mirror of https://github.com/tLDP/LDP
Editing of new "Linux-Networking" guide. This copy is not to be distributed. Its just a draft to give people an idea as to the format of the new document and a backup just in case my laptop dies.
Binh.
This commit is contained in:
parent
5d58c8ff1a
commit
fc5bd21414
|
@ -1107,4 +1107,65 @@ USAGI
|
|||
interfaces and can be used to control SQL databases, for
|
||||
example.
|
||||
|
||||
DBM
|
||||
DataBase Management, a library of functions which maintain key-content
|
||||
pairs in a data base.
|
||||
|
||||
DLL
|
||||
Dynamically Linked Library, a library linked to an executable program at
|
||||
run-time.
|
||||
|
||||
domainname
|
||||
A name "key" that is used by NIS clients to be able to locate a suitable
|
||||
NIS server that serves that domainname key. Please note that this does
|
||||
not necessarily have anything at all to do with the DNS "domain" (machine
|
||||
name) of the machine(s).
|
||||
|
||||
FTP
|
||||
File Transfer Protocol, a protocol used to transfer files between two
|
||||
computers.
|
||||
|
||||
libnsl
|
||||
Name services library, a library of name service calls (getpwnam,
|
||||
getservbyname, etc...) on SVR4 Unixes. GNU libc uses this for the NIS
|
||||
(YP) and NIS+ functions.
|
||||
|
||||
libsocket
|
||||
Socket services library, a library for the socket service calls (socket,
|
||||
bind, listen, etc...) on SVR4 Unixes.
|
||||
|
||||
NIS
|
||||
Network Information Service, a service that provides information, that
|
||||
has to be known throughout the network, to all machines on the network.
|
||||
There is support for NIS in Linux's standard libc library, which in the
|
||||
following text is referred to as "traditional NIS".
|
||||
|
||||
NIS+
|
||||
Network Information Service (Plus :-), essentially NIS on steroids. NIS+
|
||||
is designed by Sun Microsystems Inc. as a replacement for NIS with better
|
||||
security and better handling of _large_ installations.
|
||||
|
||||
NYS
|
||||
This is the name of a project and stands for NIS+, YP and Switch and is
|
||||
managed by Peter Eriksson <peter@ifm.liu.se>. It contains among other
|
||||
things a complete reimplementation of the NIS (= YP) code that uses the
|
||||
Name Services Switch functionality of the NYS library.
|
||||
|
||||
NSS
|
||||
Name Service Switch. The /etc/nsswitch.conf file determines the order of
|
||||
lookups performed when a certain piece of information is requested.
|
||||
|
||||
RPC
|
||||
Remote Procedure Call. RPC routines allow C programs to make procedure
|
||||
calls on other machines across the network. When people talk about RPC
|
||||
they most often mean the Sun RPC variant.
|
||||
|
||||
YP
|
||||
Yellow Pages(tm), a registered trademark in the UK of British Telecom
|
||||
plc.
|
||||
|
||||
TCP-IP
|
||||
Transmission Control Protocol/Internet Protocol. It is the data
|
||||
communication protocol most often used on Unix machines.
|
||||
|
||||
</glossary>
|
||||
|
|
|
@ -1,147 +1,5 @@
|
|||
<sect1 id="IPX">
|
||||
|
||||
Linux IPX-HOWTO
|
||||
Kevin Thorpe, kevin@pricetrak.com
|
||||
v2.3, 06 May 1998
|
||||
1. Introduction.
|
||||
|
||||
This is the Linux IPX-HOWTO. You should read the Linux NET-3-HOWTO in
|
||||
conjunction with this document.
|
||||
|
||||
1.1. Changes from the previous release.
|
||||
|
||||
Change of author:
|
||||
Many thanks to Terry Dawson for passing on this document and
|
||||
congratulations on becoming a father :-).
|
||||
|
||||
Additions:
|
||||
Addition of a brief explanation of IPX. This is in response to
|
||||
many baffled queries on the discussion lists.
|
||||
|
||||
Corrections/Updates:
|
||||
New version of ncpfs which now supports NDS logins. This is early
|
||||
beta test and may be prohibited in your country due to the use of
|
||||
patented technology.
|
||||
|
||||
Addition of support for trustee rights in mars_nwe. This is still
|
||||
in beta test.
|
||||
|
||||
2. Disclaimer.
|
||||
|
||||
I do not and cannot know everything there is to know about the Linux
|
||||
network software. Please accept and be warned that this document
|
||||
probably does contain errors. Please read any README files that are
|
||||
included with any of the various pieces of software described in this
|
||||
document for more detailed and accurate information. I will attempt to
|
||||
keep this document as error-free and up-to-date as possible. Versions
|
||||
of software are current as at time of writing.
|
||||
|
||||
In no way do I or the authors of the software in this document offer
|
||||
protection against your own actions. If you configure this software,
|
||||
even as described in this document and it causes problems on your
|
||||
network then you alone must carry the responsibility. I include this
|
||||
warning because IPX network design and configuration is not always a
|
||||
simple matter and sometimes undesirable interaction with other routers
|
||||
and fileservers can result if you do not design or configure your
|
||||
network carefully. I also include this warning because I was asked to
|
||||
by someone unfortunate enough to have discovered this lesson the hard
|
||||
way.
|
||||
|
||||
|
||||
3. Related Documentation.
|
||||
|
||||
This document presumes you understand how to build a Linux kernel with
|
||||
the appropriate networking options selected and that you understand
|
||||
how to use the basic network tools such as ifconfig and route. If you
|
||||
do not, then you should read the NET-3-HOWTO <NET-3-HOWTO.html> in
|
||||
conjunction with this document as it describes these.
|
||||
|
||||
Other Linux HOWTO documents that might be useful are:
|
||||
|
||||
The Ethernet-HOWTO <Ethernet-HOWTO.html>, which describes the details
|
||||
of configuring an Ethernet device for Linux.
|
||||
|
||||
The PPP-HOWTO <PPP-HOWTO.html> as IPX support is available for version
|
||||
2.2.0d and later of the Linux PPP implementation.
|
||||
|
||||
|
||||
3.1. New versions of this document.
|
||||
|
||||
If your copy of this document is more than two months old then I
|
||||
strongly recommend you obtain a newer version. The networking support
|
||||
for Linux is changing very rapidly with new enhancements and features,
|
||||
so this document also changes fairly frequently. The latest released
|
||||
version of this document can always be retrieved by anonymous ftp
|
||||
from:
|
||||
|
||||
ftp:/sunsite.unc.edu/pub/Linux/docs/HOWTO/IPX-HOWTO>/ or:
|
||||
ftp:/sunsite.unc.edu/pub/Linux/docs/HOWTO/other-formats/IPX-
|
||||
HOWTO{-html.tar,ps,dvi}.gz>/ via the World Wide Web from the Linux
|
||||
Documentation Project Web Server
|
||||
<http://sunsite.unc.edu/LDP/linux.html>, at page: IPX-HOWTO
|
||||
<http://sunsite.unc.edu/LDP/HOWTO/IPX-HOWTO.html> or directly from me,
|
||||
<kevin@pricetrak.com>. It may also be posted to the newsgroups:
|
||||
comp.os.linux.networking, comp.os.linux.answers and news.answers from
|
||||
time to time.
|
||||
|
||||
3.2. Feedback.
|
||||
|
||||
Please send any comments, updates, or suggestions to me,
|
||||
<kevin@pricetrak.com>. The sooner I get feedback, the sooner I can
|
||||
update and correct this document. If you find any problems with it,
|
||||
please mail me directly as I can miss info posted to the newsgroups.
|
||||
|
||||
|
||||
18. Copyright Message.
|
||||
|
||||
The IPX-HOWTO, a guide to software supporting the IPX protocol for
|
||||
Linux. Copyright (c) 1995 Terry Dawson.
|
||||
|
||||
This program is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2 of the License, or (at
|
||||
your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program; if not, write to the:
|
||||
|
||||
Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139,
|
||||
USA.
|
||||
|
||||
|
||||
19. Miscellaneous and Acknowledgements.
|
||||
|
||||
Terry Dawson <terry@perf.no.itg.telstra.com.au> for the original
|
||||
document
|
||||
|
||||
David E. Storey <dave@tamos.gmu.edu> and Volker Lendecke
|
||||
<lendecke@namu01.gwdg.de> both assisted greatly by supplying me with
|
||||
information for this document. Gilbert Callaghan
|
||||
<gilbert@pokey.inviso.com>, David Higgins <dave@infra.com> and Chad
|
||||
Robinson <chadr@brtgate.brttech.com> each contributed information on
|
||||
configuring IPX/PPP. Bennie Venter <bjv@Gil-galad.paradigm-sa.com>
|
||||
contributed some useful information relating to frame types.
|
||||
Christopher Wall <vergil@idir.net contributed some useful suggestions
|
||||
to improve the readability and layout of the document. Axel Boldt
|
||||
<boldt@math.ucsb.edu> contributed some useful suggestions and
|
||||
feedback. Erik D. Olson <eriko@wrq.com> provided some useful feedback
|
||||
and information on configuring PPP for IPX. Brian King
|
||||
<root@brian.library.dal.ca> contributed a question for the FAQ
|
||||
section.
|
||||
|
||||
"NetWare" is a registered trademark of the Novell Corporation
|
||||
<http://www.novell.com/>. "Caldera" is a registered trademark of the
|
||||
Caldera Corporation <http://www.caldera.com/>.
|
||||
|
||||
regards Kevin Thorpe.
|
||||
|
||||
<kevin@pricetrak.com>
|
||||
|
||||
<title>IPX</title>
|
||||
|
||||
<para>
|
||||
|
@ -206,7 +64,6 @@ in the packet. Typical frame types used in NetWare networks
|
|||
support protocols such as IPX/RIP, SAP or NCP, these are supported by
|
||||
other software such as that documented elsewhere in this document.
|
||||
|
||||
|
||||
The IPX support was originally developed by Alan Cox
|
||||
<alan@lxorguk.ukuu.org.uk> and has been significantly enhanced by Greg
|
||||
Page <greg@caldera.com>.
|
||||
|
|
|
@ -2,46 +2,13 @@
|
|||
|
||||
<title>NIS</title>
|
||||
|
||||
NDIS and ODI
|
||||
|
||||
The Network Device Interface Specification (NDIS) is a standard developed
|
||||
by Microsoft and IBM to enable communication between protocols and network
|
||||
card drivers. The purpose of NDIS is to abstract the functions of the
|
||||
network driver so that protocols can work with any driver. NDIS works
|
||||
within the data link layer of the OSI model.
|
||||
|
||||
NDIS allows software components to be written in a modular fashion, and
|
||||
components that conform to a version of the NDIS specification are
|
||||
guaranteed to communicate with eachother. The current version of NDIS
|
||||
is 4.0.
|
||||
|
||||
The process of assigning a protocol to a network card is called binding.
|
||||
NDIS allows multiple protocols to be bound to a single network card,
|
||||
and multiple network cards to be bound to a single protocol (or multiple
|
||||
protocols).
|
||||
|
||||
ODI (Open Datalink Interface), devloped by Novell and Apple, is an
|
||||
implementation of the same functionality. While designed primarily for
|
||||
the IPX protocol, ODI can be used with any protocol. Netware clients and
|
||||
servers can have network cards bound to multiple protocols. Microsoft's
|
||||
implementation of the IPX protocol, NWLink, also supports the ODI standard.
|
||||
|
||||
|
||||
|
||||
6.8. NIS
|
||||
|
||||
The Network Information Service (NIS) provides a simple network lookup
|
||||
service consisting of databases and processes. Its purpose is to
|
||||
provide information that has to be known throughout the network to all
|
||||
machines on the network. For example, it enables an administrator to
|
||||
allow users access to any machine in a network running NIS without a
|
||||
password entry existing on each machine; only the main database needs
|
||||
to be maintained.
|
||||
|
||||
Related HOWTO:
|
||||
|
||||
· NIS HOWTO <http://metalab.unc.edu/mdw/HOWTO/NIS-HOWTO.html>
|
||||
|
||||
The Network Information Service (NIS) provides a simple network lookup
|
||||
service consisting of databases and processes. Its purpose is to
|
||||
provide information that has to be known throughout the network to all
|
||||
machines on the network. For example, it enables an administrator to
|
||||
allow users access to any machine in a network running NIS without a
|
||||
password entry existing on each machine; only the main database needs
|
||||
to be maintained.
|
||||
|
||||
This section describes how to configure Linux as NIS(YP) or NIS+ client
|
||||
and how to install an NIS server.
|
||||
|
@ -58,93 +25,6 @@ in beta stage.
|
|||
This document tries to answer questions about setting up NIS(YP) and NIS+ on
|
||||
your Linux machine. Don't forget to read Section 5.
|
||||
|
||||
The NIS-Howto is edited and maintained by
|
||||
|
||||
+---------------------------------------------------------------------------+
|
||||
| Thorsten Kukuk, <kukuk@suse.de> |
|
||||
+---------------------------------------------------------------------------+
|
||||
|
||||
The primary source of the information for the initial NIS-Howto was from:
|
||||
|
||||
+---------------------------------------------------------------------------+
|
||||
|Andrea Dell'Amico <adellam@ZIA.ms.it> |
|
||||
|Mitchum DSouza <Mitch.DSouza@NetComm.IE> |
|
||||
|Erwin Embsen <erwin@nioz.nl> |
|
||||
|Peter Eriksson <peter@ifm.liu.se> |
|
||||
+---------------------------------------------------------------------------+
|
||||
|
||||
who we should thank for writing the first versions of this document.
|
||||
-----------------------------------------------------------------------------
|
||||
|
||||
2. Glossary and General Information
|
||||
|
||||
2.1. Glossary of Terms
|
||||
|
||||
In this document a lot of acronyms are used. Here are the most important
|
||||
acronyms and a brief explanation:
|
||||
|
||||
DBM
|
||||
DataBase Management, a library of functions which maintain key-content
|
||||
pairs in a data base.
|
||||
|
||||
DLL
|
||||
Dynamically Linked Library, a library linked to an executable program at
|
||||
run-time.
|
||||
|
||||
domainname
|
||||
A name "key" that is used by NIS clients to be able to locate a suitable
|
||||
NIS server that serves that domainname key. Please note that this does
|
||||
not necessarily have anything at all to do with the DNS "domain" (machine
|
||||
name) of the machine(s).
|
||||
|
||||
FTP
|
||||
File Transfer Protocol, a protocol used to transfer files between two
|
||||
computers.
|
||||
|
||||
libnsl
|
||||
Name services library, a library of name service calls (getpwnam,
|
||||
getservbyname, etc...) on SVR4 Unixes. GNU libc uses this for the NIS
|
||||
(YP) and NIS+ functions.
|
||||
|
||||
libsocket
|
||||
Socket services library, a library for the socket service calls (socket,
|
||||
bind, listen, etc...) on SVR4 Unixes.
|
||||
|
||||
NIS
|
||||
Network Information Service, a service that provides information, that
|
||||
has to be known throughout the network, to all machines on the network.
|
||||
There is support for NIS in Linux's standard libc library, which in the
|
||||
following text is referred to as "traditional NIS".
|
||||
|
||||
NIS+
|
||||
Network Information Service (Plus :-), essentially NIS on steroids. NIS+
|
||||
is designed by Sun Microsystems Inc. as a replacement for NIS with better
|
||||
security and better handling of _large_ installations.
|
||||
|
||||
NYS
|
||||
This is the name of a project and stands for NIS+, YP and Switch and is
|
||||
managed by Peter Eriksson <peter@ifm.liu.se>. It contains among other
|
||||
things a complete reimplementation of the NIS (= YP) code that uses the
|
||||
Name Services Switch functionality of the NYS library.
|
||||
|
||||
NSS
|
||||
Name Service Switch. The /etc/nsswitch.conf file determines the order of
|
||||
lookups performed when a certain piece of information is requested.
|
||||
|
||||
RPC
|
||||
Remote Procedure Call. RPC routines allow C programs to make procedure
|
||||
calls on other machines across the network. When people talk about RPC
|
||||
they most often mean the Sun RPC variant.
|
||||
|
||||
YP
|
||||
Yellow Pages(tm), a registered trademark in the UK of British Telecom
|
||||
plc.
|
||||
|
||||
TCP-IP
|
||||
Transmission Control Protocol/Internet Protocol. It is the data
|
||||
communication protocol most often used on Unix machines.
|
||||
|
||||
|
||||
-----------------------------------------------------------------------------
|
||||
2.2. Some General Information
|
||||
|
||||
|
@ -286,6 +166,7 @@ before inetd is started.
|
|||
|
||||
For secure RPC, the portmapper needs the Time service. Make sure, that the
|
||||
Time service is enabled in /etc/inetd.conf on all hosts:
|
||||
|
||||
+---------------------------------------------------------------------------+
|
||||
|# |
|
||||
|# Time service is used for clock syncronization. |
|
||||
|
@ -293,7 +174,6 @@ Time service is enabled in /etc/inetd.conf on all hosts:
|
|||
|time stream tcp nowait root internal |
|
||||
|time dgram udp wait root internal |
|
||||
+---------------------------------------------------------------------------+
|
||||
|
||||
|
||||
IMPORTANT: Don't forget to restart inetd after changes on its configuration
|
||||
file !
|
||||
|
@ -305,15 +185,9 @@ file !
|
|||
|
||||
To answer this question you have to consider two cases:
|
||||
|
||||
|
||||
|
||||
1. Your machine is going to be part of a network with existing NIS servers
|
||||
|
||||
2. You do not have any NIS servers in the network yet
|
||||
|
||||
|
||||
|
||||
|
||||
In the first case, you only need the client programs (ypbind, ypwhich, ypcat,
|
||||
yppoll, ypmatch). The most important program is ypbind. This program must be
|
||||
running at all times, which means, it should always appear in the list of
|
||||
|
@ -325,6 +199,7 @@ NIS client.
|
|||
In the second case, if you don't have NIS servers, then you will also need a
|
||||
NIS server program (usually called ypserv). Section 9 describes how to set up
|
||||
a NIS server on your Linux machine using the ypserv daemon.
|
||||
|
||||
-----------------------------------------------------------------------------
|
||||
|
||||
6.2. The Software
|
||||
|
@ -446,16 +321,12 @@ files. To test ypbind do the following:
|
|||
The output depends on the ypbind version you have installed. Important is
|
||||
only the "version 2" message.
|
||||
|
||||
|
||||
|
||||
|
||||
At this point you should be able to use NIS client programs like ypcat,
|
||||
etc... For example, ypcat passwd.byname will give you the entire NIS password
|
||||
database.
|
||||
|
||||
IMPORTANT: If you skipped the test procedure then make sure you have set the
|
||||
domain name, and created the directory
|
||||
|
||||
|
||||
+---------------------------------------------------------------------------+
|
||||
| /var/yp |
|
||||
|
@ -483,12 +354,10 @@ For host lookups you must set (or add) "nis" to the lookup order line in your
|
|||
/etc/host.conf file. Please read the manpage "resolv+.8" for more details.
|
||||
|
||||
Add the following line to /etc/passwd on your NIS clients:
|
||||
|
||||
|
||||
+---------------------------------------------------------------------------+
|
||||
|+:::::: |
|
||||
+---------------------------------------------------------------------------+
|
||||
|
||||
|
||||
You can also use the + and - characters to include/exclude or change users.
|
||||
If you want to exclude the user guest just add -guest to your /etc/passwd
|
||||
|
@ -500,7 +369,6 @@ also use Netgroups for user control.
|
|||
For example, to allow login-access only to miquels, dth and ed, and all
|
||||
members of the sysadmin netgroup, but to have the account data of all other
|
||||
users available use:
|
||||
|
||||
|
||||
+---------------------------------------------------------------------------+
|
||||
| +miquels::::::: |
|
||||
|
@ -510,7 +378,6 @@ users available use:
|
|||
| -ftp |
|
||||
| +:*::::::/etc/NoShell |
|
||||
+---------------------------------------------------------------------------+
|
||||
|
||||
|
||||
Note that in Linux you can also override the password field, as we did in
|
||||
this example. We also remove the login "ftp", so it isn't known any longer,
|
||||
|
@ -520,7 +387,6 @@ The netgroup would look like
|
|||
+---------------------------------------------------------------------------+
|
||||
|sysadmins (-,software,) (-,kukuk,) |
|
||||
+---------------------------------------------------------------------------+
|
||||
|
||||
|
||||
IMPORTANT: The netgroup feature is implemented starting from libc 4.5.26. If
|
||||
you have a version of libc earlier than 4.5.26, every user in the NIS
|
||||
|
@ -562,11 +428,9 @@ lookups performed when a certain piece of information is requested, just like
|
|||
the /etc/host.conf file which determines the way host lookups are performed.
|
||||
For example, the line
|
||||
|
||||
|
||||
+---------------------------------------------------------------------------+
|
||||
| hosts: files nis dns |
|
||||
+---------------------------------------------------------------------------+
|
||||
|
||||
|
||||
specifies that host lookup functions should first look in the local /etc/
|
||||
hosts file, followed by a NIS lookup and finally through the domain name
|
||||
|
@ -662,7 +526,6 @@ the /etc/pam.d/* entries. All pam_pwdb rules should be replaced through a
|
|||
pam_unix_* module.
|
||||
|
||||
An example /etc/pam.d/login file looks like:
|
||||
|
||||
|
||||
+----------------------------------------------------------------------------------+
|
||||
|#%PAM-1.0 |
|
||||
|
@ -696,6 +559,7 @@ or SuSE Linux. If you have a Linux Distribution, which does not have glibc
|
|||
2.1.1 or later, you need to update to a newer version.
|
||||
|
||||
The NIS+ client software can be obtained from:
|
||||
|
||||
+---------------------------------------------------------------------------------+
|
||||
| Site Directory File Name |
|
||||
| |
|
||||
|
@ -704,7 +568,6 @@ The NIS+ client software can be obtained from:
|
|||
| ftp.kernel.org /pub/linux/utils/net/NIS+ nis-utils-1.4.1.tar.gz |
|
||||
+---------------------------------------------------------------------------------+
|
||||
|
||||
|
||||
You should also have a look at [http://www.linux-nis.org/nisplus/] http://
|
||||
www.linux-nis.org/nisplus/ for more information and the latest sources.
|
||||
-----------------------------------------------------------------------------
|
||||
|
@ -720,13 +583,11 @@ new client on the NIS+ server. Make sure portmap is running. Then check if
|
|||
your Linux PC has the same time as the NIS+ Server. For secure RPC, you have
|
||||
only a small window from about 3 minutes, in which the credentials are valid.
|
||||
A good idea is to run xntpd on every host. After this, run
|
||||
|
||||
|
||||
+---------------------------------------------------------------------------+
|
||||
|domainname nisplus.domain. |
|
||||
|nisinit -c -H <NIS+ server> |
|
||||
+---------------------------------------------------------------------------+
|
||||
|
||||
|
||||
to initialize the cold start file. Read the nisinit man page for more
|
||||
options. Make sure that the domainname will always be set after a reboot. If
|
||||
|
@ -738,9 +599,11 @@ service after publickey is nisplus ("publickey: nisplus"), and nothing else!
|
|||
|
||||
Then start keyserv and make sure, that it will always be started as first
|
||||
daemon after portmap at boot time. Run
|
||||
|
||||
+---------------------------------------------------------------------------+
|
||||
|keylogin -r |
|
||||
+---------------------------------------------------------------------------+
|
||||
|
||||
to store the root secretkey on your system. (I hope you have added the
|
||||
publickey for the new host on the NIS+ Server?).
|
||||
|
||||
|
@ -754,7 +617,6 @@ by calling "keylogin". The login from the shadow package will do this for the
|
|||
user, if it was compiled against glibc 2.1. For a PAM aware login, you have
|
||||
to change the /etc/pam.d/login file to use pam_unix2, not pwdb, which doesn't
|
||||
support NIS+. An example:
|
||||
|
||||
|
||||
+---------------------------------------------------------------------------+
|
||||
|#%PAM-1.0 |
|
||||
|
@ -774,19 +636,18 @@ The Network Services switch file /etc/nsswitch.conf determines the order of
|
|||
lookups performed when a certain piece of information is requested, just like
|
||||
the /etc/host.conf file which determines the way host lookups are performed.
|
||||
For example, the line
|
||||
|
||||
|
||||
+---------------------------------------------------------------------------+
|
||||
| hosts: files nisplus dns |
|
||||
+---------------------------------------------------------------------------+
|
||||
|
||||
|
||||
specifies that host lookup functions should first look in the local /etc/
|
||||
hosts file, followed by a NIS+ lookup and finally through the domain name
|
||||
service (/etc/resolv.conf and named), at which point if no match is found an
|
||||
error is returned.
|
||||
|
||||
A good /etc/nsswitch.conf file for NIS+ is:
|
||||
|
||||
+---------------------------------------------------------------------------+
|
||||
|# |
|
||||
|# /etc/nsswitch.conf |
|
||||
|
@ -842,7 +703,6 @@ A good /etc/nsswitch.conf file for NIS+ is:
|
|||
This document only describes how to set up the "ypserv" NIS server.
|
||||
|
||||
The NIS server software can be found on:
|
||||
|
||||
|
||||
+---------------------------------------------------------------------------+
|
||||
| Site Directory File Name |
|
||||
|
@ -850,7 +710,6 @@ The NIS server software can be found on:
|
|||
| ftp.kernel.org /pub/linux/utils/net/NIS ypserv-2.9.tar.gz |
|
||||
| ftp.kernel.org /pub/linux/utils/net/NIS ypserv-2.9.tar.bz2 |
|
||||
+---------------------------------------------------------------------------+
|
||||
|
||||
|
||||
You could also look at [http://www.linux-nis.org/nis/] http://
|
||||
www.linux-nis.org/nis/ for more information.
|
||||
|
@ -877,39 +736,35 @@ the ypserv(8) and ypserv.conf(5) manual pages.
|
|||
|
||||
Make sure the portmapper (portmap(8)) is running, and start the server ypserv
|
||||
. The command
|
||||
|
||||
|
||||
+---------------------------------------------------------------------------+
|
||||
| % rpcinfo -u localhost ypserv |
|
||||
+---------------------------------------------------------------------------+
|
||||
|
||||
|
||||
should output something like
|
||||
|
||||
|
||||
+---------------------------------------------------------------------------+
|
||||
| program 100004 version 1 ready and waiting |
|
||||
| program 100004 version 2 ready and waiting |
|
||||
+---------------------------------------------------------------------------+
|
||||
|
||||
|
||||
The "version 1" line could be missing, depending on the ypserv version and
|
||||
configuration you are using. It is only necessary if you have old SunOS 4.x
|
||||
clients.
|
||||
|
||||
Now generate the NIS (YP) database. On the master, run
|
||||
|
||||
|
||||
+---------------------------------------------------------------------------+
|
||||
| % /usr/lib/yp/ypinit -m |
|
||||
+---------------------------------------------------------------------------+
|
||||
|
||||
|
||||
On a slave make sure that ypwhich -m works. This means, that your slave must
|
||||
be configured as NIS client before you could run
|
||||
|
||||
+---------------------------------------------------------------------------+
|
||||
| % /usr/lib/yp/ypinit -s masterhost |
|
||||
+---------------------------------------------------------------------------+
|
||||
|
||||
to install the host as NIS slave.
|
||||
|
||||
That's it, your server is up and running.
|
||||
|
@ -923,22 +778,24 @@ files to the slave servers. Please don't use ypinit for updating a map.
|
|||
|
||||
You might want to edit root's crontab *on the slave* server and add the
|
||||
following lines:
|
||||
|
||||
|
||||
+---------------------------------------------------------------------------+
|
||||
| 20 * * * * /usr/lib/yp/ypxfr_1perhour |
|
||||
| 40 6 * * * /usr/lib/yp/ypxfr_1perday |
|
||||
| 55 6,18 * * * /usr/lib/yp/ypxfr_2perday |
|
||||
+---------------------------------------------------------------------------+
|
||||
|
||||
This will ensure that most NIS maps are kept up-to-date, even if an update is
|
||||
missed because the slave was down at the time the update was done on the
|
||||
master.
|
||||
|
||||
You can add a slave at every time later. At first, make sure that the new
|
||||
slave server has permissions to contact the NIS master. Then run
|
||||
|
||||
+---------------------------------------------------------------------------+
|
||||
| % /usr/lib/yp/ypinit -s masterhost |
|
||||
+---------------------------------------------------------------------------+
|
||||
|
||||
on the new slave. On the master server, add the new slave server name to /var
|
||||
/yp/ypservers and run make in /var/yp to update the map.
|
||||
|
||||
|
@ -948,7 +805,6 @@ plus-entries to /etc/passwd _halfway_ the password file. The library
|
|||
functions will ignore all normal entries after the first NIS entry, and will
|
||||
get the rest of the info through NIS. This way the NIS access rules are
|
||||
maintained. An example:
|
||||
|
||||
|
||||
+-------------------------------------------------------------------------------+
|
||||
| root:x:0:0:root:/root:/bin/bash |
|
||||
|
@ -969,7 +825,6 @@ maintained. An example:
|
|||
| tester:*:299:10:Just a test account:/tmp: |
|
||||
| miquels:1234567890123:101:10:Miquel van Smoorenburg:/home/miquels:/bin/zsh|
|
||||
+-------------------------------------------------------------------------------+
|
||||
|
||||
|
||||
Thus the user "tester" will exist, but have a shell of /etc/NoShell. miquels
|
||||
will have normal access.
|
||||
|
@ -991,7 +846,6 @@ try to apply the "ypserv" instructions to "yps"! "yps" is not supported by
|
|||
any author, and contains some security leaks. You really shouldn't use it !
|
||||
|
||||
The "yps" NIS server software can be found on:
|
||||
|
||||
|
||||
+---------------------------------------------------------------------------+
|
||||
| Site Directory File Name |
|
||||
|
@ -1039,20 +893,16 @@ If your passwd and shadow files are not in another directory then /etc, you
|
|||
need to add the -D option. For example, if you have put all source files in /
|
||||
etc/yp and wish to allow the user to change his shell, you need to start
|
||||
rpc.yppasswdd with the following parameters:
|
||||
|
||||
|
||||
+---------------------------------------------------------------------------+
|
||||
| rpc.yppasswdd -D /etc/yp -e chsh |
|
||||
+---------------------------------------------------------------------------+
|
||||
|
||||
|
||||
or
|
||||
|
||||
|
||||
+---------------------------------------------------------------------------+
|
||||
| rpc.yppasswdd -s /etc/yp/shadow -p /etc/yp/passwd -e chsh |
|
||||
+---------------------------------------------------------------------------+
|
||||
|
||||
|
||||
There is nothing more to do. You just need to make sure, that rpc.yppasswdd
|
||||
uses the same files as /var/yp/Makefile. Errors will be logged using syslog.
|
||||
|
@ -1064,19 +914,15 @@ If everything is fine (as it should be), you should be able to verify your
|
|||
installation with a few simple commands. Assuming, for example, your passwd
|
||||
file is being supplied by NIS, the command
|
||||
|
||||
|
||||
+---------------------------------------------------------------------------+
|
||||
| % ypcat passwd |
|
||||
+---------------------------------------------------------------------------+
|
||||
|
||||
|
||||
should give you the contents of your NIS passwd file. The command
|
||||
|
||||
|
||||
+---------------------------------------------------------------------------+
|
||||
| % ypmatch userid passwd |
|
||||
+---------------------------------------------------------------------------+
|
||||
|
||||
|
||||
(where userid is the login name of an arbitrary user) should give you the
|
||||
user's entry in the NIS passwd file. The "ypcat" and "ypmatch" programs
|
||||
|
@ -1117,7 +963,6 @@ If a user cannot log in, run the following program on the client:
|
|||
| exit(0); |
|
||||
|} |
|
||||
+---------------------------------------------------------------------------+
|
||||
|
||||
|
||||
Running this program with the username as parameter will print all the
|
||||
information the getpwnam function gives back for this user. This should show
|
||||
|
|
|
@ -232,4 +232,28 @@ ALOHA is a contention protocol and is used when carrier sense is not available.
|
|||
|
||||
· Amateur radio on Linux web site <http://radio.linux.org.au/>
|
||||
|
||||
NDIS and ODI
|
||||
|
||||
The Network Device Interface Specification (NDIS) is a standard developed
|
||||
by Microsoft and IBM to enable communication between protocols and network
|
||||
card drivers. The purpose of NDIS is to abstract the functions of the
|
||||
network driver so that protocols can work with any driver. NDIS works
|
||||
within the data link layer of the OSI model.
|
||||
|
||||
NDIS allows software components to be written in a modular fashion, and
|
||||
components that conform to a version of the NDIS specification are
|
||||
guaranteed to communicate with eachother. The current version of NDIS
|
||||
is 4.0.
|
||||
|
||||
The process of assigning a protocol to a network card is called binding.
|
||||
NDIS allows multiple protocols to be bound to a single network card,
|
||||
and multiple network cards to be bound to a single protocol (or multiple
|
||||
protocols).
|
||||
|
||||
ODI (Open Datalink Interface), devloped by Novell and Apple, is an
|
||||
implementation of the same functionality. While designed primarily for
|
||||
the IPX protocol, ODI can be used with any protocol. Netware clients and
|
||||
servers can have network cards bound to multiple protocols. Microsoft's
|
||||
implementation of the IPX protocol, NWLink, also supports the ODI standard.
|
||||
|
||||
</sect1>
|
||||
|
|
|
@ -964,5 +964,161 @@ Related HOWTO:
|
|||
· IP Aliasing HOWTO <http://metalab.unc.edu/mdw/HOWTO/mini/IP-
|
||||
Alias.html>
|
||||
|
||||
Related HOWTO:
|
||||
· NIS HOWTO <http://metalab.unc.edu/mdw/HOWTO/NIS-HOWTO.html>
|
||||
The NIS-Howto is edited and maintained by
|
||||
+---------------------------------------------------------------------------+
|
||||
| Thorsten Kukuk, <kukuk@suse.de> |
|
||||
+---------------------------------------------------------------------------+
|
||||
The primary source of the information for the initial NIS-Howto was from:
|
||||
+---------------------------------------------------------------------------+
|
||||
|Andrea Dell'Amico <adellam@ZIA.ms.it> |
|
||||
|Mitchum DSouza <Mitch.DSouza@NetComm.IE> |
|
||||
|Erwin Embsen <erwin@nioz.nl> |
|
||||
|Peter Eriksson <peter@ifm.liu.se> |
|
||||
+---------------------------------------------------------------------------+
|
||||
who we should thank for writing the first versions of this document.
|
||||
|
||||
Linux IPX-HOWTO
|
||||
Kevin Thorpe, kevin@pricetrak.com
|
||||
v2.3, 06 May 1998
|
||||
1. Introduction.
|
||||
|
||||
This is the Linux IPX-HOWTO. You should read the Linux NET-3-HOWTO in
|
||||
conjunction with this document.
|
||||
|
||||
1.1. Changes from the previous release.
|
||||
|
||||
Change of author:
|
||||
Many thanks to Terry Dawson for passing on this document and
|
||||
congratulations on becoming a father :-).
|
||||
|
||||
Additions:
|
||||
Addition of a brief explanation of IPX. This is in response to
|
||||
many baffled queries on the discussion lists.
|
||||
|
||||
Corrections/Updates:
|
||||
New version of ncpfs which now supports NDS logins. This is early
|
||||
beta test and may be prohibited in your country due to the use of
|
||||
patented technology.
|
||||
|
||||
Addition of support for trustee rights in mars_nwe. This is still
|
||||
in beta test.
|
||||
|
||||
2. Disclaimer.
|
||||
|
||||
I do not and cannot know everything there is to know about the Linux
|
||||
network software. Please accept and be warned that this document
|
||||
probably does contain errors. Please read any README files that are
|
||||
included with any of the various pieces of software described in this
|
||||
document for more detailed and accurate information. I will attempt to
|
||||
keep this document as error-free and up-to-date as possible. Versions
|
||||
of software are current as at time of writing.
|
||||
|
||||
In no way do I or the authors of the software in this document offer
|
||||
protection against your own actions. If you configure this software,
|
||||
even as described in this document and it causes problems on your
|
||||
network then you alone must carry the responsibility. I include this
|
||||
warning because IPX network design and configuration is not always a
|
||||
simple matter and sometimes undesirable interaction with other routers
|
||||
and fileservers can result if you do not design or configure your
|
||||
network carefully. I also include this warning because I was asked to
|
||||
by someone unfortunate enough to have discovered this lesson the hard
|
||||
way.
|
||||
|
||||
|
||||
3. Related Documentation.
|
||||
|
||||
This document presumes you understand how to build a Linux kernel with
|
||||
the appropriate networking options selected and that you understand
|
||||
how to use the basic network tools such as ifconfig and route. If you
|
||||
do not, then you should read the NET-3-HOWTO <NET-3-HOWTO.html> in
|
||||
conjunction with this document as it describes these.
|
||||
|
||||
Other Linux HOWTO documents that might be useful are:
|
||||
|
||||
The Ethernet-HOWTO <Ethernet-HOWTO.html>, which describes the details
|
||||
of configuring an Ethernet device for Linux.
|
||||
|
||||
The PPP-HOWTO <PPP-HOWTO.html> as IPX support is available for version
|
||||
2.2.0d and later of the Linux PPP implementation.
|
||||
|
||||
|
||||
3.1. New versions of this document.
|
||||
|
||||
If your copy of this document is more than two months old then I
|
||||
strongly recommend you obtain a newer version. The networking support
|
||||
for Linux is changing very rapidly with new enhancements and features,
|
||||
so this document also changes fairly frequently. The latest released
|
||||
version of this document can always be retrieved by anonymous ftp
|
||||
from:
|
||||
|
||||
ftp:/sunsite.unc.edu/pub/Linux/docs/HOWTO/IPX-HOWTO>/ or:
|
||||
ftp:/sunsite.unc.edu/pub/Linux/docs/HOWTO/other-formats/IPX-
|
||||
HOWTO{-html.tar,ps,dvi}.gz>/ via the World Wide Web from the Linux
|
||||
Documentation Project Web Server
|
||||
<http://sunsite.unc.edu/LDP/linux.html>, at page: IPX-HOWTO
|
||||
<http://sunsite.unc.edu/LDP/HOWTO/IPX-HOWTO.html> or directly from me,
|
||||
<kevin@pricetrak.com>. It may also be posted to the newsgroups:
|
||||
comp.os.linux.networking, comp.os.linux.answers and news.answers from
|
||||
time to time.
|
||||
|
||||
3.2. Feedback.
|
||||
|
||||
Please send any comments, updates, or suggestions to me,
|
||||
<kevin@pricetrak.com>. The sooner I get feedback, the sooner I can
|
||||
update and correct this document. If you find any problems with it,
|
||||
please mail me directly as I can miss info posted to the newsgroups.
|
||||
|
||||
|
||||
18. Copyright Message.
|
||||
|
||||
The IPX-HOWTO, a guide to software supporting the IPX protocol for
|
||||
Linux. Copyright (c) 1995 Terry Dawson.
|
||||
|
||||
This program is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2 of the License, or (at
|
||||
your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program; if not, write to the:
|
||||
|
||||
Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139,
|
||||
USA.
|
||||
|
||||
|
||||
19. Miscellaneous and Acknowledgements.
|
||||
|
||||
Terry Dawson <terry@perf.no.itg.telstra.com.au> for the original
|
||||
document
|
||||
|
||||
David E. Storey <dave@tamos.gmu.edu> and Volker Lendecke
|
||||
<lendecke@namu01.gwdg.de> both assisted greatly by supplying me with
|
||||
information for this document. Gilbert Callaghan
|
||||
<gilbert@pokey.inviso.com>, David Higgins <dave@infra.com> and Chad
|
||||
Robinson <chadr@brtgate.brttech.com> each contributed information on
|
||||
configuring IPX/PPP. Bennie Venter <bjv@Gil-galad.paradigm-sa.com>
|
||||
contributed some useful information relating to frame types.
|
||||
Christopher Wall <vergil@idir.net contributed some useful suggestions
|
||||
to improve the readability and layout of the document. Axel Boldt
|
||||
<boldt@math.ucsb.edu> contributed some useful suggestions and
|
||||
feedback. Erik D. Olson <eriko@wrq.com> provided some useful feedback
|
||||
and information on configuring PPP for IPX. Brian King
|
||||
<root@brian.library.dal.ca> contributed a question for the FAQ
|
||||
section.
|
||||
|
||||
"NetWare" is a registered trademark of the Novell Corporation
|
||||
<http://www.novell.com/>. "Caldera" is a registered trademark of the
|
||||
Caldera Corporation <http://www.caldera.com/>.
|
||||
regards Kevin Thorpe.
|
||||
<kevin@pricetrak.com>
|
||||
|
||||
|
||||
|
||||
</appendix>
|
||||
|
|
Loading…
Reference in New Issue