Jump to content United States-English
HP.com Home Products and Services Support and Drivers Solutions How to Buy
» Contact HP
More options
HP.com home
HP-UX Reference > Y

ypserv(1M)

HP-UX 11i Version 3: February 2007
» 

Technical documentation

» Feedback
Content starts here

 » Table of Contents

 » Index

NAME

ypserv, ypbind, ypxfrd — Network Information Service (NIS) server, binder, and transfer processes

SYNOPSIS

/usr/lib/netsvc/yp/ypserv [-l log_file] [-dv]

/usr/lib/netsvc/yp/ypbind [-l log_file] [-s] [-ypset|-ypsetme] [-broadcast]

/usr/sbin/ypxfrd

Remarks

The Network Information Service (NIS) was formerly known as Yellow Pages (YP). The functionality remains the same; only the name has changed.

DESCRIPTION

The Network Information Service (NIS) provides a simple network lookup service consisting of databases and processes. The databases are ndbm files in a directory tree rooted at /var/yp (see ndbm(3X)). These files are described in ypfiles(4). The processes are /usr/lib/netsvc/yp/ypserv, the NIS database lookup server, and /usr/lib/netsvc/yp/ypbind, the NIS binder. Both ypserv and ypbind are daemon processes activated at system startup time when the NIS_MASTER_SERVER or NIS_SLAVE_SERVER variable is set to 1, for ypserv, and the NIS_CLIENT variable is set to 1, for ypbind, in the /etc/rc.config.d/namesvrs file.

The NIS programmatic interface is described in ypclnt(3C). Administrative tools are described in ypwhich(1), yppoll(1M), yppush(1M), ypset(1M) and ypxfr(1M). Tools to see the contents of NIS maps (databases) are described in ypcat(1) and ypmatch(1). Database generation and maintenance tools are described in makedbm(1M), ypinit(1M), and ypmake(1M). The command to set or show the default NIS domain is domainname.

ypxfrd transfers entire NIS maps in an efficient manner. For systems that use this daemon, map transfers will be faster, depending on the map. ypxfrd should be run on the master server. ypxfr (see ypxfr(1M)) will attempt to use ypxfrd first. If that fails, it will use the older transfer method. The ypxfrd daemon is activated at system startup time when the NIS_MASTER_SERVER or NIS_SLAVE_SERVER variable is set to 1 in the /etc/rc.config.d/namesvrs file.

The ypserv daemon's primary function is to look up information in its local database of NIS maps. It runs only on NIS server machines providing data from NIS databases.

The operations performed by ypserv are defined for the implementor by the YP Protocol Specification, and for the programmer by the header file <rpcsvc/yp_prot.h>. Communication to and from ypserv is by means of RPC. Lookup functions are described in ypclnt(3C) and are supplied as C-callable functions in the TI-RPC library (-lnsl).

Four functions namely: yp_match(), yp_first(), yp_next(), and yp_all() perform a lookup on a specific map within a NIS domain. The yp_match() operation matches a key to a record in the database and returns its associated value. The yp_first() operation returns the first key-value pair (record) from the map, and yp_next() can be used to enumerate (sequentially retrieve) the remainder of the records. yp_all() returns all records in the map to the requester as the response to a single RPC request.

A number of special keys in the DBM files can alter the way in which ypserv operates. The keys of interest are:

YP_INTERDOMAIN

The presence of this key makes ypserv forward host lookups that cannot be satisfied by the DBM files to a DNS server.

YP_SECURE

This key makes ypserv answer only questions coming from clients on reserved ports.

YP_MULTI_hostname

This is a special key in the form "YP_MULTI_hostname addr1, ..., addrN". A client looking for hostname receives the closest address.

Two functions supply information about the map itself and not the map entries. These functions are yp_order() and yp_master(). The order number is the time of last modification of a map. The master name is the host name of the machine on which the master map is stored. Both order number and master name exist in the map as special key-value pairs, but the server does not return these through the normal lookup functions. (If you examine the map with makedbm or yppoll (see makedbm(1M) or yppoll(1M)), they are visible.) Other functions are used within the NIS subsystem and are not of general interest to NIS clients. These include:

Do_you_serve_this_domain? Transfer_map Reinitialize_internal_state

The ypbind daemon remembers information that lets client processes on its machine communicate with a ypserv process. The ypbind daemon must run on every machine using NIS services, both NIS servers and clients. The ypserv daemon may or may not be running on a NIS client machine, but it must be running somewhere on the network or be available through a gateway.

The information that ypbind remembers is called a binding: the association of a NIS domain name with the Internet address of the NIS server and the port on that host at which the ypserv process is listening for service requests. This information is cached in the directory /var/yp/binding using a filename in the form domainname.version.

Client requests drive the binding process. As a request for an unbound domain comes in, the ypbind process broadcasts on the network, if the file /var/yp/binding/domain_name/ypservers does not exist, trying to find a ypserv process serving maps within that NIS domain. If the binding should be established by broadcasting, at least one ypserv process must exist on every network. If the file /var/yp/binding/domain_name/ypservers is present, then ypbind will try to bind to one of the NIS servers in the order of its listing in the file. If ypbind was unable to bind to any one of the servers available in the list, it will try establishing a binding by broadcasting. The file, /var/yp/binding/domain_name/ypservers, containing the list of NIS servers is created by invoking ypinit with the -c option. (see ypinit(1M)). If ypbind is invoked with a -broadcast option, ypbind will try to establish a binding by broadcast immaterial of the availability of the file /var/yp/binding/domain_name/ypservers; that is, the option -broadcast overrides the existence of the file /var/yp/binding/domain_name/ypservers. Once a binding is established for a client, it is given to subsequent client requests. Execute ypwhich to query the ypbind process (local and remote) for its current binding (see ypwhich(1)).

Bindings are verified before they are given to a client process. If ypbind is unable to transact with the ypserv process it is bound to, it marks the domain as unbound, tells the client process that the domain is unbound, and tries to bind again. Requests received for an unbound domain fail immediately. Generally, a bound domain is marked as unbound when the node running ypserv crashes or is overloaded. In such a case, ypbind binds to any NIS server (typically one that is less heavily loaded) that is available on the network.

The ypbind daemon also accepts requests to set its binding for a particular domain. ypset accesses the set_domain facility; it is for unsnarling messes and is not for casual use.

Options

ypserv recognizes the following options:

-l log_file

Log diagnostic and error messages to the file, log_file.

If ypserv is started without the -l option, ypserv writes its messages to /var/yp/ypserv.log if that file exists.

If ypbind is started without the -l option, ypbind writes its messages directly to the system console, /dev/console.

Information logged to the file includes the date and time of the message, the host name, the process id and name of the function generating the message, and the message itself. Note that different services can share a single log file since enough information is included to uniquely identify each message.

-d

The NIS service must approach the DNS for more host information. This requires the existence of a correct /etc/resolv.conf file pointing at a machine running named. This option enables DNS forwarding regardless of whether or not the YP_INTERDOMAIN flag is set in the hosts maps. See makedbm(1M). In the absence of an /etc/resolv.conf file, ypserv complains, but ignores the -d option.

-v

Operate in the verbose mode, printing diagnostic messages to stderr.

ypbind recognizes the following options:

-l log_file

Log diagnostic and error messages to the file, log_file. See the description above.

-s

Secure. When specified, only NIS servers bound to a reserved port are used. This allows for a slight increase in security in completely controlled environments, where there are no computers operated by untrusted individuals. It offers no real increase in security.

-ypset

Allow ypset to be used to change the binding (see ypset(1M)). For maximum security, this option should be used only when debugging the network from a remote machine.

-ypsetme

Allow ypset to be issued from this machine (see ypset(1M)). Security is based on IP address checking, which can be defeated on networks where untrusted individuals may inject packets. This option is not recommended.

-broadcast

When ypbind is invoked with this option, ypbind will try to establish a binding by broadcast even though the file /var/yp/binding/domain_name/ypservers exists. That is, the option -broadcast overrides the existence of this file.

If -broadcast is used in conjunction with -ypset or -ypsetme, then the -broadcast option is ignored. If ypbind is invoked with option -ypset or -ypsetme the NIS servers list in the file /var/yp/binding/domain_name/ypservers is ignored.

WARNINGS

NIS uses ndbm files to store maps. Therefore, it is subject to the 1024 byte limitations described in the WARNINGS section of the ndbm(3X) man page.

The NIS Version 1 protocol will not be available in a future HP-UX release. HP recommends that you use the next version of this protocol.

AUTHOR

ypserv, ypbind, and ypxfrd were developed by Sun Microsystems, Inc.

FILES

/var/yp/binding/domainname.version

These files cache the last successful binding created for the given domain, in order to to speed up the binding process. When a binding is requested, these files are checked for validity and then used.

/var/yp/securenets

This file is read by both ypserv and ypxfrd at startup time. It defines the hosts and networks which are granted access to information in the served domain.

/var/yp/secureservers

This file is read by ypbind. It contains a list of IP addresses that ypbind will receive a binding from.

/var/yp/binding/domain_name/ypservers

This file is read by ypbind. It contains the list of NIS servers that ypbind will attempt to bind to, if ypbind is not invoked with a -broadcast option.

Printable version
Privacy statement Using this site means you accept its terms Feedback to webmaster
© 1983-2007 Hewlett-Packard Development Company, L.P.