Configure NIS Client.
This example is based on the environment below. +----------------------+ | +----------------------+ | [ NIS Server ] |10.0.0.30 | 10.0.0.31| [ NIS Client ] | | dlp.server.world +----------+----------+ www.server.world | | | | | +----------------------+ +----------------------+ |
| [1] | Configure on NIS client. |
[root@www ~]#
yum -y install ypbind rpcbind
# set NIS domain
[root@www ~]#
ypdomainname server.world
[root@www ~]#
echo "NISDOMAIN=server.world" >> /etc/sysconfig/network
[root@www ~]#
vi /etc/hosts
# add IP addresses for NIS server and clients
10.0.0.30 dlp.server.world dlp 10.0.0.31 www.server.world www
[root@www ~]#
[root@www ~]#
authconfig \
--enablenis \ --nisdomain=server.world \ --nisserver=dlp.server.world \ --enablemkhomedir \ --update
systemctl start rpcbind ypbind
[root@www ~]#
systemctl enable rpcbind ypbind
[root@www ~]#
www login:
redhat
# NIS user
Password:
# set password
Creating directory '/home/redhat'.
[redhat@www ~]$
# just logined
# try to change NIS password
[redhat@www ~]$ Changing NIS account information for redhat on dlp.server.world. Please enter old password:
# current one
Changing NIS password for redhat on dlp.server.world. Please enter new password:
# new one
Please retype new password: |
| [2] | If SELinux is enabled, it needs to add a rule to allow creating home directories automatically by mkhomedir. |
[root@www ~]#
vi mkhomedir.te
# create new
module mkhomedir 1.0;
require {
type unconfined_t;
type oddjob_mkhomedir_exec_t;
class file entrypoint;
}
#============= unconfined_t ==============
allow unconfined_t oddjob_mkhomedir_exec_t:file entrypoint;
checkmodule -m -M -o mkhomedir.mod mkhomedir.te
checkmodule: loading policy configuration from mkhomedir.te checkmodule: policy configuration loaded checkmodule: writing binary representation (version 17) to mkhomedir.mod [root@www ~]#
semodule_package --outfile mkhomedir.pp --module mkhomedir.mod
[root@www ~]#
semodule -i mkhomedir.pp
|
Nenhum comentário:
Postar um comentário