Network Information Services

(NIS)
What is NIS?
• Problems in running a distributed
computing environment :
– Each Workstations has its own copies of
common configuration files such as passwd,
group, and hosts files
– These files must be consistent and every
changes to these common files much be
propagated to every hosts on the network
What is NIS?

L o g o n F a ilu r e !!
??
What is NIS?
• The NIS, released by Sun in 1980s, was the
first “prime time” administrative database
to address these problems.
• It was originally called the Sun Yellow
Pages, but eventually had to be renamed for
legal reasons. Many vendors have licensed
Sun’s code, making NIS the most widely-
supported network database system
What is NIS?
• It is a distributed database system that
replaces copies of commonly replicated
configuration files with a centralized
management facility
• Instead of having to manage each host’s
files, you maintain one database for each
file on one central server
NIS Masters, Slaves, and Clients
N IS
M ASTER
SERVER

N IS S L A V E N IS S L A V E
SERVER SERVER

C L IE N T C L IE N T C L IE N T C L IE N T
NIS Servers
• An NIS server is a machine storing a set of
maps that are available to network
machines and applications.
• NIS master server
– contains the set of maps that you, the NIS
administrator, create and update as necessary.
– Each NIS domain must have one, and only one,
master server.
NIS Servers
• NIS Slave server
– A slave server has a complete copy of the master
set of NIS maps. Whenever the master server
maps are updated, the updates are propagated
among the slave servers. The existence of slave
servers allows the system administrator to
evenly distribute the load resulting from
answering NIS requests. It also minimizes the
impact of a server becoming unavailable.
NIS Elements
• NIS Domains
– An NIS domain is a collection of machines that
share a common set of NIS maps. Each domain
has a domain name and each machine sharing
the common set of maps belongs to that
domain.
– Domain names are case-sensitive.
NIS Elements
• NIS Maps
– NIS maps are essentially two-column tables.
One column is the key and the other column is
information value related to the key. NIS finds
information for a client by searching through
the keys. Some information is stored in several
maps because each map uses a different key.
NIS Elements
– For example, the names and addresses of
machines are stored in two maps:
hosts.byname and hosts.byaddr. When a server
has a machine's name and needs to find its
address, it looks in the hosts.byname map.
When it has the address and needs to find the
name, it looks in the hosts.byaddr map.
NIS Elements
– Maps for a domain are located in each server's
/var/yp/domainname directory.
– For example, the maps that belong to the domain
test.com are located in each server's
/var/yp/test.com directory.
– An NIS Makefile is stored in the /var/yp directory of
machines designated as a NIS server at installation
time. Running make in that directory causes
makedbm to create or modify the default NIS maps
from the input files.
 NIS Elements
• NIS daemons
Daemon Functions
ypserv Server process

ypbind Binding process

ypxfrd High speed map transfer

rpc.yppasswdd NIS password update

daemon
NIS Query
NIS Query
C lie n t S id e S e r v e r S id e

A p p lic a tio n y p b in d y p s e rv

g e tp w u id C L ib r a r y ndbm C L ib r a r y

T h e F ile s y s te m
Basic NIS Management
• Installing a new NIS Environment, building Master
and slave servers
• Starting the ypserv daemon, which enables the
system to act as NIS Server
• Adding new slave servers when growth of your
network
• Modifying the client’s administrative files
• Starting the ypbind daemon, allowing the client to
make NIS requests
Building NIS Master Server
• Edit /etc/defaultdomain to enter your NIS
domain name
• Edit /etc/rc.d/rc.inet2, modify :
# if [ -r /etc/defaultdomain ]; then
# nisdomainname `cat /etc/defaultdomain`
# fi

into :

if [ -r /etc/defaultdomain ]; then
/bin/ypdomainname `cat /etc/defaultdomain`
fi
Building NIS Master Server
• Add the following lines :
dname=`/bin/ypdomainname`
echo "NIS domainname is $dname"
echo -n "starting NIS services:"
/usr/sbin/ypserv
echo -n " ypserv"

echo "running rpc.yppasswdd"

/usr/sbin/rpc.yppasswdd -p /etc/passwd.yp
Building NIS Master Server
• Last, UNCOMMENT the following lines :
# if [ -d /var/yp ] ; then
# echo "Running ypbind..."
# /usr/sbin/ypbind
# fi

• This made the NIS master as client

Building NIS Master Server
• Prepare the passwd file for use by NIS
– Our Linux is using shadow password but using
shadow passwords alongside NIS does not
make too much senses, so we will put only root
and system passwords in the local shadow
map on the local host. For all the normal user
you have a normal passwd map with
passwords distributed trough NIS.
Building NIS Master Server
• NIS Masters as clients
– Provide restricted access to the NIS Server
– The server has its own passwd file. An
alternate passwd map source file which is
network wide is used
– In the tutorial, we don’t need this extra security
but it is required to work around the shadow
passwd issue
Building NIS Master Server
N IS S e v e r

L o c a l /e tc /p a s s w d r o o t/s y s te m
lo c a l lo g o n
L o c a l /e tc /s h a d o w

N IS P a s s w d m a p
s o u r c e file : s a y n o rm a l u s e r
p a s s w d .y p
lo c a l lo g o n
th r o u g h N IS (if
p e r m itte d )
yp s e rv y p b in d
Enabling NIS on client
• Make sure that configuration files on the
client includes NIS “marker” entries so that
NIS map information will be added to the
local files
– append +: to /etc/passwd, /etc/shadow and
/etc/group
• Set the NIS domain name, edit
/etc/defaultdomain
Enabling NIS on client
• Start the ypbind daemon, which is
responsible for locating NIS servers and
maintaining bindings of domain names to
servers
Changing Password in NIS
• Why you need to wait sometime for your
new password to be effective if you change
your password in our Lab??
Changing Password in NIS
N IS M a s t e r S e r v e r

M a p p r o p a g a tio n
N IS S la v e S e r v e r

R eq u es t to
ch a n g e p a s s o rd
(u se yp p a ssw d)

N IS R e q u e s t
Merits of NIS
• Simple, easy to understand. It’s analogous
to copying files around; in most cases, it’s
unnecessary for administrators to be
aware of NIS’ internal data formats
• Widely supported by multiple vendors like
DEC, HP, SGI.
Problems of NIS
• Storing each type of information in separate
data files (eg : host info and user info)
resulted in problems propagating the
information
– When a master server updated its slaves, each of
these files, if changed, was sent over the network.
In environments with hundred of hosts and
thousand of users, this update could take a while
Problems of NIS
– Between updates, slave servers contained out-
of-dated information.
• Predefined operations limited information
retrieval.
– For instance, only the user’s log-in named and
uid were indexed, making database searching
by full user name imossible
Problems of NIS
• NIS was not a true database. It did not
support atomic operations, undo of
changes, or logging of operations.
• Finally, there was no easy way to manage it.
To change data in the database, the static
file had to be modified, reconverted into a
database, and loaded into the server
Network File System (NFS)
What is NFS?
• The Network File System, allows you to
share filesystems among computers.
• NFS is almost transparent to users and is
“stateless”.
• NFS was introduced by Sun in 1985. It was
originally implemented as a surrogate
filesystem for diskless clients.
What is NFS?
• NFS support has been implemented on
many platforms ranging from the MS-DOS to
the VMS operating systems. Many use code
licensed from Sun.
What is NFS?
• The NFS environment can be implemented on
different operating systems because it defines
an abstract model of a file system, rather than
an architectural specification. Each operating
system applies the NFS model to its file system
semantics. This means that file system
operations like reading and writing function as
though they are accessing a local file.
Benefits of NFS
– Allows multiple computers to use the same files, so
everyone on the network can access the same data
– Reduces storage costs by having computers share
applications instead of needing local disk space
for each user application
– Provides data consistency and reliability because
all users can read the same set of files
– Makes mounting of file systems transparent to users
Benefits of NFS
– Makes accessing remote files transparent to
users
– Supports heterogeneous environments
– Reduces system administration overhead
NFS Elements
Cl i e n t S i d e Ser ver Sid e

U s e r c r e d e n tia ls
m ount (U ID , { G ID s } ) /e tc /
com m and
r p c .m o u n td e x p o rts

/e tc /r m ta b

/e tc /m ta b r p c .n fs d

T h e F ile s y s te m
Setting up NFS
• Start mountd and nfsd
– edit /etc/rc.d/rc.inet2 file and uncomment :
# # Start the various SUN RPC servers.
if [ -f ${NET}/rpc.portmap ]; then
# Start the NFS server daemons.
if [ -f ${NET}/rpc.mountd ]; then
echo -n " mountd"
${NET}/rpc.mountd
fi
if [ -f ${NET}/rpc.nfsd ]; then
echo -n " nfsd"
${NET}/rpc.nfsd
fi
Setting up NFS
• Export filesystems, edit /etc/exports
# See exports(5) for a description.
# This file contains a list of all directories exported to
other computers.
# It is used by rpc.nfsd and rpc.mountd.
/home linux-1b (rw)

– This file servers as the access control list for

file systems which may be exported to NFS
clients. See man pages of exports(5) for a lists
of the options
Hard and Soft Mounts
• Hard mount
– If a server goes down, make operations that try
to access it block until the server comes back up
• Soft mount
– If a serve goes down, make operations that try to
access it fail and return an error. This is useful to
avoid processes “hanging” on inessential
mounts
Hard and Soft Mounts
• How to choose hard/soft mounts
– You never want to write data to an unreliable
device, nor do you want to try to load
executables from it. You should not use the soft
mount on any filesystem that is writeable, nor
on any filesystem from which you load
executables. NFS only guarantees the
consistency of data after a server crash if the
NFS filesystem was hardmounted
NFS Shortcomings
• NFS Suffers its greatest performance troubles
because of its stateless design
– Since the client assumes a write operation is
complete once it receives an acknowledgment from
the server, servers must commit each modified block
to disk before replying, to avoid discrepancies in the
event of a crash. This introduces a significant delay in
NFS writes
– In contrast, some OS (Like Netware) will acknowledge
the client before committing the writes.