1 YPSERV(1M) Maintenance Commands YPSERV(1M) 2 3 4 5 NAME 6 ypserv, ypxfrd - NIS server and binder processes 7 8 SYNOPSIS 9 /usr/lib/netsvc/yp/ypserv [-dv] [-i | -I] [-r | -R] 10 11 12 /usr/lib/netsvc/yp/ypxfrd 13 14 15 DESCRIPTION 16 The Network Information Service (NIS) provides a simple network lookup 17 service consisting of databases and processes. The databases are ndbm 18 files in a directory tree rooted at /var/yp. See ndbm(3C). These files 19 are described in ypfiles(4). The processes are 20 /usr/lib/netsvc/yp/ypserv, the NIS database lookup server, and 21 /usr/lib/netsvc/yp/ypbind, the NIS binder. The programmatic interface 22 to the NIS service is described in ypclnt(3NSL). Administrative tools 23 are described in yppoll(1M), yppush(1M), ypset(1M), ypxfr(1M), and 24 ypwhich(1). Tools to see the contents of NIS maps are described in 25 ypcat(1), and ypmatch(1). Database generation and maintenance tools are 26 described in ypinit(1M), ypmake(1M), and makedbm(1M). 27 28 29 The ypserv utility is a daemon process typically activated at system 30 startup from svc:/network/nis/server:default. Alternatively, you can, 31 as the root user, start NIS services using ypstart(1M) from the 32 command-line. ypserv runs only on NIS server machines with a complete 33 NIS database. You can halt all NIS services using the ypstop(1M) 34 command. 35 36 37 The ypxfrd utility transfers entire NIS maps in an efficient manner. 38 For systems that use this daemon, map transfers are 10 to 100 times 39 faster, depending on the map. To use this daemon, be sure ypxfrd is 40 running on the master server. See /usr/lib/netsvc/yp/ypstart. ypxfr 41 attempts to use ypxfrd first. If that fails, it prints a warning, then 42 uses the older transfer method. 43 44 45 The ypserv daemon's primary function is to look up information in its 46 local database of NIS maps. 47 48 49 The operations performed by ypserv are defined for the implementor by 50 the YP Protocol Specification, and for the programmer by the header 51 file <rpcsvc/yp_prot.h>. 52 53 54 Communication to and from ypserv is by means of RPC calls. Lookup 55 functions are described in ypclnt(3NSL), and are supplied as C-callable 56 functions in the libnsl(3LIB) library. There are four lookup functions, 57 all of which are performed on a specified map within some NIS domain: 58 yp_match(3NSL), yp_first(3NSL), yp_next(3NSL), and yp_all(3NSL). The 59 yp_match operation takes a key, and returns the associated value. The 60 yp_first operation returns the first key-value pair from the map, and 61 yp_next can be used to enumerate the remainder. yp_all ships the 62 entire map to the requester as the response to a single RPC request. 63 64 65 A number of special keys in the DBM files can alter the way in which 66 ypserv operates. The keys of interest are: 67 68 YP_INTERDOMAIN 69 The presence of this key causes ypserv to forward 70 to a DNS server host lookups that cannot be 71 satisfied by the DBM files. 72 73 74 YP_SECURE 75 This key causes ypserv to answer only questions 76 coming from clients on reserved ports. 77 78 79 YP_MULTI_hostname 80 This is a special key in the form, 81 YP_MULTI_hostname addr1,...,addrN. A client 82 looking for hostname receives the closest address. 83 84 85 86 Two other functions supply information about the map, rather than map 87 entries: yp_order(3NSL), and yp_master(3NSL). In fact, both order 88 number and master name exist in the map as key-value pairs, but the 89 server will not return either through the normal lookup functions. If 90 you examine the map with makedbm(1M), however, they are visible. Other 91 functions are used within the NIS service subsystem itself, and are not 92 of general interest to NIS clients. These functions include 93 do_you_serve_this_domain?, transfer_map, and 94 reinitialize_internal_state. 95 96 97 On start up, ypserv checks for the existence of the NIS to LDAP (N2L) 98 configuration file /var/yp/NISLDAPmapping. If it is present then a 99 master server starts in N2L mode. If the file is not present it starts 100 in "traditional" (non N2L) mode. Slave servers always start in 101 traditional mode. 102 103 104 In N2L mode, a new set of map files, with an LDAP_ prefix, are 105 generated, based on the contents of the LDAP DIT. The old map files, 106 NIS source files and ypmake(1M) are not used. 107 108 109 It is possible that ypmake(1M) can be accidentally run in N2L mode. If 110 the occurs, the old style map files are overwritten. That the map files 111 are overwritten is harmless. However, any resulting yppush(1M) 112 operation will push information based on the DIT rather than the source 113 files. The user may not expect information based on the DIT. ypserv 114 keeps track of the last modification date of the old style map files. 115 If the map files have been updated, a warning is logged that suggests 116 that the user call yppush directly instead of ypmake. 117 118 119 If a server attempts to run in N2L mode and a LDAP server cannot be 120 contacted, it behaves as follows: 121 122 1. When ypserv is started, a warning will be logged. 123 124 2. When a NIS read access is made and the TTL entry has 125 expired, a warning is logged.Information that is returned 126 from the cache has not been updated. 127 128 3. When a NIS write access is made, a warning is logged. The 129 cache will not be updated, and a NIS failure will be 130 returned. 131 132 133 If ypxfrd is running in N2L mode and is asked to transfer a map, ypxfrd 134 first checks whether the map is out of date. If the map is out of date, 135 ypxfrd initiates an update from the DIT. ypxfrd cannot wait for the 136 update to complete. If ypxfrd waited, the client end ypxfr operation 137 could time out. To prevent ypxfrd from timing out, the existing map is 138 transferred from the cache. The most up to date map will be transferred 139 on subsequent ypxfrd operations. 140 141 OPTIONS 142 ypserv 143 -d 144 The NIS service should go to the DNS for more host information. 145 This requires the existence of a correct /etc/resolv.conf file 146 pointing to a DNS server. This option turns on DNS forwarding 147 regardless of whether or not the YP_INTERDOMAIN flag is set in 148 the hosts maps. See makedbm(1M). In the absence of an 149 /etc/resolv.conf file, ypserv complains, but ignores the -d 150 option. 151 152 153 -i 154 If in N2L mode, initialize the NIS related parts of the DIT 155 based on the current, non LDAP_ prefixed, map files. The LDAP_ 156 prefixed maps are not created or updated. If you require that 157 LDAP_ prefixed maps be updated or created, then use the -ir 158 option. 159 160 The -i option does not attempt to create any NIS domain or 161 container objects. If any NIS domain or container objects have 162 not already been created, then errors will occur, as entries are 163 written to nonexistent containers. 164 165 166 -I 167 Identical to -i, except that any missing domain and container 168 objects are created. 169 170 171 -r 172 If in N2L mode, then refresh the LDAP_ prefixed map files based 173 on the contents of the DIT. 174 175 176 -ir 177 If both -i and -r are specified in N2L mode, then the DIT will 178 first be initialized from the current non LDAP_ prefixed map 179 files. A new set of LDAP_ prefixed maps will then be generated 180 from the contents of the DIT. A new set of LDAP_ prefixed maps 181 is required when moving from traditional NIS to N2L mode NIS. 182 183 184 -Ir 185 Identical to -ir, except that any missing domain and container 186 objects are created. 187 188 189 -v 190 Operate in the verbose mode, printing diagnostic messages to 191 stderr. 192 193 194 195 When run with the -i, -r, -I, -ir or -Ir options, the ypserv command 196 runs in the foreground and exits once map initialization has been 197 completed. Once the ypserv command exits, the user knows the maps are 198 ready and can restart ypserv and the other yp daemons by running 199 ypstart(1M). 200 201 202 If there is a requirement to initialize the DIT from the NIS source 203 files, which may have been modified since the maps were last remade, 204 run ypmake before running ypserv -i or ypserv -ir. ypmake regenerated 205 old style NIS maps. Then ypserv -ir dumps them into the DIT. When the 206 -ir option is used, the LDAP_ prefixe maps are also generated or 207 updated. Since these maps will be more recent than the old style maps, 208 ypmake will not be reported as erroneous when it is run. 209 210 FILES 211 /var/yp/securenets 212 213 Defines the hosts and networks that are granted access to 214 information in the served domain. It is read at startup time by 215 both ypserv and ypxfrd. 216 217 218 /var/yp/ypserv.log 219 220 If the /var/yp/ypserv.log file exists when ypserv starts up, log 221 information is written to it when error conditions arise. 222 223 224 /var/yp/binding/domainname/ypservers 225 226 Lists the NIS server hosts that ypbind can bind to. 227 228 229 SEE ALSO 230 svcs(1), ypcat(1), ypmatch(1), ypwhich(1), domainname(1M), makedbm(1M), 231 svcadm(1M), ypbind(1M), ypinit(1M), ypmake(1M), yppoll(1M), yppush(1M), 232 ypset(1M), ypstart(1M), ypstop(1M), ypxfr(1M), ndbm(3C), ypclnt(3NSL), 233 libnsl(3LIB), NISLDAPmapping(4), securenets(4), ypfiles(4), ypserv(4), 234 attributes(5), smf(5) 235 236 237 NOTES 238 ypserv supports multiple domains. The ypserv process determines the 239 domains it serves by looking for directories of the same name in the 240 directory /var/yp. It replies to all broadcasts requesting yp service 241 for that domain. 242 243 244 The Network Information Service (NIS) was formerly known as Sun Yellow 245 Pages (YP). The functionality of the two remains the same; only the 246 name has changed. The name Yellow Pages is a registered trademark in 247 the United Kingdom of British Telecommunications PLC, and must not be 248 used without permission. 249 250 251 NIS uses ndbm() files to store maps. Therefore, it is subject to the 252 1024 byte limitations described in the USAGE and NOTES sections of the 253 ndbm(3C) man page. 254 255 256 The NIS server service is managed by the service management facility, 257 smf(5), under the service identifier: 258 259 svc:/network/nis/server:default 260 261 262 263 264 Administrative actions on this service, such as enabling, disabling, or 265 requesting restart, can be performed using svcadm(1M). The service's 266 status can be queried using the svcs(1) command. 267 268 269 270 December 15, 2004 YPSERV(1M)