 4:on 5:on 6:off

--启动yppasswd

[root@myhost Server]# chkconfig yppasswdd on

[root@myhost Server]# chkconfig --list |grep yppass

yppasswdd        0:off       1:off       2:on 3:on 4:on 5:on 6:off

[root@myhost Server]#

 

 

3.创建本地账号导入到nis server 的资料库

3.1创建本地账号

[root@myhost ~]# useradd user1

[root@myhost ~]# passwd user1

[root@myhost ~]# useradd user2

[root@myhost ~]# passwd user2

[root@myhost ~]# cat /etc/passwd

[root@myhost ~]# cat /etc/shadow

3.2编辑Makefile文件

[root@myhost Server]# cd /var/yp

[root@myhost yp]# vim Makefile

# If we have only one server, we don't have to push the maps to the

# slave servers (NOPUSH=true). If you have slave servers, change this

# to "NOPUSH=false" and put all hostnames of your slave servers in the file

# /var/yp/ypservers.

 23 NOPUSH=true

--不使用推,默认不推。master主动拷贝资料给slave服务器时是推的关系。

# MINGID is the lowest gid that will be included in the group maps.

 32 MINUID=500

 33 MINGID=500

--500及之后的用户导入到nis server资料库

 

 55 # These are the source directories for the NIS files; normally

 56 # that is /etc but you may want to move the source for the password

 57 # and group files to (for example) /var/yp/ypfiles. The directory

 58 # for passwd, group and shadow is defined by YPPWDDIR, the rest is

 59 # taken from YPSRCDIR.

 60 #

 61 YPSRCDIR = /etc

 62 YPPWDDIR = /etc

 63 YPBINDIR = /usr/lib/yp

 64 YPSBINDIR = /usr/sbin

 65 YPDIR = /var/yp

 66 YPMAPDIR = $(YPDIR)/$(DOMAIN)

117 all:  passwd group hosts \

4.定义nis域名

[root@myhost yp]# vim /etc/sysconfig/network

--添加一行

NISDOMAIN=nisexample

[root@myhost yp]#init 6

--重启

 

5.设置NIS服务器类型

[root@nisexample yp]# /usr/lib/yp/ypinit

usage:

  ypinit -m          --master server

  ypinit -s master        --slave server

 

where -m is used to build the data bases on a master NIS server,

and -s is used for a slave data base. master must be an existing

reachable NIS server.

[root@nisexample ~]# /usr/lib/yp/ypinit -m

 

At this point, we have to construct a list of the hosts which will run NIS

servers.  nisexample is in the list of NIS server hosts.  Please continue to add

the names for the other hosts, one per line.  When you are done with the

list, type a <control D>.

        next host to add:  nisexample

        next host to add:               --添加其他主机,如果没有ctr+d 跳过

The current list of NIS servers looks like this:

 

nisexample

 

Is this correct?  [y/n: y]  y

We need a few minutes to build the databases...

Building /var/yp/nisexample/ypservers...

gethostbyname(): Success

Running /var/yp/Makefile...

gmake[1]: Entering directory `/var/yp/nisexample'

Updating passwd.byname...

Updating passwd.byuid...

Updating group.byname...

Updating group.bygid...

Updating hosts.byname...

Updating hosts.byaddr...

gmake[1]: Leaving directory `/var/yp/nisexample'

 

nisexample has been set up as a NIS master server.

 

Now you can run ypinit -s nisexample on all slave server.

[root@nisexample ~]# cd /var/yp/nisexample/

[root@nisexample nisexample]# ll

total 112

-rw------- 1 root root 12450 Oct  5 13:16 group.bygid

-rw------- 1 root root 12456 Oct  5 13:15 group.byname

-rw------- 1 root root 12499 Oct  5 13:16 hosts.byaddr

-rw------- 1 root root 12520 Oct  5 13:16 hosts.byname

-rw------- 1 root root 12637 Oct  5 13:15 passwd.byname

-rw------- 1 root root 12631 Oct  5 13:15 passwd.byuid

-rw------- 1 root root 12358 Oct  5 13:15 ypservers

[root@nisexample nisexample]#

 

 

 

 

6.配置客户端

首先客户端要加入到nis

6.1检查ypbind

[root@nis-client ~]# chkconfig --list|grep ypb

ypbind          0:off   1:off   2:off   3:off   4:off   5:off   6:off

[root@nis-client ~]# authconfig-tui

 

6.2把客户端机器加入域环境

#authconfig-tui

1) 选择

     [*]use nis


38-2

 

2domain nisexample

   server 192.168.100.70


38-3

Stopping portmap:                                          [  OK  ]           

Starting portmap:                                          [  OK  ]

Binding to the NIS domain:                                 [  OK  ]

Listening for an NIS domain server.

 

7.服务器上创建用户导入到资料库,实现在客户端能够登陆

[root@nis-server yp]# useradd tom

[root@nis-server yp]# passwd tom

[root@nis-server yp]# tail /etc/passwd

tom:x:503:503::/home/tom:/bin/bash

[root@nis-server yp]# pwd

/var/yp

[root@nis-server yp]#

[root@nis-server yp]# make    ---–重新导出资料库

gmake[1]: Entering directory `/var/yp/nisexample'

Updating passwd.byname...

Updating passwd.byuid...

Updating group.byname...

Updating group.bygid...

gmake[1]: Leaving directory `/var/yp/nisexample'

[root@nis-server yp]#

[root@nis-server yp]#

用户可以通过身份验证登陆,但是会找不到家目录,登陆出现:-bash-3.2$

8.更改用户在客户端登陆的家目录问题

8.1在服务器端

挂载server/home目录到本地 ,用户在本地登陆就可以找到自己的家目录了

编辑共享清单

[root@nis-server yp]# vim /etc/exports

/home 192.168.100.0/255.255.255.0(rw,sync) –----在该网段可读可写、保持同步

~

启动nfs服务

[root@nis-server yp]# service nfs start

Starting NFS services:                                     [  OK  ]

Starting NFS quotas:                                       [  OK  ]

Starting NFS daemon:                                       [  OK  ]

Starting NFS mountd:                                       [  OK  ]

[root@nis-server yp]# exportfs rv

导出共享清单

[root@nis-server yp]# exportfs -rv

exporting 192.168.100.0/255.255.255.0:/home

[root@nis-server yp]#

8.2客户端配置

客户端挂载服务器的/home

[root@nis-client ~]#

[root@nis-client ~]# mount 192.168.100.70:/home /home

[root@nis-client ~]# mount

192.168.100.70:/home on /home type nfs (rw,addr=192.168.100.70)

[root@nis-client ~]# ll /home

total 24

drwx------ 3 jim   jim   4096 Oct  5 14:04 jim

drwx------ 3 tom   tom   4096 Oct  5 13:45 tom

drwx------ 3 user  user  4096 Sep 16 00:16 user

drwx------ 3 user1 user1 4096 Oct  5 11:38 user1

drwx------ 3 user2 user2 4096 Oct  5 11:38 user2

[root@nis-client ~]#

用户在客户端登陆正常:

[tom@nis-client ~]$

9.自动挂载

解决服务器负担

9.1Nis-server

重新创建nis的家目录

[root@nis-server yp]# mkdir /nishome

[root@nis-server yp]# useradd -d /nishome/user9 user9

[root@nis-server yp]# useradd -d /nishome/user10 user10

[root@nis-server yp]# passwd user9

[root@nis-server yp]# passwd user10

[root@nis-server yp]# make

gmake[1]: Entering directory `/var/yp/nisexample'

Updating passwd.byname...

Updating passwd.byuid...

Updating group.byname...

Updating group.bygid...

gmake[1]: Leaving directory `/var/yp/nisexample'

[root@nis-server yp]#

[root@nis-server yp]# vim /etc/exports

/nishome 192.168.100.0/255.255.255.0(rw,sync)

[root@nis-server yp]# exportfs -rv

exporting 192.168.100.0/255.255.255.0:/nishome

[root@nis-server yp]#

[root@nis-server yp]# servcie nfs restart

 

9.2 Nis-Client

[root@nis-client etc]# ll -d /nishome

drwxr-xr-x 2 root root 0 Oct  5 14:44 /nishome

[root@nis-client etc]# chmod o+wt /nishome/

[root@nis-client etc]# ll -d /nishome

drwxr-xrwt 2 root root 0 Oct  5 14:44 /nishome

 

[root@nis-client ~]# vim /etc/auto.m

auto.master  auto.misc   

[root@nis-client ~]# vim /etc/auto.master

/nishome /etc/auto.nis --timeout=60   

--添加监控文件,超出时间60                   

[root@nis-client ~]# cd /etc/

[root@nis-client etc]# cp auto.misc auto.nis

[root@nis-client etc]# vim auto.nis

user9           -rw,soft,intr           192.168.100.70:/nishome/user9

user10           -rw,soft,intr           192.168.100.70:/nishome/user10

有人进入user9时,可读可写 允许报错 允许中断;把服务器的user9挂到本地user9                               

用户实现客户端的登录

客户机不需配置账号

只需在服务器上配置账号就可以了

 

[root@nis-client etc]# showmount -e 192.168.100.70

Export list for 192.168.100.70:

/home 192.168.100.0/255.255.255.0

[root@nis-client etc]# service autofs restart

Stopping automount:                                        [  OK  ]

Starting automount:                                        [  OK  ]

[root@nis-client etc]#

[root@nis-client etc]# mount 192.168.100.70:/nishome /nishome

[root@nis-client etc]#

User9在客户端登陆:

[user9@nis-client ~]$

9.3.多用户自动挂载

Nis-server

[root@nis-server yp]# passwd user11

Changing password for user user11.

New UNIX password:

BAD PASSWORD: it is WAY too short

Retype new UNIX password:

passwd: all authentication tokens updated successfully.

[root@nis-server yp]#

[root@nis-server yp]#

[root@nis-server yp]# make

gmake[1]: Entering directory `/var/yp/nisexample'

Updating passwd.byname...

Updating passwd.byuid...

Updating group.byname...

Updating group.bygid...

gmake[1]: Leaving directory `/var/yp/nisexample'

[root@nis-server yp]#

Nis-client

[root@nis-client etc]# vim /etc/auto.nis

*          -rw,soft,intr           192.168.100.70:/nishome/&

用户多了,可以用一句

*表示要进入客户端的用户

--*替换&

&表示将该*用户在服务器上的目录自动挂载过来、                              

[root@nis-client etc]# service autofs restart

Stopping automount:                                        [  OK  ]

Starting automount:                                        [  OK  ]

[root@nis-client etc]#

[root@nis-client etc]#

用户在client登陆

[user11@nis-client ~]$

你可能感兴趣的:(linux,职场,休闲,NIS)