The OpenNET Project / Index page

[ новости /+++ | форум | теги | ]

Интерактивная система просмотра системных руководств (man-ов)

 ТемаНаборКатегория 
 
 [Cписок руководств | Печать]

rpc.nisd (1)
  • >> rpc.nisd (1) ( Solaris man: Команды и прикладные программы пользовательского уровня )
  • rpc.nisd (4) ( Solaris man: Специальные файлы /dev/* )
  •  

    NAME

    rpc.nisd, nisd - NIS+ service daemon
     
    

    SYNOPSIS

    /usr/sbin/rpc.nisd [-ACDFhlv] [-Y [-B [-t netid]]] 
        [-d dictionary] [-L load] [-S level] [-m mappingfile] 
        [-x attribute=value]... [-z number]
    

     

    DESCRIPTION

    The rpc.nisd daemon is an RPC service that implements the NIS+ service. This daemon must be running on all machines that serve a portion of the NIS+ namespace.

    rpc.nisd is usually started from a system startup script.

    The -B option causes rpc.nisd to start an auxiliary process, rpc.nisd_resolv, which provides ypserv compatible DNS forwarding for NIS host requests. rpc.nisd_resolv can also be started independently. See rpc.nisd_resolv(1M) for more information on using rpc.nisd_resolv independently.

    The /etc/default/rpc.nisd file contains the following default parameter settings. See FILES.

    ENABLE_NIS_YP_EMULATION

    Specifies whether the server is put into NIS (YP) compatibility mode. ENABLE_NIS_YP_EMULATION=YES is equivalent to the -Y command-line option. The default value for ENABLE_NIS_YP_EMULATION is NO.

     

    OPTIONS

    -A

    Authentication verbose mode. The daemon logs all the authentication related activities to syslogd(1M) with LOG_INFO priority.

    -B

    Provide ypserv compatible DNS forwarding for NIS host requests. The DNS resolving process, rpc.nisd_resolv, is started and controlled by rpc.nisd. This option requires that the /etc/resolv.conf file be setup for communication with a DNS nameserver. The nslookup utility can be used to verify communication with a DNS nameserver. See resolv.conf(4) and nslookup(1M).

    -C

    Open diagnostic channel on /dev/console.

    -D

    Debug mode. Do not fork.

    -d dictionary

    Specify an alternate dictionary for the NIS+ database. The primary use of this option is for testing. Note that the string is not interpreted, rather it is simply passed to the db_initialize function.>

    -F

    Force the server to do a checkpoint of the database when it starts up. Forced checkpoints may be required when the server is low on disk space. This option removes updates from the transaction log that have propagated to all of the replicas.

    -h

    Print list of options.

    -L number

    Specify the ``load'' the NIS+ service is allowed to place on the server. The load is specified in terms of the number of child processes that the server may spawn. The value of number must be at least 1 for the callback functions to work correctly. The default is 128.

    -m mappingfile

    Specify the name of a configuration file that maps NIS+ objects (especially tables and columns) to LDAP (entries and attributes). See NIS+LDAPmapping(4). The default path is /var/nis. The default mapping file is NIS+LDAPmapping. If this file exists, the rpc.nisd daemon will map data to and from LDAP. A template mapping file that covers the normal NIS+ directories and tables is installed as /var/nis/NIS+LDAPmapping.template.

    A NIS+ object must have a valid mapping entry in the mapping file in order to have data for that table read from or written to the LDAP repository.

    The rpc.nisd(4) file contains specifications for LDAP server addresses, LDAP authentication method, and the like. See NIS+LDAPmapping(4) for an overview of the setup you need to map NIS+ data to or from LDAP.

    -S level

    Set the authorization security level of the service. The argument is a number between 0 and 2. By default, the daemon runs at security level 2.

    0

    Security level 0 is designed to be used for testing and initial setup of the NIS+ namespace. When running at level 0, the daemon does not enforce any access controls. Any client is allowed to perform any operation, including updates and deletions.

    1

    At security level 1, the daemon accepts both AUTH_SYS and AUTH_DES credentials for authenticating clients and authorizing them to perform NIS+ operations. This is not a secure mode of operation since AUTH_SYS credentials are easily forged. It should not be used on networks in which any untrusted users may potentially have access.

    2

    At security level 2, the daemon only accepts authentication using the security mechanisms configured by nisauthconf(1M). The default security mechanism is AUTH_DES. Security level 2 is the default if the -S option is not used.

    -t netid

    Use netid as the transport for communication between rpc.nisd and rpc.nisd_resolv. The default transport is ticots(7D) ( tcp on SunOS 4.x systems).

    -v

    Verbose. With this option, the daemon sends a running narration of what it is doing to the syslog daemon (see syslogd(1M)) at LOG_INFO priority. This option is most useful for debugging problems with the service. See also -A option.

    -x attribute=value

    Specify the value of the named attribute. Attributes that control the NIS+ to LDAP mapping operation are derived as follows:
    1.
    Retrieve from LDAP.
    2.
    Override with values from the mappingfile, if any. See the -m option.
    3.
    Override with values from the command line -x options.
    See NIS+LDAPmapping(4) and rpc.nisd(4) for the recognized attributes and their syntax.

    As a special case, you can use the nisplusLdapConfig* attributes to derive additional information from LDAP. You can only specify the nisplusLdapConfig* attributes in rpc.nisd(4) or by means of the command line.

    -Y

    Put the server into NIS (YP) compatibility mode. When operating in this mode, the NIS+ server will respond to NIS Version 2 requests using the version 2 protocol. Because the YP protocol is not authenticated, only those items that have read access to nobody (the unauthenticated request) will be visible through the V2 protocol. It supports only the standard Version 2 maps in this mode (see -B option and NOTES in ypfiles(4)). See FILES.

    -z number

    Specify the maximum RPC record size that can be used over connection oriented transports. The default is 9000 bytes. If you specify a size less than the default value, the default value will be used instead.

     

    EXAMPLES

    Example 1 Setting up the NIS+ Service

    The following example sets up the NIS+ service.

    example% rpc.nisd
    

    Example 2 Setting Up NIS+ Service Emulating YP With DNS Forwarding

    The following example sets up the NIS+ service, emulating YP with DNS forwarding.

    example% rpc.nisd -YB
    

    Example 3 Specifying NIS+ and LDAP Mapping Information

    The following example shows how to specify that all additional NIS+ and LDAP mapping information should be retrieved from DN "dc=x,dc=y,dc=z", from the LDAP server at IP address 1.2.3.4, port 389. The examples uses the simple authentication method and the cn=nisplusAdmin,ou=People, proxy user. The -m option is omitted for clarity in this example..

    -x nisplusLDAPconfigDN=dc=x,dc=y,dc=z \
    -x nisplusLDAPconfigPreferredServerList=127.0.0.1:389 \
    -x nisplusLDAPconfigAuthenticationMethod=simple \
    -x nisplusLDAPconfigProxyUser=cn=nisplusAdmin,ou=People, \
    -x nisplusLDAPconfigProxyPassword=xyzzy
    

     

    ENVIRONMENT VARIABLES

    NETPATH

    The transports that the NIS+ service will use can be limited by setting this environment variable. See netconfig(4).

     

    FILES

    /var/nis/data/parent.object

    This file describes the namespace that is logically above the NIS+ namespace. The most common type of parent object is a DNS object. This object contains contact information for a server of that domain.

    /var/nis/data/root.object

    This file describes the root object of the NIS+ namespace. It is a standard XDR-encoded NIS+ directory object that can be modified by authorized clients using the nis_modify(3NSL) interface.

    /etc/default/rpc.nisd

    LDAP connection and general rpc.nisd configuration. You can override some of the settings by command-line options.

    /var/nis/NIS+LDAPmapping

    Default path for LDAP mapping file. See the discussion of the -m option.

     

    ATTRIBUTES

    See attributes(5) for descriptions of the following attributes:

    ATTRIBUTE TYPEATTRIBUTE VALUE

    AvailabilitySUNWnisu

     

    SEE ALSO

    svcs(1), nis_cachemgr(1M), nisauthconf(1M), nisinit(1M), nissetup(1M), nisldapmaptest(1M), nslookup(1M), rpc.nisd_resolv(1M), rpc.nispasswdd(1M), svcadm(1M), syslogd(1M), nis_modify(3NSL), NIS+LDAPmapping(4), netconfig(4), nisfiles(4), resolv.conf(4), rpc.nisd(4), ypfiles(4), attributes(5), smf(5), ticots(7D)  

    NOTES

    NIS+ might not be supported in future releases of the Solaris Operating system. Tools to aid the migration from NIS+ to LDAP are available in the current Solaris release. For more information, visit http://www.sun.com/directory/nisplus/transition.html.

    The rpc.nisd service is managed by the service management facility, smf(5), under the service identifier:

    svc:/network/rpc/nisplus:default
    

    Administrative actions on this service, such as enabling, disabling, or requesting restart, can be performed using svcadm(1M). The service's status can be queried using the svcs(1) command.


     

    Index

    NAME
    SYNOPSIS
    DESCRIPTION
    OPTIONS
    EXAMPLES
    ENVIRONMENT VARIABLES
    FILES
    ATTRIBUTES
    SEE ALSO
    NOTES


    Поиск по тексту MAN-ов: 




    Партнёры:
    PostgresPro
    Inferno Solutions
    Hosting by Hoster.ru
    Хостинг:

    Закладки на сайте
    Проследить за страницей
    Created 1996-2024 by Maxim Chirkov
    Добавить, Поддержать, Вебмастеру