1 '\" te
   2 .\" Copyright (C) 2004, Sun Microsystems, Inc. All Rights Reserved.
   3 .\" The contents of this file are subject to the terms of the Common Development and Distribution License (the "License").  You may not use this file except in compliance with the License.
   4 .\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing.  See the License for the specific language governing permissions and limitations under the License.
   5 .\" When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE.  If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
   6 .TH YPSERV 1M "Dec 15, 2004"
   7 .SH NAME
   8 ypserv, ypxfrd \- NIS server and binder processes
  10 .nf
  11 \fB/usr/lib/netsvc/yp/ypserv\fR [\fB-dv\fR] [\fB-i\fR | \fB-I\fR] [\fB-r\fR | \fB-R\fR]
  12 .fi
  14 .LP
  15 .nf
  16 \fB/usr/lib/netsvc/yp/ypxfrd\fR
  17 .fi
  20 The Network Information Service (\fBNIS\fR) provides a simple network lookup
  21 service consisting of databases and processes. The databases are \fBndbm\fR
  22 files in a directory tree rooted at \fB/var/yp\fR. See \fBndbm\fR(3C). These
  23 files are described in \fBypfiles\fR(4). The processes are
  24 \fB/usr/lib/netsvc/yp/ypserv\fR, the \fBNIS\fR database lookup server, and
  25 \fB/usr/lib/netsvc/yp/ypbind\fR, the \fBNIS\fR binder. The programmatic
  26 interface to the \fBNIS\fR service is described in \fBypclnt\fR(3NSL).
  27 Administrative tools are described in \fByppoll\fR(1M), \fByppush\fR(1M),
  28 \fBypset\fR(1M), \fBypxfr\fR(1M), and \fBypwhich\fR(1). Tools to see the
  29 contents of \fBNIS\fR maps are described in \fBypcat\fR(1), and
  30 \fBypmatch\fR(1). Database generation and maintenance tools are described in
  31 \fBypinit\fR(1M), \fBypmake\fR(1M), and \fBmakedbm\fR(1M).
  32 .sp
  33 .LP
  34 The \fBypserv\fR utility is a daemon process typically activated at system
  35 startup from \fBsvc:/network/nis/server:default\fR. Alternatively, you can, as
  36 the root user, start \fBNIS\fR services using \fBypstart\fR(1M) from the
  37 command-line. \fBypserv\fR runs only on \fBNIS\fR server machines with a
  38 complete \fBNIS\fR database. You can halt all \fBNIS\fR services using the
  39 \fBypstop\fR(1M) command.
  40 .sp
  41 .LP
  42 The \fBypxfrd\fR utility transfers entire \fBNIS\fR maps in an efficient
  43 manner. For systems that use this daemon, map transfers are 10 to 100 times
  44 faster, depending on the map. To use this daemon, be sure \fBypxfrd\fR is
  45 running on the master server. See \fB/usr/lib/netsvc/yp/ypstart\fR. \fBypxfr\fR
  46 attempts to use \fBypxfrd\fR first. If that fails, it prints a warning, then
  47 uses the older transfer method.
  48 .sp
  49 .LP
  50 The \fBypserv\fR daemon's primary function is to look up information in its
  51 local database of \fBNIS\fR maps.
  52 .sp
  53 .LP
  54 The operations performed by \fBypserv\fR are defined for the implementor by the
  55 \fIYP Protocol Specification\fR, and for the programmer by the header file
  56 <\fBrpcsvc/yp_prot.h\fR>.
  57 .sp
  58 .LP
  59 Communication to and from \fBypserv\fR is by means of \fBRPC\fR calls. Lookup
  60 functions are described in \fBypclnt\fR(3NSL), and are supplied as C-callable
  61 functions in the \fBlibnsl\fR(3LIB) library. There are four lookup functions,
  62 all of which are performed on a specified map within some \fBNIS\fR domain:
  63 \fByp_match\fR(3NSL), \fByp_first\fR(3NSL), \fByp_next\fR(3NSL), and
  64 \fByp_all\fR(3NSL). The \fByp_match\fR operation takes a key, and returns the
  65 associated value. The \fByp_first\fR operation returns the first key-value pair
  66 from the map, and \fByp_next\fR can be used to enumerate the remainder.
  67 \fByp_all\fR ships the entire map to the requester as the response to a single
  68 \fBRPC\fR request.
  69 .sp
  70 .LP
  71 A number of special keys in the \fBDBM\fR files can alter the way in which
  72 \fBypserv\fR operates. The keys of interest are:
  73 .sp
  74 .ne 2
  75 .na
  77 .ad
  78 .RS 21n
  79 The presence of this key causes \fBypserv\fR to forward to a \fBDNS\fR server
  80 host lookups that cannot be satisfied by the \fBDBM\fR files.
  81 .RE
  83 .sp
  84 .ne 2
  85 .na
  86 \fB\fBYP_SECURE\fR\fR
  87 .ad
  88 .RS 21n
  89 This key causes \fBypserv\fR to answer only questions coming from clients on
  90 reserved ports.
  91 .RE
  93 .sp
  94 .ne 2
  95 .na
  96 \fB\fBYP_MULTI_\fR\fIhostname\fR\fR
  97 .ad
  98 .RS 21n
  99 This is a special key in the form, \fBYP_MULTI_\fR\fIhostname
 100 addr1,...,addrN.\fR A client looking for \fIhostname\fR receives the closest
 101 address.
 102 .RE
 104 .sp
 105 .LP
 106 Two other functions supply information about the map, rather than map entries:
 107 \fByp_order\fR(3NSL), and \fByp_master\fR(3NSL). In fact, both order number and
 108 master name exist in the map as key-value pairs, but the server will not return
 109 either through the normal lookup functions. If you examine the map with
 110 \fBmakedbm\fR(1M), however, they are visible. Other functions are used within
 111 the \fBNIS\fR service subsystem itself, and are not of general interest to
 112 \fBNIS\fR clients. These functions include \fBdo_you_serve_this_domain?\fR,
 113 \fBtransfer_map\fR, and \fBreinitialize_internal_state\fR.
 114 .sp
 115 .LP
 116 On start up, \fBypserv\fR checks for the existence of the NIS to LDAP (N2L)
 117 configuration file \fB/var/yp/NISLDAPmapping\fR. If it is present then a master
 118 server starts in N2L mode. If the file is not present it starts in
 119 "traditional" (non N2L) mode. Slave servers always start in traditional mode.
 120 .sp
 121 .LP
 122 In N2L mode, a new set of map files, with an \fBLDAP_\fR prefix, are generated,
 123 based on the contents of the LDAP DIT. The old map files, NIS source files and
 124 \fBypmake\fR(1M) are not used.
 125 .sp
 126 .LP
 127 It is possible that \fBypmake\fR(1M) can be accidentally run in N2L mode. If
 128 the occurs, the old style map files are overwritten. That the map files are
 129 overwritten is harmless. However, any resulting \fByppush\fR(1M) operation will
 130 push information based on the DIT rather than the source files. The user may
 131 not expect information based on the DIT. \fBypserv\fR keeps track of the last
 132 modification date of the old style map files. If the map files have been
 133 updated, a warning is logged that suggests that the user call \fByppush\fR
 134 directly instead of \fBypmake\fR.
 135 .sp
 136 .LP
 137 If a server attempts to run in N2L mode and a LDAP server cannot be contacted,
 138 it behaves as follows:
 139 .RS +4
 140 .TP
 141 1.
 142 When \fBypserv\fR is started, a warning will be logged.
 143 .RE
 144 .RS +4
 145 .TP
 146 2.
 147 When a NIS read access is made and the TTL entry has expired, a warning is
 148 logged.Information that is returned from the cache has not been updated.
 149 .RE
 150 .RS +4
 151 .TP
 152 3.
 153 When a NIS write access is made, a warning is logged. The cache will not be
 154 updated, and a NIS failure will be returned.
 155 .RE
 156 .sp
 157 .LP
 158 If \fBypxfrd\fR is running in N2L mode and is asked to transfer a map,
 159 \fBypxfrd\fR first checks whether the map is out of date. If the map is out of
 160 date, \fBypxfrd\fR initiates an update from the DIT. \fBypxfrd\fR cannot wait
 161 for the update to complete. If \fBypxfrd\fR waited, the client end \fBypxfr\fR
 162 operation could time out. To prevent \fBypxfrd\fR from timing out, the existing
 163 map is transferred from the cache. The most up to date map will be transferred
 164 on subsequent \fBypxfrd\fR operations.
 166 .SS "ypserv"
 167 .ne 2
 168 .na
 169 \fB\fB-d\fR\fR
 170 .ad
 171 .RS 7n
 172 The \fBNIS\fR service should go to the \fBDNS\fR for more host information.
 173 This requires the existence of a correct \fB/etc/resolv.conf\fR file pointing
 174 to a \fBDNS\fR server. This option turns on \fBDNS\fR forwarding regardless of
 175 whether or not the \fBYP_INTERDOMAIN\fR flag is set in the \fBhosts\fR maps.
 176 See \fBmakedbm\fR(1M). In the absence of an \fB/etc/resolv.conf\fR file,
 177 \fBypserv\fR complains, but ignores the \fB-d\fR option.
 178 .RE
 180 .sp
 181 .ne 2
 182 .na
 183 \fB\fB-i\fR\fR
 184 .ad
 185 .RS 7n
 186 If in N2L mode, initialize the NIS related parts of the \fBDIT\fR based on the
 187 current, non \fBLDAP_\fR prefixed, map files. The \fBLDAP_\fR prefixed maps are
 188 not created or updated. If you require that \fBLDAP_\fR prefixed maps be
 189 updated or created, then use the \fB-ir\fR option.
 190 .sp
 191 The \fB-i\fR option does not attempt to create any NIS domain or container
 192 objects. If any NIS domain or container objects have not already been created,
 193 then errors will occur, as entries are written to nonexistent containers.
 194 .RE
 196 .sp
 197 .ne 2
 198 .na
 199 \fB\fB-I\fR\fR
 200 .ad
 201 .RS 7n
 202 Identical to \fB-i\fR, except that any missing domain and container objects are
 203 created.
 204 .RE
 206 .sp
 207 .ne 2
 208 .na
 209 \fB\fB-r\fR\fR
 210 .ad
 211 .RS 7n
 212 If in N2L mode, then refresh the \fBLDAP_\fR prefixed map files based on the
 213 contents of the \fBDIT\fR.
 214 .RE
 216 .sp
 217 .ne 2
 218 .na
 219 \fB\fB-ir\fR\fR
 220 .ad
 221 .RS 7n
 222 If both \fB-i\fR and \fB-r\fR are specified in N2L mode, then the \fBDIT\fR
 223 will first be initialized from the current non \fBLDAP_\fR prefixed map files.
 224 A new set of \fBLDAP_\fR prefixed maps will then be generated from the contents
 225 of the \fBDIT\fR. A new set of \fBLDAP_\fR prefixed maps is required when
 226 moving from traditional NIS to N2L mode NIS.
 227 .RE
 229 .sp
 230 .ne 2
 231 .na
 232 \fB\fB-Ir\fR\fR
 233 .ad
 234 .RS 7n
 235 Identical to \fB-ir\fR, except that any missing domain and container objects
 236 are created.
 237 .RE
 239 .sp
 240 .ne 2
 241 .na
 242 \fB\fB-v\fR\fR
 243 .ad
 244 .RS 7n
 245 Operate in the verbose mode, printing diagnostic messages to stderr.
 246 .RE
 248 .sp
 249 .LP
 250 When run with the \fB-i\fR, \fB-r\fR, \fB-I\fR, \fB-ir\fR or \fB-Ir\fR options,
 251 the \fBypserv\fR command runs in the foreground and exits once map
 252 initialization has been completed. Once the \fBypserv\fR command exits, the
 253 user knows the maps are ready and can restart \fBypserv\fR and the other
 254 \fByp\fR daemons by running \fBypstart\fR(1M).
 255 .sp
 256 .LP
 257 If there is a requirement to initialize the \fBDIT\fR from the NIS source
 258 files, which may have been modified since the maps were last remade, run
 259 \fBypmake\fR before running \fBypserv\fR \fB-i\fR or \fBypserv\fR \fB-ir\fR.
 260 \fBypmake\fR regenerated old style NIS maps. Then \fBypserv\fR \fB-ir\fR dumps
 261 them into the \fBDIT\fR. When the \fB-ir\fR option is used, the \fBLDAP_\fR
 262 prefixe maps are also generated or updated. Since these maps will be more
 263 recent than the old style maps, \fBypmake\fR will not be reported as erroneous
 264 when it is run.
 265 .SH FILES
 266 .ne 2
 267 .na
 268 \fB\fB/var/yp/securenets\fR\fR
 269 .ad
 270 .sp .6
 271 .RS 4n
 272 Defines the hosts and networks that are granted access to information in the
 273 served domain. It is read at startup time by both \fBypserv\fR and
 274 \fBypxfrd\fR.
 275 .RE
 277 .sp
 278 .ne 2
 279 .na
 280 \fB\fB/var/yp/ypserv.log\fR\fR
 281 .ad
 282 .sp .6
 283 .RS 4n
 284 If the \fB/var/yp/ypserv.log\fR file exists when \fBypserv\fR starts up, log
 285 information is written to it when error conditions arise.
 286 .RE
 288 .sp
 289 .ne 2
 290 .na
 291 \fB\fB/var/yp/binding/domainname/ypservers\fR\fR
 292 .ad
 293 .sp .6
 294 .RS 4n
 295 Lists the \fBNIS\fR server hosts that \fBypbind\fR can bind to.
 296 .RE
 299 \fBsvcs\fR(1), \fBypcat\fR(1), \fBypmatch\fR(1), \fBypwhich\fR(1),
 300 \fBdomainname\fR(1M), \fBmakedbm\fR(1M), \fBsvcadm\fR(1M), \fBypbind\fR(1M),
 301 \fBypinit\fR(1M), \fBypmake\fR(1M), \fByppoll\fR(1M), \fByppush\fR(1M),
 302 \fBypset\fR(1M), \fBypstart\fR(1M), \fBypstop\fR(1M), \fBypxfr\fR(1M),
 303 \fBndbm\fR(3C), \fBypclnt\fR(3NSL), \fBlibnsl\fR(3LIB),
 304 \fBNISLDAPmapping\fR(4), \fBsecurenets\fR(4), \fBypfiles\fR(4),
 305 \fBypserv\fR(4), \fBattributes\fR(5), \fBsmf\fR(5)
 307 .SH NOTES
 308 \fBypserv\fR supports multiple domains. The \fBypserv\fR process determines the
 309 domains it serves by looking for directories of the same name in the directory
 310 \fB/var/yp\fR. It replies to all broadcasts requesting yp service for that
 311 domain.
 312 .sp
 313 .LP
 314 The Network Information Service (\fBNIS\fR) was formerly known as Sun Yellow
 315 Pages (\fBYP\fR). The functionality of the two remains the same; only the name
 316 has changed. The name Yellow Pages is a registered trademark in the United
 317 Kingdom of British Telecommunications PLC, and must not be used without
 318 permission.
 319 .sp
 320 .LP
 321 \fBNIS\fR uses \fBndbm()\fR files to store maps. Therefore, it is subject to
 322 the 1024 byte limitations described in the USAGE and NOTES sections of the
 323 \fBndbm\fR(3C) man page.
 324 .sp
 325 .LP
 326 The NIS server service is managed by the service management facility,
 327 \fBsmf\fR(5), under the service identifier:
 328 .sp
 329 .in +2
 330 .nf
 331 svc:/network/nis/server:default
 332 .fi
 333 .in -2
 334 .sp
 336 .sp
 337 .LP
 338 Administrative actions on this service, such as enabling, disabling, or
 339 requesting restart, can be performed using \fBsvcadm\fR(1M). The service's
 340 status can be queried using the \fBsvcs\fR(1) command.