From owner-freebsd-questions Tue Jun 18 19:12:42 2002 Delivered-To: freebsd-questions@freebsd.org Received: from tarkin.dyndns.org (080-116-189-66.wo.cpe.charter-ne.com [66.189.116.80]) by hub.freebsd.org (Postfix) with ESMTP id BC24237B408 for ; Tue, 18 Jun 2002 19:12:37 -0700 (PDT) Received: (qmail 6590 invoked by user); 19 Jun 2002 02:11:25 -0000 Date: Wed, 19 Jun 2002 02:11:25 +0000 From: Jim Breton To: freebsd-questions@FreeBSD.ORG Subject: troubles setting up NIS Message-ID: <20020619021124989698.G26060@alongtheway.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hi, I've got two x86 boxes running FreeBSD 4.6-RELEASE and I'm trying to set up NIS for the first time. On the 'server' machine I've added the user "nistest" and have put the following NIS "wildcard" entry into master.passwd and group on the client: +:::::::::/dev/null (tried also without the /dev/null shell override) +:*:: In /etc/rc.conf I have the following: Server: nisdomainname="nis.alongtheway.com" nis_server_enable="YES" nis_server_flags="" nis_yppasswdd_enable="YES" nis_yppasswdd_flags="" Client: nisdomainname="nis.alongtheway.com" nis_client_enable="YES" nis_client_flags="-S nis.alongtheway.com,barrel" I'm reluctant to reboot the machines remotely for fear of having authentication troubles with the NIS daemons active so I've looked through /etc/rc.network and followed the steps that the start scripts take and did it by hand. i.e., on the server I ran the commands: domainname nis.alongtheway.com ypserv cp /etc/master.passwd /var/yp/ (then edited to contain ONLY the line for the test user "nistest") ypinit (no errors, and the database is populated) rpc.yppasswdd (I tried running this before ypinit as suggested in the Handbook, but it failed saying it didn't know the domain name.. I had to run it _after_ ypinit) make (in /var/yp , although I suspect this was redundant) I also added /var/yp/securenets to only allow localhost and the client to access the maps. On the client, _before_ I set 'domainname' I can verify the following: # rpcinfo -p server program vers proto port 100000 2 tcp 111 portmapper 100000 2 udp 111 portmapper 100004 1 udp 951 ypserv 100004 2 udp 951 ypserv 100004 1 tcp 1018 ypserv 100004 2 tcp 1018 ypserv 100009 1 udp 906 yppasswdd 100009 1 tcp 1017 yppasswdd So then I run the following: ypbind -m -S nis.alongtheway.com,server (where 'server' is in /etc/hosts) However, once I run "domainname nis.alongtheway.com", rpcinfo -p hangs. Other things also hang such as finger, ps (with the -u option), top, etc.. I ran a sniffer on both the NIS server and the client while running "ypbind" and "ypcat passwd" on the client and I didn't see ANY packets coming from the client host. The network connection between the two hosts is IPSec, enforced by ipf rules -- no unencrypted packets are allowed. However I did try the same setup with the IPSec disabled and the same symptoms occurred. Help? :) Thanks. (Note: I'm not subscribed to this list, please Cc: me.) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message