'\" te .\" Copyright 1989 AT&T .\" Copyright (C) 2004, Sun Microsystems, Inc. All Rights Reserved .\" The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License. .\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing. See the License for the specific language governing permissions and limitations under the License. .\" When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner] .TH YPBIND 1M "Dec 20, 2007" .SH NAME ypbind \- NIS binder process .SH SYNOPSIS .LP .nf \fB/usr/lib/netsvc/yp/ypbind\fR [\fB-broadcast\fR | \fB-ypset\fR | \fB-ypsetme\fR] .fi .SH DESCRIPTION .sp .LP NIS provides a simple network lookup service consisting of databases and processes. The databases are stored at the machine that runs an NIS server process. The programmatic interface to NIS is described in \fBypclnt\fR(3NSL). Administrative tools are described in \fBypinit\fR(1M), \fBypwhich\fR(1), and \fBypset\fR(1M). Tools to see the contents of NIS maps are described in \fBypcat\fR(1), and \fBypmatch\fR(1). .sp .LP \fBypbind\fR is a daemon process that is activated at system startup time from the \fBsvc:/network/nis/client:default\fR service. By default, it is invoked as \fBypbind\fR \fB-broadcast\fR. \fBypbind\fR runs on all client machines that are set up to use \fBNIS\fR. See \fBsysidtool\fR(1M). The function of \fBypbind\fR is to remember information that lets all \fBNIS\fR client processes on a node communicate with some \fBNIS\fR server process. \fBypbind\fR must run on every machine which has \fBNIS\fR client processes. The \fBNIS\fR server may or may not be running on the same node, but must be running somewhere on the network. If the \fBNIS\fR server is a \fBNIS+\fR server in \fBNIS\fR (YP) compatibility mode, see the \fBNOTES\fR section of the \fBypfiles\fR(4)man page for more information. .sp .LP The information \fBypbind\fR remembers is called a \fIbinding\fR \(em the association of a domain name with a \fBNIS\fR server. The process of binding is driven by client requests. As a request for an unbound domain comes in, if started with the \fB-broadcast\fR option, the \fBypbind\fR process broadcasts on the net trying to find an \fBNIS\fR server, either a \fBypserv\fR process serving the domain or an \fBrpc.nisd\fR process in "YP-compatibility mode" serving \fBNIS+\fR directory with name the same as (case sensitive) the domain in the client request. Since the binding is established by broadcasting, there must be at least one \fBNIS\fR server on the net. If started without the \fB-broadcast\fR option, \fBypbind\fR process steps through the list of \fBNIS\fR servers that was created by \fBypinit\fR \fB-c\fR for the requested domain. There must be an \fBNIS\fR server process on at least one of the hosts in the \fBNIS\fR servers file. It is recommended that you list each of these NIS servers by name and numeric IP address in \fB/etc/hosts\fR. Though the practice is not recommended, NIS allows you to list servers by numeric address only, bypassing \fB/etc/hosts\fR. In such a configuration, \fBypwhich\fR(1) returns a numeric address instead of a name. .sp .LP Once a domain is bound by \fBypbind\fR, that same binding is given to every client process on the node. The \fBypbind\fR process on the local node or a remote node may be queried for the binding of a particular domain by using the \fBypwhich\fR(1) command. .sp .LP If \fBypbind\fR is unable to speak to the \fBNIS\fR server process it is bound to, it marks the domain as unbound, tells the client process that the domain is unbound, and tries to bind the domain once again. Requests received for an unbound domain will wait until the requested domain is bound. In general, a bound domain is marked as unbound when the node running the \fBNIS\fR server crashes or gets overloaded. In such a case, \fBypbind\fR will try to bind to another \fBNIS\fR server using the process described above.\fBypbind\fR also accepts requests to set its binding for a particular domain. The request is usually generated by the \fBypset\fR(1M) command. In order for \fBypset\fR to work, \fBypbind\fR must have been invoked with flags \fB-ypset\fR or \fB-ypsetme\fR. .SH OPTIONS .sp .ne 2 .na \fB\fB-broadcast\fR\fR .ad .sp .6 .RS 4n Send a broadcast datagram using \fBUDP/IP\fR that requests the information needed to bind to a specific \fBNIS\fR server. This option is analogous to \fBypbind\fR with no options in earlier Sun releases and is recommended for ease of use. .RE .sp .ne 2 .na \fB\fB-ypset\fR\fR .ad .sp .6 .RS 4n Allow users from any remote machine to change the binding by means of the \fBypset\fR command. By default, no one can change the binding. This option is insecure. .RE .sp .ne 2 .na \fB\fB-ypsetme\fR\fR .ad .sp .6 .RS 4n Only allow \fBroot\fR on the local machine to change the binding to a desired server by means of the \fBypset\fR command. \fBypbind\fR can verify the caller is indeed a \fBroot\fR user by accepting such requests only on the loopback transport. By default, no external process can change the binding. .RE .SH FILES .sp .ne 2 .na \fB\fB/var/yp/binding/\fIypdomain\fR/ypservers\fR\fR .ad .sp .6 .RS 4n Lists the servers to which the NIS client is allowed to bind. .RE .sp .ne 2 .na \fB\fB/etc/inet/hosts\fR\fR .ad .sp .6 .RS 4n File in which it is recommended that NIS servers be listed. .RE .SH SEE ALSO .sp .LP \fBsvcs\fR(1), \fBypcat\fR(1), \fBypmatch\fR(1), \fBypwhich\fR(1), \fBifconfig\fR(1M), \fBrpc.nisd\fR(1M), \fBsvcadm\fR(1M), \fBypinit\fR(1M), \fBypset\fR(1M), \fBypclnt\fR(3NSL), \fBhosts\fR(4), \fBypfiles\fR(4), \fBattributes\fR(5), \fBsmf\fR(5) .SH NOTES .sp .LP \fBypbind\fR supports multiple domains. The \fBypbind\fR process can maintain bindings to several domains and their servers, the default domain is the one specified by the \fBdomainname\fR(1M) command at startup time. .sp .LP The \fB-broadcast\fR option works only on the \fBUDP\fR transport. It is insecure since it trusts "any" machine on the net that responds to the broadcast request and poses itself as an \fBNIS\fR server. .sp .LP The \fBypbind\fR service is managed by the service management facility, \fBsmf\fR(5), under the service identifier: .sp .in +2 .nf svc:/network/nis/client:default .fi .in -2 .sp .sp .LP Administrative actions on this service, such as enabling, disabling, or requesting restart, can be performed using \fBsvcadm\fR(1M). The service's status can be queried using the \fBsvcs\fR(1) command.