NIS facilitates the automatic synchronization of user information across multiple clusters. Our lab manages 13 clusters (mark0 to mark11 and markP0) and thus requires the use of NIS servers and clients to manage user information efficiently.
In our setup, mark1 serves as the NIS master server, markP0 functions as the slave server, while the remaining clusters are configured as clients.
Note: If there is a group with root privilege in the server via sudo visudo, the group should also be configured in clients.
Setting Up Master Server
- Update Ubuntu.
$ apt-get update && apt-get -y dist-upgrade - Install NIS.
$ apt-get -y install nis Preconfiguring packages ... # input your domain name +----------------------------| Configuring nis |----------------------------+ | Please choose the NIS "domainname" for this system. If you want this | | machine to just be a client, you should enter the name of the NIS domain | | you wish to join. | | | | Alternatively, if this machine is to be a NIS server, you can either | | enter a new NIS "domainname" or the name of an existing NIS domain. | | | | NIS domain: | | | | mark1.nis________________________________________________________________ | | | | <Ok> | | | +---------------------------------------------------------------------------+ - Edit
/etc/default/nis.$ sed -i 's/NISSERVER=.*$/NISSERVER=master/' /etc/default/nis - Edit
/etc/hosts.$ sudo vim /etc/hosts IP_ADDRESS cglabmark1 - Configure NIS.
$ /usr/lib/yp/ypinit -m At this point, we have to construct a list of the hosts which will run NIS servers. cglabmark1 is in the list of NIS server hosts. Please continue to add the names for the other hosts, one per line. When you are done with the list, type a <control D>. next host to add: cglabmark1 next host to add: The current list of NIS servers looks like this: cglabmark1 Is this correct? [y/n: y] y We need a few minutes to build the databases... Building /var/yp/mark1.nis/ypservers... Running /var/yp/Makefile... gmake[1]: Entering directory '/var/yp/mark1.nis' Updating passwd.byname... ... gmake[1]: Leaving directory '/var/yp/mark1.nis' cglabmark1 has been set up as a NIS master server.
Setting Up Client
- Note:
- For the client, make sure to add the NIS domain of the master server (For me, it is mark1.nis).
- The domain name can be found at
/etc/defaultdomainin the master server. - We can change the domain name with
$ dpkg-reconfigure nis.
- Update Ubuntu.
$ apt-get update && apt-get -y dist-upgrade - Install NIS.
$ apt-get install -y rpcbind nis - Add the following line to
/etc/yp.conf.$ sudo vim /etc/yp.conf domain mark1.nis server IP ADDRESS OF THE MASTER SERVER OR ITS HOSTNAME (e.g., cglabmark1)Note: If you put HOSTNAME, make sure to specify IP ADDRESS and HOSTNAME of the master server in
/etc/hostsof the client. - Edit
/etc/nsswitch.conf.- option 1 (for ubuntu 18.04)
$ sudo sed -i 's/compat$/compat nis/g;s/dns$/dns nis/g' /etc/nsswitch.conf - option 2
$ vim /etc/nsswitch.conf passwd: compat nis # line 7; add group: compat nis # add shadow: compat nis # add hosts: files dns nis # add
- option 1 (for ubuntu 18.04)
- Edit
/etc/pam.d/common-sessionfor creating home directory automatically.$ vim /etc/pam.d/common-session # add to the end session optional pam_mkhomedir.so skel=/etc/skel umask=000 - Restart NIS.
$ sudo systemctl restart rpcbind $ sudo systemctl restart nisNote: If an user sets up one’s default shell other than bash (e.g., zsh), make sure to install it!
Setting Up Slave Server
The slave server maintains the NIS server when the master is down.
- In the slave server that went through the client settings for NIS (markP0 is our slave server),
$ vim /etc/default/nis # line 6: change (NIS slave) NISSERVER=slave $ vim /etc/ypserv.securenets # This line gives access to everybody. PLEASE ADJUST! # comment out # 0.0.0.0 0.0.0.0 # add to the end: IP range you allow to access 255.255.255.0 10.0.0.0 $ vim /etc/hosts 127.0.0.1 localhost # add own IP for NIS IP_ADDRESS cglabmark1 IP_ADDRESS markP0 $ systemctl restart nis # sync with NIS master server $ /usr/lib/yp/ypinit -s cglabmark1 We will need a few minutes to copy the data from cglabmark1. Transferring group.bygid... Trying ypxfrd ... success ..... ..... At this point, make sure that /etc/passwd and /etc/group have been edited so that when the NIS is activated, the data bases you have just created will be used, instead of the /etc ASCII files. -
Set the master server as the client setting up process.
- In the master server, add the slave server as NIS server.
$ vim /var/yp/Makefile # line 23: change NOPUSH=false # update NIS database $ /usr/lib/yp/ypinit -m At this point, we have to construct a list of the hosts which will run NIS servers. cglabmark1 is in the list of NIS server hosts. Please continue to add the names for the other hosts, one per line. When you are done with the list, type a <control D>. next host to add: cglabmark1 next host to add: markP0 # specify NIS slave next host to add: # Ctrl + D key The current list of NIS servers looks like this: cglabmark1 markP0 Is this correct? [y/n: y] y ..... ..... cglabmark1 has been set up as a NIS master server. Now you can run ypinit -s cglabmark1 on all slave server. - In the master and client servers, set hosts and register NIS servers.
$ vim /etc/hosts # add own IP for NIS IP_ADDRESS cglabmark1 IP_ADDRESS markP0 $ vim /etc/yp.conf domain mark1.nis server cglabmark1 domain mark1.nis server markP0 $ sudo systemctl restart nis
Updating User Information
Type the following command after adding/modifying a user account in the master or slave servers:
$ make -C /var/yp/
Notes and Tips
Note: In Ubuntu20.04, YPBINDARGS in /etc/default/nis should not assigned with any arguments.
- Tip. For faster ssh login, we need to change the systemd setting (ubuntu 18.04), for which we comment the line
IPAddressDeny=Anyin/lib/systemd/system/systemd-logind.service
Leave a comment