HP-UX Reference (11i v1 00/12) - 1M System Administration Commands N-Z (vol 4)

ManualsBrandsHP ManualsSoftwareHP-UX Reference Manuals

231

232

233

234

235

236

237

238

239

240

__________________________________________________________________________________________________________________________________________________________________________________________________

STANDARD Printed by: Nora Chuang [nchuang] STANDARD

/build/1111/BRICK/man1m/naaagt.1m

________________________________________________________________

___ ___

rpc.nisd(1M) rpc.nisd(1M)

NAME

rpc.nisd, rpc.nisd_resolv, nisd, nisd_resolv - NIS+ service daemon

SYNOPSIS

/usr/sbin/rpc.nisd [ -ACDFhlv ][-Y [ -B [ -t netid ]]] [ -d dictionary ][-L load ]

[ -S level ]

rpc.nisd_resolv

DESCRIPTION

The rpc.nisd daemon is an RPC service that implements the NIS+ service. This daemon must be run-

ning on all machines that serve a portion of the NIS+ namespace.

rpc.nisd is usually started from a system startup script.

rpc.nisd_resolv is an auxillary process that is started by rpc.nisd when it is invoked with -B

option. Note that rpc.nisd_resolv should not be started independently.

Options

-A Authentication verbose mode. The daemon logs all the authentication related activities to

syslogd(1M) with LOG_INFO priority.

-B Provide ypserv compatible DNS forwarding for NIS host requests. The DNS resolving process,

rpc.nisd_resolv, is started and controlled by

rpc.nisd. This option requires that the

/etc/resolv.conf ﬁle be set up for communication with a DNS nameserver. The

nslookup utility can be used to verify communication with a DNS nameserver. See resolver(4)

and nslookup(1).

-C Open diagnostic channel on /dev/console .

-D Debug mode (don’t fork).

-F Force the server to do a checkpoint of the database when it starts up. Forced checkpoints may

be required when the server is low on disk space. This option removes updates from the transac-

tion log that have propagated to all of the replicas.

-L number

Specify the ‘‘load’’ the NIS+ service is allowed to place on the server. The load is speciﬁed in

terms of the number of child processes that the server may spawn. This number must be at least

1 for the callback functions to work correctly. The default is 128.

-S level Set the authorization security level of the service. The argument is a number between 0 and 2.

By default, the daemon runs at security level 2.

0 Security level 0 is designed to be used for testing and initial setup of the NIS+ namespace.

When running at level 0, the daemon does not enforce any access controls. Any client is

allowed to perform any operation, including updates and deletions.

1 At security level 1, the daemon accepts both AUTH_SYS and AUTH_DES credentials for

authenticating clients and authorizing them to perform NIS+ operations. This is not a

secure mode of operation since AUTH_SYS credentials are easily forged. It should not be

used on networks in which any untrusted users may potentially have access.

2 At security level 2, the daemon accepts only AUTH_DES credentials for authentication and

authorization. This is the highest level of security currently provided by the NIS+ service.

This is the default security level if the -S option is not used.

-Y Put the server into NIS (YP) compatibility mode. When operating in this mode, the NIS+ server

will respond to NIS Version 2 requests using the version 2 protocol. Because the YP protocol is

not authenticated, only those items that have read access to nobody (the unauthenticated

request) will be visible through the V2 protocol. It supports only the standard Version 2 maps in

this mode (see

-B option and NOTES in ypﬁles(4)).

-d dictionary

Specify an alternate dictionary for the NIS+ database. The primary use of this option is for test-

ing. Note that the string is not interpreted, rather it is simply passed to the db_initialize

function. See nis_db(3N).

-h Print list of options.

Section 1M−−732 − 1 − HP-UX Release 11i: December 2000

___