rpc.nisd Daemon

Purpose

Implements the NIS+ service.

Syntax

/usr/sbin/rpc.nisd-A ] [  -C ] [  -D ] [  -F ] [  -h ] [  -v ] [  -Y ] [  -c Seconds ] [  -d Dictionary ] [  -L Load ] [  -S Level ]

Description

The rpc.nisd daemon is a remote procedure call service that implements the NIS+ service. This daemon must be running on all servers that serve a portion of the NIS+ namespace. rpc.nisd is usually started from a system startup script.

Flags

Item Description
-A Sets the rpc.nisd daemon in authentication verbose mode. The daemon logs all the authentication-related activities to syslogd with LOG_INFO priority.
-C Open diagnostic channel on /dev/console.
-D Sets the rpc.nisd daemon in debug mode (doesn't fork).
-F Forces the server to do a checkpoint of the database when it starts up. Forced checkpoints may be required when the server is low on disk space. The -F flag removes updates from the transaction log that have been propagated to all the replicas.
-h Prints a list of options.
-v Sets the rpc.nisd daemon in verbose mode. With the -v flag, the rpc.nisd daemon sends a running narration of its operations to the syslog daemon (see syslog at LOG_INFO priority). This flag is most useful for debugging problems with the NIS+ service (see also the -A flag).
-Y Sets the server in NIS (YP) compatibility mode. When operating in this mode, the NIS+ server responds to NIS Version 2 requests using the Version 2 protocol. Because the YP protocol is not authenticated, only those items that do not have read access to anybody are visible through the Version 2 protocol. The Version 2 protocol supports only the standard Version 2 maps in this mode (see the -B flag).
-c Seconds Sets the number of seconds between pushing out for updates to the server's replicas. The default is 120 seconds (two minutes).
-d Dictionary Specifies an alternate dictionary for the NIS+ database. The primary use of the -d flag is for testing. Note that the string is not interpreted; instead, it is passed on to the db_initialize function.
-L Load Specifies the maximum number of child processes that the server may spawn. The value of Load must be at least 1 for the callback functions to work correctly. The default is 128.
-S Level Sets the authorization security level of the rpc.nisd daemon. The value of the Level parameter must be between 0 and 2. The default is 2. The following values indicate these security levels:
0
At security level 0 the rpc.nisd daemon does not enforce any access controls. Any client is allowed to perform any operation, including updates and deletions. The 0 security level is intended for testing and initial setup of the NIS+ namespace.
1
At security level 1 the rpc.nisd daemon accepts both AUTH_SYS and AUTH_DES credentials for authenticating and authorizing clients to perform NIS+ operations. Level 1 is not a secure mode of operation because AUTH_SYS credentials are easy to forge. You should not use this security level on networks where any unknown user might have access.
2
At security level 2 the rpc.nisd daemon accepts only AUTH_DES credentials for authentication and authorization. 2 is the highest level of security provided by the NIS+ service and the default.

Environment

Item Description
NETPATH Limits the transports available for NIS+ to use.

Examples

  1. To set up the NIS+ service, enter:
    rpc.nisd
  2. To set the NIS+ service in YP compatibility mode with DNS forwarding, enter:
    rpc.nisd -YB

Files

Item Description
/var/nis/parent.object Contains an XDR-encoded NIS+ object describing the namespace above a root server. This parent namespace can be another NIS+ namespace or a foreign namespace such as the one served by the Domain Name Server. The /var/nis/parent.object only exists on servers serving the root domain namespace.
/var/nis/root.object Contains an XDR-encoded NIS+ object that describing the root of the namespace. The /var/nis/root.object file only exists on servers serving the root of the namespace.
/etc/init.d/rpc Contains the initialization script for NIS+.