RedHat 5.1 NIS broken

RedHat 5.1 NIS broken

Post by Roger Davi » Sat, 22 Aug 1998 04:00:00



[ rbd-ypcat 3K ]
Sorry for the repeat post, but I got no useful information the first time
around so I'm trying again.

Is there anyone out there who is successfully using a RedHat 5.1 system
as an NIS client (or who has tried and failed)? If so, I'd greatly appreciate
answers to the following questions:

(1) Does ypcat work, e.g., 'ypcat hosts', or do you get a message about an
internal NIS error just like I do?

(2) Have you had any success with using an NIS netgroup name in your /etc/exports
file to control remote mount access to your local filesystems?

Following is the full text of my original post:

##############################

I am having difficulty getting my RedHat 5.1 system (kernel 2.0.34) to work as
a fully functional NIS client. Some NIS things work on the system (ulua) but
others do not, in particular

        ulua# ypcat hosts
        No such map hosts.byaddr. Reason: Internal NIS error

However, the following *does* work:

        ulua# ypmatch ulua hosts
        128.171.159.128 ulua ulua.soest.hawaii.edu

Go figure. I can't use ypcat to look at any maps whatsoever, but I do get the
following, for whatever it's worth:

        ulua# ypcat -x
        Use "passwd" for "passwd.byname"
        Use "group" for "group.byname"
        Use "networks" for "networks.byaddr"
        Use "hosts" for "hosts.byaddr"
        Use "protocols" for "protocols.bynumber"
        Use "services" for "services.byname"
        Use "aliases" for "mail.aliases"
        Use "ethers" for "ethers.byname"

Use of the real map name instead of the alias makes no difference, however:

        ulua# ypcat hosts.byaddr
        No such map hosts.byaddr. Reason: Internal NIS error

A different error message is generated if I try to access a map which *really*
does not exist, so ypcat isn't entirely stupid:

        ulua# ypcat nosuchmap
        No such map nosuchmap. Reason: No such map in server's domain

My current yp (NIS) package revs are as follows:

        ulua# rpm -q -a | grep yp
        yp-tools-1.4.1-2
        ypbind-3.3-7
        ypserv-1.3.1-2

If the only symptom of my problem was a broken ypcat I could probably get by,
but there are two other problems which may be related. First, I can remotely
log in to this system with an NIS userID (or log in on one of the virtual
terminal consoles), but I *can't* use an NIS userID to log in on the CDE
console. (I've had this problem on another RedHat system, and it would sure
be great if somebody could fix this!) Second, netgroup names in /etc/exports
don't work, e.g.,

        ulua# cat /etc/exports

If a system which is a member of the machines netgroup tries to mount /export/ulua,
it gets the message:

        planet10% cd /home/ulua
        /home/ulua - Permission denied

On ulua, /var/log/messages contains the error message

Aug 18 17:48:49 ulua mountd[314]: Unauthorized access by NFS client 128.171.159.88.
Aug 18 17:48:49 ulua mountd[314]: Blocked attempt of 128.171.159.88 to mount /export/ulua

If I change /etc/exports to read as follows, however, the mount is allowed:

        ulua# cat /etc/exports

I suspect that this fails because whatever bug is preventing ypcat from working
is also preventing the machines netgroup map entry from being read.

As far as I can tell my system is configured properly:

        ulua# domainname
        soest

        ulua# nisdomainname
        soest

        ulua# cat /etc/yp.conf
        # /etc/yp.conf - ypbind configuration file
        # Valid entries are
        #domain NISDOMAIN server HOSTNAME
        #domain NISDOMAIN broadcast
        #ypserver HOSTNAME
        domain soest broadcast

Any suggestions would be greatly appreciated!

-------------------------------
Roger Davis
University of Hawaii/SOEST

 
 
 

RedHat 5.1 NIS broken

Post by Roger Davi » Sat, 22 Aug 1998 04:00:00


[ rbd-ypcat 3K ]
Sorry for the repeat post, but I got no useful information the first time
around so I'm trying again.

Is there anyone out there who is successfully using a RedHat 5.1 system
as an NIS client (or who has tried and failed)? If so, I'd greatly appreciate
answers to the following questions:

(1) Does ypcat work, e.g., 'ypcat hosts', or do you get a message about an
internal NIS error just like I do?

(2) Have you had any success with using an NIS netgroup name in your /etc/exports
file to control remote mount access to your local filesystems?

Following is the full text of my original post:

##############################

I am having difficulty getting my RedHat 5.1 system (kernel 2.0.34) to work as
a fully functional NIS client. Some NIS things work on the system (ulua) but
others do not, in particular

        ulua# ypcat hosts
        No such map hosts.byaddr. Reason: Internal NIS error

However, the following *does* work:

        ulua# ypmatch ulua hosts
        128.171.159.128 ulua ulua.soest.hawaii.edu

Go figure. I can't use ypcat to look at any maps whatsoever, but I do get the
following, for whatever it's worth:

        ulua# ypcat -x
        Use "passwd" for "passwd.byname"
        Use "group" for "group.byname"
        Use "networks" for "networks.byaddr"
        Use "hosts" for "hosts.byaddr"
        Use "protocols" for "protocols.bynumber"
        Use "services" for "services.byname"
        Use "aliases" for "mail.aliases"
        Use "ethers" for "ethers.byname"

Use of the real map name instead of the alias makes no difference, however:

        ulua# ypcat hosts.byaddr
        No such map hosts.byaddr. Reason: Internal NIS error

A different error message is generated if I try to access a map which *really*
does not exist, so ypcat isn't entirely stupid:

        ulua# ypcat nosuchmap
        No such map nosuchmap. Reason: No such map in server's domain

My current yp (NIS) package revs are as follows:

        ulua# rpm -q -a | grep yp
        yp-tools-1.4.1-2
        ypbind-3.3-7
        ypserv-1.3.1-2

If the only symptom of my problem was a broken ypcat I could probably get by,
but there are two other problems which may be related. First, I can remotely
log in to this system with an NIS userID (or log in on one of the virtual
terminal consoles), but I *can't* use an NIS userID to log in on the CDE
console. (I've had this problem on another RedHat system, and it would sure
be great if somebody could fix this!) Second, netgroup names in /etc/exports
don't work, e.g.,

        ulua# cat /etc/exports

If a system which is a member of the machines netgroup tries to mount /export/ulua,
it gets the message:

        planet10% cd /home/ulua
        /home/ulua - Permission denied

On ulua, /var/log/messages contains the error message

Aug 18 17:48:49 ulua mountd[314]: Unauthorized access by NFS client 128.171.159.88.
Aug 18 17:48:49 ulua mountd[314]: Blocked attempt of 128.171.159.88 to mount /export/ulua

If I change /etc/exports to read as follows, however, the mount is allowed:

        ulua# cat /etc/exports

I suspect that this fails because whatever bug is preventing ypcat from working
is also preventing the machines netgroup map entry from being read.

As far as I can tell my system is configured properly:

        ulua# domainname
        soest

        ulua# nisdomainname
        soest

        ulua# cat /etc/yp.conf
        # /etc/yp.conf - ypbind configuration file
        # Valid entries are
        #domain NISDOMAIN server HOSTNAME
        #domain NISDOMAIN broadcast
        #ypserver HOSTNAME
        domain soest broadcast

Any suggestions would be greatly appreciated!

-------------------------------
Roger Davis
University of Hawaii/SOEST


 
 
 

RedHat 5.1 NIS broken

Post by kingman cheu » Sat, 22 Aug 1998 04:00:00


Quote:>Is there anyone out there who is successfully using a RedHat 5.1 system
>as an NIS client (or who has tried and failed)? If so, I'd greatly appreciate
>answers to the following questions:

My RH5.0 works.

Quote:>I am having difficulty getting my RedHat 5.1 system (kernel 2.0.34) to work as
>a fully functional NIS client. Some NIS things work on the system (ulua) but
>others do not, in particular

I can say first, try ypwhich.  It should respond with your server's name.
If not then not need to try the others.
These are my few steps to set up the NIS client
(1) domainname:
(2) put the ypserver name into /etc/yp.conf
(3) start ypbind
(4) check /var/yp/securenets on the SERVER. If it exists, then make your
client's name is in it

Should you specify the ypserver??
I put in only this line in /etc/yp.conf:
ypserver MYSERVERNAME

Hope it helps.

--
---------------------------------------------
Kingman Cheung

 
 
 

RedHat 5.1 NIS broken

Post by John DeDour » Wed, 26 Aug 1998 04:00:00




Quote:>Sorry for the repeat post, but I got no useful information the first time
>around so I'm trying again.

>Is there anyone out there who is successfully using a RedHat 5.1 system
>as an NIS client (or who has tried and failed)? If so, I'd greatly appreciate
>answers to the following questions:

I had RedHat 5.1 up as an NIS client to an NIS server on an AIX machine
for testing purposes.  I can't do any checking at the moment because
I don't have it up at the moment.

I note that:

I had already installed the "kernel" patch, i.e. 2.0.35 obtained
from the RedHat site.

As mentioned in the documentation, since RedHat 5.1 is a glibc
system, it is necessary to install and start ypbind for the
system to successfully be a client.

I used linuxconf to set the domain name AND server domain name,
since we are also using a DNS server, and the NIS server is
not on the local Ethernet segment.  (If it were, you should be
able to leave the server name off and ypbind will use broadcasts
to find it; you DO need the NIS domain name set however; you
need to get that from the server administrator.)

I only tested that ypcat could get passwd, and that logging
in was successful using an acocunt which was not in /etc/passwd
but was on the NIS server.

One more thing, the client was NOT configured to use shadown passwords;
don't know if that makes a difference; I recall some comments on
that, but don't recall if it applied to a client or seerver.

Hope this helps.

 
 
 

RedHat 5.1 NIS broken

Post by Monty Wall » Sat, 29 Aug 1998 04:00:00





> >Sorry for the repeat post, but I got no useful information the first time
> >around so I'm trying again.

> >Is there anyone out there who is successfully using a RedHat 5.1 system
> >as an NIS client (or who has tried and failed)? If so, I'd greatly appreciate
> >answers to the following questions:

Yes, as a client it works, but not as a NIS/yp master/slave server
(can't push maps...).
I'm running a collection of RH 5.0 & RH 5.1 servers and the RH 5.1 is a
master and
everybody can execute 'ypcat passwd' but the RH 5.1 systems can't
execute
'ypwhich -m'.  So the problem looks to be in glibc yp_maplist functions
that ypwhich calls (and obviously I've been going through the source
code).
 
 
 

RedHat 5.1 NIS broken

Post by Mangelo6 » Sun, 30 Aug 1998 04:00:00


How about getting the ypserv-1.3.4. That works just fine (RedHat 5.1
distributes 1.3.1 which is completely inoperable...no source code to lose sleep
over)