Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
i got a doubt in setting up sudoers in an NIS environment. It goes as below:
* I have a NIS server [for ex.192.168.0.10] with ypserv configured and /home exported through NFS.
* I also have an NIS client [for ex. 192.168.0.11] which is authenticated to the NIS server and its home directory auto mounted from the NIS Server's NFS share.
* The NIS users are able to login into the NIS client both graphically as well as through ssh.
Now i hava a question:
* I have configured the sudoers file in the "NIS Server" as follows:
Code:
user1 192.168.0.11 = (ALL) ALL
where user1 is an NIS user. The above configuration says that the user user1 can execute any command as any user on the machine 192.168.0.11 i.e., our NIS client.
* But when I login as user1 on the NIS client i am not able to use the sudo privilege.All I get is "user1 is not in the sudoers file. This incident will be reported."
Please advice,so that I can configure sudo for NIS environment. I hope my question is clear.
Try the manual here: http://www.sudo.ws/sudo/man/sudoers.html
I think(??) it implies that you'd have to be on the NIS server (as that user) to run the cmd on the client, but I don't understand how it does that ie what protocol does it connect with??
Need a real sudo expert here....
I've only ever used it in 'local' mode.
You can configure Make file to export sudoers file and export it using nfs
Hi Sridhar!
While looking at your issue one of my co-worker suggested that this can be done by making some changes under Make file (that means before executing Make to prepare the NIS server).
You may have to tweak Make file so that it exports "/etc/sudoers" file from NIS server and then add an entry like "sudoers: nis" under all client's "/etc/nsswitch" file, so that whenever a user tries to use sudo access then it finds exported sudoers file.
We haven't tried this but this shall work as we have done some other things similiar to this.
As per our discussion,I tuned my Makefile to contain sudoers, and re-configured the NIS server. It dint gave any errors. Then i re-configured my NIS Client to get authenticated to this NIS server and tried the sudoers stuff.. it didnt work out .
I am pasting my Makefile,Please correct me if i have configured anything wrong.
Code:
#
# This Makefile can be modified to support more NIS maps if desired.
#
# Set the following variable to "-b" to have NIS servers use the domain
# name resolver for hosts not in the current domain. This is only needed,
# if you have SunOS slave YP server, which gets here maps from this
# server. The NYS YP server will ignore the YP_INTERDOMAIN key.
#B=-b
B=
# If we have only one server, we don't have to push the maps to the
# slave servers (NOPUSH=true). If you have slave servers, change this
# to "NOPUSH=false" and put all hostnames of your slave servers in the file
# /var/yp/ypservers.
NOPUSH=true
# We do not put password entries with lower UIDs (the root and system
# entries) in the NIS password database, for security. MINUID is the
# lowest uid that will be included in the password maps. If you
# create shadow maps, the UserID for a shadow entry is taken from
# the passwd file. If no entry is found, this shadow entry is
# ignored.
# MINGID is the lowest gid that will be included in the group maps.
MINUID=500
MINGID=500
# Don't export this uid/guid (nfsnobody).
# Set to 0 if you want to
NFSNOBODYUID=65534
NFSNOBODYGID=65534
# Should we merge the passwd file with the shadow file ?
# MERGE_PASSWD=true|false
MERGE_PASSWD=true
# Should we merge the group file with the gshadow file ?
# MERGE_GROUP=true|false
MERGE_GROUP=true
# These are commands which this Makefile needs to properly rebuild the
# NIS databases. Don't change these unless you have a good reason.
AWK = /bin/gawk
MAKE = /usr/bin/gmake
UMASK = umask 066
#
# These are the source directories for the NIS files; normally
# that is /etc but you may want to move the source for the password
# and group files to (for example) /var/yp/ypfiles. The directory
# for passwd, group and shadow is defined by YPPWDDIR, the rest is
# taken from YPSRCDIR.
#
YPSRCDIR = /etc
YPPWDDIR = /etc
YPBINDIR = /usr/lib/yp
YPSBINDIR = /usr/sbin
YPDIR = /var/yp
YPMAPDIR = $(YPDIR)/$(DOMAIN)
# These are the files from which the NIS databases are built. You may edit
# these to taste in the event that you wish to keep your NIS source files
# seperate from your NIS server's actual configuration files.
#
GROUP = $(YPPWDDIR)/group
PASSWD = $(YPPWDDIR)/passwd
SHADOW = $(YPPWDDIR)/shadow
GSHADOW = $(YPPWDDIR)/gshadow
ADJUNCT = $(YPPWDDIR)/passwd.adjunct
#ALIASES = $(YPSRCDIR)/aliases # aliases could be in /etc or /etc/mail
ALIASES = /etc/aliases
ETHERS = $(YPSRCDIR)/ethers # ethernet addresses (for rarpd)
BOOTPARAMS = $(YPSRCDIR)/bootparams # for booting Sun boxes (bootparamd)
HOSTS = $(YPSRCDIR)/hosts
SUDOERS = $(YPSRCDIR)/sudoers
NETWORKS = $(YPSRCDIR)/networks
PRINTCAP = $(YPSRCDIR)/printcap
PROTOCOLS = $(YPSRCDIR)/protocols
PUBLICKEYS = $(YPSRCDIR)/publickey
RPC = $(YPSRCDIR)/rpc
SERVICES = $(YPSRCDIR)/services
NETGROUP = $(YPSRCDIR)/netgroup
NETID = $(YPSRCDIR)/netid
AMD_HOME = $(YPSRCDIR)/amd.home
AUTO_MASTER = $(YPSRCDIR)/auto.master
AUTO_HOME = $(YPSRCDIR)/auto.home
AUTO_LOCAL = $(YPSRCDIR)/auto.local
TIMEZONE = $(YPSRCDIR)/timezone
LOCALE = $(YPSRCDIR)/locale
NETMASKS = $(YPSRCDIR)/netmasks
YPSERVERS = $(YPDIR)/ypservers # List of all NIS servers for a domain
target: Makefile
@test ! -d $(LOCALDOMAIN) && mkdir $(LOCALDOMAIN) ; \
cd $(LOCALDOMAIN) ; \
$(NOPUSH) || $(MAKE) -f ../Makefile ypservers; \
$(MAKE) -f ../Makefile all
# If you don't want some of these maps built, feel free to comment
# them out from this list.
all: passwd group hosts shadow rpc services netid protocols mail sudoers \
# netgrp shadow publickey networks ethers bootparams printcap \
# amd.home auto.master auto.home auto.local passwd.adjunct \
# timezone locale netmasks
########################################################################
# #
# DON'T EDIT ANYTHING BELOW IF YOU DON'T KNOW WHAT YOU ARE DOING !!! #
# #
########################################################################
DBLOAD = $(YPBINDIR)/makedbm -c -m `$(YPBINDIR)/yphelper --hostname`
MKNETID = $(YPBINDIR)/mknetid
YPPUSH = $(YPSBINDIR)/yppush
MERGER = $(YPBINDIR)/yphelper
DOMAIN = `basename \`pwd\``
LOCALDOMAIN = `/bin/domainname`
REVNETGROUP = $(YPBINDIR)/revnetgroup
CREATE_PRINTCAP = $(YPBINDIR)/create_printcap
ethers: ethers.byname ethers.byaddr
hosts: hosts.byname hosts.byaddr
networks: networks.byaddr networks.byname
protocols: protocols.bynumber protocols.byname
rpc: rpc.byname rpc.bynumber
services: services.byname services.byservicename
passwd: passwd.byname passwd.byuid
sudoers: sudoers.byname sudoers.byuid
group: group.byname group.bygid
shadow: shadow.byname
passwd.adjunct: passwd.adjunct.byname
netid: netid.byname
netgrp: netgroup netgroup.byhost netgroup.byuser
publickey: publickey.byname
mail: mail.aliases
timezone: timezone.byname
locale: locale.byname
netmasks: netmasks.byaddr
ypservers: $(YPSERVERS) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(AWK) '{ if ($$1 != "" && $$1 !~ "#") print $$0"\t"$$0 }' \
$(YPSERVERS) | $(DBLOAD) -i $(YPSERVERS) -o $(YPMAPDIR)/$@ - $@
-@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
$(YPSERVERS):
@echo -n "Generating $*..."
@uname -n > $(YPSERVERS)
bootparams: $(BOOTPARAMS) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(AWK) '{ if ($$1 != "" && $$1 !~ "#" && $$1 != "+") \
print $$0 }' $(BOOTPARAMS) | $(DBLOAD) -r -i $(BOOTPARAMS) \
-o $(YPMAPDIR)/$@ - $@
-@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
ethers.byname: $(ETHERS) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(AWK) '{ if ($$1 != "" && $$1 !~ "#" && $$1 != "+") \
print $$2"\t"$$0 }' $(ETHERS) | $(DBLOAD) -r -i $(ETHERS) \
-o $(YPMAPDIR)/$@ - $@
-@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
ethers.byaddr: $(ETHERS) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(AWK) '{ if ($$1 != "" && $$1 !~ "#" && $$1 != "+") \
print $$1"\t"$$0 }' $(ETHERS) | $(DBLOAD) -r -i $(ETHERS) \
-o $(YPMAPDIR)/$@ - $@
-@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
netgroup: $(NETGROUP) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(AWK) '{ if ($$1 != "" && $$1 !~ "#" && $$1 != "+") \
print $$0 }' $(NETGROUP) | $(DBLOAD) -i $(NETGROUP) \
-o $(YPMAPDIR)/$@ - $@
-@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
netgroup.byhost: $(NETGROUP) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(REVNETGROUP) -h < $(NETGROUP) | $(DBLOAD) -i $(NETGROUP) \
-o $(YPMAPDIR)/$@ - $@
-@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
netgroup.byuser: $(NETGROUP) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(REVNETGROUP) -u < $(NETGROUP) | $(DBLOAD) -i $(NETGROUP) \
-o $(YPMAPDIR)/$@ - $@
-@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
hosts.byname: $(HOSTS) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(AWK) '/^[0-9]/ { for (n=2; n<=NF && $$n !~ "#"; n++) \
print $$n"\t"$$0 }' $(HOSTS) | $(DBLOAD) -r $(B) -l \
-i $(HOSTS) -o $(YPMAPDIR)/$@ - $@
-@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
hosts.byaddr: $(HOSTS) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(AWK) '{ if ($$1 !~ "#" && $$1 != "") print $$1"\t"$$0 }' \
$(HOSTS) | $(DBLOAD) -r $(B) -i $(HOSTS) -o $(YPMAPDIR)/$@ - $@
-@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
networks.byname: $(NETWORKS) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(AWK) '{ if($$1 !~ "#" && $$1 != "") { print $$1"\t"$$0; \
for (n=3; n<=NF && $$n !~ "#"; n++) print $$n"\t"$$0 \
}}' $(NETWORKS) | $(DBLOAD) -r -i $(NETWORKS) \
-o $(YPMAPDIR)/$@ - $@
-@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
networks.byaddr: $(NETWORKS) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(AWK) '{ if ($$1 !~ "#" && $$1 != "") print $$2"\t"$$0 }' \
$(NETWORKS) | $(DBLOAD) -r -i $(NETWORKS) \
-o $(YPMAPDIR)/$@ - $@
-@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
protocols.byname: $(PROTOCOLS) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(AWK) '{ if ($$1 !~ "#" && $$1 != "") { print $$1"\t"$$0; \
for (n=3; n<=NF && $$n !~ "#"; n++) \
print $$n"\t"$$0}}' $(PROTOCOLS) | $(DBLOAD) -r -i \
$(PROTOCOLS) -o $(YPMAPDIR)/$@ - $@
-@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
protocols.bynumber: $(PROTOCOLS) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(AWK) '{ if ($$1 !~ "#" && $$1 != "") print $$2"\t"$$0 }' \
$(PROTOCOLS) | $(DBLOAD) -r -i $(PROTOCOLS) \
-o $(YPMAPDIR)/$@ - $@
-@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
rpc.byname: $(RPC) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(AWK) '{ if ($$1 !~ "#" && $$1 != "") { print $$1"\t"$$0; \
for (n=3; n<=NF && $$n !~ "#"; n++) print $$n"\t"$$0 \
}}' $(RPC) | $(DBLOAD) -r -i $(RPC) -o $(YPMAPDIR)/$@ - $@
-@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
rpc.bynumber: $(RPC) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(AWK) '{ if ($$1 !~ "#" && $$1 != "") print $$2"\t"$$0 }' $(RPC) \
| $(DBLOAD) -r -i $(RPC) -o $(YPMAPDIR)/$@ - $@
-@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
services.byname: $(SERVICES) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(AWK) '{ if ($$1 !~ "#" && $$1 != "") print $$2"\t"$$0 }' \
$(SERVICES) | $(DBLOAD) -r -i $(SERVICES) \
-o $(YPMAPDIR)/$@ - $@
-@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
services.byservicename: $(SERVICES) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(AWK) '{ if ($$1 !~ "#" && $$1 != "") { \
split($$2,A,"/") ; TMP = "/" A[2] ; \
print $$1 TMP"\t"$$0 ; \
if (! seen[$$1]) { seen[$$1] = 1 ; print $$1"\t"$$0 ; } \
for (N = 3; N <= NF && $$N !~ "#" ; N++) { \
if ($$N !~ "#" && $$N != "") print $$N TMP"\t"$$0 ; \
if (! seen[$$N]) { seen[$$N] = 1 ; print $$N"\t"$$0 ; } \
} } } ' \
$(SERVICES) | $(DBLOAD) -r -i $(SERVICES) \
-o $(YPMAPDIR)/$@ - $@
-@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
ifeq (x$(MERGE_PASSWD),xtrue)
passwd.byname: $(PASSWD) $(SHADOW) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(UMASK); \
$(MERGER) -p $(PASSWD) $(SHADOW) | \
$(AWK) -F: '!/^[-+#]/ { if ($$1 != "" && $$3 >= $(MINUID) && $$3 != $(NFSNOBODYUID) ) \
print $$1"\t"$$0 }' | $(DBLOAD) -i $(PASSWD) \
-o $(YPMAPDIR)/$@ - $@
-@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
passwd.byuid: $(PASSWD) $(SHADOW) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(UMASK); \
$(MERGER) -p $(PASSWD) $(SHADOW) | \
$(AWK) -F: '!/^[-+#]/ { if ($$1 != "" && $$3 >= $(MINUID) && $$3 != $(NFSNOBODYUID) ) \
print $$3"\t"$$0 }' | $(DBLOAD) -i $(PASSWD) \
-o $(YPMAPDIR)/$@ - $@
-@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
sudoers.byname: $(SUDOERS) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(UMASK); \
$(AWK) -F: '!/^[-+#]/ { if ($$1 != "" && $$3 >= $(MINUID) && $$3 != $(NFSNOBODYUID) ) \
print $$1"\t"$$0 }' $(SUDOERS) | $(DBLOAD) -i $(SUDOERS) \
-o $(YPMAPDIR)/$@ - $@
-@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
sudoers.byuid: $(SUDOERS) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(UMASK); \
$(AWK) -F: '!/^[-+#]/ { if ($$1 != "" && $$3 >= $(MINUID) && $$3 != $(NFSNOBODYUID) ) \
print $$3"\t"$$0 }' $(SUDOERS) | $(DBLOAD) -i $(SUDOERS) \
-o $(YPMAPDIR)/$@ - $@
-@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
# Don't build a shadow map !
shadow.byname:
@echo "Updating $@... Ignored -> merged with passwd"
else
passwd.byname: $(PASSWD) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(UMASK); \
$(AWK) -F: '!/^[-+#]/ { if ($$1 != "" && $$3 >= $(MINUID) && $$3 != $(NFSNOBODYUID) ) \
print $$1"\t"$$0 }' $(PASSWD) | $(DBLOAD) -i $(PASSWD) \
-o $(YPMAPDIR)/$@ - $@
-@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
passwd.byuid: $(PASSWD) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(UMASK); \
$(AWK) -F: '!/^[-+#]/ { if ($$1 != "" && $$3 >= $(MINUID) && $$3 != $(NFSNOBODYUID) ) \
print $$3"\t"$$0 }' $(PASSWD) | $(DBLOAD) -i $(PASSWD) \
-o $(YPMAPDIR)/$@ - $@
-@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
shadow.byname: $(SHADOW) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(UMASK); \
$(AWK) -F: '{ if (FILENAME ~ /shadow$$/) { \
if (UID[$$1] >= $(MINUID) && UID[$$1] != $(NFSNOBODYUID)) print $$1"\t"$$0; \
} else UID[$$1] = $$3; }' $(PASSWD) $(SHADOW) \
| $(DBLOAD) -s -i $(SHADOW) -o $(YPMAPDIR)/$@ - $@
-@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
endif
passwd.adjunct.byname: $(ADJUNCT) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(UMASK); \
$(AWK) -F: '!/^[-+#]/ { if ($$1 != "" ) print $$1"\t"$$0 }' \
$(ADJUNCT) | $(DBLOAD) -s -i $(ADJUNCT) -o $(YPMAPDIR)/$@ - $@
@chmod 700 $(YPDIR)/$(DOMAIN)/$@*
-@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
ifeq (x$(MERGE_GROUP),xtrue)
group.byname: $(GROUP) $(GSHADOW) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(UMASK); \
$(MERGER) -g $(GROUP) $(GSHADOW) | \
$(AWK) -F: '!/^[-+#]/ { if ($$1 != "" && $$3 >= $(MINGID) && $$3 != $(NFSNOBODYGID) ) \
print $$1"\t"$$0 }' | $(DBLOAD) -i $(GROUP) -o $(YPMAPDIR)/$@ - $@
-@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
group.bygid: $(GROUP) $(GSHADOW) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(UMASK); \
$(MERGER) -g $(GROUP) $(GSHADOW) | \
$(AWK) -F: '!/^[-+#]/ { if ($$1 != "" && $$3 >= $(MINGID) && $$3 != $(NFSNOBODYGID) ) \
print $$3"\t"$$0 }' | $(DBLOAD) -i $(GROUP) -o $(YPMAPDIR)/$@ - $@
-@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
else
group.byname: $(GROUP) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(UMASK); \
$(AWK) -F: '!/^[-+#]/ { if ($$1 != "" && $$3 >= $(MINGID) && $$3 != $(NFSNOBODYGID) ) \
print $$1"\t"$$0 }' $(GROUP) \
| $(DBLOAD) -i $(GROUP) -o $(YPMAPDIR)/$@ - $@
-@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
group.bygid: $(GROUP) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(UMASK); \
$(AWK) -F: '!/^[-+#]/ { if ($$1 != "" && $$3 >= $(MINGID) && $$3 != $(NFSNOBODYGID) ) \
print $$3"\t"$$0 }' $(GROUP) \
| $(DBLOAD) -i $(GROUP) -o $(YPMAPDIR)/$@ - $@
-@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
endif
$(NETID):
netid.byname: $(GROUP) $(PASSWD) $(HOSTS) $(NETID) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(MKNETID) -q -p $(PASSWD) -g $(GROUP) -h $(HOSTS) -d $(DOMAIN) \
-n $(NETID) | $(DBLOAD) -o $(YPMAPDIR)/$@ - $@
-@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
mail.aliases: $(ALIASES) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(AWK) '{ \
if ($$1 ~ "^#.*") \
next; \
if ($$1 == "" || $$1 == "+") { \
if (line != "") \
{print line; line = "";} \
next; \
} \
if ($$0 ~ /^[[:space:]]/) \
line = line $$0; \
else { \
if (line != "") \
{print line; line = "";} \
line = $$0; \
} \
} \
END {if (line != "") print line}' \
$(ALIASES) | $(DBLOAD) --aliases \
-i $(ALIASES) -o $(YPMAPDIR)/$@ - $@
-@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
publickey.byname: $(PUBLICKEYS) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(AWK) '{ if($$1 !~ "#" && $$1 != "") { print $$1"\t"$$2 }}' \
$(PUBLICKEYS) | $(DBLOAD) -i $(PUBLICKEYS) \
-o $(YPMAPDIR)/$@ - $@
@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
printcap: $(PRINTCAP) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(CREATE_PRINTCAP) < $(PRINTCAP) | \
$(DBLOAD) -i $(PRINTCAP) -o $(YPMAPDIR)/$@ - $@
@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
auto.master: $(AUTO_MASTER) $(YPDIR)/Makefile
@echo "Updating $@..."
-@sed -e "/^#/d" -e s/#.*$$// $(AUTO_MASTER) | $(DBLOAD) \
-i $(AUTO_MASTER) -o $(YPMAPDIR)/$@ - $@
-@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
auto.home: $(AUTO_HOME) $(YPDIR)/Makefile
@echo "Updating $@..."
-@sed -e "/^#/d" -e s/#.*$$// $(AUTO_HOME) | $(DBLOAD) \
-i $(AUTO_HOME) -o $(YPMAPDIR)/$@ - $@
-@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
auto.local: $(AUTO_LOCAL) $(YPDIR)/Makefile
@echo "Updating $@..."
-@sed -e "/^#/d" -e s/#.*$$// $(AUTO_LOCAL) | $(DBLOAD) \
-i $(AUTO_LOCAL) -o $(YPMAPDIR)/$@ - $@
-@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
amd.home: $(AMD_HOME) $(YPDIR)/Makefile
@echo "Updating $@..."
-@sed -e "s/#.*$$//" -e "/^$$/d" $(AMD_HOME) | \
$(AWK) '{\
for (i = 1; i <= NF; i++)\
if (i == NF) { \
if (substr($$i, length($$i), 1) == "\\") \
printf("%s", substr($$i, 1, length($$i) -1)); \
else \
printf("%s\n",$$i); \
} \
else \
printf("%s ",$$i);\
}' | $(DBLOAD) -i $(AMD_HOME) -o $(YPMAPDIR)/$@ - $@
-@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
timezone.byname: $(TIMEZONE) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(AWK) '{ if ($$1 != "" && $$1 !~ "#") \
print $$2"\t"$$0 }' $(TIMEZONE) | $(DBLOAD) \
-r -i $(TIMEZONE) -o $(YPMAPDIR)/$@ - $@
-@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
locale.byname: $(LOCALE) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(AWK) '{ if ($$1 != "" && $$1 !~ "#") \
print $$2"\t"$$0"\n"$$1"\t"$$2"\t"$$1 }' $(LOCALE) | $(DBLOAD) \
-r -i $(LOCALE) -o $(YPMAPDIR)/$@ - $@
-@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
netmasks.byaddr: $(NETMASKS) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(AWK) '{ if ($$1 != "" && $$1 !~ "#") \
print $$1"\t"$$2 }' $(NETMASKS) | $(DBLOAD) \
-r -i $(NETMASKS) -o $(YPMAPDIR)/$@ - $@
-@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
And here is my nsswitch.conf in NIS client.
Code:
#
# /etc/nsswitch.conf
#
# An example Name Service Switch config file. This file should be
# sorted with the most-used services at the beginning.
#
# The entry '[NOTFOUND=return]' means that the search for an
# entry should stop if the search in the previous entry turned
# up nothing. Note that if the search failed due to some other reason
# (like no NIS server responding) then the search continues with the
# next entry.
#
# Legal entries are:
#
# compat Use compatibility setup
# nisplus Use NIS+ (NIS version 3)
# nis Use NIS (NIS version 2), also called YP
# dns Use DNS (Domain Name Service)
# files Use the local files
# [NOTFOUND=return] Stop searching if not found so far
#
# For more information, please read the nsswitch.conf.5 manual page.
#
# passwd: files nis
# shadow: files nis
# group: files nis
passwd: compat
group: compat
sudoers: nis
hosts: files dns
networks: files dns
services: files nis
protocols: files
rpc: files
ethers: files
netmasks: files
netgroup: nis
publickey: files
bootparams: files
automount: files
aliases: files nis
shadow: compat
In Ubuntu 14.04 , one thing I found is that if you are synchronizing your /etc/group file with the GUID less than 1000, you can add the user to the "sudo" and "adm" /etc/group file on the master, and then push it out to the slaves with: sudo -C make /var/yp .
This obviously only works for the ALL category in the sudoers file so be careful who you trust.
From https://help.ubuntu.com/community/SettingUpNISHowTo
***********
7. Edit /var/yp/Makefile and read the instructions. It probably won't need a lot of modification. The only thing I changed was the MINGID line so that the group memberships would be propagated across the domain. I set it to 1. (the default is GUID 1000)
***********
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
. 
