NIS or Network Information Services is a simple - and insecure - way of making Single Sign On in a cluster of UNIX/Linux machines. Very useful in a closed network.

Originally NIS was called YP - Yellow Pages - and the acronyms YP and NIS are used.

There are up to three roles in a NIS installation

Master server

The master server - shares files to slaves and clients. For example the passwd and group file

Slave server(s)

Maintain copies of the Master Server shared files. Provides redundancy and load balancing

Clients

Use the shared files - for example for single sign on. Users added on the master server

Installation of the master server

Add the following line to /etc/hosts.allow. (In this case master,slaves and clients lives in the 10.222.0.0/24 network)

portmap ypserv ypbind: 10.222.0.0/255.255.255.0

Install NIS. You will be asked to enter the domain name. The domain name is not the DNS domain name - but a unique name for the the cluster of machines sharing the same information. (I use the DNS domain name - one less thing to remember)

apt-get install portmap nis

• Edit /etc/default/nis and set the NISSERVER line to NISSERVER = master
• Edit /etc/yp.conf and add a server line of the form: (Note my domain-name is c1.local)

domain c1.local server 127.0.0.1

• Edit /etc/ypserv.securenets remove the 0.0.0.0 line - insecure - and add your net/nets

Adding a user

When adding a user with adduser it's necessary to rebuild the NIS maps

root@head:~# <input>make -C /var/yp</input>
make: Går til katalog '/var/yp'
make[1]: Går til katalog '/var/yp/c1.local'
Updating passwd.byname...
Updating passwd.byuid...
Updating netid.byname...
Updating shadow.byname...
make[1]: Forlader katalog '/var/yp/c1.local'
make: Forlader katalog '/var/yp'

Script adding user in a Cluster

The following simple script:

• Add a user on the NIS server.
• Add a ssh key to the users /home library.
  • In this cluster /home is distributed with NFS to all nodes. Logon to nodes without entering password
• Rebuilding the NIS database with the new user

#!/bin/bash
echo -e "Adding user to cluster"
echo -e "======================\n"
echo -en "User login name: "
read NAME
adduser $NAME

echo -e "Creating keys"
su $NAME -c "ssh-keygen -t dsa"
echo -e "Distributing keys"
su $NAME -c "cat /home/$NAME/.ssh/id_dsa.pub >> /home/$NAME/.ssh/authorized_keys"
echo -e "Rebuild NIS database"
make -C /var/yp

Installation on the clients

Install the software

sudo apt-get install portmap nis

run the following commands. Remember to change the IP address of the NIS_SERVER_IP to your NIS servers IP address.

echo "portmap : <notice>NIS_SERVER_IP</notice> >> /etc/hosts.allow
echo "+::::::" >> /etc/passwd
echo "+:::" >> /etc/group
echo "+::::::::" >> /etc/shadow
echo "ypserver <notice>NIS_SERVER_IP</notice> >> /etc/yp.conf
/etc/init.d/nis restart

Test with

yptest

links

• https://help.ubuntu.com/community/SettingUpNISHowTo