Fedora 24
Sponsored Link

Configure NIS Client
2016/06/23
 
Configure NIS Client.
This example is based on the environment below.
+----------------------+          |          +----------------------+
| [    NIS Server    ] |10.0.0.30 | 10.0.0.31| [    NIS Client    ] |
|    dlp.srv.world     +----------+----------+     www.srv.world    |
|                      |                     |                      |
+----------------------+                     +----------------------+

[1] Configure NIS client.
[root@www ~]#
dnf -y install ypbind rpcbind
# set NIS domain

[root@www ~]#
ypdomainname srv.world

[root@www ~]#
echo "NISDOMAIN=srv.world" >> /etc/sysconfig/network

[root@www ~]#
authconfig \
--enablenis \
--nisdomain=srv.world \
--nisserver=dlp.srv.world \
--enablemkhomedir \
--update
[root@www ~]#
systemctl start rpcbind ypbind

[root@www ~]#
systemctl enable rpcbind ypbind

[root@www ~]#
www login:
redhat
# NIS user

Password:
# NIS password

Creating home directory for redhat.
[redhat@www ~]$
# just logined
# validation

[redhat@www ~]$
dlp.srv.world
# try to change NIS password

[redhat@www ~]$
Changing NIS account information for redhat on dlp.srv.world.
Please enter old password:    
# current one

Changing NIS password for redhat on dlp.srv.world.
Please enter new password:    
# new one

Please retype new password:
The NIS password has been changed on dlp.srv.world.
[2] If SELinux is enabled, it needs to add a rule to allow creating home directories automatically by mkhomedir.
[root@www ~]#
dnf -y install checkpolicy policycoreutils-python-utils
[root@www ~]#
vi mkhomedir.te
# create new

module mkhomedir 1.0;

require {
        type unconfined_t;
        type oddjob_mkhomedir_exec_t;
        class file entrypoint;
}

#============= unconfined_t ==============
allow unconfined_t oddjob_mkhomedir_exec_t:file entrypoint;

[root@www ~]#
checkmodule -m -M -o mkhomedir.mod mkhomedir.te

checkmodule: loading policy configuration from mkhomedir.te
checkmodule: policy configuration loaded
checkmodule: writing binary representation (version 17) to mkhomedir.mod
[root@www ~]#
semodule_package --outfile mkhomedir.pp --module mkhomedir.mod

[root@www ~]#
semodule -i mkhomedir.pp

 
Tweet