Man page or keyword search:   man All Sections 1 - General Commands 2 - System Calls 3 - Subroutines, Functions 4 - Special Files 5 - File Formats 6 - Games and Screensavers 7 - Macros and Conventions 8 - Maintenence Commands 9 - Kernel Interface New Commands Server 4.4BSD AIX Alpinelinux Archlinux Aros BSDOS BSDi Bifrost CentOS Cygwin Darwin Debian DigitalUNIX DragonFly ElementaryOS Fedora FreeBSD Gentoo GhostBSD HP-UX Haiku Hurd IRIX Inferno JazzOS Kali Knoppix LinuxMint MacOSX Mageia Mandriva Manjaro Minix MirBSD NeXTSTEP NetBSD OPENSTEP OSF1 OpenBSD OpenDarwin OpenIndiana OpenMandriva OpenServer OpenSuSE OpenVMS Oracle PC-BSD Peanut Pidora Plan9 QNX Raspbian RedHat Scientific Slackware SmartOS Solaris SuSE SunOS Syllable Tru64 UNIXv7 Ubuntu Ultrix UnixWare Xenix YellowDog aLinux   17783 pages apropos Keyword Search (all sections) Output format html ascii pdf view pdf save postscript

YPSERV.CONF(5)		     NIS Reference Manual		YPSERV.CONF(5)

NAME
       ypserv.conf - configuration file for ypserv and rpc.ypxfrd

DESCRIPTION
       ypserv.conf is an ASCII file which contains some options for ypserv. It
       also contains a list of rules for special host and map access for
       ypserv and rpc.ypxfrd. This file will be read by ypserv and rpc.ypxfrd
       at startup, or when receiving a SIGHUP signal.

       There is one entry per line. If the line is a option line, the format
       is:

	     option: argument

       The line for an access rule has the format:

	     host:domain:map:security

       All rules are tried one by one. If no match is found, access to a map
       is allowed.

       Following options exist:

       files: 30
	  This option specifies, how many database files should be cached by
	  ypserv. If 0 is specified, caching is disabled. Decreasing this
	  number is only possible, if ypserv is restarted.

       trusted_master: server
	  If this option is set on a slave server, new maps from the host
	  server will be accepted as master. The default is, that no trusted
	  master is set and new maps will not be accepted.

	  Example:

	     trusted_master: ypmaster.example.org

       slp: [yes|<no>|domain]
	  If this option is enabled and SLP support compiled in, the NIS
	  server registers itself on a SLP server. If the variable is set to
	  domain, an attribute domain with a comma seperated list of supported
	  domainnames is set. Else this attribute will not be set. The default
	  is "no" (disabled).

       xfr_check_port: [<yes>|no]
	  With this option enabled, the NIS master server have to run on a
	  port < 1024. The default is "yes" (enabled).

       The field descriptions for the access rule lines are:

       host
	  IP address. Wildcards are allowed.

	  Examples:

	     131.234. = 131.234.0.0/255.255.0.0
	     131.234.214.0/255.255.254.0

       domain
	  specifies the domain, for which this rule should be applied. An
	  asterix as wildcard is allowed.

       map
	  name of the map, or asterisk for all maps.

       security
	  one of none, port, deny:

	  none
	     always allow access.

	  port
	     allow access if from port < 1024. Otherwise do not allow access.

	  deny
	     deny access to this map.

FILES
       /etc/ypserv.conf

SEE ALSO
       ypserv(8), rpc.ypxfrd(8)

WARNINGS
       The access rules for special maps are no real improvement in security,
       but they make the life a little bit harder for a potential hacker.

       Solaris clients don't use privileged ports. All security options which
       depend on privileged ports cause big problems on Solaris clients.

AUTHOR
       Thorsten Kukuk <kukuk@thkukuk.de>

NIS Reference Manual		  08/02/2006			YPSERV.CONF(5)

Vote for polarhome