The short answer to most problems in RH 2.x with NIS is for you to upgrade your libc from 5.0.9 to a version less broken wrt NIS. Many people have reported that this fixes things. Read on:
These questions are answered in the NIS-HOWTO. Read it - it even
comes with Red Hat in the ldp RPM and on the CD-ROM. If you install
the ldp RPM, you will find the NIS-HOWTO in
The quick answer is that while yp ("Yellow Pages") is the phone book in Britain, NIS is the traditional RPC-based implementation for sharing passwd, group, hosts, services, and other useful things between many machines. NIS+ is a snazzier, and more secure reimplementation of the same idea. NYS is the public domain version of same.
Red Hat ships NYS client code in its libc and plain yp/NIS client programs like ypcat and ypbind. They ship a plain NIS server daemon, since the NYS (aka NIS+) server daemon is not yet ready for prime-time. Their ypserv does not appear to have the tcp_wrapper-style /etc/hosts.allow/deny checking compiled in, but there is a newer contributed version which does (and which probably works better).
Their portmapper is the basic BSD-derived portmapper. You may wish to packet-filter it into ``safety'', or install Witesse Vitema's less pathetic portmapper if security is a concern.
The NYS code in libc does it all. There is no need to run ypbind. You DO need to run domainname (apparently for the benefit of of plain NIS client programs). You must configure which maps are read from where in /etc/nsswitch.conf, and which NIS server and domain you are using in /etc/yp.conf. nsswitch.conf has comments galore, and yp.conf will look like this:
Do not put
domain foo ypserver foo.bar.com
+::::lines, or attempt to override nis this way in the end of passwd or group unless you have set the nsswitch mode to "compat".
Netgroups are not supported under RH <=2.1; adding netgroup entries (like +@foo or -@foo) to passwd, group, or .rhosts can compromise the security of your system. NYS netgroups do work in libc >= 5.2.something; RH 3.x uses such a libc. For this reason, and a host of other NYS problems in libc-5.0.9, you should consider installing libc-5.2.x on your 2.x system, or just upgrading to RH 3.x.
In 2.0 and 2.1, the standard ypcat and ypmatch binaries don't work with the RedHat-supplied libc-5.0.9. You should be able to compile working versions from the NYS source in libc-5.0.9. Better yet, install libc-5.2.x and the regular binaries will reportedly work. Things should be fine in RH 3.x.
Red Hat ships a plain NIS (aka yp) server. It works just like any
other ypserv - modify the makefile in /var/nis to taste, perhaps move
the source files into
/var/nis/src, or perhaps not, run a make
to make the databases, and run ypserv. Further documentation is in
/usr/doc/ypserv*/*. RH 3.x users should consider upgrading to
the more recent ypserv rpm contributed by Elliot Lee.
They don't ship it. There is a contributed rpm of it on
ftp.redhat.com, or you can obtain the regular distribution and install
it yourself without too much hassle. It is available from the places
listed in the NIS HOWTO. You have to modify the pwupdate script that
comes with it, even though the README claims it works with the NYS
Makefile we ships. They also don't ship a
although there is the
.x file. The yppasswdd package comes with
both so it doesn't matter much. The NYS define should be used, but
don't use the -lnsl library since it is built into our libc.
There is already an NIS-HOWTO that describes how to set things up far better than this document does or should. Read it - it comes with Red Hat in the ldp package, or you can find it in the usual places like *The LDP Home Page , or if all else fails, from *Picante.Com .