A recent ftp_server threat accellerated my upgrade from Slackware 11.0 to Slackware 12.1. The first problem was that the eth0 and eth1 cards got swapped by udev, which caused me to spend some time trying to figure out why my ISP would not respond to dhcp client requests on my LAN.

The second problem was that while NIS worked fine under 11.0, it did not work under 12.1. I've spent a week googling, reading man pages, tangential forum posts, and lots of unanswered posts by similarily aflicted people.

The Slackware NIS mini howto was my starting guide. What I ended up doing was similar EXECPT:

-The Slackware rc.yp script didn't work, out of the box, for the server.

Here's how I got it to work...which may not be exactly right, but it appears to work:

1. set nisdomainname

2. verify that securenets has 255.255.255.0 for 127.0.0.1 (localhost)

3. start ypbind [noone's instructions called for the server to start ypbind]

4. run the rc.yp script:

sh /etc/rc.d/rc.yp

5. run ypinit:

/usr/lib/yp/ypinit -m

<do the dialog verifyiing your server>


At this point, the clients recognize the server.


Hope this helps the next guy, so that he doesn't have to spend 25 or 30 hours researching, and perhaps ultimately just brute force experimenting, to get things working. Doing so creates such a feeling of ineptitude.

Finally, if someone can provide better guidance, please do. I am unconvinced that I understand the reasons why NIS behances the way it does. I thought there was something not working right with portmapper, iptables and stuff like that, preventing the clients from contacting the server.

Hello, have your read the /etc/rc.d/rc.yp script ?

All commands are commented! It sure can't work as this!
If you take a little time to read the script, it seems that the NIS server and client configuration is explained in the script comments

I absolutely read the script, and found that it didn't work for me with 12.1. That's why I made the post I made.

The script for 11.0 is essentially identical, and yp /nis worked there without any hitches.

My posting outlines the deviations from rc.yp, which included adding ypbind and ypinit -m.

This is the way I configured NIS on my local network:

First of all, you can choose to use the /etc/yp.conf to configure the address of your NIS server, or you can use the default broadcast method.
Using broadcast won't work if you have a router, nat or firewall separating different computers.

Second, you need to choose a name for your NIS-domain. This does not have to be (and actually should not be for security reasons) your DNS domain.

A - On your server:

1) Edit /etc/yp.conf with this line:
2) Edit in /etc/nsswitch.conf the lines that define the order for looking up users and groups:
3) Edit /var/yp/securenets to define your local network, for example:
4) Set your nis-domainname:
5) Edit in /var/yp/Makefile the following lines:
6) Now you have to uncomment some lines in /etc/rc.d/rc.yp so that it actually does something:
7) Make /etc/rc.d/rc.yp executable if it is not already:
8) Make /etc/rc.c/rc.rpc executable so that yp can use portmapping:
9) Start rpc & yp:
10) Build the NIS databases:
11) Check if ypbind is listening to clients:
(Should show something like "100007 ready and waiting")

12) Everytime you add a new user or group, rebuild the yp databases with "make -c /var/yp". You can add this line to the end of the useradd script etc.

B - On your clients:

1) If you cannot use broadcast, edit /etc/yp.conf with this line:
2) Edit in /etc/nsswitch.conf the lines that define the order for looking up users and groups and hosts:
3) Set your nis-domainname:
4) Now you have to uncomment some lines in /etc/rc.d/rc.yp so that it actually does something:
*NOTE*: Remove -broadcast (2x) if you're behind a router, NAT, etc.

5) Make /etc/rc.d/rc.yp executable if it is not already:
6) Make /etc/rc.c/rc.rpc executable so that yp can use portmapping:
7) Start rpc & yp:
8) Modify your passwd / group and the two shadow files:
(Not including these ":" can give you some problems with kde sessions I noticed the hard way...)

9) Check if ypbind is listening to clients:
(Should show something like "100007 ready and waiting")

10) Test if your NIS client is communicating with your NIS server:
This should show you all common users on your NIS server. (That's one reason why NIS is insecure...)

C - More information:
Check out http://tldp.org/HOWTO/NIS-HOWTO/index.html

Happy Slacking!