I am having trouble setting up a diskless linux vlan network that
utilises NIS for password authentication.

When installing linux on a machine, I tried installing it using a
kickstart file that included a line like:

authconfig --enableshadow --enablemd5 --enablenis --
nisdomain=<domainname> --nisserver=<servername>

As a non-diskless machine NIS appeared to work. After rsync'ing the /
directory over to the server under /diskless/root, NIS did not work
anymore.

I have found however that running the command:

authconfig --enableshadow --enablemd5 --enablenis --
nisdomain=<domainname> --nisserver=<servername> --update

Is capable of having NIS working, but this is not permanent. After
reboot NIS does not work again.


Does anyone know how to properly setup NIS in a diskless environment?

On 31 Jan 2007 15:50:49 -0800, jason_b
<Jason.Barles@dsto.defence.gov.au> wrote:
>
>
> I am having trouble setting up a diskless linux vlan network that
> utilises NIS for password authentication.
>
> When installing linux on a machine, I tried installing it using a
> kickstart file that included a line like:
>
> authconfig --enableshadow --enablemd5 --enablenis --
> nisdomain=<domainname> --nisserver=<servername>
>
> As a non-diskless machine NIS appeared to work. After rsync'ing the /
> directory over to the server under /diskless/root, NIS did not work
> anymore.
>
> I have found however that running the command:
>
> authconfig --enableshadow --enablemd5 --enablenis --
> nisdomain=<domainname> --nisserver=<servername> --update
>
> Is capable of having NIS working, but this is not permanent. After
> reboot NIS does not work again.
>
Then put that command in a script that runs at reboot. In most Linux
distros you can use /etc/rc.local. In most Debian-based distros you
put a script in /etc/init.d and make links in /etc/rc*.d/. Ubuntu Edgy
has a new startup system that I don't know.


--
Change is the essential process of all existence.
-- Spock, "Let That Be Your Last Battlefield", stardate 5730.2

> > authconfig --enableshadow --enablemd5 --enablenis --
> > nisdomain=<domainname> --nisserver=<servername> --update


There is another problem with running this command, that I forgot to
mention however. Running the above command only works in the current
session. So setting this command as root on the machine, logging out,
then trying to log in with one of the other user's password does not
work. It only works when setting the command as root on the machine,
then changing to another user on the system with the 'su' command.

Therefore setting this command on a reboot script will not work.

I will try to describe my situation more, here it goes:

The main goal is to have diskless linux (currently using Fedora Core
5) with NIS. I installed linux using a kickstart file with the line:
authconfig --enableshadow --enablemd5 --enablenis --
nisdomain=<domainname> --nisserver=<servername>

The problems:
1. When the machine starts up, it has problems connecting to the NIS
server. It does find the nisdomain, but not the nis server. The error
on startup is:
Binding to the NIS domain: [ OK ]
Listening for an NIS domain server.................... [FAILED]


2. Logging in as root then typing the command:
authconfig --enableshadow --enablemd5 --enablenis --
nisdomain=<domainname> --nisserver=<servername> --update
works, but after logging out of root su -- <user> does not work
anymore.



ypbind --debug outputs this:

3657: parsing config file
3657: Trying entry: domain <domainname> server <servername>
3657: parsed domain '<domainname>' server '<servername>'
3657: add_server() domain: <domainname>, host: <servername>, slot: 0
YPBINDPROC_DOMAIN: Domain not bound
YPBINDPROC_DOMAIN: Domain not bound
3657: [Welcome to ypbind-mt, version 1.19]

3657: ping interval is 20 seconds

3658: ypbind-mt already running (pid 3602) - exiting



3813: parsing config file
3813: Trying entry: domain <domainname> server <servername>
3813: parsed domain '<domainname>' server '<servername>'
3813: add_server() domain: <domainname>, host: <servername>, slot: 0
3813: [Welcome to ypbind-mt, version 1.19]

3813: ping interval is 20 seconds

3815: ping host '<servername>', domain '<domainname>'
3815: Answer for domain '<domainname>' from server '<servername>'
3815: Pinging all active server.
3815: Pinging all active server.
3815: Pinging all active server.
3815: Pinging all active server.
3815: Pinging all active server.
.....
3813: ypbindproc_domain_2_svc (<domain>)
3813: Pinging all active server.
3813: Requested <domain>, found <domainname>, ignored.
3813: Status: YPBIND_FAIL_VAL
.....

I also get this when running the authconfig command:

# authconfig --enablenis --nisdomain=<domainname> --
nisserver=<domainserver> --update
/usr/sbin/pwconv: can't lock passwd file
/usr/sbin/grpconv: can't lock group file
failed to make symlink /etc/rc3.d/S13portmap: File exists
failed to make symlink /etc/rc4.d/S13portmap: File exists
failed to make symlink /etc/rc5.d/S13portmap: File exists
Stopping portmap: [ OK ]
Starting portmap: [ OK ]
failed to make symlink /etc/rc3.d/S27ypbind: File exists
failed to make symlink /etc/rc4.d/S27ypbind: File exists
failed to make symlink /etc/rc5.d/S27ypbind: File exists
setsebool: SELinux is disabled.
Shutting down NIS services: [ OK ]
Binding to the NIS domain: [ OK ]
Listening for an NIS domain server.
failed to make symlink /etc/rc3.d/K35winbind: File exists
failed to make symlink /etc/rc4.d/K35winbind: File exists
failed to make symlink /etc/rc5.d/K35winbind: File exists

Someone help please!