*nix Documentation Project
·  Home
 +   man pages
·  Linux HOWTOs
·  FreeBSD Tips
·  *niX Forums

  man pages->Linux man pages -> ypserv.conf (5)              
Title
Content
Arch
Section
 

YPSERV.CONF(5)

Contents


NAME    [Toc]    [Back]

       ypserv.conf - configuration file for ypserv and rpc.ypxfrd

DESCRIPTION    [Toc]    [Back]

       ypserv.conf is an ASCII file which contains some options for ypserv. It
       also contains a list of rules for  special  host  and  map  access  for
       ypserv  and  rpc.ypxfrd.  This  file  will  be  read  from  ypserv  and
       rpc.ypxfrd by startup, or by arriving a SIGHUP signal.

       There is one entry per line. If the line is a option line,  the	format
       is:

	      option: [yes|no]

       The line for a access rule has the format:

	      host:map:security:mangle[:field]

       All  rules  are tried one by one. If no match is found, access to a map
       is allowed.

       Following options exist:

       dns    the NIS server will query the nameserver	for  hostnames,  which
	      are  not	found  in  the	hosts.* maps. The default is "no". You
	      could overwrite it with the "-dns" commandline  option.  A  "no"
	      will not overwrite the "-dns" option.

       sunos_kludge
	      This  is not longer supported, since ypserv supports the most YP
	      version 1 functions.

       xfr_check_port
	      With this option enabled, the NIS master server have to run on a
	      port < 1024. The default is "yes" (enabled).

       The field descriptions for the access rule lines are:

       host   IP address. Wildcards are allowed.
	      Examples:
	      131.234. = 131.234.0.0/255.255.0.0
	      131.234.214.0/255.255.254.0

       map    name of the map, or asterisk for all maps.

       security
	      one of none, port, deny, des:

       none   always  allow  access. Mangle the passwd field if so configured,
	      default is not.

       port   allow access if from port < 1024. Otherwise if  mangle  are  not
	      set,
	       do  not	allow access. If mangle is set to "yes", allow access,
	      but mangle the passwd field.

       deny   deny access to this map.

       des    requires DES authentication. Not supported by most libc's in the
	      moment.	You  could  mangle  the passwd field if so configured,
	      default is not.

       mangle possible values are "yes" or "no". If  "yes",  the  field  entry
	      will  be	mangled.  Mangling means that the field is replaced by
	      'x' if the port check reveals the request originated from  somebody
 unpriviliged.

       field  Which field should be mangled. The default is the 2nd field.

FILES    [Toc]    [Back]

       /etc/ypserv.conf

SEE ALSO    [Toc]    [Back]

      
      
       ypserv(8), rpc.ypxfrd(8)

WARNINGS    [Toc]    [Back]

       The  access rules for special maps are no real improvement in security,
       but it makes the life a little bit harder for potential hacker.

BUGS    [Toc]    [Back]

       Solaris clients doesn't use privileged  ports.  All  security  options,
       which  depend  on  privileged  ports,  causes  big  problems on Solaris
       clients.

AUTHOR    [Toc]    [Back]

       Thorsten Kukuk <kukuk@suse.de>



NYS YP Server			 January 1999			YPSERV.CONF(5)
[ Back ]
 Similar pages
Name OS Title
ypserv.acl OpenBSD ypserv(8) configuration file
securenet OpenBSD ypserv(8) configuration file for secure networks
makedbm Linux create or dump a ypserv database file
amd.conf FreeBSD amd configuration file
apt.conf Linux Configuration file for APT
man.conf OpenBSD configuration file for man(1)
mailer.conf OpenBSD configuration file for mailwrapper(8)
login IRIX login configuration file
pccard.conf FreeBSD pccardd(8) configuration file
nlspath HP-UX NLSPATH configuration file
Copyright © 2004-2005 DeniX Solutions SRL
newsletter delivery service