I received many answers to the following problem:
> - server b has no maps maintained locally (yet). It does hourly
> ypxfr's to server a in domain a.com to keep its maps up-to-date.
> It keeps the maps in /var/yp/b.com.
> - typing "passwd" on server b (in domain b.com) affects the passwd
> file on server a in domain a.com!!
> How does this happen? How is a passwd request handled by yppasswdd
> in a different domain? Or does b.com recognize where its passwd
> map comes from?
In fact, the last hypothesis was the closest. Each YP map "knows" its
master. This can be extracted either by:
- typing: ypmatch YP_MASTER_NAME passwd
(do not substitute anything for YP_MASTER_NAME)
- or: /usr/etc/yp/makedbm -u passwd
while in the /var/yp/<domainname> directory. 2 entries appear that do
not appear when doing a simple ypcat. One is the master, the other is
the time (in seconds since Jan., 1st 1970) at which the map was (re)built.
- or even: ypwhich -m
This gives you the full list of maps with the master of each one.
> Of course the information about the password change will not
> actually take effect in domain b.com until the next time passwd
> is ypxfr'd, but I will fix that so that passwd in domain a.com gets
> "pushed" to server b as well.
For this part, a few people suggested (as mentioned in O'Reilly's NFS & NIS)
that I include some lines in the "passwd.time" part of my YP Makefile which
would cause the passwd *file* to be rcp'd to the secondary domain master and
then rsh a "make" to this server to propagate the changes.
I have no doubt that this works, but doesn't it break the part about
"passwd" finding the right yppasswd server? If a "make" is run on the
secondary domain master, it will now own the map. Password changes in this
domain will no longer go to the primary domain master as they so nicely do now.
What I did instead is to rsh a ypxfr. Amongst my ypxfr(_1perhour, _1perday..)
scripts, I have one called ypxfr_passwd, which does only the passwd map.
It looks like this:
# set DOMAIN to primary domain and MASTER to primary master
ypxfr -h $MASTER -s $DOMAIN passwd.byname
ypxfr -h $MASTER -s $DOMAIN passwd.byuid
Then I added into the passwd.time portion of my YP Makefile on the
primary domain master the following lines:
@echo "updating passwd in domain ash.lmc.ericsson.com";
@rsh seashore /usr/local_adm/etc/ypxfr_passwd
@echo "pushed passwd in domain ash.lmc.ericsson.com";
Now my passwd file in the secondary domain (ash.lmc.ericsson.com) is
updated within a minute of any change, and the master of the map remains
that of the primary domain so that all change requests go to the same
Sorry if I've bored you with excrutiating detail, but I figure it could
be useful for someone who's not very experienced with NIS (like me :-) ).
Many thanks to:
email@example.com (Bernhard Weinelt)
Rich Schultz <firstname.lastname@example.org>
email@example.com (Klas Jeirud Z/OD)
firstname.lastname@example.org (John Moran Z/OD)
email@example.com (Anders Gustafsson)
for failing to acknowledge that you provided the basics
of a solution last year. It was too complicated for me to
grasp at the time. Seems easy now though. :-)
/ Darie Duclos / "All my life I've wanted to be \
\ Ericsson Research Canada \ somebody. Now I see I should /
/ Darie.Duclos@LMC.Ericsson.SE / have been more specific." \
\ Montreal, Canada \ -- Lily Tomlin /
This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:08:57 CDT