1778c7b1cSBill Paul.\" Copyright (c) 1995 2778c7b1cSBill Paul.\" Bill Paul <wpaul@ctr.columbia.edu>. All rights reserved. 3778c7b1cSBill Paul.\" 4778c7b1cSBill Paul.\" Redistribution and use in source and binary forms, with or without 5778c7b1cSBill Paul.\" modification, are permitted provided that the following conditions 6778c7b1cSBill Paul.\" are met: 7778c7b1cSBill Paul.\" 1. Redistributions of source code must retain the above copyright 8778c7b1cSBill Paul.\" notice, this list of conditions and the following disclaimer. 9778c7b1cSBill Paul.\" 2. Redistributions in binary form must reproduce the above copyright 10778c7b1cSBill Paul.\" notice, this list of conditions and the following disclaimer in the 11778c7b1cSBill Paul.\" documentation and/or other materials provided with the distribution. 12778c7b1cSBill Paul.\" 3. All advertising materials mentioning features or use of this software 13778c7b1cSBill Paul.\" must display the following acknowledgement: 14778c7b1cSBill Paul.\" This product includes software developed by Bill Paul. 15778c7b1cSBill Paul.\" 4. Neither the name of the author nor the names of any co-contributors 16778c7b1cSBill Paul.\" may be used to endorse or promote products derived from this software 17778c7b1cSBill Paul.\" without specific prior written permission. 18778c7b1cSBill Paul.\" 19778c7b1cSBill Paul.\" THIS SOFTWARE IS PROVIDED BY Bill Paul AND CONTRIBUTORS ``AS IS'' AND 20778c7b1cSBill Paul.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21778c7b1cSBill Paul.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22778c7b1cSBill Paul.\" ARE DISCLAIMED. IN NO EVENT SHALL Bill Paul OR CONTRIBUTORS BE LIABLE 23778c7b1cSBill Paul.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24778c7b1cSBill Paul.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25778c7b1cSBill Paul.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26778c7b1cSBill Paul.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27778c7b1cSBill Paul.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28778c7b1cSBill Paul.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29778c7b1cSBill Paul.\" SUCH DAMAGE. 30778c7b1cSBill Paul.\" 3197d92980SPeter Wemm.\" $FreeBSD$ 32778c7b1cSBill Paul.\" 33778c7b1cSBill Paul.Dd February 4, 1995 34778c7b1cSBill Paul.Dt YPSERV 8 35778c7b1cSBill Paul.Os 36778c7b1cSBill Paul.Sh NAME 37778c7b1cSBill Paul.Nm ypserv 386ecb7b20SJohn-Mark Gurney.Nd NIS database server 39778c7b1cSBill Paul.Sh SYNOPSIS 406ecb7b20SJohn-Mark Gurney.Nm 41778c7b1cSBill Paul.Op Fl n 42778c7b1cSBill Paul.Op Fl d 43778c7b1cSBill Paul.Op Fl p Ar path 44778c7b1cSBill Paul.Sh DESCRIPTION 456ecb7b20SJohn-Mark Gurney.Tn NIS 46778c7b1cSBill Paulis an RPC-based service designed to allow a number of UNIX-based 47f2e366a1SSheldon Hearnmachines to share a common set of configuration files. 48f2e366a1SSheldon HearnRather than 49778c7b1cSBill Paulrequiring a system administrator to update several copies of files 50778c7b1cSBill Paulsuch as 51778c7b1cSBill Paul.Pa /etc/hosts , 52778c7b1cSBill Paul.Pa /etc/passwd 53778c7b1cSBill Pauland 54778c7b1cSBill Paul.Pa /etc/group , 5598834523SPhilippe Charnierwhich tend to require frequent changes in most environments, 5698834523SPhilippe Charnier.Tn NIS 57778c7b1cSBill Paulallows groups of computers to share one set of data which can be 58778c7b1cSBill Paulupdated from a single location. 59778c7b1cSBill Paul.Pp 606ecb7b20SJohn-Mark GurneyThe 616ecb7b20SJohn-Mark Gurney.Nm 6298834523SPhilippe Charnierprogram is the server that distributes 6398834523SPhilippe Charnier.Tn NIS 6498834523SPhilippe Charnierdatabases to client systems within an 6598834523SPhilippe Charnier.Tn NIS 666ecb7b20SJohn-Mark Gurney.Em domain . 6798834523SPhilippe CharnierEach client in an 6898834523SPhilippe Charnier.Tn NIS 6998834523SPhilippe Charnierdomain must have its domainname set to 70778c7b1cSBill Paulone of the domains served by 716ecb7b20SJohn-Mark Gurney.Nm 72778c7b1cSBill Paulusing the 73778c7b1cSBill Paul.Xr domainname 1 74f2e366a1SSheldon Hearncommand. 75f2e366a1SSheldon HearnThe clients must also run 76778c7b1cSBill Paul.Xr ypbind 8 77778c7b1cSBill Paulin order to attach to a particular server, since it is possible to 7898834523SPhilippe Charnierhave several servers within a single 7998834523SPhilippe Charnier.Tn NIS 8098834523SPhilippe Charnierdomain. 81778c7b1cSBill Paul.Pp 82778c7b1cSBill PaulThe databases distributed by 836ecb7b20SJohn-Mark Gurney.Nm 84778c7b1cSBill Paulare stored in 85778c7b1cSBill Paul.Pa /var/yp/[domainname] 86778c7b1cSBill Paulwhere 87778c7b1cSBill Paul.Pa domainname 88f2e366a1SSheldon Hearnis the name of the domain being served. 89f2e366a1SSheldon HearnThere can be several 90778c7b1cSBill Paulsuch directories with different domainnames, and you need only one 916ecb7b20SJohn-Mark Gurney.Nm 92778c7b1cSBill Pauldaemon to handle them all. 93778c7b1cSBill Paul.Pp 94778c7b1cSBill PaulThe databases, or 95778c7b1cSBill Paul.Pa maps 96778c7b1cSBill Paulas they are often called, 97778c7b1cSBill Paulare created by 986ecb7b20SJohn-Mark Gurney.Pa /var/yp/Makefile 99f2e366a1SSheldon Hearnusing several system files as source. 100f2e366a1SSheldon HearnThe database files are in 101778c7b1cSBill Paul.Xr db 3 102778c7b1cSBill Paulformat to help speed retrieval when there are many records involved. 10398834523SPhilippe CharnierIn 10414201ae6SMike Pritchard.Fx , 10598834523SPhilippe Charnierthe maps are always readable and writable only by root for security 106f2e366a1SSheldon Hearnreasons. 107f2e366a1SSheldon HearnTechnically this is only necessary for the password 108778c7b1cSBill Paulmaps, but since the data in the other maps can be found in 109778c7b1cSBill Paulother world-readable files anyway, it doesn't hurt and it's considered 110778c7b1cSBill Paulgood general practice. 111778c7b1cSBill Paul.Pp 1126ecb7b20SJohn-Mark GurneyThe 1136ecb7b20SJohn-Mark Gurney.Nm 1146ecb7b20SJohn-Mark Gurneyprogram is started by 11598834523SPhilippe Charnier.Pa /etc/rc.network 116778c7b1cSBill Paulif it has been enabled in 11798834523SPhilippe Charnier.Pa /etc/rc.conf . 118778c7b1cSBill Paul.Sh SPECIAL FEATURES 11914201ae6SMike PritchardThere are some problems associated with distributing a 12014201ae6SMike Pritchard.Fx 12114201ae6SMike Pritchardpassword 12298834523SPhilippe Charnierdatabase via 12398834523SPhilippe Charnier.Tn NIS Ns : 12414201ae6SMike Pritchard.Fx 12598834523SPhilippe Charniernormally only stores encrypted passwords 126778c7b1cSBill Paulin 127778c7b1cSBill Paul.Pa /etc/master.passwd , 128f2e366a1SSheldon Hearnwhich is readable and writable only by root. 129f2e366a1SSheldon HearnBy turning this file 13098834523SPhilippe Charnierinto an 13198834523SPhilippe Charnier.Tn NIS 13298834523SPhilippe Charniermap, this security feature would be completely defeated. 133778c7b1cSBill Paul.Pp 13498834523SPhilippe CharnierTo make up for this, the 13514201ae6SMike Pritchard.Fx 13698834523SPhilippe Charnierversion of 1376ecb7b20SJohn-Mark Gurney.Nm 138778c7b1cSBill Paulhandles the 139778c7b1cSBill Paul.Pa master.passwd.byname 140778c7b1cSBill Pauland 141c192455bSJeroen Ruigrok van der Werven.Pa master.passwd.byuid 142f2e366a1SSheldon Hearnmaps in a special way. 143f2e366a1SSheldon HearnWhen the server receives a request to access 144778c7b1cSBill Pauleither of these two maps, it will check the TCP port from which the 145778c7b1cSBill Paulrequest originated and return an error if the port number is greater 1464e86fcacSSheldon Hearnthan 1023. 1474e86fcacSSheldon HearnSince only the superuser is allowed to bind to TCP ports 148778c7b1cSBill Paulwith values less than 1024, the server can use this test to determine 149778c7b1cSBill Paulwhether or not the access request came from a privileged user. 150778c7b1cSBill PaulAny requests made by non-privileged users are therefore rejected. 151778c7b1cSBill Paul.Pp 152778c7b1cSBill PaulFurthermore, the 153778c7b1cSBill Paul.Xr getpwent 3 15414201ae6SMike Pritchardroutines in the 15514201ae6SMike Pritchard.Fx 15698834523SPhilippe Charnierstandard C library will only attempt to retrieve 157778c7b1cSBill Pauldata from the 158778c7b1cSBill Paul.Pa master.passwd.byname 159778c7b1cSBill Pauland 160778c7b1cSBill Paul.Pa master.passwd.byuid 161778c7b1cSBill Paulmaps for the superuser: if a normal user calls any of these functions, 162778c7b1cSBill Paulthe standard 163778c7b1cSBill Paul.Pa passwd.byname 164778c7b1cSBill Pauland 165778c7b1cSBill Paul.Pa passwd.byuid 166f2e366a1SSheldon Hearnmaps will be accessed instead. 167f2e366a1SSheldon HearnThe latter two maps are constructed by 1686ecb7b20SJohn-Mark Gurney.Pa /var/yp/Makefile 169778c7b1cSBill Paulby parsing the 170778c7b1cSBill Paul.Pa master.passwd 171778c7b1cSBill Paulfile and stripping out the password fields, and are therefore 172f2e366a1SSheldon Hearnsafe to pass on to unprivileged users. 173f2e366a1SSheldon HearnIn this way, the shadow password 174778c7b1cSBill Paulaspect of the protected 175778c7b1cSBill Paul.Pa master.passwd 17698834523SPhilippe Charnierdatabase is maintained through 17798834523SPhilippe Charnier.Tn NIS . 178778c7b1cSBill Paul.Sh NOTES 17942e3d43bSGuy Helmer.Ss Setting Up Master and Slave Servers 18042e3d43bSGuy Helmer.Xr ypinit 8 18142e3d43bSGuy Helmeris a convenient script that will help setup master and slave 18242e3d43bSGuy Helmer.Tn NIS 18342e3d43bSGuy Helmerservers. 184778c7b1cSBill Paul.Ss Limitations 18598834523SPhilippe CharnierThere are two problems inherent with password shadowing in 18698834523SPhilippe Charnier.Tn NIS 187778c7b1cSBill Paulthat users should 188778c7b1cSBill Paulbe aware of: 189778c7b1cSBill Paul.Bl -enum -offset indent 190778c7b1cSBill Paul.It 1916ecb7b20SJohn-Mark GurneyThe 1926ecb7b20SJohn-Mark Gurney.Sq TCP port less than 1024 1936ecb7b20SJohn-Mark Gurneytest is trivial to defeat for users with 194778c7b1cSBill Paulunrestricted access to machines on your network (even those machines 195778c7b1cSBill Paulwhich do not run UNIX-based operating systems). 196778c7b1cSBill Paul.It 19798834523SPhilippe CharnierIf you plan to use a 19814201ae6SMike Pritchard.Fx 19998834523SPhilippe Charniersystem to serve 200b5c508fbSRuslan Ermilov.No non- Ns Fx 20198834523SPhilippe Charnierclients that 202778c7b1cSBill Paulhave no support for password shadowing (which is most of them), you 203778c7b1cSBill Paulwill have to disable the password shadowing entirely by uncommenting the 2046ecb7b20SJohn-Mark Gurney.Em UNSECURE=True 205778c7b1cSBill Paulentry in 2066ecb7b20SJohn-Mark Gurney.Pa /var/yp/Makefile . 207778c7b1cSBill PaulThis will cause the standard 208778c7b1cSBill Paul.Pa passwd.byname 209778c7b1cSBill Pauland 210778c7b1cSBill Paul.Pa passwd.byuid 211778c7b1cSBill Paulmaps to be generated with valid encrypted password fields, which is 21298834523SPhilippe Charniernecessary in order for 213b5c508fbSRuslan Ermilov.No non- Ns Fx 21498834523SPhilippe Charnierclients to perform user 21598834523SPhilippe Charnierauthentication through 21698834523SPhilippe Charnier.Tn NIS . 217778c7b1cSBill Paul.El 218778c7b1cSBill Paul.Pp 219778c7b1cSBill Paul.Ss Security 220f7f470a8SBill PaulIn general, any remote user can issue an RPC to 2216ecb7b20SJohn-Mark Gurney.Nm 22298834523SPhilippe Charnierand retrieve the contents of your 22398834523SPhilippe Charnier.Tn NIS 22498834523SPhilippe Charniermaps, provided the remote user 225f2e366a1SSheldon Hearnknows your domain name. 226f2e366a1SSheldon HearnTo prevent such unauthorized transactions, 2276ecb7b20SJohn-Mark Gurney.Nm 228f7f470a8SBill Paulsupports a feature called 229f7f470a8SBill Paul.Pa securenets 230f7f470a8SBill Paulwhich can be used to restrict access to a given set of hosts. 231f7f470a8SBill PaulAt startup, 2326ecb7b20SJohn-Mark Gurney.Nm 233f7f470a8SBill Paulwill attempt to load the securenets information from a file 234f7f470a8SBill Paulcalled 2356ecb7b20SJohn-Mark Gurney.Pa /var/yp/securenets . 236f7f470a8SBill Paul(Note that this path varies depending on the path specified with 237f7f470a8SBill Paulthe 238f7f470a8SBill Paul.Fl p 2394e86fcacSSheldon Hearnoption, which is explained below.) 2404e86fcacSSheldon HearnThis file contains entries 241f7f470a8SBill Paulthat consist of a network specification and a network mask separated 242f7f470a8SBill Paulby white space. 2436ecb7b20SJohn-Mark GurneyLines starting with 2446ecb7b20SJohn-Mark Gurney.Dq \&# 245f2e366a1SSheldon Hearnare considered to be comments. 246f2e366a1SSheldon HearnA 247f7f470a8SBill Paulsample securenets file might look like this: 248f7f470a8SBill Paul.Bd -unfilled -offset indent 249f7f470a8SBill Paul# allow connections from local host -- mandatory 250f7f470a8SBill Paul127.0.0.1 255.255.255.255 251f7f470a8SBill Paul# allow connections from any host 25250aedc81SJustin M. Seger# on the 192.168.128.0 network 253f7f470a8SBill Paul192.168.128.0 255.255.255.0 254f7f470a8SBill Paul# allow connections from any host 255f7f470a8SBill Paul# between 10.0.0.0 to 10.0.15.255 256f7f470a8SBill Paul10.0.0.0 255.255.240.0 257f7f470a8SBill Paul.Ed 258f7f470a8SBill Paul.Pp 259f7f470a8SBill PaulIf 2606ecb7b20SJohn-Mark Gurney.Nm 261f7f470a8SBill Paulreceives a request from an address that matches one of these rules, 262f2e366a1SSheldon Hearnit will process the request normally. 263f2e366a1SSheldon HearnIf the address fails to match 264f7f470a8SBill Paula rule, the request will be ignored and a warning message will be 265f2e366a1SSheldon Hearnlogged. 266f2e366a1SSheldon HearnIf the 267f7f470a8SBill Paul.Pa /var/yp/securenets 268f7f470a8SBill Paulfile does not exist, 2696ecb7b20SJohn-Mark Gurney.Nm 270f7f470a8SBill Paulwill allow connections from any host. 271f7f470a8SBill Paul.Pp 2726ecb7b20SJohn-Mark GurneyThe 2736ecb7b20SJohn-Mark Gurney.Nm 2746ecb7b20SJohn-Mark Gurneyprogram also has support for Wietse Venema's 2756ecb7b20SJohn-Mark Gurney.Em tcpwrapper 276f7f470a8SBill Paulpackage, though it is not compiled in by default since 277778c7b1cSBill Paulthe 2786ecb7b20SJohn-Mark Gurney.Em tcpwrapper 27998834523SPhilippe Charnierpackage is not distributed with 28014201ae6SMike Pritchard.Fx . 28198834523SPhilippe CharnierHowever, if you have 2826ecb7b20SJohn-Mark Gurney.Pa libwrap.a 283778c7b1cSBill Pauland 2846ecb7b20SJohn-Mark Gurney.Pa tcpd.h , 285778c7b1cSBill Paulyou can easily recompile 2866ecb7b20SJohn-Mark Gurney.Nm 287f2e366a1SSheldon Hearnwith them. 288f2e366a1SSheldon HearnThis allows the administrator to use the tcpwrapper 28994ba280cSRuslan Ermilovconfiguration files 29094ba280cSRuslan Ermilov.Pa ( /etc/hosts.allow 291f7f470a8SBill Pauland 292f7f470a8SBill Paul.Pa /etc/hosts.deny ) 293f7f470a8SBill Paulfor access control instead of 294f7f470a8SBill Paul.Pa /var/yp/securenets . 295f7f470a8SBill Paul.Pp 296f7f470a8SBill PaulNote: while both of these access control mechanisms provide some 297f7f470a8SBill Paulsecurity, they, like the privileged port test, are both vulnerable 2986ecb7b20SJohn-Mark Gurneyto 2996ecb7b20SJohn-Mark Gurney.Dq IP spoofing 3006ecb7b20SJohn-Mark Gurneyattacks. 301778c7b1cSBill Paul.Pp 3029573c1f1SBill Paul.Ss NIS v1 compatibility 3039573c1f1SBill PaulThis version of 3046ecb7b20SJohn-Mark Gurney.Nm 30598834523SPhilippe Charnierhas some support for serving 30698834523SPhilippe Charnier.Tn NIS 30798834523SPhilippe Charnierv1 clients. 30814201ae6SMike PritchardThe 30914201ae6SMike Pritchard.Fx 31098834523SPhilippe Charnier.Tn NIS 31198834523SPhilippe Charnierimplementation only uses the 31298834523SPhilippe Charnier.Tn NIS 31398834523SPhilippe Charnierv2 protocol, however other implementations 3149abcd271SGuido van Rooijinclude support for the v1 protocol for backwards compatibility 315f2e366a1SSheldon Hearnwith older systems. 316f2e366a1SSheldon HearnThe 3179573c1f1SBill Paul.Xr ypbind 8 3189573c1f1SBill Pauldaemons supplied with these systems will try to establish a binding 31998834523SPhilippe Charnierto an 32098834523SPhilippe Charnier.Tn NIS 32198834523SPhilippe Charnierv1 server even though they may never actually need it (and they may 3229573c1f1SBill Paulpersist in broadcasting in search of one even after they receive a 3239573c1f1SBill Paulresponse from a v2 server). Note that while 3249573c1f1SBill Paulsupport for normal client calls is provided, this version of 3256ecb7b20SJohn-Mark Gurney.Nm 3269573c1f1SBill Pauldoes not handle v1 map transfer requests; consequently, it cannot 32798834523SPhilippe Charnierbe used as a master or slave in conjunction with older 32898834523SPhilippe Charnier.Tn NIS 32998834523SPhilippe Charnierservers that 330f2e366a1SSheldon Hearnonly support the v1 protocol. 331f2e366a1SSheldon HearnFortunately, there probably aren't any 3329573c1f1SBill Paulsuch servers still in use today. 333778c7b1cSBill Paul.Ss NIS servers that are also NIS clients 334778c7b1cSBill PaulCare must be taken when running 3356ecb7b20SJohn-Mark Gurney.Nm 336778c7b1cSBill Paulin a multi-server domain where the server machines are also 33798834523SPhilippe Charnier.Tn NIS 338f2e366a1SSheldon Hearnclients. 339f2e366a1SSheldon HearnIt is generally a good idea to force the servers to 340778c7b1cSBill Paulbind to themselves rather than allowing them to broadcast bind 341778c7b1cSBill Paulrequests and possibly become bound to each other: strange failure 342778c7b1cSBill Paulmodes can result if one server goes down and 3434e86fcacSSheldon Hearnothers are dependent upon on it. 3444e86fcacSSheldon Hearn(Eventually all the clients will 345778c7b1cSBill Paultime out and attempt to bind to other servers, but the delay 346778c7b1cSBill Paulinvolved can be considerable and the failure mode is still present 347778c7b1cSBill Paulsince the servers might bind to each other all over again). 348778c7b1cSBill Paul.Pp 349778c7b1cSBill PaulRefer to the 350778c7b1cSBill Paul.Xr ypbind 8 351778c7b1cSBill Paulman page for details on how to force it to bind to a particular 352778c7b1cSBill Paulserver. 353778c7b1cSBill Paul.Sh OPTIONS 354778c7b1cSBill PaulThe following options are supported by 355e97407b4SRuslan Ermilov.Nm : 356778c7b1cSBill Paul.Bl -tag -width flag 357778c7b1cSBill Paul.It Fl n 358778c7b1cSBill PaulThis option affects the way 3596ecb7b20SJohn-Mark Gurney.Nm 360778c7b1cSBill Paulhandles yp_match requests for the 361778c7b1cSBill Paul.Pa hosts.byname 362778c7b1cSBill Pauland 363778c7b1cSBill Paul.Pa hosts.byaddress 364f2e366a1SSheldon Hearnmaps. 365f2e366a1SSheldon HearnBy default, if 3666ecb7b20SJohn-Mark Gurney.Nm 367778c7b1cSBill Paulcan't find an entry for a given host in its hosts maps, it will 368f2e366a1SSheldon Hearnreturn an error and perform no further processing. 369f2e366a1SSheldon HearnWith the 370778c7b1cSBill Paul.Fl n 371778c7b1cSBill Paulflag, 3726ecb7b20SJohn-Mark Gurney.Nm 373778c7b1cSBill Paulwill go one step further: rather than giving up immediately, it 374778c7b1cSBill Paulwill try to resolve the hostname or address using a DNS nameserver 375f2e366a1SSheldon Hearnquery. 376f2e366a1SSheldon HearnIf the query is successful, 3776ecb7b20SJohn-Mark Gurney.Nm 378778c7b1cSBill Paulwill construct a fake database record and return it to the client, 379778c7b1cSBill Paulthereby making it seem as though the client's yp_match request 380778c7b1cSBill Paulsucceeded. 381778c7b1cSBill Paul.Pp 382f7f470a8SBill PaulThis feature is provided for compatiblity with SunOS 4.1.x, 383778c7b1cSBill Paulwhich has brain-damaged resolver functions in its standard C 38498834523SPhilippe Charnierlibrary that depend on 38598834523SPhilippe Charnier.Tn NIS 38698834523SPhilippe Charnierfor hostname and address resolution. 38714201ae6SMike PritchardThe 38814201ae6SMike Pritchard.Fx 38998834523SPhilippe Charnierresolver can be configured to do DNS 390778c7b1cSBill Paulqueries directly, therefore it is not necessary to enable this 39198834523SPhilippe Charnieroption when serving only 39214201ae6SMike Pritchard.Fx 39398834523SPhilippe Charnier.Tn NIS 39498834523SPhilippe Charnierclients. 395778c7b1cSBill Paul.It Fl d 396f2e366a1SSheldon HearnCause the server to run in debugging mode. 397f2e366a1SSheldon HearnNormally, 3986ecb7b20SJohn-Mark Gurney.Nm 399778c7b1cSBill Paulreports only unusual errors (access violations, file access failures) 400778c7b1cSBill Paulusing the 401778c7b1cSBill Paul.Xr syslog 3 402f2e366a1SSheldon Hearnfacility. 403f2e366a1SSheldon HearnIn debug mode, the server does not background 404778c7b1cSBill Paulitself and prints extra status messages to stderr for each 405f2e366a1SSheldon Hearnrequest that it receives. 406f2e366a1SSheldon HearnAlso, while running in debug mode, 4076ecb7b20SJohn-Mark Gurney.Nm 408778c7b1cSBill Paulwill not spawn any additional subprocesses as it normally does 4094e86fcacSSheldon Hearnwhen handling yp_all requests or doing DNS lookups. 4104e86fcacSSheldon Hearn(These actions 411778c7b1cSBill Pauloften take a fair amount of time to complete and are therefore handled 412778c7b1cSBill Paulin subprocesses, allowing the parent server process to go on handling 4134e86fcacSSheldon Hearnother requests.) 4144e86fcacSSheldon HearnThis makes it easier to trace the server with 415778c7b1cSBill Paula debugging tool. 416778c7b1cSBill Paul.It Fl p Ar path 417778c7b1cSBill PaulNormally, 4186ecb7b20SJohn-Mark Gurney.Nm 41998834523SPhilippe Charnierassumes that all 42098834523SPhilippe Charnier.Tn NIS 42198834523SPhilippe Charniermaps are stored under 422778c7b1cSBill Paul.Pa /var/yp . 423778c7b1cSBill PaulThe 424778c7b1cSBill Paul.Fl p 42598834523SPhilippe Charnierflag may be used to specify an alternate 42698834523SPhilippe Charnier.Tn NIS 42798834523SPhilippe Charnierroot path, allowing 428778c7b1cSBill Paulthe system administrator to move the map files to a different place 429778c7b1cSBill Paulwithin the filesystem. 430778c7b1cSBill Paul.El 431778c7b1cSBill Paul.Sh FILES 432778c7b1cSBill Paul.Bl -tag -width Pa -compact 433778c7b1cSBill Paul.It Pa /var/yp/[domainname]/[maps] 43498834523SPhilippe Charnierthe 43598834523SPhilippe Charnier.Tn NIS 43698834523SPhilippe Charniermaps 437248aee62SJacques Vidrine.It Pa /etc/nsswitch.conf 438248aee62SJacques Vidrinename switch configuration file 439f7f470a8SBill Paul.It Pa /var/yp/securenets 44098834523SPhilippe Charnierhost access control file 441778c7b1cSBill Paul.El 442778c7b1cSBill Paul.Sh SEE ALSO 443906c1e27SMike Pritchard.Xr ypcat 1 , 444906c1e27SMike Pritchard.Xr db 3 , 44532fdc705SMike Pritchard.Xr rpc.yppasswdd 8 , 446491a8429SRuslan Ermilov.Xr yp 8 , 447778c7b1cSBill Paul.Xr ypbind 8 , 44842e3d43bSGuy Helmer.Xr ypinit 8 , 449778c7b1cSBill Paul.Xr yppush 8 , 450906c1e27SMike Pritchard.Xr ypxfr 8 451f12a1471SPhilippe Charnier.Sh AUTHORS 45298834523SPhilippe Charnier.An Bill Paul Aq wpaul@ctr.columbia.edu 453778c7b1cSBill Paul.Sh HISTORY 454778c7b1cSBill PaulThis version of 4556ecb7b20SJohn-Mark Gurney.Nm 45685cf659aSMike Pritchardfirst appeared in 45785cf659aSMike Pritchard.Fx 2.2 . 458