Scroll to navigation

YPBIND(8) ypbind-mt YPBIND(8)

NAME

ypbind - NIS binding process

SYNOPSIS

ypbind [-broadcast | -ypset | -ypsetme] [-f configfile] [-no-ping] [-broken-server] [-local-only] [-ping-interval ping-interval | -i ping-interval] [-d | -debug] [-v | -verbose] [-n | -foreground] [-p port]

ypbind -c [-f configfile]

ypbind --version

DESCRIPTION

ypbind finds the server for NIS domains and maintains the NIS binding information. The client (normally the NIS routines in the standard C library) could get the information over RPC from ypbind or read the binding files. The binding files resides in the directory /var/yp/binding and are conventionally named [domainname].[version]. The supported versions are 1, 2 and 3. There could be several such files since it is possible for an NIS client to be bound to more than one domain.

After a binding has been established, ypbind will send YPPROC_DOMAIN requests to the current NIS server at 5 minutes intervals. If it doesn't get an response or the NIS server reports that he doesn't have this domain any longer, ypbind will search for a new NIS server. You could tell ypbind to use network broadcasts to find a new server, what is insecure, or you could give it a list of known secure servers. In this case ypbind will send a ping to all servers in the order in which they are listed in the config file and use the first one which answers.

Unless the option -debug or -foreground is used, ypbind detaches itself from the controlling terminal and puts itself into background. ypbind uses syslog(3) for logging errors and warnings. At startup or when receiving signal SIGHUP, ypbind parses the file /etc/yp.conf and tries to use the entries for its initial binding.

A broadcast entry in the configuration file will overwrite a ypserver/server entry and a ypserver/server entry broadcast. If all given server are down, ypbind will not switch to use broadcast. ypbind will try at first /etc/hosts and then DNS for resolving the hosts names from /etc/yp.conf. If ypbind couldn't reconfigure the search order, it will use only DNS. If DNS isn't available, you could only use IP-addresses in /etc/hosts. ypbind could only reconfigure the search order with glibc 2.x. If the -broadcast option is specified, ypbind will ignore the configuration file. If the file does not exist or if there are no valid entries, ypbind exit.

In Fedora we use systemd for starting services. We need to finish starting process of ypbind service not before service is fully started, which means ypbind daemon is prepared to answer. There is a test script /usr/libexec/ypbind-post-waitbind used in ypbind.service, that waits for ypbind daemon to be fully connected to NIS server and waits by default up to 45s. Sometimes this is not enough, because network set up can take longer than 45s during boot, so starting ypbind.service fails. User can increase the timeout by setting an environment variable NISTIMEOUT in /etc/sysconfig/ypbind. For example NISTIMEOUT=180 means ypbind will wait up to 180 seconds for binding to a NIS server. Another option is to enable NetworkManager-wait- online.service, which will make ypbind to wait until network is properly set up.

In case something needs to be changed in the ypbind.service, it is adviced not to change the ypbind.service directly, but rather to create a new file under /etc/systemd/system/ypbind.service.d/, i.e. if we need to start ypbind before service foo.service, we can create file /etc/systemd/system/ypbind.service.d/wait-foo.conf with the following content:

[Service]
Before=foo.service

If you need to pass other arguments to ypbind daemon withing systemd unit file, you can set these arguments as OTHER_YPBIND_OPTS environment variable in /etc/sysconfig/ypbind. For example in order to set a fixed port ypbind should run on, you can specify OTHER_YPBIND_OPTS="-p 876" in /etc/sysconfig/ypbind.

DHCP client by defualt changes /etc/yp.conf in case DHCP server sends NIS configuration in the respond. In that case /etc/dhcp/dhclient.d/nis.sh changes /etc/yp.conf according such configuration and creates a back-up copy of the original configuration file into /var/lib/dhclient/nis.conf.predhclient.$interface. In order to disable changing /etc/yp.conf by DHCP client, add PEERNIS=no into /etc/sysconfig/network.

OPTIONS

-broadcast

Send a broadcast to request the information needed to bind to a specific NIS server. With this option, /etc/yp.conf will be ignored.

-ypset

Allow root from any remote machine to change the binding for a domain via the ypset(8) command. By default, no one can change the binding. This option is really insecure. If you change a binding for a domain, all the current known servers for this domain will be forgotten. If the new server goes down, ypbind will use the old searchlist.

-ypsetme

The same as -ypset, but only root on the local machine is allowed to change the binding. Such requests are only allowed from loopback.

-c

ypbind only checks if the config file has syntax errors and exits.

-d, -debug

starts ypbind in debug mode. ypbind will not put itself into background, and error messages and debug output are written to standard error.

-n, -foreground

ypbind will not put itself into backgroun.

-v, -verbose

Causes ypbind to syslog(2) any and all changes in the server its bound to.

-broken-server

Lets ypbind accept answers from servers running on an illegal port number. This should usually be avoided, but is required by some ypserv(8) versions.

-no-ping

ypbind will not check if the binding is alive. This option is for use with dialup connections to prevent ypbind from keeping the connection unnecessarily open or causing auto-dials.

-f configfile

ypbind will use configfile and not /etc/yp.conf

-local-only

ypbind will only bind to the loopback device and is not reachable from a remote network.

-i, -ping-interval ping-interval

The default value for ypbind to check, if a NIS server is still reachable, is 20 seconds. With this options another frequency in seconds can be specified.

-p port

Lets ypbind listen on a specified port number, rather than asking portmapper to assingn a port for it.

--version

Prints the version number

FILES

/etc/yp.conf

configuration file.

/var/yp/binding/[domainname].[version]

binding file containing information about each NIS domain.

/var/run/ypbind.pid

contains the process id of the currently running ypbind master process.

SEE ALSO

syslog(3), domainname(1), yp.conf(5), ypdomainname(8), ypwhich(1), ypserv(8), ypset(8)

AUTHOR

ypbind-mt was written by Thorsten Kukuk <kukuk@thkukuk.de>.

04/06/2021 ypbind-mt