Yolinux.com

ypserv.conf manpage

Search topic Section


YPSERV.CONF(5)		       Reference Manual			YPSERV.CONF(5)



NAME
       ypserv.conf - configuration file for ypserv and rpc.ypxfrd

DESCRIPTION
       ypserv.conf is an ASCII file which contains some options for ypserv. It
       also contains a list of rules for  special  host	 and  map  access  for
       ypserv  and rpc.ypxfrd. This file will be read by ypserv and rpc.ypxfrd
       at startup, or when receiving a SIGHUP signal.

       There is one entry per line. If the line is a option line,  the	format
       is:

	      option: <argument>

       The line for an access rule has the format:

	      host:domain:map:security

       All  rules  are tried one by one. If no match is found, access to a map
       is allowed.

       Following options exist:

       files: 30
	      This option specifies, how many database files should be	cached
	      by  ypserv.   If 0 is specified, caching is disabled. Decreasing
	      this number is only possible, if ypserv is restarted.

       trusted_master: server
	      If this option is set on a slave server, new maps from the  host
	      server  will  be	accepted  as  master.  The default is, that no
	      trusted master is set and new maps will not be accepted.
	      Example:
	      trusted_master: ypmaster.example.org

       slp: [yes|<no>|domain]
	      If this option is enabled and SLP support compiled in,  the  NIS
	      server  registers itself on a SLP server. If the variable is set
	      to domain, an attribute domain with a comma  seperated  list  of
	      supported	 domainnames  is  set. Else this attribute will not be
	      set.

       xfr_check_port: [<yes>|no]
	      With this option enabled, the NIS master server have to run on a
	      port < 1024. The default is "yes" (enabled).

       The field descriptions for the access rule lines are:

       host   IP address. Wildcards are allowed.
	      Examples:
	      131.234. = 131.234.0.0/255.255.0.0
	      131.234.214.0/255.255.254.0

       domain specifies	 the domain, for which this rule should be applied. An
	      asterix as wildcard is allowed.

       map    name of the map, or asterisk for all maps.

       security
	      one of none, port, deny:

       none   always allow access.

       port   allow access if from port < 1024. Otherwise do not allow access.

       deny   deny access to this map.

FILES
       /etc/ypserv.conf

SEE ALSO
       ypserv(8), rpc.ypxfrd(8)

WARNINGS
       The access rules for special maps are no real improvement in  security,
       but they make the life a little bit harder for a potential hacker.

BUGS
       Solaris	clients don't use privileged ports. All security options which
       depend on privileged ports cause big problems on Solaris clients.

AUTHOR
       Thorsten Kukuk <kukuk@suse.de>



YP Server			 October 2002			YPSERV.CONF(5)