LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 07-12-2019, 01:43 PM   #1
james000
Member
 
Registered: Sep 2018
Posts: 143

Rep: Reputation: 2
NIS broke on RHEL


Hi,
I have NIS running on RHEL 7.2. One server is master, where we make all changes and add/delete and other one is slave. Suddenly few users are not able to login on few clients. I am not able to figure out, what caused it..
I observed, if I make any change in passwd or netgroup and then run 'make' to replicate, it throws error. I restarted ypserv, but no luck. Seems like some corruption, but I am not sure, how to fix it.
Clients, who are supposed to get authentication from master-server-prod, are also not able to login.
Code:
[root@master-server-prod /]# ypwhich
master-server-prod
[root@master-server-prod /]# cat /var/yp/ypservers
master-server-prod
slave-server-prod
[root@master-server-prod /]# service ypserv status
Redirecting to /bin/systemctl status  ypserv.service
â ypserv.service - NIS/YP (Network Information Service) Server
   Loaded: loaded (/usr/lib/systemd/system/ypserv.service; enabled; vendor preset: disabled)
   Active: active (running) since Thu 2019-07-11 15:25:16 PDT; 20h ago
 Main PID: 32764 (ypserv)
   Status: "Processing requests..."
   CGroup: /system.slice/ypserv.service
           ââ32764 /usr/sbin/ypserv -f

Jul 11 15:25:16 master-server-prod systemd[1]: Starting NIS/YP (Network Information Service) Server...
Jul 11 15:25:16 master-server-prod ypserv[32764]: WARNING: no securenets file found!
Jul 11 15:25:16 master-server-prod systemd[1]: Started NIS/YP (Network Information Service) Server.
[root@master-server-prod /]# cd /var/yp
[root@master-server-prod yp]# vi maps/passwd
[root@master-server-prod yp]#
[root@master-server-prod yp]# make
gmake[1]: Entering directory `/var/yp/abc.def.com'
gmake[1]: `ypservers' is up to date.
gmake[1]: Leaving directory `/var/yp/abc.def.com'
gmake[1]: Entering directory `/var/yp/abc.def.com'
Updating netgroup...
makedbm: warning: malformed input data (ignored)
makedbm: warning: malformed input data (ignored)
netgroup->slave-server-prod: Callback timed out
gmake[1]: Leaving directory `/var/yp/abc.def.com'
[root@master-server-prod yp]#
Please suggest

Thanks

Last edited by james000; 07-12-2019 at 01:44 PM.
 
Old 07-12-2019, 01:58 PM   #2
MensaWater
LQ Guru
 
Registered: May 2005
Location: Atlanta Georgia USA
Distribution: Redhat (RHEL), CentOS, Fedora, CoreOS, Debian, FreeBSD, HP-UX, Solaris, SCO
Posts: 7,831
Blog Entries: 15

Rep: Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669
It's been a while since I used NIS but your mention of master and slave reminded me that we'd seen outages caused when someone did the push from the slave rather than the master. This was because the slave is serving its copies of files from the master rather than its own files whereas the master serves the originals it has. The push from the master resends all the files with all the details whereas the push from the slave sends only its own files with significantly less detail.

Were you doing the update from the master or from the slave?

Your question may be "Why is there a slave if what you said is true?". The answer is the slave is serving all the detail because it was already pushed to it by the master. It can answer the questions clients ask but it doesn't have the raw data to recreate the data if it is mistakenly used to push.

P.S. At the job where we had this issue they quit using NIS because one admin made the mistake over and over. A more reasonable approach would have been to fire him IMHO.
 
Old 07-12-2019, 02:10 PM   #3
james000
Member
 
Registered: Sep 2018
Posts: 143

Original Poster
Rep: Reputation: 2
So far, I was able to see any make command in history of salve, if I assume that it can be human error by some admin.
As per our process, we are always supposed to run make from master only. In above description, as you see, I ran 'make' from master-server-prod, which is our master server. I tried to search error "netgroup->slave-server-prod: Callback timed out" on internet, but I am not getting much clue, if this is indicating something.
 
Old 07-12-2019, 02:23 PM   #4
MensaWater
LQ Guru
 
Registered: May 2005
Location: Atlanta Georgia USA
Distribution: Redhat (RHEL), CentOS, Fedora, CoreOS, Debian, FreeBSD, HP-UX, Solaris, SCO
Posts: 7,831
Blog Entries: 15

Rep: Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669
Search instead for just:
netgroup-> Callback timed out

Presumably "slave-server-prod" is the name of your slave server rather than a generic output so it should be excluded from web searches.

If you do the search without "slave-server-prod" you'll see a fair number of hits.
 
Old 07-12-2019, 02:58 PM   #5
james000
Member
 
Registered: Sep 2018
Posts: 143

Original Poster
Rep: Reputation: 2
Quote:
Originally Posted by MensaWater View Post
Search instead for just:
netgroup-> Callback timed out

Presumably "slave-server-prod" is the name of your slave server rather than a generic output so it should be excluded from web searches.

If you do the search without "slave-server-prod" you'll see a fair number of hits.
Yes, that was my bad.
One solution suggests to tun ypinit and I did it from slave. Even though ypxfrd is running on salve as well on master, it is showing error

Code:
[root@slave-server-prod ~]# /usr/lib64/yp/ypinit -s master-server-prod
We will need a few minutes to copy the data from master-server-prod.
Transferring netgroup...
Trying ypxfrd ... not running

YPXFR: RPC: Port mapper failure - RPC: Timed out
ypxfr: RPC failure talking to server
Transferring group.bygid...
Trying ypxfrd ...^C
[root@slave-server-prod ~]# rpcinfo
   program version netid     address                service    owner
    100000    4    tcp6      ::.0.111               portmapper superuser
    100000    3    tcp6      ::.0.111               portmapper superuser
    100000    4    udp6      ::.0.111               portmapper superuser
    100000    3    udp6      ::.0.111               portmapper superuser
    100000    4    tcp       0.0.0.0.0.111          portmapper superuser
    100000    3    tcp       0.0.0.0.0.111          portmapper superuser
    100000    2    tcp       0.0.0.0.0.111          portmapper superuser
    100000    4    udp       0.0.0.0.0.111          portmapper superuser
    100000    3    udp       0.0.0.0.0.111          portmapper superuser
    100000    2    udp       0.0.0.0.0.111          portmapper superuser
    100000    4    local     /var/run/rpcbind.sock  portmapper superuser
    100000    3    local     /var/run/rpcbind.sock  portmapper superuser
    100009    1    udp       0.0.0.0.3.219          yppasswdd  superuser
    100007    2    udp       0.0.0.0.3.89           ypbind     superuser
    100007    1    udp       0.0.0.0.3.89           ypbind     superuser
    100007    2    tcp       0.0.0.0.3.92           ypbind     superuser
    100007    1    tcp       0.0.0.0.3.92           ypbind     superuser
    100004    2    udp       0.0.0.0.3.151          ypserv     superuser
    100004    1    udp       0.0.0.0.3.151          ypserv     superuser
    100004    2    tcp       0.0.0.0.3.154          ypserv     superuser
    100004    1    tcp       0.0.0.0.3.154          ypserv     superuser
 600100069    1    udp       0.0.0.0.3.204          fypxfrd    superuser
 600100069    1    tcp       0.0.0.0.3.206          fypxfrd    superuser
[root@slave-server-prod ~]#
[root@slave-server-prod ~]# service ypxfrd status
Redirecting to /bin/systemctl status  ypxfrd.service
â ypxfrd.service - NIS/YP (Network Information Service) Maps Transferring Accelerator
   Loaded: loaded (/usr/lib/systemd/system/ypxfrd.service; enabled; vendor preset: disabled)
   Active: active (running) since Fri 2019-07-12 12:49:29 PDT; 5min ago
 Main PID: 25387 (rpc.ypxfrd)
   Status: "Processing requests..."
   CGroup: /system.slice/ypxfrd.service
           ââ25387 /usr/sbin/rpc.ypxfrd -f

Jul 12 12:49:29 slave-server-prod systemd[1]: Starting NIS/YP (Network Information Service) Maps Transferring Accelerator...
Jul 12 12:49:29 slave-server-prod rpc.ypxfrd[25387]: WARNING: no securenets file found!
Jul 12 12:49:29 slave-server-prod systemd[1]: Started NIS/YP (Network Information Service) Maps Transferring Accelerator.
[root@slave-server-prod ~]#

MASTER :-

[root@master-server-prod ~]# service ypxfrd status
Redirecting to /bin/systemctl status  ypxfrd.service
â ypxfrd.service - NIS/YP (Network Information Service) Maps Transferring Accelerator
   Loaded: loaded (/usr/lib/systemd/system/ypxfrd.service; enabled; vendor preset: disabled)
   Active: active (running) since Fri 2019-07-12 12:51:02 PDT; 2min 19s ago
 Main PID: 24092 (rpc.ypxfrd)
   Status: "Processing requests..."
   CGroup: /system.slice/ypxfrd.service
           ââ24092 /usr/sbin/rpc.ypxfrd -f

Jul 12 12:51:02 master-server-prod systemd[1]: Starting NIS/YP (Network Information Service) Maps Transferring Accelerator...
Jul 12 12:51:02 master-server-prod rpc.ypxfrd[24092]: WARNING: no securenets file found!
Jul 12 12:51:02 master-server-prod systemd[1]: Started NIS/YP (Network Information Service) Maps Transferring Accelerator.
[root@master-server-prod ~]# rpcinfo
   program version netid     address                service    owner
    100000    4    tcp6      ::.0.111               portmapper superuser
    100000    3    tcp6      ::.0.111               portmapper superuser
    100000    4    udp6      ::.0.111               portmapper superuser
    100000    3    udp6      ::.0.111               portmapper superuser
    100000    4    tcp       0.0.0.0.0.111          portmapper superuser
    100000    3    tcp       0.0.0.0.0.111          portmapper superuser
    100000    2    tcp       0.0.0.0.0.111          portmapper superuser
    100000    4    udp       0.0.0.0.0.111          portmapper superuser
    100000    3    udp       0.0.0.0.0.111          portmapper superuser
    100000    2    udp       0.0.0.0.0.111          portmapper superuser
    100000    4    local     /var/run/rpcbind.sock  portmapper superuser
    100000    3    local     /var/run/rpcbind.sock  portmapper superuser
    100009    1    udp       0.0.0.0.3.107          yppasswdd  superuser
1073741824    1    udp       0.0.0.0.3.127          -          superuser
    100007    2    udp       0.0.0.0.3.129          ypbind     superuser
    100007    1    udp       0.0.0.0.3.129          ypbind     superuser
    100007    2    tcp       0.0.0.0.3.132          ypbind     superuser
    100007    1    tcp       0.0.0.0.3.132          ypbind     superuser
    100004    2    udp       0.0.0.0.2.206          ypserv     superuser
    100004    1    udp       0.0.0.0.2.206          ypserv     superuser
    100004    2    tcp       0.0.0.0.2.209          ypserv     superuser
    100004    1    tcp       0.0.0.0.2.209          ypserv     superuser
 600100069    1    udp       0.0.0.0.3.181          fypxfrd    superuser
 600100069    1    tcp       0.0.0.0.3.183          fypxfrd    superuser
[root@master-server-prod ~]#
==============================
Along with this issue, I am noticing some strange behavior. May be, this could indicate something
Code:
[root@master-server-prod maps]# ypcat passwd | wc -l
151
[root@master-server-prod maps]# cat /var/yp/maps/passwd | wc -l
154
[root@master-server-prod maps]#
[root@master-server-prod maps]# ypcat group | wc -l
142
[root@master-server-prod maps]# cat /var/yp/maps/group | wc -l
145
[root@master-server-prod maps]#
[root@master-server-prod maps]# ypmatch gwahbeh passwd ---> gwahbeh is new user added recently
Can't match key gwahbeh in map passwd.byname. Reason: No such key in map
[root@master-server-prod maps]# ypmatch jamesd passwd
jamesd:8gTqwmg88HBX6:30421:30421:James D:/export/home/jamesd:/bin/bash
[root@master-server-prod maps]#

Last edited by james000; 07-12-2019 at 04:54 PM.
 
  


Reply

Tags
nis, redhat


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
how the NIS information will propagate fron NIS master to NIS slave & vicevarsa? dezavu Linux - Server 5 10-14-2011 03:08 AM
only limited users should login in NIS (not all nis users) RHEL 5.4 kingston Linux - Newbie 1 08-01-2011 12:16 PM
RHEL 4 client in VMware not binding to NIS server. Ping works fine and NIS server wo panini.kompella Linux - Server 1 03-16-2008 11:06 PM
NIS: NIS running but users not able to log in with NIS credentials outerspace Linux - Server 3 10-17-2007 08:51 AM
Mandrake9.0 as NIS client to FeeBSD NIS server Bluesuperman Linux - Distributions 1 01-17-2003 03:39 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 11:59 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration