NIS - Dept. of IE, CUHK Personal Web Server

advertisement
Network Information Services
(NIS)
Linux tutorial
What is NIS?
• Problems in running a distributed
computing environment :
– Each Workstations has its own copies of
common configuration files such as passwd,
group, and hosts files
– These files must be consistent and every
changes to these common files much be
propagated to every hosts on the network
What is NIS?
Logon Failure!!
??
What is NIS?
• The NIS, released by Sun in 1980s, was the
first “prime time” administrative database
to address these problems.
• It was originally called the Sun Yellow
Pages, but eventually had to be renamed for
legal reasons. Many vendors have licensed
Sun’s code, making NIS the most widelysupported network database system
What is NIS?
• It is a distributed database system that
replaces copies of commonly replicated
configuration files with a centralized
management facility
• Instead of having to manage each host’s
files, you maintain one database for each
file on one central server
NIS Masters, Slaves, and Clients
NIS
MASTER
SERVER
NIS SLAVE
SERVER
NIS SLAVE
SERVER
CLIENT
CLIENT
CLIENT
CLIENT
NIS Servers
• An NIS server is a machine storing a set of
maps that are available to network
machines and applications.
• NIS master server
– contains the set of maps that you, the NIS
administrator, create and update as necessary.
– Each NIS domain must have one, and only one,
master server.
NIS Servers
• NIS Slave server
– A slave server has a complete copy of the
master set of NIS maps. Whenever the master
server maps are updated, the updates are
propagated among the slave servers. The
existence of slave servers allows the system
administrator to evenly distribute the load
resulting from answering NIS requests. It also
minimizes the impact of a server becoming
unavailable.
NIS Elements
• NIS Domains
– An NIS domain is a collection of machines that
share a common set of NIS maps. Each domain
has a domain name and each machine sharing
the common set of maps belongs to that
domain.
– Domain names are case-sensitive.
NIS Elements
• NIS Maps
– NIS maps are essentially two-column tables.
One column is the key and the other column is
information value related to the key. NIS finds
information for a client by searching through
the keys. Some information is stored in several
maps because each map uses a different key.
NIS Elements
– For example, the names and addresses of
machines are stored in two maps:
hosts.byname and hosts.byaddr. When a server
has a machine's name and needs to find its
address, it looks in the hosts.byname map.
When it has the address and needs to find the
name, it looks in the hosts.byaddr map.
NIS Elements
– Maps for a domain are located in each server's
/var/yp/domainname directory.
– For example, the maps that belong to the
domain test.com are located in each server's
/var/yp/test.com directory.
– An NIS Makefile is stored in the /var/yp
directory of machines designated as a NIS
server at installation time. Running make in
that directory causes makedbm to create or
modify the default NIS maps from the input
files.
NIS Elements
• NIS daemons
Daemon
Functions
ypserv
Server process
ypbind
Binding process
ypxfrd
High speed map transfer
rpc.yppasswdd
NIS password update
daemon
NIS Query
NIS Query
Client Side
Application
getpwuid
ypbind
C Library
Server Side
ypserv
ndbm
C Library
The Filesystem
Basic NIS Management
• Installing a new NIS Environment, building
Master and slave servers
• Starting the ypserv daemon, which enables
the system to act as NIS Server
• Adding new slave servers when growth of
your network
• Modifying the client’s administrative files
• Starting the ypbind daemon, allowing the
client to make NIS requests
Building NIS Master Server
• Edit /etc/defaultdomain to enter your NIS
domain name
• Edit /etc/rc.d/rc.inet2, modify :
# if [ -r /etc/defaultdomain ]; then
# nisdomainname `cat /etc/defaultdomain`
# fi
into :
if [ -r /etc/defaultdomain ]; then
/bin/ypdomainname `cat /etc/defaultdomain`
fi
Building NIS Master Server
• Add the following lines :
dname=`/bin/ypdomainname`
echo "NIS domainname is $dname"
echo -n "starting NIS services:"
/usr/sbin/ypserv
echo -n " ypserv"
echo "running rpc.yppasswdd"
/usr/sbin/rpc.yppasswdd -p /etc/passwd.yp
Building NIS Master Server
• Last, UNCOMMENT the following lines :
# if [ -d /var/yp ] ; then
# echo "Running ypbind..."
# /usr/sbin/ypbind
# fi
• This made the NIS master as client
Building NIS Master Server
• Prepare the passwd file for use by NIS
– Our Linux is using shadow password but using
shadow passwords alongside NIS does not
make too much senses, so we will put only root
and system passwords in the local shadow
map on the local host. For all the normal user
you have a normal passwd map with
passwords distributed trough NIS.
Building NIS Master Server
• NIS Masters as clients
– Provide restricted access to the NIS Server
– The server has its own passwd file. An
alternate passwd map source file which is
network wide is used
– In the tutorial, we don’t need this extra security
but it is required to work around the shadow
passwd issue
Building NIS Master Server
NIS Sever
Local /etc/passwd
Local /etc/shadow
NIS Passwd map
source file : say
passwd.yp
ypserv
ypbind
root/system
local logon
normal user
local logon
through NIS (if
permitted)
Enabling NIS on client
• Make sure that configuration files on the
client includes NIS “marker” entries so that
NIS map information will be added to the
local files
– append +: to /etc/passwd, /etc/shadow and
/etc/group
• Set the NIS domain name, edit
/etc/defaultdomain
Enabling NIS on client
• Start the ypbind daemon, which is
responsible for locating NIS servers and
maintaining bindings of domain names to
servers
Changing Password in NIS
• Why you need to wait sometime for your
new password to be effective if you change
your password in our Lab??
Changing Password in NIS
NIS Master Server
Map propagation
NIS Slave Server
Request to
change passord
(use yppasswd)
NIS Request
Merits of NIS
• Simple, easy to understand. It’s analogous
to copying files around; in most cases, it’s
unnecessary for administrators to be
aware of NIS’ internal data formats
• Widely supported by multiple vendors like
DEC, HP, SGI.
Problems of NIS
• Storing each type of information in
separate data files (eg : host info and user
info) resulted in problems propagating the
information
– When a master server updated its slaves, each
of these files, if changed, was sent over the
network. In environments with hundred of
hosts and thousand of users, this update could
take a while
Problems of NIS
– Between updates, slave servers contained outof-dated information.
• Predefined operations limited information
retrieval.
– For instance, only the user’s log-in named and
uid were indexed, making database searching
by full user name imossible
Problems of NIS
• NIS was not a true database. It did not
support atomic operations, undo of
changes, or logging of operations.
• Finally, there was no easy way to manage it.
To change data in the database, the static
file had to be modified, reconverted into a
database, and loaded into the server
Network File System (NFS)
Linux tutorial
What is NFS?
• The Network File System, allows you to
share filesystems among computers.
• NFS is almost transparent to users and is
“stateless”.
• NFS was introduced by Sun in 1985. It was
originally implemented as a surrogate
filesystem for diskless clients.
What is NFS?
• NFS support has been implemented on
many platforms ranging from the MS-DOS to
the VMS operating systems. Many use code
licensed from Sun.
What is NFS?
• The NFS environment can be implemented
on different operating systems because it
defines an abstract model of a file system,
rather than an architectural specification.
Each operating system applies the NFS
model to its file system semantics. This
means that file system operations like
reading and writing function as though
they are accessing a local file.
Benefits of NFS
– Allows multiple computers to use the same
files, so everyone on the network can access
the same data
– Reduces storage costs by having computers
share applications instead of needing local
disk space for each user application
– Provides data consistency and reliability
because all users can read the same set of
files
– Makes mounting of file systems transparent to
Benefits of NFS
– Makes accessing remote files transparent to
users
– Supports heterogeneous environments
– Reduces system administration overhead
NFS Elements
Client Side
mount
command
User credentials
(UID, {GIDs})
Ser ver Side
rpc.mountd
/etc/
exports
/etc/rmtab
/etc/mtab
rpc.nfsd
The Filesystem
Setting up NFS
• Start mountd and nfsd
– edit /etc/rc.d/rc.inet2 file and uncomment :
# # Start the various SUN RPC servers.
if [ -f ${NET}/rpc.portmap ]; then
# Start the NFS server daemons.
if [ -f ${NET}/rpc.mountd ]; then
echo -n " mountd"
${NET}/rpc.mountd
fi
if [ -f ${NET}/rpc.nfsd ]; then
echo -n " nfsd"
${NET}/rpc.nfsd
fi
Setting up NFS
• Export filesystems, edit /etc/exports
# See exports(5) for a description.
# This file contains a list of all directories exported to
other computers.
# It is used by rpc.nfsd and rpc.mountd.
/home
linux-1b (rw)
– This file servers as the access control list for
file systems which may be exported to NFS
clients. See man pages of exports(5) for a lists
of the options
Hard and Soft Mounts
• Hard mount
– If a server goes down, make operations that try
to access it block until the server comes back
up
• Soft mount
– If a serve goes down, make operations that try
to access it fail and return an error. This is
useful to avoid processes “hanging” on
inessential mounts
Hard and Soft Mounts
• How to choose hard/soft mounts
– You never want to write data to an unreliable
device, nor do you want to try to load
executables from it. You should not use the soft
mount on any filesystem that is writeable, nor
on any filesystem from which you load
executables. NFS only guarantees the
consistency of data after a server crash if the
NFS filesystem was hardmounted
NFS Shortcomings
• NFS Suffers its greatest performance
troubles because of its stateless design
– Since the client assumes a write operation is
complete once it receives an acknowledgment
from the server, servers must commit each
modified block to disk before replying, to avoid
discrepancies in the event of a crash. This
introduces a significant delay in NFS writes
– In contrast, some OS (Like Netware) will
acknowledge the client before committing the
writes.
Installation & Configuration of
XFree86
Linux tutorial
What is XFree86?
• XFree86 is a freely redistributable port of
the MIT X window System version 11,
release 6(X11R6) for all x86 UNIX
implementations. It includes all of the
required binaries, support files, libraries
and tools
• More information can be found in
http://www.xfree86.org
Latest XFree86 release
• The current version of XFree86 is v3.3.2. It
supports most-up-todate video chipsets
like
– ATI Rage Pro (AGP), Matrox Millennium II AGP,
Number Nine Revolution 3D, Tseng ET6100, S3
ViRGE/MX and ViRGE/GX2.
• The XFree86 comes with the Slackware
distribution is v3.3.1
Installation of XFree86
• Install XFree86 by running setup. Select
diskset of X, XAP and XV
Installation of XFree86
• Select 16-color generic X Server and the
appropriate X Server for your video chipset
Configuration of XFree86
• Run XF86Setup
to start the
setup program.
This program
will walks you
through a
series of
configuration
panels. The
whole process
is quite
painless
Configuration of XFree86
• Next you need to
configure the
mouse.
• You should pay
attention to the
mouse type :
Microsoft, ps/2
and ports they
connected to
Configuration of XFree86
• Keyboard is
easy to
configure. Just
choose the
default setting
should be OK
Configuration of XFree86
• Configure the
card you used
is the most
important. Be
sure you have
installed the
corresponding
X Server of your
card
Configuration of XFree86
• Configure the
horizontal sync
and vertical sync
of your monitor.
You can find this
information in
your monitor’s
manual
Advanced Configuration of
XFree86
• The XF86Setup actually create a X
configuration file for you at
/etc/XF86Config
• We will take a look on various sections of
this Config file.
Advanced Configuration of
XFree86
• The Pointer section
Section "Pointer"
Protocol
"Microsoft"
Device
"/dev/mouse"
# When using XQUEUE, comment out the above two lines, and uncomment
# the following line.
#
Protocol
"Xqueue"
# Baudrate and SampleRate are only for some Logitech mice
#
#
BaudRate
9600
SampleRate 150
# Emulate3Buttons is an option for 2-button Microsoft mice
# Emulate3Timeout is the timeout in milliseconds (default is 50ms)
Emulate3Buttons
Advanced Configuration of
XFree86
• The Monitor Section
Section "Monitor"
Identifier
VendorName
ModelName
"Eizo"
"Unknown"
"Unknown"
# HorizSync is in kHz unless units are specified.
HorizSync
31.5 - 82.0
# VertRefresh may be a comma separated list of discrete values, or a
VertRefresh 40-150
Advanced Configuration of
XFree86
• The screen section
Section "Screen"
Driver
"accel"
Device
"WinFast S3"
Monitor
"Eizo"
DefaultColorDepth
16
Subsection "Display"
Depth
8
Modes
"640x480" "800x600" "1024x768" "1280x1024"
ViewPort
0 0
EndSubsection
Subsection "Display"
Depth
16
Modes
"1024x768" "800x600"
ViewPort
0 0
Virtual
1024 768
EndSubsection
Advanced Configuration of
XFree86
• See man page of XF86Config
• See README files of separate video
chipsets
Download
Related flashcards
Create Flashcards