Network Information Service (NIS) B.11.31.04 Administrator's Guide
The -D /etc/nis option must be added to the YPPASSWDD_OPTIONS variable in the
/etc/rc.config.d/namesvrs file. You must restart the NIS server each time you
modify the namesvrs file.
IMPORTANT: Back up the /etc/rc.config.d/namesvrs file before you perform
the steps described in this section.
To set up an alternate directory for the password file, complete the following steps:
1. Log in to the NIS master server as a superuser.
2. Stop the NIS server:
#/sbin/init.d/nis.server stop
3. Modify the /etc/rc.config.d/namesvrs file, and set the
YPPASSWDD_OPTIONS variable:
YPPASSWDD_OPTIONS= -D <directory>
where:
directory is the name of the alternate directory. For example, /etc/nis
4. Restart the NIS master server:
#/sbin/init.d/nis.server start
Allowing Selected Clients and Slave Servers To Access The Master Server
The NIS network can be secured by restricting the client and slave servers that can
access the NIS master server.
To selectively allow clients and slave servers to access the NIS master server, complete
the following steps:
1. Log in to the NIS master server as a superuser.
2. On the NIS master server, create the following file if it does not already exist:
/var/yp/securenets
3. Add the following line to the /var/yp/securenets file:
address_mask IP_address
where:
IP_address is the Internet address of the NIS client, the NIS slave server,
or the subnet that requests or transfers NIS information from
the NIS master server.
address_mask indicates the important bit fields in the IP_address.
If a bit is set in the address_mask field, the corresponding bit in the source address
of any incoming NIS requests must match the same bit in the IP_address field.
If a client or a slave host has multiple network interface cards, you must add the
IP addresses of all the network interfaces to the securenets file.
34 Configuring and Administering an NIS Master Server