2 .\" $Id: ypserv.8,v 1.4 2004/02/23 18:56:53 ysato Exp $
4 .\" This manual page is a part of ypserv archive.
5 .\" README states the following
7 .\" See the file COPYING for copying restrictions. It is available under
8 .\" the GNU General Public License.
10 .\" Japanese Version Copyright (c) 1998, 1999 NAKANO Takeo all rights reserved.
11 .\" Translated Mon 23 Nov 1998 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
12 .\" Updated Fri 22 Oct 1999 by NAKANO Takeo
13 .\" Updated Sun 02 Dec 2001 by NAKANO Takeo
15 .TH YPSERV 8 "April 1997" "NYS YP Server" "Linux Reference Manual"
17 .\"O ypserv \- NIS server
19 ypserv \- NIS ¥µ¡¼¥Ð¡¼
34 .IX "ypserv" "" "\fLypserv\fP \(em NIS server process"
37 .\"O Network Information Service (NIS)
38 .\"O provides a simple network lookup service
39 .\"O consisting of databases and processes. The databases are
41 .\"O files in a directory tree rooted at
43 Network Information Service (NIS) ¤Ï¡¢
44 ¥Ç¡¼¥¿¥Ù¡¼¥¹¤È¤½¤ì¤é¤ò°·¤¦¥×¥í¥»¥¹¤È¤«¤é¤Ê¤ë
45 ¥·¥ó¥×¥ë¤Ê¥Í¥Ã¥È¥ï¡¼¥¯¸¡º÷¥µ¡¼¥Ó¥¹¤Ç¤¢¤ë¡£
50 °Ê²¼¤Î¥Ç¥£¥ì¥¯¥È¥ê¥Ä¥ê¡¼¤ËÃÖ¤«¤ì¤ë¡£
54 .\"O daemon is typically activated at system startup.
56 ¥Ç¡¼¥â¥ó¤Ï¡¢Ä̾亮¥¹¥Æ¥à¤Î¥¹¥¿¡¼¥È¥¢¥Ã¥×¤Î»þ¤Ëµ¯Æ°¤µ¤ì¤ë¡£
60 .\"O server machines with a complete
62 .\"O database. On other machines using the
64 .\"O services, you have to run
66 .\"O as client or under Linux you could use the libc with
72 ¥Ç¡¼¥¿¡¼¥Ù¡¼¥¹¤òÊݴɤ¹¤ë
74 ¥µ¡¼¥Ð¡¼¥Þ¥·¥ó¤Ç¤Î¤ß¼Â¹Ô¤µ¤ì¤ë¡£
76 ¥µ¡¼¥Ó¥¹¤òÍøÍѤ¹¤ë¾¤Î¥Þ¥·¥ó¤Ç¤Ï¡¢¥¯¥é¥¤¥¢¥ó¥È¤È¤·¤Æ
78 ¤òÆ°ºî¤·¤µ¤¨¤¹¤ì¤Ð¤è¤¤¡£¤¢¤ë¤¤¤Ï Linux ¤Ê¤é
80 ¤Î¥µ¥Ý¡¼¥È¤µ¤ì¤¿ libc ¤òÍѤ¤¤Æ¤â¤è¤¤¡£
82 .\"O must run on every machine which has
84 .\"O client processes;
86 .\"O may or may not be running on the same node,
87 .\"O but must be running somewhere
88 .\"O on the network. On startup or when receiving the signal SIGHUP,
91 .\"O .B /etc/ypserv.conf.
95 ¥¯¥é¥¤¥¢¥ó¥È¥×¥í¥»¥¹¤ÎÆ°ºî¤¹¤ë¤¹¤Ù¤Æ¤Î¥Þ¥·¥ó¤Çµ¯Æ°¤·¤Ê¤±¤ì¤Ð¤Ê¤é¤Ê¤¤¡£
98 ¤ÎÆ°ºî¤·¤Æ¤¤¤ë¥Þ¥·¥ó¤Ï¡¢
99 ¥Í¥Ã¥È¥ï¡¼¥¯¤ÎƱ¤¸¥Î¡¼¥É¤Ç¤â¾¤Î¥Î¡¼¥É¤Ç¤â¤«¤Þ¤ï¤Ê¤¤¤¬¡¢
100 ɬ¤º¥Í¥Ã¥È¥ï¡¼¥¯¤Î¤É¤³¤«¤Ë¸ºß¤·¤Æ¤¤¤Ê¤±¤ì¤Ð¤Ê¤é¤Ê¤¤¡£
101 ¥¹¥¿¡¼¥È¥¢¥Ã¥×¤Î»þ¤ä SIGHUP ¥·¥°¥Ê¥ë¤ò¼õ¤±¼è¤Ã¤¿»þ¤Ë¤Ï¡¢
105 ¥Õ¥¡¥¤¥ë¤òÆɤ߹þ¤ß¡¢¤½¤ÎÆâÍƤò²ò¼á¤·¤ÆÍøÍѤ¹¤ë¡£
110 .B "\-d" "\-\-debug" "[path]"
111 .\"O Causes the server to run in debugging mode. Normally,
113 .\"O reports only errors (access violations, dbm failures)
114 .\"O using the syslog(3) facility. In debug mode, the server does not
115 .\"O background itself and prints extra status messages to stderr for
116 .\"O each request that it revceives.
118 .\"O is an optionally parameter.
120 .\"O is using this directory instead of /var/yp
121 ¥µ¡¼¥Ð¡¼¤ò¥Ç¥Ð¥Ã¥°¥â¡¼¥É¤Çµ¯Æ°¤¹¤ë¡£
126 ¤òÄ̤·¤Æ¥¨¥é¡¼¥á¥Ã¥»¡¼¥¸ (¥¢¥¯¥»¥¹¸¢¤Î¿¯³²¤ä dbm ¤Î¾ã³²¤Ê¤É) ¤Î¤ß¤ò
127 Êó¹ð¤¹¤ë¡£¤³¤ì¤ËÂФ·¤Æ¥Ç¥Ð¥Ã¥°¥â¡¼¥É¤Ç¤Ï¡¢
128 ¥µ¡¼¥Ð¡¼¤Ï¥Ð¥Ã¥¯¥°¥é¥¦¥ó¥É¤ØÂÔÈò¤»¤º¡¢
129 ¥¢¥¯¥»¥¹Í×µá¤ò¼õ¤±¤ë¤¿¤Ó¤ËºÙ¤«¤Ê¥¹¥Æ¡¼¥¿¥¹¥á¥Ã¥»¡¼¥¸¤ò
130 ɸ½à¥¨¥é¡¼½ÐÎϤËɽ¼¨¤¹¤ë¡£
132 ¤Ï¾Êά²Äǽ¤Ê¥Ñ¥é¥á¡¼¥¿¤Ç¡¢»ØÄꤹ¤ë¤È
134 ¤Ï¤³¤Î¥Ç¥£¥ì¥¯¥È¥ê¤ò /var/yp ¤ÎÂå¤ï¤ê¤ËÍøÍѤ¹¤ë¡£
136 .B "\-p" "\-\-port" port
138 .\"O will bind itself to this port.
139 .\"O This makes it possible to have a router filter packets
140 .\"O to the NIS ports, so that access to the NIS server from
141 .\"O hosts on the Internet can be restricted.
143 ¤¬¥Ð¥¤¥ó¥É¤¹¤ë¥Ý¡¼¥ÈÈÖ¹æ¤ò»ØÄꤹ¤ë¡£¤³¤Î¥ª¥×¥·¥ç¥ó¤òÍѤ¤¤ë¤È¡¢
144 ¥ë¡¼¥¿¤Ë NIS ¥Ý¡¼¥È¤Ø¤Î¥Ñ¥±¥Ã¥È¤ò¥Õ¥£¥ë¥¿¥ê¥ó¥°¤µ¤»¡¢
145 ¥¤¥ó¥¿¡¼¥Í¥Ã¥È¤«¤é¤Î NIS ¥µ¡¼¥Ð¡¼¤Ø¤Î¥¢¥¯¥»¥¹¤òÀ©¸Â¤Ç¤¤ë¡£
147 .B "\-v" "\-\-version"
148 .\"O Prints the version number
149 ¥Ð¡¼¥¸¥ç¥óÈÖ¹æ¤òɽ¼¨¤¹¤ë¡£
152 .\"O In general, any remote user can issue an RPC to
154 .\"O and retrieve the contents of your NIS maps, if he knows your
155 .\"O domain name. To prevent such unauthorized transactions,
157 .\"O supports a feature called
159 .\"O which can be used to restrict access to a given set of hosts.
160 .\"O At startup or when arriving the SIGHUP Signal,
162 .\"O will attempt to load the securenets information from a file
164 .\"O .B /var/yp/securenets .
165 .\"O This file contains entries that consist of a netmask
166 .\"O and a network pair separated by white spaces.
167 .\"O Lines starting with ``#'' are considered to be comments.
168 ¤¤¤Ã¤¿¤ó¥É¥á¥¤¥ó¥Í¡¼¥à¤¬¤ï¤«¤Ã¤Æ¤·¤Þ¤¦¤È¡¢¥ê¥â¡¼¥È¥æ¡¼¥¶¡¼¤Ïï¤Ç¤â
170 ¤Ø¤Î RPC ¤òȯ¹Ô¤·¤Æ¡¢ NIS ¥Þ¥Ã¥×¤ÎÆâÍƤòÆþ¼ê¤Ç¤¤Æ¤·¤Þ¤¦¡£
171 ¤³¤Î¤è¤¦¤Ê¡¢ËÜÍèµö²Ä¤µ¤ì¤ë¤Ù¤¤Ç¤Ê¤¤¥È¥é¥ó¥¶¥¯¥·¥ç¥ó¤òËɤ°¤¿¤á¤Ë¡¢
175 ¤È¤¤¤¦µ¡Ç½¤ò¥µ¥Ý¡¼¥È¤·¤Æ¤ª¤ê¡¢»ØÄꤵ¤ì¤¿¥Û¥¹¥È°Ê³°¤«¤é¤Î¥¢¥¯¥»¥¹¤ò
176 À©¸Â¤Ç¤¤ë¤è¤¦¤Ë¤Ê¤Ã¤Æ¤¤¤ë¡£µ¯Æ°»þ¤ä SIGHUP ¥·¥°¥Ê¥ë¤ò¼õ¤±¤¿»þ¤Ë¡¢
179 .B /var/yp/securenets
180 ¤È¤¤¤¦¥Õ¥¡¥¤¥ë¤«¤é securenets ¾ðÊó¤ò¥í¡¼¥É¤·¤è¤¦¤È»î¤ß¤ë¡£
181 ¤³¤Î¥Õ¥¡¥¤¥ë¤Ë¤Ï¥Í¥Ã¥È¥ï¡¼¥¯¤È¥Í¥Ã¥È¥Þ¥¹¥¯¤ÎÁȤò¡¢¥¹¥Ú¡¼¥¹¤Ç
182 ¶èÀڤ俤â¤Î¤¬»ØÄꤵ¤ì¤Æ¤¤¤ë¡£``#'' ¤Ç»Ï¤Þ¤ë¹Ô¤Ï¥³¥á¥ó¥È¤È
185 .\"O A sample securenets file might look like this:
186 °Ê²¼¤Ë securenets ¥Õ¥¡¥¤¥ë¤Î´Êñ¤ÊÎã¤ò¼¨¤¹¡£
188 # allow connections from local host -- necessary
192 # same as 255.255.255.255 127.0.0.1
196 # allow connections from any host
198 # on the 131.234.223.0 network
200 255.255.255.0 131.234.223.0
202 # allow connections from any host
204 # between 131.234.214.0 and 131.234.215.255
206 255.255.254.0 131.234.214.0
210 .\"O receives a request from an address that fails to match a rule,
211 .\"O the request will be ignored and a warning message will be
213 .\"O .B /var/yp/securenets
214 .\"O file does not exist,
216 .\"O will allow connections from any host.
218 ¤¬¥ë¡¼¥ë¤Ë¥Þ¥Ã¥Á¤·¤Ê¤«¤Ã¤¿¥¢¥É¥ì¥¹¤«¤é¤ÎÍ×µá¤ò¼õ¤±¼è¤ë¤È¡¢
219 ¤½¤ÎÍ×µá¤Ï̵»ë¤µ¤ì¡¢·Ù¹ð¥á¥Ã¥»¡¼¥¸¤¬¥í¥°¤ËµÏ¿¤µ¤ì¤ë¡£
220 .B /var/yp/securentes
221 ¥Õ¥¡¥¤¥ë¤¬Â¸ºß¤·¤Ê¤¤¾ì¹ç¤Ë¤Ï¡¢
223 ¤Ï¤¹¤Ù¤Æ¤Î¥Û¥¹¥È¤«¤é¤ÎÀܳ¤òµö²Ä¤¹¤ë¡£
226 .\"O .B /etc/ypserv.conf
227 .\"O you could specify some access rules for special maps and hosts. But
228 .\"O it is not very secure, it makes the life only a little bit harder
229 .\"O for a potential hacker. If a mapname doesn't match a rule, ypserv will
230 .\"O look for the YP_SECURE key in the map. If it exists, ypserv will
231 .\"O only allow requests on a reserved port.
233 ¤Ë¡¢Æüì¤Ê¥Þ¥Ã¥×¤ä¥Û¥¹¥È¤ËÂФ¹¤ë¥¢¥¯¥»¥¹¥ë¡¼¥ë¤ò»ØÄꤹ¤ë¤³¤È¤â¤Ç¤¤ë¡£
234 ¤·¤«¤·¤³¤ì¤Ïɬ¤º¤·¤â°ÂÁ´¤Ç¤Ï¤Ê¤¯¡¢¥¯¥é¥Ã¥«¡¼¤«¤é¤Î¥¢¥¿¥Ã¥¯¤ò¿¾¯ÌÌÅݤË
235 ¤µ¤»¤ë¤À¤±¤Ë¤¹¤®¤Ê¤¤¡£ mapname ¤¬¥ë¡¼¥ë¤Ë¥Þ¥Ã¥Á¤·¤Ê¤¤¤È¡¢
237 ¤Ï¤½¤Î¥Þ¥Ã¥×¤Î YPSECURE ¥¡¼¤ò¸«¤ë¡£¥¡¼¤¬Â¸ºß¤¹¤ì¤Ð¡¢
239 ¤ÏÆø¢¥Ý¡¼¥È¤«¤é¤ÎÍ×µá°Ê³°¤òµö²Ä¤·¤Ê¤¤¡£
241 .\"O For security reasons, ypserv will only accept ypproc_xfr requests for
242 .\"O updating maps from the same master server as the old one. This means,
243 .\"O you have to reinstall the slave servers if you change the master server
245 ¥»¥¥å¥ê¥Æ¥£¾å¤ÎÍýͳ¤«¤é¡¢
247 ¤Ï¥Þ¥Ã¥×¹¹¿·¤Î¤¿¤á¤ËÍѤ¤¤é¤ì¤ë ypproc_xfr Í×µá¤ò¡¢°ÊÁ°¤ÈƱ¤¸
248 ¥Þ¥¹¥¿¡¼¥µ¡¼¥Ð¡¼¤«¤é¤·¤«¼õ¤±¤Ä¤±¤Ê¤¤¡£¤Ä¤Þ¤ê¡¢¤¢¤ë¥Þ¥Ã¥×¤ËÂФ¹¤ë
249 ¥Þ¥¹¥¿¡¼¥µ¡¼¥Ð¤òÊѹ¹¤¹¤ë¤Ë¤Ï¡¢¥¹¥ì¡¼¥Ö¥µ¡¼¥Ð¡¼¤Ï
250 ºÆ¥¤¥ó¥¹¥È¡¼¥ë¤¹¤ëɬÍפ¬¤¢¤ë¡£
272 .\"O The Network Information Service
274 .\"O was formerly known as Sun Yellow Pages
276 .\"O The functionality of the two remains the same;
277 .\"O only the name has changed.
278 .\"O The name Yellow Pages is a registered trademark in the United Kingdom
279 .\"O of British Telecommunications plc,
280 .\"O and may not be used without permission.
281 Network Information Service
283 ¤Ï¡¢°ÊÁ°¤Ï Sun Yellow Pages
286 ¤³¤Îξ¼Ô¤Îµ¡Ç½¤Ï¤Þ¤Ã¤¿¤¯Æ±¤¸¤â¤Î¤Ç¤¢¤ê¡¢Ì¾Á°¤¬°ã¤¦¤À¤±¤Ç¤¢¤ë¡£
287 Yellow Pages ¤È¤¤¤¦Ì¾Á°¤Ï¡¢±Ñ¹ñ¤Ç
288 British Telecommunications plc ¤ÎÅÐÏ¿¾¦É¸¤È¤Ê¤Ã¤Æ¤ª¤ê¡¢
289 µö²Ä¤òÆÀ¤º¤ËÍѤ¤¤ë¤³¤È¤Ï¤Ç¤¤Ê¤¤¡£
293 .\"O was written by Peter Eriksson <pen@lysator.liu.se>.
294 .\"O Thorsten Kukuk <kukuk@suse.de> added support for master/slave
295 .\"O server and is the new Maintainer.
297 ¤Ï Peter Eriksson <pen@lysator.liu.se> ¤Ë¤è¤Ã¤Æ½ñ¤«¤ì¤¿¡£
298 Thorsten Kukuk <kukuk@suse.de> ¤¬¥Þ¥¹¥¿¡¼/¥¹¥ì¡¼¥Ö¥µ¡¼¥Ð¤Î
299 ¥µ¥Ý¡¼¥È¤òÄɲä·¡¢¸½ºß¤Î¥á¥ó¥Æ¥Ê¥ó¥¹¤ò¹Ô¤Ã¤Æ¤¤¤ë¡£