Ubuntu 22.04配置NIS服务_ubuntu nis-CSDN博客

本文链接： https://blog.csdn.net/davei1988/article/details/141639252

说明：
ubuntu 22.04 nis服务搭建。

服务端配置

查看系统版本

$ cat /etc/os-release 
PRETTY_NAME="Ubuntu 22.04.4 LTS"
NAME="Ubuntu"
VERSION_ID="22.04"
VERSION="22.04.4 LTS (Jammy Jellyfish)"
VERSION_CODENAME=jammy
ID=ubuntu
ID_LIKE=debian
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
UBUNTU_CODENAME=jammy

安装NIS服务端

$ sudo apt update
$ sudo apt install -y ypserv
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following packages were automatically installed and are no longer required:
  libwpe-1.0-1 libwpebackend-fdo-1.0-1
Use 'sudo apt autoremove' to remove them.
The following additional packages will be installed:
  libnss-nis make nscd rpcbind yp-tools ypbind-mt
Suggested packages:
  make-doc krb5-kdc
The following NEW packages will be installed:
  libnss-nis make nscd rpcbind yp-tools ypbind-mt ypserv
0 upgraded, 7 newly installed, 0 to remove and 28 not upgraded.
Need to get 525 kB of archives.
After this operation, 1,964 kB of additional disk space will be used.
Get:1 https://mirrors.tuna.tsinghua.edu.cn/ubuntu jammy/main amd64 rpcbind amd64 1.2.6-2build1 [46.6 kB]
Get:2 https://mirrors.tuna.tsinghua.edu.cn/ubuntu jammy/main amd64 libnss-nis amd64 3.1-0ubuntu6 [27.3 kB]
Get:3 https://mirrors.tuna.tsinghua.edu.cn/ubuntu jammy/main amd64 make amd64 4.3-4.1build1 [180 kB]
Get:4 https://mirrors.tuna.tsinghua.edu.cn/ubuntu jammy-updates/universe amd64 nscd amd64 2.35-0ubuntu3.8 [83.3 kB]
Get:5 https://mirrors.tuna.tsinghua.edu.cn/ubuntu jammy/universe amd64 ypbind-mt amd64 2.7.2-2 [33.4 kB]
Get:6 https://mirrors.tuna.tsinghua.edu.cn/ubuntu jammy/universe amd64 yp-tools amd64 4.2.3-3 [50.3 kB]
Get:7 https://mirrors.tuna.tsinghua.edu.cn/ubuntu jammy/universe amd64 ypserv amd64 4.1-2 [104 kB]
# 安装ypserv同时安装了rpcbind、libnss-nis、make、nscd、ypbind-mt、yp-tools、ypserv；这些都不需要额外安装了。

$ sudo vim /etc/sysctl.conf 
kernel.domainname = aic.test.ai		# 这里给nis域名

$ sudo reboot		# 重启系统
$ nisdomainname 	# 查看一下nis域名
aic.test.ai

$ sudo vim /etc/defaultdomain
aic.test.ai

$ sudo vim /var/yp/Makefile
# ALL =   passwd group hosts rpc services netid protocols netgrp
ALL =   passwd group hosts netgrp		# 这里根据需求修改nis域管理服务

/usr/lib/yp/ypinit -m

At this point, we have to construct a list of the hosts which will run NIS
servers.  mlc09 is in the list of NIS server hosts.  Please continue to add
the names for the other hosts, one per line.  When you are done with the
list, type a <control D>.
        next host to add:  mlc09
        next host to add:  
The current list of NIS servers looks like this:

mlc09

Is this correct?  [y/n: y]  y
We need a few minutes to build the databases...
Building /var/yp/aic.test.ai/ypservers...
Running /var/yp/Makefile...
gmake[1]: Entering directory '/var/yp/aic.test.ai'
Updating passwd.byname...
failed to send 'clear' to local ypserv: RPC: Program not registeredUpdating passwd.byuid...
failed to send 'clear' to local ypserv: RPC: Program not registeredUpdating group.byname...
failed to send 'clear' to local ypserv: RPC: Program not registeredUpdating group.bygid...
failed to send 'clear' to local ypserv: RPC: Program not registeredUpdating hosts.byname...
failed to send 'clear' to local ypserv: RPC: Program not registeredUpdating hosts.byaddr...
failed to send 'clear' to local ypserv: RPC: Program not registeredUpdating netgroup...
failed to send 'clear' to local ypserv: RPC: Program not registeredUpdating netgroup.byhost...
failed to send 'clear' to local ypserv: RPC: Program not registeredUpdating netgroup.byuser...
failed to send 'clear' to local ypserv: RPC: Program not registeredUpdating shadow.byname...
failed to send 'clear' to local ypserv: RPC: Program not registeredgmake[1]: Leaving directory '/var/yp/aic.test.ai'

mlc09 has been set up as a NIS master server.

Now you can run ypinit -s mlc09 on all slave server.

配置服务启动

cat /lib/systemd/system/ypserv.service 
[Unit]
Description=NIS/YP (Network Information Service) Server
Requires=rpcbind.service
After=network.target rpcbind.service 
Before=ypbind.service

[Service]
Type=forking
PIDFile=/run/ypserv.pid
Environment=YPSERVARGS=
EnvironmentFile=-/etc/default/nis
ExecStartPre=/bin/domainname -F /etc/defaultdomain
ExecStart=/usr/sbin/ypserv $YPSERVARGS

[Install]
WantedBy=multi-user.target

为了方便管理可以自定义服务端端口：856；也可以使用默认端口

$ sudo vim /lib/systemd/system/ypserv.service
Environment=YPSERVARGS="-p 856"

添加到开机启动并启动服务

$ sudo systemctl enable ypserv --now
$ sudo lsof -i |grep ypserv
ypserv    3148            root    5u  IPv4  93227      0t0  UDP *:856 
ypserv    3148            root    6u  IPv4  93232      0t0  TCP *:856 (LISTEN)
ypserv    3148            root    7u  IPv6  93237      0t0  UDP *:857 
ypserv    3148            root    8u  IPv6  93240      0t0  TCP *:857 (LISTEN)

同样yppasswd服务，修改端口号：858；也可以使用默认端口

cat /lib/systemd/system/yppasswdd.service
[Unit]
Description=NIS Users Passwords Change Server
Requires=rpcbind.service
Wants=network-online.target
After=network-online.target rpcbind.service

[Service]
Type=forking
PIDFile=/run/yppasswdd.pid
Environment=YPPASSWDDARGS= YPCHANGEOK=chsh YPPWDDIR=/etc
EnvironmentFile=-/etc/default/nis
ExecStartPre=/bin/domainname -F /etc/defaultdomain
ExecStart=/usr/sbin/rpc.yppasswdd -D $YPPWDDIR -e $YPCHANGEOK $YPPASSWDDARGS

[Install]
WantedBy=multi-user.target

$ sudo vim /lib/systemd/system/yppasswdd.service
Environment=YPPASSWDDARGS="-p 858" YPCHANGEOK=chsh YPPWDDIR=/etc

添加到开机启动并启动服务

$ sudo systemctl enable yppasswdd --now
$ sudo lsof -i | grep yppas
rpc.yppas 3240            root    5u  IPv4  16980      0t0  UDP *:858 
rpc.yppas 3240            root    6u  IPv4  16983      0t0  TCP *:858 (LISTEN)
rpc.yppas 3240            root    7u  IPv6  16986      0t0  UDP *:859 
rpc.yppas 3240            root    8u  IPv6  16989      0t0  TCP *:859 (LISTEN)

客户端配置

$ sudo apt install -y ypbind-mt 
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following additional packages will be installed:
  libnss-nis nscd rpcbind yp-tools
The following NEW packages will be installed:
  libnss-nis nscd rpcbind yp-tools ypbind-mt
0 upgraded, 5 newly installed, 0 to remove and 80 not upgraded.
Need to get 241 kB of archives.
After this operation, 1,081 kB of additional disk space will be used.
Get:1 https://mirrors.tuna.tsinghua.edu.cn/ubuntu jammy/main amd64 rpcbind amd64 1.2.6-2build1 [46.6 kB]
Get:2 https://mirrors.tuna.tsinghua.edu.cn/ubuntu jammy/main amd64 libnss-nis amd64 3.1-0ubuntu6 [27.3 kB]
Get:3 https://mirrors.tuna.tsinghua.edu.cn/ubuntu jammy-updates/universe amd64 nscd amd64 2.35-0ubuntu3.8 [83.3 kB]
Get:4 https://mirrors.tuna.tsinghua.edu.cn/ubuntu jammy/universe amd64 ypbind-mt amd64 2.7.2-2 [33.4 kB]
Get:5 https://mirrors.tuna.tsinghua.edu.cn/ubuntu jammy/universe amd64 yp-tools amd64 4.2.3-3 [50.3 kB]

$ sudo vim /etc/defaultdomain
aic.test.ai

$ sudo vim /etc/yp.conf
domain aic.test.ai server 192.168.13.68

$ sudo systemctl enable ypbind --now

$ sudo vim /etc/nsswitch.conf
passwd:         files systemd nis
group:          files systemd nis
shadow:         files nis
gshadow:        files

hosts:          files nis mdns4_minimal [NOTFOUND=return] dns
networks:       files

protocols:      db files
services:       db files
ethers:         db files
rpc:            db files

netgroup:       nis