diff options
| author | Kris Kennaway <kris@FreeBSD.org> | 2005-02-18 23:44:49 +0000 |
|---|---|---|
| committer | Kris Kennaway <kris@FreeBSD.org> | 2005-02-18 23:44:49 +0000 |
| commit | 11ea174ccbc9cebd4134768e8fb92c6a3dc2c559 (patch) | |
| tree | 1514ed7a486e108239615c1d83319d83bacdbc3d /misc/Howto | |
| parent | Update dependency to bash2 in preparation for removing bash1. (diff) | |
As previously announced, remove ports that have reached their expiry date,
and the handful of ports that depended on them.
Diffstat (limited to 'misc/Howto')
| -rw-r--r-- | misc/Howto/Makefile | 65 | ||||
| -rw-r--r-- | misc/Howto/distinfo | 10 | ||||
| -rw-r--r-- | misc/Howto/files/HOWTO-INDEX.html | 52 | ||||
| -rw-r--r-- | misc/Howto/files/patch-dns | 735 | ||||
| -rw-r--r-- | misc/Howto/files/patch-nis | 1248 | ||||
| -rw-r--r-- | misc/Howto/pkg-descr | 1 | ||||
| -rw-r--r-- | misc/Howto/pkg-plist | 205 |
7 files changed, 0 insertions, 2316 deletions
diff --git a/misc/Howto/Makefile b/misc/Howto/Makefile deleted file mode 100644 index 77fd709d1171..000000000000 --- a/misc/Howto/Makefile +++ /dev/null @@ -1,65 +0,0 @@ -# Ports collection makefile for: Howto -# Date created: Fri Oct 02, 1998 -# Whom: David O'Brien (obrien@FreeBSD.org) -# -# $FreeBSD$ -# - -PORTNAME= Howto -PORTVERSION= 1.0 -PORTREVISION= 5 -CATEGORIES= misc -MASTER_SITES= ftp://metalab.unc.edu/pub/Linux/docs/HOWTO/other-formats/sgml/ \ - ftp://metalab.unc.edu/pub/Linux/docs/HOWTO/other-formats/docbook/ -DISTFILES= Linux+FreeBSD.sgml.gz \ - DNS-HOWTO.sgml.gz \ - NFS-HOWTO.sgml.gz \ - NIS-HOWTO.sgml.gz \ - Security-HOWTO.sgml.gz - -MAINTAINER= ports@FreeBSD.org -COMMENT= Linux HOW-TOs modified for applicablity on FreeBSD - -BUILD_DEPENDS= sgmlfmt:${PORTSDIR}/textproc/sgmlformat - -BROKEN= Size mismatch -EXPIRATION_DATE=2005-02-18 -DEPRECATED= ${BROKEN} - -DIST_SUBDIR= Howto -NO_WRKSUBDIR= yes -USE_ZIP= yes -USE_BZIP2= yes - -do-extract: - @${MKDIR} ${WRKSRC} - @for f in ${DISTFILES}; do \ - ${CP} ${_DISTDIR}/$$f ${WRKSRC} ; \ - case $$f in \ - *.Z|*.gz) \ - ${GZIP_CMD} -d ${WRKSRC}/$$f ; \ - ;; \ - *.zip) \ - cd ${WRKSRC} && ${UNZIP_CMD} $$f ; \ - ;; \ - *.bz2) \ - ${BZIP2_CMD} -d ${WRKSRC}/$$f ; \ - ;; \ - esac; \ - done - -do-build: -.for howto in ${DISTFILES:S/.gz//} - @cd ${WRKSRC} && sgmlfmt -f ascii ${howto} - @cd ${WRKSRC} && sgmlfmt -f latin1 ${howto} - @cd ${WRKSRC} && sgmlfmt -f html ${howto} -.endfor - -do-install: - @${MKDIR} ${DOCSDIR}/HTML - @${INSTALL_MAN} ${FILESDIR}/HOWTO-INDEX.html ${DOCSDIR} - @${INSTALL_MAN} ${WRKSRC}/*.html ${DOCSDIR}/HTML - @${INSTALL_MAN} ${WRKSRC}/*.latin1 ${DOCSDIR} - @${INSTALL_MAN} ${WRKSRC}/*.ascii ${DOCSDIR} - -.include <bsd.port.mk> diff --git a/misc/Howto/distinfo b/misc/Howto/distinfo deleted file mode 100644 index a1af509584d8..000000000000 --- a/misc/Howto/distinfo +++ /dev/null @@ -1,10 +0,0 @@ -MD5 (Howto/Linux+FreeBSD.sgml.gz) = 6c24d994421b4c336f7f7621fd849858 -SIZE (Howto/Linux+FreeBSD.sgml.gz) = 7530 -MD5 (Howto/DNS-HOWTO.sgml.gz) = 86b63214d1f0bec0b26a4fc62816a13d -SIZE (Howto/DNS-HOWTO.sgml.gz) = 28065 -MD5 (Howto/NFS-HOWTO.sgml.gz) = 8f610c8c0329e5637eaf2a8185a480b0 -SIZE (Howto/NFS-HOWTO.sgml.gz) = 743 -MD5 (Howto/NIS-HOWTO.sgml.gz) = cfe7b8f28476e3b236b083e8f08295d6 -SIZE (Howto/NIS-HOWTO.sgml.gz) = 17702 -MD5 (Howto/Security-HOWTO.sgml.gz) = da012cfb35ad470a18bd20d8a24a0d87 -SIZE (Howto/Security-HOWTO.sgml.gz) = 51824 diff --git a/misc/Howto/files/HOWTO-INDEX.html b/misc/Howto/files/HOWTO-INDEX.html deleted file mode 100644 index e8bfbe1818ed..000000000000 --- a/misc/Howto/files/HOWTO-INDEX.html +++ /dev/null @@ -1,52 +0,0 @@ -<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN"> - -<!-- taken from http://sunsite.unc.edu/mdw/HOWTO/HOWTO-INDEX-3.html --> - -<HTML> -<HEAD> - <META NAME="GENERATOR" CONTENT="SGML-Tools 1.0.7"> - <TITLE>The FreeBSD HOWTO Index: Index</TITLE> -</HEAD> -<BODY> - -<H2><A NAME="ss3.1">HOWTOs Index</A> -</H2> - -<P>The following FreeBSD HOWTOs are currently available: -<P> -<UL> - - -<LI> -<A HREF="HTML/DNS-HOWTO_toc.html">DNS HOWTO</A> -How to set up DNS. -Updated 25 August 1998. -</LI> - -<LI> -<A HREF="HTML/Linux+FreeBSD_toc.html">Linux+FreeBSD mini-HOWTO</A> -How to use Linux and FreeBSD together. -Updated 18 June 1998. -</LI> - -<LI> -<A HREF="HTML/NFS-HOWTO_toc.html">NFS HOWTO</A> -How to set up NFS clients and servers. -Updated 3 November 1997. -</LI> - -<LI> -<A HREF="HTML/NIS-HOWTO_toc.html">NIS HOWTO</A> -Information on using NIS/YP on FreeBSD systems. -Updated 12 June 1998. -</LI> - -<LI> -<A HREF="HTML/Security-HOWTO_toc.html">Security HOWTO</A> -General overview of security issues. -Updated 1 May 1998. -</LI> - - -</BODY> -</HTML> diff --git a/misc/Howto/files/patch-dns b/misc/Howto/files/patch-dns deleted file mode 100644 index 9f99c68c7ebe..000000000000 --- a/misc/Howto/files/patch-dns +++ /dev/null @@ -1,735 +0,0 @@ ---- DNS-HOWTO.sgml.orig Fri Dec 28 22:01:22 2001 -+++ DNS-HOWTO.sgml Fri Dec 28 22:16:43 2001 -@@ -1,4 +1,4 @@ --<!doctype linuxdoc system> -+<!doctype linuxdoc public "-//FreeBSD//DTD linuxdoc 1.1//EN"> - <!-- -*-SGML-*- --> - <article> - <title>DNS HOWTO <author>Nicolai Langfeldt (<tt/dns-howto(at)langfeldt.net/), -@@ -15,7 +15,8 @@ - <p>Keywords: DNS, BIND, BIND 4, BIND 8, BIND 9, named, dialup, PPP, - slip, ISDN, Internet, domain, name, resolution, hosts, caching. - --<p>This document is part of the Linux Documentation Project. -+<p>This document is part of the Linux Documentation Project (slightly adapted -+for FreeBSD). - - <sect1>Legal stuff - -@@ -88,11 +89,11 @@ - "maps" as the jargon would have it) from name to address and from - address to name, and some other things. This HOWTO documents how to - define such mappings using Unix system, with a few things specific to --Linux. -+FreeBSD. - - <p>A mapping is simply an association between two things, in this case --a machine name, like <tt/ftp.linux.org/, and the machine's IP number --(or address) <tt/199.249.150.4/. DNS also contains mappings the other -+a machine name, like <tt/ftp.freebsd.org/, and the machine's IP number -+(or address) <tt/62.243.72.50/. DNS also contains mappings the other - way, from the IP number to the machine name; this is called a "reverse - mapping". - -@@ -127,14 +128,15 @@ - - <p>Name serving on Unix is done by a program called <tt/named/. This - is a part of the ``BIND'' package which is coordinated by <em/The --Internet Software Consortium/. <tt/Named/ is included in most Linux --distributions and is usually installed as <tt>/usr/sbin/named</tt>, -+Internet Software Consortium/. <tt/Named/ is included in all FreeBSD -+distributions and is installed as <tt>/usr/sbin/named</tt>, -+you can get the latest and greatest source from <htmlurl -+url="ftp://ftp.freebsd.org/pub/FreeBSD/FreeBSD-stable/src/contrib/bind/" -+name="ftp.freebsd.org:/pub/FreeBSD/FreeBSD-stable/src/contrib/bind/">. - usually from a package called <tt/BIND/, in upper or lower case - depending on the whim of the packager. - --<p>If you have a named you can probably use it; if you don't have one --you can get a binary off a Linux ftp site, or get the latest and --greatest source from <url url="ftp://ftp.isc.org/isc/bind9/">. This -+This - HOWTO is about BIND version 9. The old versions of the HOWTO, about - BIND 4 and 8, is still available at <url - url="http://langfeldt.net/DNS-HOWTO/"> in case you use BIND 4 or 8 -@@ -201,9 +203,8 @@ - waiting time the next time significantly, especially if you're on a - slow connection. - --<p>First you need a file called <tt>/etc/named.conf</tt> (Debian: --<tt>/etc/bind/named.conf</tt>). This is read when named starts. For --now it should simply contain: -+<p>First you need a file called <tt>/etc/namedb/named.conf</tt>. -+This is read when named starts. For now it should simply contain: - - <code> - // Config file for caching only name server -@@ -216,7 +217,7 @@ - // ultimate contents of should be quite similar though. - - options { -- directory "/var/named"; -+ directory "/etc/namedb"; - - // Uncommenting this might help if you have to go through a - // firewall and things are not working out. But you probably -@@ -236,27 +237,26 @@ - - zone "." { - type hint; -- file "root.hints"; -+ file "named.root"; - }; - - zone "0.0.127.in-addr.arpa" { - type master; -- file "pz/127.0.0"; -+ file "localhost.rev"; - }; - </code> - --<p>The Linux distribution packages may use different file names for -+<p>The FreeBSD distribution packages may use different file names for - each kind of file mentioned here; they will still contain about the - same things. - - <p>The `<tt/directory/' line tells named where to look for files. All --files named subsequently will be relative to this. Thus <tt>pz</tt> --is a directory under <tt>/var/named</tt>, i.e., --<tt>/var/named/pz</tt>. <tt>/var/named</tt> is the right directory --according to the <em/Linux File system Standard/. -+files named subsequently will be relative to this. -+<tt>/etc/namedb</tt> is the standard directory -+according to the <em>hier(7)</em> manpage. - --<p>The file named <tt>/var/named/root.hints</tt> is named in this. --<tt>/var/named/root.hints</tt> should contain this: -+<p>The file named <tt>/etc/namedb/named.root</tt> is named in this. -+<tt>/etc/namedb/named.root</tt> should contain this: - <code> - ; - ; There might be opening comments here if you already have this file. -@@ -299,18 +299,18 @@ - - <p>The next section in <tt/named.conf/ is the last <tt/zone/. I will - explain its use in a later chapter; for now just make this a file --named <tt/127.0.0/ in the subdirectory <tt/pz/: (<em/Again, please --remove leading spaces if you cut and paste this/) -+named <tt/localhost.rev/ in the subdirectory <tt//etc/namedb/: -+(<em/Again, please remove leading spaces if you cut and paste this/) - - <code> - $TTL 3D --@ IN SOA ns.linux.bogus. hostmaster.linux.bogus. ( -+@ IN SOA ns.freebsd.bogus. hostmaster.freebsd.bogus. ( - 1 ; Serial - 8H ; Refresh - 2H ; Retry - 4W ; Expire - 1D) ; Minimum TTL -- NS ns.linux.bogus. -+ NS ns.freebsd.bogus. - 1 PTR localhost. - </code> - -@@ -388,8 +388,7 @@ - you're probably used to <tt/ndc/. I BIND 9 it has been replaced with - <tt/rndc/, which can controll your named remotely, but it can't start - named anymore. If you view your syslog message file (usually called --<tt>/var/log/messages</tt>, Debian calls it <tt>/var/log/daemon</tt>, --another directory to look is the other files <tt>/var/log</tt>) while -+<tt>/var/log/messages</tt>) while - starting named (do <tt>tail -f /var/log/messages</tt>) you should see - something like: - -@@ -432,7 +431,7 @@ - 1.0.0.127.in-addr.arpa. 259200 IN PTR localhost. - - ;; AUTHORITY SECTION: --0.0.127.in-addr.arpa. 259200 IN NS ns.linux.bogus. -+0.0.127.in-addr.arpa. 259200 IN NS ns.freebsd.bogus. - - ;; Query time: 3 msec - ;; SERVER: 127.0.0.1#53(127.0.0.1) -@@ -474,7 +473,7 @@ - - <p>This time <tt/dig/ asked your named to look for the machine - <tt/pat.uio.no/. It then contacted one of the name server machines --named in your <tt/root.hints/ file, and asked its way from there. It -+named in your <tt/named.root/ file, and asked its way from there. It - might take tiny while before you get the result as it may need to - search all the domains you named in <tt>/etc/resolv.conf</tt>. - -@@ -538,7 +537,7 @@ - <p>All OSes implementing the standard C API has the calls - gethostbyname and gethostbyaddr. These can get information from - several different sources. Which sources it gets it from is --configured in <tt>/etc/nsswitch.conf</tt> on Linux (and some other -+configured in <tt>/etc/nsswitch.conf</tt> on FreeBD (and some other - Unixes). This is a long file specifying from which file or database - to get different kinds of data types. It usually contains helpful - comments at the top, which you should consider reading. After that -@@ -746,7 +745,7 @@ - <sect1>Our own domain - - <p>Now to define our own domain. We're going to make the domain --<tt/linux.bogus/ and define machines in it. I use a totally bogus -+<tt/freensd.bogus/ and define machines in it. I use a totally bogus - domain name to make sure we disturb no-one Out There. - - <p>One more thing before we start: Not all characters are allowed in -@@ -761,25 +760,25 @@ - <code> - zone "0.0.127.in-addr.arpa" { - type master; -- file "pz/127.0.0"; -+ file "localhost.rev"; - }; - </code> - - <p>Please note the lack of `<tt/./' at the end of the domain names in - this file. This says that now we will define the zone - <tt/0.0.127.in-addr.arpa/, that we're the master server for it and --that it is stored in a file called <tt>pz/127.0.0</tt>. We've already -+that it is stored in a file called <tt>localhost.rev</tt>. We've already - set up this file, it reads: - - <code> - $TTL 3D --@ IN SOA ns.linux.bogus. hostmaster.linux.bogus. ( -+@ IN SOA ns.freebsd.bogus. hostmaster.freebsd.bogus. ( - 1 ; Serial - 8H ; Refresh - 2H ; Retry - 4W ; Expire - 1D) ; Minimum TTL -- NS ns.linux.bogus. -+ NS ns.freebsd.bogus. - 1 PTR localhost. - </code> - -@@ -804,11 +803,11 @@ - Saves some typing that. So the NS line could also be written - - <tscreen><verb> --0.0.127.in-addr.arpa. IN NS ns.linux.bogus -+0.0.127.in-addr.arpa. IN NS ns.freebsd.bogus - </verb></tscreen> - - <p>It tells DNS what machine is the name server of the domain --<tt/0.0.127.in-addr.arpa/, it is <tt/ns.linux.bogus/. 'ns' is a -+<tt/0.0.127.in-addr.arpa/, it is <tt/ns.freebsd.bogus/. 'ns' is a - customary name for name-servers, but as with web servers who are - customarily named <tt/www./<em/something/. The name may be anything. - -@@ -819,8 +818,8 @@ - <p>The SOA record is the preamble to <em/all/ zone files, and there - should be exactly one in each zone file, at the top (but after the - <tt/$TTL/ directive). It describes the zone, where it comes from (a --machine called <tt/ns.linux.bogus/), who is responsible for its --contents (<tt/hostmaster@linux.bogus/; you should insert your e-mail -+machine called <tt/ns.freebsd.bogus/), who is responsible for its -+contents (<tt/hostmaster@freebsd.bogus/; you should insert your e-mail - address here), what version of the zone file this is (serial: 1), and - other things having to do with caching and secondary DNS servers. For - the rest of the fields (refresh, retry, expire and minimum) use the -@@ -844,7 +843,7 @@ - 1.0.0.127.in-addr.arpa. 259200 IN PTR localhost. - - ;; AUTHORITY SECTION: --0.0.127.in-addr.arpa. 259200 IN NS ns.linux.bogus. -+0.0.127.in-addr.arpa. 259200 IN NS ns.freebsd.bogus. - - ;; Query time: 3 msec - ;; SERVER: 127.0.0.1#53(127.0.0.1) -@@ -853,31 +852,31 @@ - </verb></tscreen> - - <p>So it manages to get <tt/localhost/ from 127.0.0.1, good. Now for --our main task, the <tt/linux.bogus/ domain, insert a new 'zone' -+our main task, the <tt/freebsd.bogus/ domain, insert a new 'zone' - section in <tt/named.conf/: - - <code> --zone "linux.bogus" { -+zone "freebsd.bogus" { - type master; - notify no; -- file "pz/linux.bogus"; -+ file "pz/freebsd.bogus"; - }; - </code> - - <p>Note again the lack of ending `<tt/./' on the domain name in the - <tt/named.conf/ file. - --<p>In the <tt/linux.bogus/ zone file we'll put some totally bogus -+<p>In the <tt/freebsd.bogus/ zone file we'll put some totally bogus - data: - - <code> - ; --; Zone file for linux.bogus -+; Zone file for freebsd.bogus - ; - ; The full zone file - ; - $TTL 3D --@ IN SOA ns.linux.bogus. hostmaster.linux.bogus. ( -+@ IN SOA ns.freebsd.bogus. hostmaster.freebsd.bogus. ( - 199802151 ; serial, todays date + todays serial # - 8H ; refresh, seconds - 2H ; retry, seconds -@@ -885,7 +884,7 @@ - 1D ) ; minimum, seconds - ; - NS ns ; Inet Address of name server -- MX 10 mail.linux.bogus ; Primary Mail Exchanger -+ MX 10 mail.freebsd.bogus ; Primary Mail Exchanger - MX 20 mail.friend.bogus. ; Secondary Mail Exchanger - ; - localhost A 127.0.0.1 -@@ -893,11 +892,11 @@ - mail A 192.168.196.4 - </code> - --<p>Two things must be noted about the SOA record. <tt/ns.linux.bogus/ -+<p>Two things must be noted about the SOA record. <tt/ns.freebsd.bogus/ - <em/must/ be a actual machine with a A record. It is not legal to - have a CNAME record for the machine mentioned in the SOA record. Its - name need not be `ns', it could be any legal host name. Next, --<tt/hostmaster.linux.bogus/ should be read as hostmaster@linux.bogus. -+<tt/hostmaster.freebsd.bogus/ should be read as hostmaster@freebsd.bogus. - This should be a mail alias, or a mailbox, where the person(s) - maintaining DNS should read mail frequently. Any mail regarding the - domain will be sent to the address listed here. The name need not be -@@ -906,7 +905,7 @@ - - <p>There is one new RR type in this file, the MX, or Mail eXchanger - RR. It tells mail systems where to send mail that is addressed to --<tt/someone@linux.bogus/, namely to <tt/mail.linux.bogus/ or -+<tt/someone@freebsd.bogus/, namely to <tt/mail.freebsd.bogus/ or - <tt/mail.friend.bogus/. The number before each machine name is that - MX RR's priority. The RR with the lowest number (10) is the one mail - should be sent to if possible. If that fails the mail can be sent to -@@ -917,28 +916,28 @@ - with <tt/dig/: - - <tscreen><verb> --$ dig any linux.bogus --; <<>> DiG 9.1.3 <<>> any linux.bogus -+$ dig any freebsd.bogus -+; <<>> DiG 9.1.3 <<>> any freebsd.bogus - ;; global options: printcmd - ;; Got answer: - ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55239 - ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 1, ADDITIONAL: 1 - - ;; QUESTION SECTION: --;linux.bogus. IN ANY -+;freebsd.bogus. IN ANY - - ;; ANSWER SECTION: --linux.bogus. 259200 IN SOA ns.linux.bogus. \ -- hostmaster.linux.bogus. 199802151 28800 7200 2419200 86400 --linux.bogus. 259200 IN NS ns.linux.bogus. --linux.bogus. 259200 IN MX 20 mail.friend.bogus. --linux.bogus. 259200 IN MX 10 mail.linux.bogus.linux.bogus. -+freebsd.bogus. 259200 IN SOA ns.freebsd.bogus. \ -+ hostmaster.freebsd.bogus. 199802151 28800 7200 2419200 86400 -+freebsd.bogus. 259200 IN NS ns.freebsd.bogus. -+freebsd.bogus. 259200 IN MX 20 mail.friend.bogus. -+freebsd.bogus. 259200 IN MX 10 mail.freebsd.bogus.freebsd.bogus. - - ;; AUTHORITY SECTION: --linux.bogus. 259200 IN NS ns.linux.bogus. -+freebsd.bogus. 259200 IN NS ns.freebsd.bogus. - - ;; ADDITIONAL SECTION: --ns.linux.bogus. 259200 IN A 192.168.196.2 -+ns.freebsd.bogus. 259200 IN A 192.168.196.2 - - ;; Query time: 4 msec - ;; SERVER: 127.0.0.1#53(127.0.0.1) -@@ -949,29 +948,29 @@ - <p>Upon careful examination you will discover a bug. The line - - <tscreen><verb> --linux.bogus. 259200 IN MX 10 mail.linux.bogus.linux.bogus. -+freebsd.bogus. 259200 IN MX 10 mail.freebsd.bogus.freebsd.bogus. - </verb></tscreen> - - <p>is all wrong. It should be - - <tscreen><verb> --linux.bogus. 259200 IN MX 10 mail.linux.bogus. -+freebsd.bogus. 259200 IN MX 10 mail.freebsd.bogus. - </verb></tscreen> - - <p>I deliberately made a mistake so you could learn from it :-) - Looking in the zone file we find this line: - - <tscreen><verb> -- MX 10 mail.linux.bogus ; Primary Mail Exchanger -+ MX 10 mail.freebsd.bogus ; Primary Mail Exchanger - </verb></tscreen> - --<p>It is missing a period. Or has a 'linux.bogus' too many. If a -+<p>It is missing a period. Or has a 'freebsd.bogus' too many. If a - machine name does not end in a period in a zone file the origin is --added to its end causing the double <tt/linux.bogus.linux.bogus/. So -+added to its end causing the double <tt/freebsd.bogus.freebsd.bogus/. So - either - - <code> -- MX 10 mail.linux.bogus. ; Primary Mail Exchanger -+ MX 10 mail.freebsd.bogus. ; Primary Mail Exchanger - </code> - - or -@@ -996,19 +995,19 @@ - - <code> - ; --; Zone file for linux.bogus -+; Zone file for freebsd.bogus - ; - ; The full zone file - ; - $TTL 3D --@ IN SOA ns.linux.bogus. hostmaster.linux.bogus. ( -+@ IN SOA ns.freebsd.bogus. hostmaster.freebsd.bogus. ( - 199802151 ; serial, todays date + todays serial # - 8H ; refresh, seconds - 2H ; retry, seconds - 4W ; expire, seconds - 1D ) ; minimum, seconds - ; -- TXT "Linux.Bogus, your DNS consultants" -+ TXT "FreeBSD.Bogus, your DNS consultants" - NS ns ; Inet Address of name server - NS ns.friend.bogus. - MX 10 mail ; Primary Mail Exchanger -@@ -1059,32 +1058,32 @@ - named to read its files again. - - <tscreen><verb> --$ dig linux.bogus axfr -+$ dig freebsd.bogus axfr - --; <<>> DiG 9.1.3 <<>> linux.bogus axfr -+; <<>> DiG 9.1.3 <<>> freebsd.bogus axfr - ;; global options: printcmd --linux.bogus. 259200 IN SOA ns.linux.bogus. hostmaster.linux.bogus. 199802151 28800 7200 2419200 86400 --linux.bogus. 259200 IN NS ns.linux.bogus. --linux.bogus. 259200 IN MX 10 mail.linux.bogus. --linux.bogus. 259200 IN MX 20 mail.friend.bogus. --donald.linux.bogus. 259200 IN A 192.168.196.3 --donald.linux.bogus. 259200 IN MX 10 mail.linux.bogus. --donald.linux.bogus. 259200 IN MX 20 mail.friend.bogus. --donald.linux.bogus. 259200 IN TXT "DEK" --ftp.linux.bogus. 259200 IN A 192.168.196.5 --ftp.linux.bogus. 259200 IN MX 10 mail.linux.bogus. --ftp.linux.bogus. 259200 IN MX 20 mail.friend.bogus. --gw.linux.bogus. 259200 IN A 192.168.196.1 --gw.linux.bogus. 259200 IN TXT "The router" --localhost.linux.bogus. 259200 IN A 127.0.0.1 --mail.linux.bogus. 259200 IN A 192.168.196.4 --mail.linux.bogus. 259200 IN MX 10 mail.linux.bogus. --mail.linux.bogus. 259200 IN MX 20 mail.friend.bogus. --ns.linux.bogus. 259200 IN MX 10 mail.linux.bogus. --ns.linux.bogus. 259200 IN MX 20 mail.friend.bogus. --ns.linux.bogus. 259200 IN A 192.168.196.2 --www.linux.bogus. 259200 IN CNAME ns.linux.bogus. --linux.bogus. 259200 IN SOA ns.linux.bogus. hostmaster.linux.bogus. 199802151 28800 7200 2419200 86400 -+freebsd.bogus. 259200 IN SOA ns.freebsd.bogus. hostmaster.freebsd.bogus. 199802151 28800 7200 2419200 86400 -+freebsd.bogus. 259200 IN NS ns.freebsd.bogus. -+freebsd.bogus. 259200 IN MX 10 mail.freebsd.bogus. -+freebsd.bogus. 259200 IN MX 20 mail.friend.bogus. -+donald.freebsd.bogus. 259200 IN A 192.168.196.3 -+donald.freebsd.bogus. 259200 IN MX 10 mail.freebsd.bogus. -+donald.freebsd.bogus. 259200 IN MX 20 mail.friend.bogus. -+donald.freebsd.bogus. 259200 IN TXT "DEK" -+ftp.freebsd.bogus. 259200 IN A 192.168.196.5 -+ftp.freebsd.bogus. 259200 IN MX 10 mail.freebsd.bogus. -+ftp.freebsd.bogus. 259200 IN MX 20 mail.friend.bogus. -+gw.freebsd.bogus. 259200 IN A 192.168.196.1 -+gw.freebsd.bogus. 259200 IN TXT "The router" -+localhost.freebsd.bogus. 259200 IN A 127.0.0.1 -+mail.freebsd.bogus. 259200 IN A 192.168.196.4 -+mail.freebsd.bogus. 259200 IN MX 10 mail.freebsd.bogus. -+mail.freebsd.bogus. 259200 IN MX 20 mail.friend.bogus. -+ns.freebsd.bogus. 259200 IN MX 10 mail.freebsd.bogus. -+ns.freebsd.bogus. 259200 IN MX 20 mail.friend.bogus. -+ns.freebsd.bogus. 259200 IN A 192.168.196.2 -+www.freebsd.bogus. 259200 IN CNAME ns.freebsd.bogus. -+freebsd.bogus. 259200 IN SOA ns.freebsd.bogus. hostmaster.freebsd.bogus. 199802151 28800 7200 2419200 86400 - ;; Query time: 41 msec - ;; SERVER: 127.0.0.1#53(127.0.0.1) - ;; WHEN: Sun Dec 23 03:12:31 2001 -@@ -1095,23 +1094,23 @@ - Let's check what it says for <tt/www/ alone: - - <tscreen><verb> --$ dig www.linux.bogus -+$ dig www.freebsd.bogus - --; <<>> DiG 9.1.3 <<>> www.linux.bogus -+; <<>> DiG 9.1.3 <<>> www.freebsd.bogus - ;; global options: printcmd - ;; Got answer: - ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16633 - ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 0 - - ;; QUESTION SECTION: --;www.linux.bogus. IN A -+;www.freebsd.bogus. IN A - - ;; ANSWER SECTION: --www.linux.bogus. 259200 IN CNAME ns.linux.bogus. --ns.linux.bogus. 259200 IN A 192.168.196.2 -+www.freebsd.bogus. 259200 IN CNAME ns.freebsd.bogus. -+ns.freebsd.bogus. 259200 IN A 192.168.196.2 - - ;; AUTHORITY SECTION: --linux.bogus. 259200 IN NS ns.linux.bogus. -+freebsd.bogus. 259200 IN NS ns.freebsd.bogus. - - ;; Query time: 5 msec - ;; SERVER: 127.0.0.1#53(127.0.0.1) -@@ -1119,15 +1118,15 @@ - ;; MSG SIZE rcvd: 80 - </verb></tscreen> - --<p>In other words, the real name of <tt/www.linux.bogus/ is --<tt/ns.linux.bogus/, and it gives you some of the information it has -+<p>In other words, the real name of <tt/www.freebsd.bogus/ is -+<tt/ns.freebsd.bogus/, and it gives you some of the information it has - about ns as well, enough to connect to it if you were a program. - - <p>Now we're halfway. - - <sect1>The reverse zone - --<p>Now programs can convert the names in linux.bogus to addresses -+<p>Now programs can convert the names in freebsd.bogus to addresses - which they can connect to. But also required is a reverse zone, one - making DNS able to convert from an address to a name. This name is - used by a lot of servers of different kinds (FTP, IRC, WWW and others) -@@ -1150,19 +1149,19 @@ - - <code> - $TTL 3D --@ IN SOA ns.linux.bogus. hostmaster.linux.bogus. ( -+@ IN SOA ns.freebsd.bogus. hostmaster.freebsd.bogus. ( - 199802151 ; Serial, todays date + todays serial - 8H ; Refresh - 2H ; Retry - 4W ; Expire - 1D) ; Minimum TTL -- NS ns.linux.bogus. -+ NS ns.freebsd.bogus. - --1 PTR gw.linux.bogus. --2 PTR ns.linux.bogus. --3 PTR donald.linux.bogus. --4 PTR mail.linux.bogus. --5 PTR ftp.linux.bogus. -+1 PTR gw.freebsd.bogus. -+2 PTR ns.freebsd.bogus. -+3 PTR donald.freebsd.bogus. -+4 PTR mail.freebsd.bogus. -+5 PTR ftp.freebsd.bogus. - </code> - - <p>Now you reload your named (<tt/rndc reload/) and examine your -@@ -1178,13 +1177,13 @@ - ;4.196.168.192.in-addr.arpa. IN PTR - - ;; ANSWER SECTION: --4.196.168.192.in-addr.arpa. 259200 IN PTR mail.linux.bogus. -+4.196.168.192.in-addr.arpa. 259200 IN PTR mail.freebsd.bogus. - - ;; AUTHORITY SECTION: --196.168.192.in-addr.arpa. 259200 IN NS ns.linux.bogus. -+196.168.192.in-addr.arpa. 259200 IN NS ns.freebsd.bogus. - - ;; ADDITIONAL SECTION: --ns.linux.bogus. 259200 IN A 192.168.196.2 -+ns.freebsd.bogus. 259200 IN A 192.168.196.2 - - ;; Query time: 4 msec - ;; SERVER: 127.0.0.1#53(127.0.0.1) -@@ -1199,16 +1198,16 @@ - - ; <<>> DiG 9.1.3 <<>> 196.168.192.in-addr.arpa. AXFR - ;; global options: printcmd --196.168.192.in-addr.arpa. 259200 IN SOA ns.linux.bogus. \ -- hostmaster.linux.bogus. 199802151 28800 7200 2419200 86400 --196.168.192.in-addr.arpa. 259200 IN NS ns.linux.bogus. --1.196.168.192.in-addr.arpa. 259200 IN PTR gw.linux.bogus. --2.196.168.192.in-addr.arpa. 259200 IN PTR ns.linux.bogus. --3.196.168.192.in-addr.arpa. 259200 IN PTR donald.linux.bogus. --4.196.168.192.in-addr.arpa. 259200 IN PTR mail.linux.bogus. --5.196.168.192.in-addr.arpa. 259200 IN PTR ftp.linux.bogus. --196.168.192.in-addr.arpa. 259200 IN SOA ns.linux.bogus. \ -- hostmaster.linux.bogus. 199802151 28800 7200 2419200 86400 -+196.168.192.in-addr.arpa. 259200 IN SOA ns.freebsd.bogus. \ -+ hostmaster.freebsd.bogus. 199802151 28800 7200 2419200 86400 -+196.168.192.in-addr.arpa. 259200 IN NS ns.freebsd.bogus. -+1.196.168.192.in-addr.arpa. 259200 IN PTR gw.freebsd.bogus. -+2.196.168.192.in-addr.arpa. 259200 IN PTR ns.freebsd.bogus. -+3.196.168.192.in-addr.arpa. 259200 IN PTR donald.freebsd.bogus. -+4.196.168.192.in-addr.arpa. 259200 IN PTR mail.freebsd.bogus. -+5.196.168.192.in-addr.arpa. 259200 IN PTR ftp.freebsd.bogus. -+196.168.192.in-addr.arpa. 259200 IN SOA ns.freebsd.bogus. \ -+ hostmaster.freebsd.bogus. 199802151 28800 7200 2419200 86400 - ;; Query time: 6 msec - ;; SERVER: 127.0.0.1#53(127.0.0.1) - ;; WHEN: Sun Dec 23 03:16:58 2001 -@@ -1258,7 +1257,7 @@ - read it. Now. - - <p>The reverse zone also needs to be delegated. If you got the --<tt/192.168.196/ net with the <tt/linux.bogus/ domain from your -+<tt/192.168.196/ net with the <tt/freebsd.bogus/ domain from your - provider they need to put <tt/NS/ records in for your reverse zone as - well as for your forward zone. If you follow the chain from - <tt/in-addr.arpa/ and up to your net you will probably find a break in -@@ -1322,9 +1321,9 @@ - master. You set it up like this: - - <code> --zone "linux.bogus" { -+zone "freebsd.bogus" { - type slave; -- file "sz/linux.bogus"; -+ file "sz/freebsd.bogus"; - masters { 192.168.196.2; }; - }; - </code> -@@ -1333,7 +1332,7 @@ - zone transfer is controlled by your SOA record: - - <code> --@ IN SOA ns.linux.bogus. hostmaster.linux.bogus. ( -+@ IN SOA ns.freebsd.bogus. hostmaster.freebsd.bogus. ( - 199802151 ; serial, todays date + todays serial # - 8H ; refresh, seconds - 2H ; retry, seconds -@@ -1379,7 +1378,7 @@ - adding yourself for debugging purposes: - - <code> --zone "linux.bogus" { -+zone "freebsd.bogus" { - allow-transfer { 192.168.1.4; localhost; }; - }; - </code> -@@ -1400,7 +1399,7 @@ - allow-query { 192.168.196.0/24; localhost; }; - }; - --zone "linux.bogus" { -+zone "freebsd.bogus" { - allow-query { any; }; - }; - -@@ -1456,7 +1455,7 @@ - here differs a bit from what you find if you query LAND-5's name - servers now. - --<sect1>/etc/named.conf (or /var/named/named.conf) -+<sect1>/etc/namedb/named.conf - - <p>Here we find master zone sections for the two reverse zones needed: - the 127.0.0 net, as well as LAND-5's <tt/206.6.177/ subnet, and a -@@ -1468,7 +1467,7 @@ - // Boot file for LAND-5 name server - - options { -- directory "/var/named"; -+ directory "/etc/namedb"; - }; - - controls { -@@ -1505,7 +1504,7 @@ - put ``<tt/notify no;/'' in the zone sections for the two <tt/land-5/ - zones so as to avoid accidents. - --<sect1>/var/named/root.hints -+<sect1>/etc/namedbb/named.root - - <p>Keep in mind that this file is dynamic, and the one listed here is - old. You're better off using a new one as explained earlier. -@@ -1556,7 +1555,7 @@ - ;; MSG SIZE sent: 17 rcvd: 436 - </code> - --<sect1>/var/named/zone/127.0.0 -+<sect1>/etc/namedb/zone/127.0.0 - - <p>Just the basics, the obligatory SOA record, and a record that maps - 127.0.0.1 to <tt/localhost/. Both are required. No more should be in -@@ -1581,7 +1580,7 @@ - before, and only version 8.2 of BIND has started to warn about its - absence. BIND 9 <em/requires/ the <tt/$TTL/. - --<sect1>/var/named/zone/land-5.com -+<sect1>/etc/namedb/zone/land-5.com - - <p>Here we see the mandatory SOA record, the needed NS records. We - can see that he has a secondary name server at <tt/ns2.psi.net/. This -@@ -1672,7 +1671,7 @@ - <p>We also see that <tt/funn.land-5.com/ is an alias for - <tt/land-5.com/, but using an A record, not a CNAME record. - --<sect1>/var/named/zone/206.6.177 -+<sect1>/etc/namedb/zone/206.6.177 - - <p>I'll comment on this file below - -@@ -1797,10 +1796,10 @@ - - PATH=/sbin:/usr/sbin:/bin:/usr/bin: - export PATH -- # NOTE: /var/named must be writable only by trusted users or this script -+ # NOTE: /etc/namedb must be writable only by trusted users or this script - # will cause root compromise/denial of service opportunities. -- cd /var/named 2>/dev/null || { -- echo "Subject: Cannot cd to /var/named, error $?" -+ cd /etc/namedb 2>/dev/null || { -+ echo "Subject: Cannot cd to /etc/namedb, error $?" - echo - echo "The subject says it all" - exit 1 -@@ -1849,7 +1848,7 @@ - echo - echo "The nameserver has been restarted to ensure that the update is complete." - echo "The previous root.hints file is now called --/var/named/root.hints.old." -+/etc/namedb/named.root" - ) 2>&1 | /usr/lib/sendmail -t - exit 0 - </code> -@@ -1912,9 +1911,9 @@ - like this in the named.conf file of your secondary: - - <code> -- zone "linux.bogus" { -+ zone "freebsd.bogus" { - type slave; -- file "sz/linux.bogus"; -+ file "freebsd.bogus"; - masters { 127.0.0.1; }; - }; - </code> -@@ -2082,7 +2081,7 @@ - not recommended. - - <item>How can I get a domain? I want to set up my own domain called -- (for example) <tt/linux-rules.net/. How can I get the domain I want -+ (for example) <tt/freebsd-rules.net/. How can I get the domain I want - assigned to me? - - <p>Please contact your network service provider. They will be able diff --git a/misc/Howto/files/patch-nis b/misc/Howto/files/patch-nis deleted file mode 100644 index 90308a40ccc0..000000000000 --- a/misc/Howto/files/patch-nis +++ /dev/null @@ -1,1248 +0,0 @@ ---- NIS-HOWTO.sgml.orig Wed Dec 25 09:56:09 2002 -+++ NIS-HOWTO.sgml Wed Dec 25 10:53:26 2002 -@@ -4,9 +4,10 @@ - - <ArtHeader> - --<Title>The Linux NIS(YP)/NYS/NIS+ HOWTO</Title> -+<Title>The FreeBSD NIS(YP)/NYS/NIS+ HOWTO</Title> - <AUTHOR - > -+Linux version by - <FirstName>Thorsten Kukuk</FirstName> - </AUTHOR - > -@@ -17,9 +18,8 @@ - <Para> - <IndexTerm><Primary>HOWTOs!NIS</Primary></IndexTerm> - <IndexTerm><Primary>HOWTOs!YP</Primary></IndexTerm> --<IndexTerm><Primary>HOWTOs!NYS</Primary></IndexTerm> - <IndexTerm><Primary>HOWTOs!NIS+</Primary></IndexTerm> --This document describes how to configure Linux as NIS(YP) or NIS+ client -+This document describes how to configure FreeBSD as NIS(YP) client - and how to install as NIS server. - </Para> - -@@ -30,22 +30,21 @@ - <Title>Introduction</Title> - - <Para> --More and more, Linux machines are installed as part of a network of -+More and more, FreeBSD machines are installed as part of a network of - computers. To simplify network administration, most networks (mostly --Sun-based networks) run the Network Information Service. Linux machines -+Sun-based networks) run the Network Information Service. FreeBSD machines - can take full advantage of existing NIS service or provide NIS service --themselves. Linux machines can also act as full NIS+ clients, this --support is in beta stage. -+themselves. - </Para> - - <Para> --This document tries to answer questions about setting up NIS(YP) and NIS+ --on your Linux machine. Don't forget to read -+This document tries to answer questions about setting up NIS(YP) -+on your FreeBSD machine. Don't forget to read - <XRef LinkEnd="portmapper">. - </Para> - - <Para> --The NIS-Howto is edited and maintained by -+The Linux version of the NIS-Howto is edited and maintained by - </Para> - - <Para> -@@ -88,12 +87,7 @@ - </Para> - - <Para> --New versions of this document will also be uploaded to various --Linux WWW and FTP sites, including the LDP home page. --</Para> -- --<Para> --Links to translations of this document could be found at -+Links to translations of the Linux document could be found at - <ULink - URL="http://www.linux-nis.org/nis-howto/" - >http://www.linux-nis.org/nis-howto/</ULink -@@ -131,9 +125,9 @@ - </Para> - - <Para> --Please do <Emphasis>not</Emphasis> mail me questions about special problems with your Linux --Distribution! I don't know every Linux Distribution. But I will try to add --every solution you send me. -+Please do <Emphasis>not</Emphasis> mail Thorsten questions about special problems with FreeBSD. -+The FreeBSD changes to the Linux document were done by the FreeBSD -+Documentation Project. Please send comments to docs@freebsd.org - </Para> - - </Sect2> -@@ -160,10 +154,6 @@ - - <Para> - Theo de Raadt is responsible for the original yp-clients code. --Swen Thuemmler ported the yp-clients code to Linux and also ported --the yp-routines in libc (again based on Theo's work). --Thorsten Kukuk has written the NIS(YP) and NIS+ routines for --GNU libc 2.x from scratch. - </Para> - - </Sect2> -@@ -177,9 +167,8 @@ - <Title>Glossary of Terms - <IndexTerm><Primary>NIS!glossary</Primary></IndexTerm> - <IndexTerm><Primary>YP!glossary</Primary></IndexTerm> --<IndexTerm><Primary>NYS!glossary</Primary></IndexTerm> - <IndexTerm><Primary>NIS+!glossary</Primary></IndexTerm> --<IndexTerm><Primary>glossary!NIS/NYS/YP/NIS+</Primary></IndexTerm> -+<IndexTerm><Primary>glossary!NIS/YP/NIS+</Primary></IndexTerm> - </Title> - - <Para> -@@ -191,7 +180,7 @@ - <VariableList> - - <VarListEntry> --<Term>DBM</Term> -+<Term>DB</Term> - <ListItem> - <Para> - DataBase Management, a library of functions which -@@ -234,8 +223,7 @@ - <ListItem> - <Para> - Name services library, a library of name service calls --(getpwnam, getservbyname, etc...) on SVR4 Unixes. GNU libc --uses this for the NIS (YP) and NIS+ functions. -+(getpwnam, getservbyname, etc...) on SVR4 Unixes. - </Para> - </ListItem> - </VarListEntry> -@@ -272,21 +260,10 @@ - </ListItem> - </VarListEntry> - <VarListEntry> --<Term>NYS</Term> --<ListItem> --<Para> --This is the name of a project and stands for NIS+, YP and Switch --and is managed by Peter Eriksson <peter@ifm.liu.se>. It contains --among other things a complete reimplementation of the NIS (= YP) code --that uses the Name Services Switch functionality of the NYS library. --</Para> --</ListItem> --</VarListEntry> --<VarListEntry> - <Term>NSS</Term> - <ListItem> - <Para> --Name Service Switch. The /etc/nsswitch.conf file determines the order -+Name Service Switch. On Solaris, the /etc/nsswitch.conf file determines the order - of lookups performed when a certain piece of information is requested. - </Para> - </ListItem> -@@ -329,7 +306,6 @@ - <Title>Some General Information - <IndexTerm><Primary>NIS!general information</Primary></IndexTerm> - <IndexTerm><Primary>YP!general information</Primary></IndexTerm> --<IndexTerm><Primary>NYS!general information</Primary></IndexTerm> - <IndexTerm><Primary>NIS+!general information</Primary></IndexTerm> - </Title> - -@@ -358,7 +334,7 @@ - <ItemizedList> - <ListItem> - <Para> --login names/passwords/home directories (/etc/passwd) -+login names/passwords/home directories (/etc/master.passwd) - </Para> - </ListItem> - <ListItem> -@@ -454,7 +430,8 @@ - severe security needs. NIS+ is _much_ more problematic - to administer (it's pretty easy to handle on the client side, but the - server side is horrible). Another problem is that the support for NIS+ --under Linux contains a lot of bugs and that the development has stopped. -+under FreeBSD is still under developement, and is not ready for Alpha testing -+yet. - </Para> - - </Sect2> -@@ -560,10 +537,10 @@ - - <Para> - To run any of the software mentioned below you will need to run the --program /usr/sbin/portmap. Some Linux distributions already have --the code in the /sbin/init.d/ or /etc/rc.d/ files to start up this --daemon. All you have to do is to activate it and reboot your Linux --machine. Read your Linux Distribution Documentation how to do this. -+program /usr/sbin/portmap. -+In FreeBSD you specify your desire to run the -+Portmapper in /etc/rc.conf. -+All you have to do is to activate it and reboot your FreeBSD machine. - </Para> - - <Para> -@@ -645,15 +622,15 @@ - ypcat, yppoll, ypmatch). The most important program is ypbind. This - program must be running at all times, which means, it should always appear - in the list of processes. It is a daemon process and needs to --be started from the system's startup file (eg. /etc/init.d/nis, --/sbin/init.d/ypclient, /etc/rc.d/init.d/ypbind, /etc/rc.local). -+be started from the system's startup file (eg. /etc/rc.network). -+You specify your desire to run ypbind in /etc/rc.conf. - As soon as ypbind is running your system has become a NIS client. - </Para> - - <Para> - In the second case, if you don't have NIS servers, then you will also - need a NIS server program (usually called ypserv). <XRef LinkEnd="ypserv"> --describes how to set up a NIS server on your Linux machine using the -+how to set up a NIS server on your FreeBSD machine using - <Command>ypserv</Command> - daemon. - </Para> -@@ -667,44 +644,9 @@ - </Title> - - <Para> --The system library "/usr/lib/libc.a" (version 4.4.2 and better) or the --shared library "/lib/libc.so.x" contain all necessary system calls to --succesfully compile the NIS client and server software. For the --GNU C Library 2 (glibc 2.x), you also need /lib/libnsl.so.1. --</Para> -- --<Para> --Some people reported that NIS only works with "/usr/lib/libc.a" version --4.5.21 and better so if you want to play it safe don't use older --libc's. The NIS client software can be obtained from: --</Para> -- --<Para> -- --<Screen> -- Site Directory File Name -- -- ftp.kernel.org /pub/linux/utils/net/NIS yp-tools-2.7.tar.gz -- ftp.kernel.org /pub/linux/utils/net/NIS ypbind-mt-1.12.tar.gz -- ftp.kernel.org /pub/linux/utils/net/NIS ypbind-3.3.tar.gz -- ftp.kernel.org /pub/linux/utils/net/NIS ypbind-3.3-glibc5.diff.gz --</Screen> -- --</Para> -- --<Para> --Once you obtained the software, please follow the instructions which --come with the software. yp-clients 2.2 are for use with libc4 and libc5 --until 5.4.20. libc 5.4.21 and glibc 2.x needs yp-tools 1.4.1 or later. --The new yp-tools 2.4 should work with every Linux libc. Since there was --a bug in the NIS code, you shouldn't use libc 5.4.21-5.4.35. Use libc --5.4.36 or later instead, or the most YP programs will not work. --ypbind 3.3 will work with all libraries, too. If you use gcc 2.8.x or --greater, egcs or glibc 2.x, you should add the ypbind-3.3-glibc5.diff --patch to ypbind 3.3. If possible you should avoid the use of ypbind 3.3 --for security reasons. --ypbind-mt is a new, multithreaded daemon. It needs a Linux 2.2 kernel --and glibc 2.1 or later. -+The system libraries "/usr/lib/libc.so.x" and "/usr/lib/libc.a" -+contain all necessary system calls to -+succesfully compile the NIS client and server software. - </Para> - - </Sect2> -@@ -726,31 +668,9 @@ - </Title> - - <Para> --After you have succesfully compiled the software you are now ready --to install it. A suitable place for the ypbind daemon is the directory --/usr/sbin. Some people may tell you that you don't need --ypbind on a system with NYS. This is wrong. ypwhich and ypcat need it --always. --</Para> -- --<Para> --You must do this as root of course. The other binaries (ypwhich, --ypcat, yppasswd, yppoll, ypmatch) should go in a directory accessible --by all users, normally /usr/bin. --</Para> -- --<Para> --Newer ypbind versions have a configuration file called /etc/yp.conf. You can --hardcode a NIS server there - for more info see the manual page for ypbind(8). --You also need this file for NYS. --An example: -- --<Screen> -- ypserver 10.10.0.1 -- ypserver 10.0.100.8 -- ypserver 10.3.1.1 --</Screen> -- -+The ypbind process can be forced to bind to a specific NIS server by specifing -+the server in /etc/rc.conf. -+For more info see the manual page for ypbind(8). - </Para> - - <Para> -@@ -904,14 +824,6 @@ - </Para> - - <Para> --To check if the domainname is set correct, use the --<Command>/bin/ypdomainname</Command> from --yp-tools 2.2. It uses the yp_get_default_domain() function which is more --restrict. It doesn't allow for example the "(none)" domainname, which --is the default under Linux and makes a lot of problems. --</Para> -- --<Para> - If the test worked you may now want to change your startupd files - so that ypbind will be started at boot time and your system will - act as a NIS client. Make sure that the domainname will -@@ -933,19 +845,15 @@ - - <Para> - For host lookups you must set (or add) "nis" to the lookup order line --in your <filename>/etc/host.conf</filename> file. Please read the --manpage "resolv+.8" for more details. --</Para> -- --<Para> --Add the following line to <filename>/etc/passwd</filename> --on your NIS clients: -+in your <filename>/etc/host.conf</filename> file. Please see the -+comments in /etc/host.conf for more details. - </Para> - - <Para> -+Add the following line to /etc/master.passwd using vipw on your NIS clients: - - <Screen> --+:::::: -++::::::::: - </Screen> - - </Para> -@@ -953,10 +861,10 @@ - <Para> - You can also use the + and - characters to include/exclude or change - users. If you want to exclude the user guest just add -guest to your --<filename>/etc/passwd</filename> file. -+<filename>/etc/master.passwd</filename> file. - You want to use a different shell (e.g. ksh) for --the user "linux"? No problem, just add "+linux::::::/bin/ksh" --(without the quotes) to your <filename>/etc/passwd</filename>. Fields -+the user "ken"? No problem, just add "+ken:::::::::/usr/local/bin/bash" -+(without the quotes) to your <filename>/etc/master.passwd</filename>. Fields - that you don't want - to change have to be left empty. You could also use Netgroups for - user control. -@@ -971,487 +879,19 @@ - <Para> - - <Screen> -- +miquels::::::: -- +ed::::::: -- +dth::::::: -- +@sysadmins::::::: -- -ftp -- +:*::::::/etc/NoShell -+ +dennis::::::::: -+ +@sysadmins::::::::: -+ -ftp::::::::: -+ +@rejected-users::32767:32767::::::/bin/false - </Screen> - - </Para> - - <Para> --Note that in Linux you can also override the password field, as we did -+Note that in FreeBSD you can also override the password field, as we did - in this example. We also remove the login "ftp", so it isn't known any - longer, and anonymous ftp will not work. --</Para> -- --<Para> --The netgroup would look like -- --<Screen> --sysadmins (-,software,) (-,kukuk,) --</Screen> -- --</Para> -- --<Para> --IMPORTANT: The netgroup feature is implemented starting from libc 4.5.26. --If you have a version of libc earlier than 4.5.26, every user in the --NIS password database can access your linux machine if you run "ypbind" ! --</Para> -- --</Sect2> -- --<Sect2> --<Title>Setting up a NIS Client using NYS --<IndexTerm><Primary -->NYS!client setup</Primary></IndexTerm> --</Title> -- --<Para> --All that is required is that the NIS configuration file --(/etc/yp.conf) points to the correct server(s) for its information. --Also, the Name Services Switch configuration file (/etc/nsswitch.conf) --must be correctly set up. --</Para> -- --<Para> --You should install ypbind. It isn't needed by the libc, but the NIS(YP) --tools need it. --</Para> -- --<Para> --If you wish to use the include/exclude user feature (+/-guest/+@admins), --you have to use "passwd: compat" and "group: compat" in nsswitch.conf. --Note that there is no "shadow: compat"! You have to --use "shadow: files nis" in this case. --</Para> -- --<Para> --The NYS sources are part of the libc 5 sources. When run configure, --say the first time "NO" to the "Values correct" question, --then say "YES" to "Build a NYS libc from nys". --</Para> -- --</Sect2> -- --<Sect2> --<Title>Setting up a NIS Client using glibc 2.x --<IndexTerm><Primary -->NIS!client setup!using glibc 2.x</Primary></IndexTerm> --</Title> -- --<Para> --The glibc uses "traditional NIS", so you need to start ypbind. The --Name Services Switch configuration file (/etc/nsswitch.conf) must be --correctly set up. If you use the compat mode for passwd, shadow or group, --you have to add the "+" at the end of this files and you can use --the include/exclude user feature. The configuration is excatly the same --as under Solaris 2.x. --</Para> -- --</Sect2> -- --<Sect2> --<Title>The nsswitch.conf File --<IndexTerm><Primary -->nsswitch.conf file</Primary></IndexTerm> -- --<IndexTerm><Primary -->NIS!nsswitch.conf file</Primary></IndexTerm> --</Title> -- --<Para> --The Network Services switch file /etc/nsswitch.conf determines the --order of lookups performed when a certain piece of information is --requested, just like the /etc/host.conf file which determines the way --host lookups are performed. For example, the line --</Para> -- --<Para> -- --<Screen> -- hosts: files nis dns --</Screen> -- --</Para> -- --<Para> --specifies that host lookup functions should first look in the local --/etc/hosts file, followed by a NIS lookup and finally through the domain --name service (/etc/resolv.conf and named), at which point if no match --is found an error is returned. This file must be readable for every --user! You can find more information in the man-page nsswitch.5 --or nsswitch.conf.5. --</Para> -- --<Para> --A good /etc/nsswitch.conf file for NIS is: -- --<Screen> --# --# /etc/nsswitch.conf --# --# An example Name Service Switch config file. This file should be --# sorted with the most-used services at the beginning. --# --# The entry '[NOTFOUND=return]' means that the search for an --# entry should stop if the search in the previous entry turned --# up nothing. Note that if the search failed due to some other reason --# (like no NIS server responding) then the search continues with the --# next entry. --# --# Legal entries are: --# --# nisplus Use NIS+ (NIS version 3) --# nis Use NIS (NIS version 2), also called YP --# dns Use DNS (Domain Name Service) --# files Use the local files --# db Use the /var/db databases --# [NOTFOUND=return] Stop searching if not found so far --# -- --passwd: compat --group: compat --# For libc5, you must use shadow: files nis --shadow: compat -- --passwd_compat: nis --group_compat: nis --shadow_compat: nis -- --hosts: nis files dns -- --services: nis [NOTFOUND=return] files --networks: nis [NOTFOUND=return] files --protocols: nis [NOTFOUND=return] files --rpc: nis [NOTFOUND=return] files --ethers: nis [NOTFOUND=return] files --netmasks: nis [NOTFOUND=return] files --netgroup: nis --bootparams: nis [NOTFOUND=return] files --publickey: nis [NOTFOUND=return] files --automount: files --aliases: nis [NOTFOUND=return] files --</Screen> -- --</Para> -- --<Para> --passwd_compat, group_compat and shadow_compat are only supported by glibc 2.x. --If there are no shadow rules in /etc/nsswitch.conf, glibc will use the passwd --rule for lookups. There are some more lookup module for glibc like hesoid. --For more information, read the glibc documentation. --</Para> -- --</Sect2> -- --<Sect2> --<Title>Shadow Passwords with NIS --<IndexTerm><Primary -->NIS!shadow passwords</Primary></IndexTerm> --</Title> -- --<Para> --Shadow passwords over NIS are always a bad idea. You loose the security, --which shadow gives you, and it is supported by only some few Linux C --Libraries. A good way to avoid shadow passwords over NIS is, --to put only the local system users in /etc/shadow. Remove the NIS user --entries from the shadow database, and put the password back in passwd. --So you can use shadow for the root login, and normal passwd for NIS --user. This has the advantage that it will work with every NIS client. --</Para> -- --<Sect3> --<Title>Linux</Title> -- --<Para> --The only Linux libc which supports shadow passwords over NIS, is the --GNU C Library 2.x. Linux libc5 has no support for it. Linux --libc5 compiled with NYS enabled has some code for it. But this code --is badly broken in some cases and doesn't work with all correct --shadow entries. --</Para> -- --</Sect3> -- --<Sect3> --<Title>Solaris</Title> -- --<Para> --Solaris does not support shadow passwords over NIS. --</Para> -- --</Sect3> -- --<Sect3> --<Title>PAM --<IndexTerm><Primary -->PAM!shadow passwords</Primary></IndexTerm> --</Title> -- --<Para> --Linux-PAM 0.75 and newr does support Shadow passwords over NIS if you --use the pam_unix.so Module or if you install the extra pam_unix2.so --Module. Old systems using pam_pwdb/libpwdb (for example Red Hat --Linux 5.x) --need to change the /etc/pam.d/* entries. All pam_pwdb rules should --be replaced through a pam_unix_* module. --</Para> -- --<Para> --An example /etc/pam.d/login file looks like: --</Para> -- --<Para> -- --<Screen> --#%PAM-1.0 --auth requisite pam_unix2.so nullok #set_secrpc --auth required pam_securetty.so --auth required pam_nologin.so --auth required pam_env.so --auth required pam_mail.so --account required pam_unix2.so --password required pam_pwcheck.so nullok --password required pam_unix2.so nullok use_first_pass use_authtok --session required pam_unix2.so none # debug or trace --session required pam_limits.so --</Screen> -- --</Para> -- --</Sect3> -- --</Sect2> -- --</Sect1> -- --<Sect1 id="nisplus"> --<Title>What do you need to set up NIS+ ?</Title> -- --<Sect2> --<Title>The Software --<IndexTerm><Primary -->NIS+!software required</Primary></IndexTerm> --</Title> -- --<Para> --The Linux NIS+ client code was developed for the GNU C library 2. --There is also a port for Linux libc5, since most commercial Applications --where linked against this library in the past, and you cannot recompile --them for using glibc. There are problems with libc5 and NIS+: --static programs cannot be linked with it, and programs compiled --with this library will not work with other libc5 versions. --</Para> -- --<Para> --As base System you need a glibc based Distribution like Debian, --Red Hat Linux or SuSE Linux. If you have a Linux Distribution, which --does not have glibc 2.1.1 or later, you need to update to a newer --version. --</Para> -- --<Para> --The NIS+ client software can be obtained from: -- --<Screen> -- Site Directory File Name -- -- ftp.gnu.org /pub/gnu/glibc glibc-2.2.5.tar.gz, -- glibc-linuxthreads-2.2.5.tar.gz -- ftp.kernel.org /pub/linux/utils/net/NIS+ nis-utils-1.4.1.tar.gz --</Screen> -- --</Para> -- --<Para> --You should also have a look at --<ULink --URL="http://www.linux-nis.org/nisplus/" -->http://www.linux-nis.org/nisplus/</ULink --> --for more information and the latest sources. --</Para> -- --</Sect2> -- --<Sect2> --<Title>Setting up a NIS+ client --<IndexTerm><Primary -->NIS+!client setup</Primary></IndexTerm> --</Title> -- --<Para> --IMPORTANT: For setting up a NIS+ client read your Solaris NIS+ docs --what to do on the server side! This document only describes what to do --on the client side! --</Para> -- --<Para> --After installing the new libc and nis-tools, create the credentials for --the new client on the NIS+ server. Make sure portmap is running. Then --check if your Linux PC has the same time as the NIS+ Server. For secure RPC, --you have only a small window from about 3 minutes, in which the credentials --are valid. A good idea is to run xntpd on every host. After this, run --</Para> -- --<Para> -- --<Screen> --domainname nisplus.domain. --nisinit -c -H <NIS+ server> --</Screen> -- --</Para> -- --<Para> --to initialize the cold start file. Read the nisinit man page for more --options. Make sure that the domainname will always be set after a reboot. --If you don't know what the NIS+ domain name is on your network, ask --your system/network administrator. --</Para> -- --<Para> --Now you should change your <filename>/etc/nsswitch.conf</filename> --file. Make sure that the --only service after publickey is nisplus ("publickey: nisplus"), and nothing --else! --</Para> -- --<Para> --Then start keyserv and make sure, that it will always be started --as first daemon after portmap at boot time. Run -- --<Screen> --keylogin -r --</Screen> -- --to store the root secretkey on your system. (I hope you have added the --publickey for the new host on the NIS+ Server?). --</Para> -- --<Para> --<Command>niscat passwd.org_dir</Command> --should now show you all entries in the passwd database. --</Para> -- --</Sect2> -- --<Sect2> --<Title>NIS+, keylogin, login and PAM --<IndexTerm><Primary -->NIS+!use of PAM with</Primary></IndexTerm> --</Title> -- --<Para> --When the user logs in, he need to set his secretkey to keyserv. This is done --by calling "keylogin". The login from the shadow package will do this for the --user, if it was compiled against glibc 2.1. For a PAM aware login, you have --to change the /etc/pam.d/login file to --use pam_unix2, not pwdb, which doesn't support NIS+. An example: --</Para> -- --<Para> -- --<Screen> --#%PAM-1.0 --auth required /lib/security/pam_securetty.so --auth required /lib/security/pam_unix2.so set_secrpc --auth required /lib/security/pam_nologin.so --account required /lib/security/pam_unix2.so --password required /lib/security/pam_unix2.so --session required /lib/security/pam_unix2.so --</Screen> -- --</Para> -- --</Sect2> -- --<Sect2> --<Title>The nsswitch.conf File --<IndexTerm><Primary -->nsswitch.conf file</Primary></IndexTerm> -- --<IndexTerm><Primary -->NIS+!nsswitch.conf file</Primary></IndexTerm> --</Title> -- --<Para> --The Network Services switch file <filename>/etc/nsswitch.conf</filename> --determines the order of lookups performed when a certain piece of --information is requested, just like the --<filename>/etc/host.conf</filename> file which determines the way --host lookups are performed. For example, the line --</Para> -- --<Para> -- --<Screen> -- hosts: files nisplus dns --</Screen> -- --</Para> -- --<Para> --specifies that host lookup functions should first look in the local --<filename>/etc/hosts</filename> file, followed by a NIS+ lookup and --finally through the domain --name service (<filename>/etc/resolv.conf</filename> and named), at --which point if no match is found an error is returned. --</Para> -- --<Para> --A good <filename>/etc/nsswitch.conf</filename> file for NIS+ is: -- --<Screen> --# --# /etc/nsswitch.conf --# --# An example Name Service Switch config file. This file should be --# sorted with the most-used services at the beginning. --# --# The entry '[NOTFOUND=return]' means that the search for an --# entry should stop if the search in the previous entry turned --# up nothing. Note that if the search failed due to some other reason --# (like no NIS server responding) then the search continues with the --# next entry. --# --# Legal entries are: --# --# nisplus Use NIS+ (NIS version 3) --# nis Use NIS (NIS version 2), also called YP --# dns Use DNS (Domain Name Service) --# files Use the local files --# db Use the /var/db databases --# [NOTFOUND=return] Stop searching if not found so far --# -- --passwd: compat --group: compat --shadow: compat -- --passwd_compat: nisplus --group_compat: nisplus --shadow_compat: nisplus -- --hosts: nisplus files dns -- --services: nisplus [NOTFOUND=return] files --networks: nisplus [NOTFOUND=return] files --protocols: nisplus [NOTFOUND=return] files --rpc: nisplus [NOTFOUND=return] files --ethers: nisplus [NOTFOUND=return] files --netmasks: nisplus [NOTFOUND=return] files --netgroup: nisplus --bootparams: nisplus [NOTFOUND=return] files --publickey: nisplus --automount: files --aliases: nisplus [NOTFOUND=return] files --</Screen> -- -+See the ``man 5 passwd'' for further explantion and more examples. - </Para> - - </Sect2> -@@ -1478,41 +918,6 @@ - </Para> - - <Para> --The NIS server software can be found on: --</Para> -- --<Para> -- --<Screen> -- Site Directory File Name -- -- ftp.kernel.org /pub/linux/utils/net/NIS ypserv-2.4.tar.gz -- ftp.kernel.org /pub/linux/utils/net/NIS ypserv-2.4.tar.bz2 --</Screen> -- --</Para> -- --<Para> --You could also look at --<ULink --URL="http://www.linux-nis.org/nis/" -->http://www.linux-nis.org/nis/</ULink --> --for more information. --</Para> -- --<Para> --The server setup is the same for both traditional NIS and NYS. --</Para> -- --<Para> --Compile the software to generate the <Command>ypserv</Command> and --<Command>makedbm</Command> --programs. ypserv-2.x only supports the securenets file for access --restrictions. --</Para> -- --<Para> - If you run your server as master, determine what files you require to be - available via NIS and then add or remove the appropriate - entries to the "all" rule in <filename>/var/yp/Makefile</filename>. -@@ -1521,19 +926,9 @@ - </Para> - - <Para> --There was one big change between ypserv 1.1 and ypserv 1.2. Since --version 1.2, the file handles are cached. This means you have to --call makedbm always with the -c option if you create new maps. Make --sure, you are using the --new <filename>/var/yp/Makefile</filename> from ypserv 1.2 or later, --or add the -c flag to makedbm in the Makefile. If you don't do that, --ypserv will continue to use the old maps, and not the updated one. --</Para> -- --<Para> - Now edit <filename>/var/yp/securenets</filename> and --<filename>/etc/ypserv.conf</filename>. --For more information, read the ypserv(8) and ypserv.conf(5) manual pages. -+<filename>/etc/rc.conf</filename>. -+For more information, read the ypserv(8) manual page and /etc/rc.conf comments. - </Para> - - <Para> -@@ -1575,7 +970,7 @@ - <Para> - - <Screen> -- % /usr/lib/yp/ypinit -m -+ % /usr/sbin/ypinit -m - </Screen> - - </Para> -@@ -1586,7 +981,7 @@ - must be configured as NIS client before you could run - - <Screen> -- % /usr/lib/yp/ypinit -s masterhost -+ % /usr/sbin/ypinit -s masterhost - </Screen> - - to install the host as NIS slave. -@@ -1612,16 +1007,16 @@ - </Para> - - <Para> --You might want to edit root's crontab *on the slave* server and add the -+You might want to edit the system crontab (/etc/crontab) *on the slave* server and add the - following lines: - </Para> - - <Para> - - <Screen> -- 20 * * * * /usr/lib/yp/ypxfr_1perhour -- 40 6 * * * /usr/lib/yp/ypxfr_1perday -- 55 6,18 * * * /usr/lib/yp/ypxfr_2perday -+ 20 * * * * root /usr/libexec/ypxfr passwd.byname -+ 21 * * * * root /usr/libexec/ypxfr passwd.byuid -+ 55 19 * * * root /usr/libexec/ypxfr hosts.ypname - </Screen> - - This will ensure that most NIS maps are kept up-to-date, even if an -@@ -1634,7 +1029,7 @@ - the new slave server has permissions to contact the NIS master. Then run - - <Screen> -- % /usr/lib/yp/ypinit -s masterhost -+ % /usr/sbin/ypinit -s masterhost - </Screen> - - on the new slave. On the master server, add the new slave server name -@@ -1646,7 +1041,7 @@ - <Para> - If you want to restrict access for users to your NIS server, you'll have - to setup the NIS server as a client as well by running ypbind and adding the --plus-entries to <filename>/etc/passwd</filename> _halfway_ -+plus-entries to <filename>/etc/master.passwd</filename> _halfway_ - the password file. The library - functions will ignore all normal entries after the first NIS entry, and - will get the rest of the info through NIS. This way the NIS access rules -@@ -1668,17 +1063,17 @@ - news:*:9:9:news:/var/spool/news: - uucp:*:10:50:uucp:/var/spool/uucp: - nobody:*:65534:65534:noone at all,,,,:/dev/null: -- +miquels:::::: -- +:*:::::/etc/NoShell -+ +dennis::::::::: -+ +*:::::::::/bin/false - [ All normal users AFTER this line! ] - tester:*:299:10:Just a test account:/tmp: -- miquels:1234567890123:101:10:Miquel van Smoorenburg:/home/miquels:/bin/zsh -+ obrien:1765:01:10::0:0:David O'Brien:/home/obrien:/bin/sh - </Screen> - - </Para> - - <Para> --Thus the user "tester" will exist, but have a shell of /etc/NoShell. miquels -+Thus the user "tester" will exist, but have a shell of /bin/false. obrien - will have normal access. - </Para> - -@@ -1686,7 +1081,7 @@ - Alternatively, you could edit the <filename>/var/yp/Makefile</filename> file - and set NIS to use - another source password file. On large systems the NIS password and group --files are usually stored in <Literal remap="tt">/etc/yp/</Literal>. If you do this the normal -+files are sometimes stored in <Literal remap="tt">/etc/yp/</Literal>. If you do this the normal - tools to administrate the password file such as <Literal remap="tt">passwd</Literal>, <Literal remap="tt">chfn</Literal>, - <Literal remap="tt">adduser</Literal> will not work anymore and you need special homemade tools - for this. -@@ -1699,137 +1094,6 @@ - - </Sect2> - --<Sect2> --<Title>The Server Program yps --<IndexTerm><Primary -->NIS!yps server</Primary></IndexTerm> -- --<IndexTerm><Primary -->yps NIS server</Primary></IndexTerm> --</Title> -- --<Para> --To set up the "yps" NIS server please refer to the previous paragraph. --The "yps" server setup is similar, _but_ not exactly the same so --beware if you try to apply the "ypserv" instructions to "yps"! --"yps" is not supported by any author, and contains some security leaks. --You really shouldn't use it ! --</Para> -- --<Para> --The "yps" NIS server software can be found on: --</Para> -- --<Para> -- --<Screen> -- Site Directory File Name -- -- ftp.lysator.liu.se /pub/NYS/servers yps-0.21.tar.gz -- ftp.kernel.org /pub/linux/utils/net/NIS yps-0.21.tar.gz --</Screen> -- --</Para> -- --</Sect2> -- --<Sect2> --<Title>The Program rpc.ypxfrd --<IndexTerm><Primary -->NIS|rpc.ypxfrd daemon</Primary></IndexTerm> -- --<IndexTerm><Primary -->rpc.ypxfrd daemon</Primary></IndexTerm> --</Title> -- --<Para> --rpc.ypxfrd is used for speed up the transfer of very large --NIS maps from a NIS master to NIS slave servers. If a --NIS slave server receives a message that there is a new --map, it will start ypxfr for transfering the new map. --ypxfr will read the contents of a map from the master --server using the yp_all() function. This process can take --several minutes when there are very large maps which have --to store by the database library. --</Para> -- --<Para> --The rpc.ypxfrd server speeds up the transfer process by --allowing NIS slave servers to simply copy the master --server's map files rather than building their own from --scratch. rpc.ypxfrd uses an RPC-based file transfer protocol, --so that there is no need for building a new map. --</Para> -- --<Para> --rpc.ypxfrd can be started by inetd. But since it starts --very slow, it should be started with ypserv. You need to start --rpc.ypxfrd only on the NIS master server. --</Para> -- --</Sect2> -- --<Sect2> --<Title>The Program rpc.yppasswdd --<IndexTerm><Primary -->NIS!rpc.yppasswdd daemon</Primary></IndexTerm> -- --<IndexTerm><Primary -->rpc.yppasswdd daemon</Primary></IndexTerm> --</Title> -- --<Para> --Whenever users change their passwords, the NIS password database and --probably other NIS databases, which depend on the NIS password --database, should be updated. The program "rpc.yppasswdd" is a server that --handles password changes and makes sure that the NIS information will --be updated accordingly. rpc.yppasswdd is now integrated in ypserv. You --don't need the older, separate yppasswd-0.9.tar.gz or yppasswd-0.10.tar.gz, --and you shouldn't use them any longer. The rpc.yppasswdd in ypserv 1.3.2 --has full shadow support. yppasswd is now part of yp-tools-2.2.tar.gz. --</Para> -- --<Para> --You need to start rpc.yppasswdd only on the NIS master server. By default, --users are not allowed to change their full name or the login shell. --You can allow this with the -e chfn or -e chsh option. --</Para> -- --<Para> --If your passwd and shadow files are not in another directory then --/etc, you need to add the -D option. For example, if you have put --all source files in /etc/yp and wish to allow the user to change --his shell, you need to start rpc.yppasswdd with the following parameters: --</Para> -- --<Para> -- --<Screen> -- rpc.yppasswdd -D /etc/yp -e chsh --</Screen> -- --</Para> -- --<Para> --or --</Para> -- --<Para> -- --<Screen> -- rpc.yppasswdd -s /etc/yp/shadow -p /etc/yp/passwd -e chsh --</Screen> -- --</Para> -- --<Para> --There is nothing more to do. You just need to make sure, that --<Literal remap="tt">rpc.yppasswdd</Literal> uses the same files as <Literal remap="tt">/var/yp/Makefile</Literal>. --Errors will be logged using syslog. --</Para> -- --</Sect2> -- - </Sect1> - - <Sect1 id="verification"> -@@ -1837,8 +1101,6 @@ - <IndexTerm><Primary - >NIS!verification of operation</Primary></IndexTerm> - --<IndexTerm><Primary -->NYS!verification of operation</Primary></IndexTerm> - </Title> - - <Para> -@@ -1869,9 +1131,7 @@ - - <Para> - (where userid is the login name of an arbitrary user) should give you --the user's entry in the NIS passwd file. The "ypcat" and "ypmatch" --programs should be included with your distribution of traditional --NIS or NYS. -+the user's entry in the NIS passwd file. - </Para> - - <Para> -@@ -2172,92 +1432,6 @@ - >NIS!problems with</Primary></IndexTerm> - </Title> - --<Para> --Here are some common problems reported by various users: --</Para> -- --<Para> -- --<OrderedList> --<ListItem> -- --<Para> --The libraries for 4.5.19 are broken. NIS won't work with it. -- --</Para> --</ListItem> --<ListItem> -- --<Para> --If you upgrade the libraries from 4.5.19 to 4.5.24 then the --su command breaks. You need to get the su command from the --slackware 1.2.0 distribution. Incidentally that's where you --can get the updated libraries. -- --</Para> --</ListItem> --<ListItem> -- --<Para> --When a NIS server goes down and comes up again ypbind starts --complaining with messages like: -- --<screen> -- yp_match: clnt_call: -- RPC: Unable to receive; errno = Connection refused --</screen> -- --and logins are refused for those who are registered in the --NIS database. Try to login as root and kill --ypbind and start it up again. An update to ypbind 3.3 or higher --should also help. -- --</Para> --</ListItem> --<ListItem> -- --<Para> --After upgrading the libc to a version greater then 5.4.20, the YP tools --will not work any longer. You need yp-tools 1.2 or later for --libc >= 5.4.21 and glibc 2.x. For earlier libc version you need --yp-clients 2.2. yp-tools 2.x should work for all libraries. -- --</Para> --</ListItem> --<ListItem> -- --<Para> --In libc 5.4.21 - 5.4.35 yp_maplist is broken, you need 5.4.36 or later, --or some YP programs like ypwhich will segfault. -- --</Para> --</ListItem> --<ListItem> -- --<Para> --libc 5 with traditional NIS doesn't support shadow passwords over NIS. --You need libc5 + NYS or glibc 2.x. --</Para> --</ListItem> --<ListItem> -- --<Para> --ypcat shadow doesn't show the shadow map. This is correct, the name of --the shadow map is shadow.byname, not shadow. --</Para> --</ListItem> --<ListItem> -- --<Para> --Solaris doesn't use always privileged ports. So don't use password --mangling if you have a Solaris client. --</Para> --</ListItem> -- --</OrderedList> -- --</Para> -- - </Sect1> - - <Sect1 id="faq"> -@@ -2274,7 +1448,7 @@ - <Para> - - <Screen> -- comp.os.linux.networking -+ hackers@FreeBSD.org - </Screen> - - </Para> diff --git a/misc/Howto/pkg-descr b/misc/Howto/pkg-descr deleted file mode 100644 index 53a517ccb591..000000000000 --- a/misc/Howto/pkg-descr +++ /dev/null @@ -1 +0,0 @@ -Linux HOW-TOs modified for applicablity on FreeBSD diff --git a/misc/Howto/pkg-plist b/misc/Howto/pkg-plist deleted file mode 100644 index 105c4a60c151..000000000000 --- a/misc/Howto/pkg-plist +++ /dev/null @@ -1,205 +0,0 @@ -%%DOCSDIR%%/DNS-HOWTO.ascii -%%DOCSDIR%%/DNS-HOWTO.latin1 -%%DOCSDIR%%/HOWTO-INDEX.html -%%DOCSDIR%%/HTML/DNS-HOWTO.html -%%DOCSDIR%%/HTML/DNS-HOWTO1.html -%%DOCSDIR%%/HTML/DNS-HOWTO10.html -%%DOCSDIR%%/HTML/DNS-HOWTO11.html -%%DOCSDIR%%/HTML/DNS-HOWTO12.html -%%DOCSDIR%%/HTML/DNS-HOWTO13.html -%%DOCSDIR%%/HTML/DNS-HOWTO14.html -%%DOCSDIR%%/HTML/DNS-HOWTO15.html -%%DOCSDIR%%/HTML/DNS-HOWTO16.html -%%DOCSDIR%%/HTML/DNS-HOWTO17.html -%%DOCSDIR%%/HTML/DNS-HOWTO18.html -%%DOCSDIR%%/HTML/DNS-HOWTO19.html -%%DOCSDIR%%/HTML/DNS-HOWTO2.html -%%DOCSDIR%%/HTML/DNS-HOWTO20.html -%%DOCSDIR%%/HTML/DNS-HOWTO21.html -%%DOCSDIR%%/HTML/DNS-HOWTO22.html -%%DOCSDIR%%/HTML/DNS-HOWTO23.html -%%DOCSDIR%%/HTML/DNS-HOWTO24.html -%%DOCSDIR%%/HTML/DNS-HOWTO25.html -%%DOCSDIR%%/HTML/DNS-HOWTO26.html -%%DOCSDIR%%/HTML/DNS-HOWTO27.html -%%DOCSDIR%%/HTML/DNS-HOWTO28.html -%%DOCSDIR%%/HTML/DNS-HOWTO29.html -%%DOCSDIR%%/HTML/DNS-HOWTO3.html -%%DOCSDIR%%/HTML/DNS-HOWTO30.html -%%DOCSDIR%%/HTML/DNS-HOWTO31.html -%%DOCSDIR%%/HTML/DNS-HOWTO32.html -%%DOCSDIR%%/HTML/DNS-HOWTO33.html -%%DOCSDIR%%/HTML/DNS-HOWTO34.html -%%DOCSDIR%%/HTML/DNS-HOWTO35.html -%%DOCSDIR%%/HTML/DNS-HOWTO4.html -%%DOCSDIR%%/HTML/DNS-HOWTO5.html -%%DOCSDIR%%/HTML/DNS-HOWTO6.html -%%DOCSDIR%%/HTML/DNS-HOWTO7.html -%%DOCSDIR%%/HTML/DNS-HOWTO8.html -%%DOCSDIR%%/HTML/DNS-HOWTO9.html -%%DOCSDIR%%/HTML/DNS-HOWTO_toc.html -%%DOCSDIR%%/HTML/Linux+FreeBSD.html -%%DOCSDIR%%/HTML/Linux+FreeBSD1.html -%%DOCSDIR%%/HTML/Linux+FreeBSD10.html -%%DOCSDIR%%/HTML/Linux+FreeBSD11.html -%%DOCSDIR%%/HTML/Linux+FreeBSD12.html -%%DOCSDIR%%/HTML/Linux+FreeBSD13.html -%%DOCSDIR%%/HTML/Linux+FreeBSD14.html -%%DOCSDIR%%/HTML/Linux+FreeBSD15.html -%%DOCSDIR%%/HTML/Linux+FreeBSD16.html -%%DOCSDIR%%/HTML/Linux+FreeBSD17.html -%%DOCSDIR%%/HTML/Linux+FreeBSD18.html -%%DOCSDIR%%/HTML/Linux+FreeBSD2.html -%%DOCSDIR%%/HTML/Linux+FreeBSD3.html -%%DOCSDIR%%/HTML/Linux+FreeBSD4.html -%%DOCSDIR%%/HTML/Linux+FreeBSD5.html -%%DOCSDIR%%/HTML/Linux+FreeBSD6.html -%%DOCSDIR%%/HTML/Linux+FreeBSD7.html -%%DOCSDIR%%/HTML/Linux+FreeBSD8.html -%%DOCSDIR%%/HTML/Linux+FreeBSD9.html -%%DOCSDIR%%/HTML/Linux+FreeBSD_toc.html -%%DOCSDIR%%/HTML/NFS-HOWTO.html -%%DOCSDIR%%/HTML/NFS-HOWTO_toc.html -%%DOCSDIR%%/HTML/NIS-HOWTO.html -%%DOCSDIR%%/HTML/NIS-HOWTO1.html -%%DOCSDIR%%/HTML/NIS-HOWTO10.html -%%DOCSDIR%%/HTML/NIS-HOWTO11.html -%%DOCSDIR%%/HTML/NIS-HOWTO12.html -%%DOCSDIR%%/HTML/NIS-HOWTO13.html -%%DOCSDIR%%/HTML/NIS-HOWTO14.html -%%DOCSDIR%%/HTML/NIS-HOWTO15.html -%%DOCSDIR%%/HTML/NIS-HOWTO16.html -%%DOCSDIR%%/HTML/NIS-HOWTO17.html -%%DOCSDIR%%/HTML/NIS-HOWTO18.html -%%DOCSDIR%%/HTML/NIS-HOWTO19.html -%%DOCSDIR%%/HTML/NIS-HOWTO2.html -%%DOCSDIR%%/HTML/NIS-HOWTO20.html -%%DOCSDIR%%/HTML/NIS-HOWTO21.html -%%DOCSDIR%%/HTML/NIS-HOWTO22.html -%%DOCSDIR%%/HTML/NIS-HOWTO23.html -%%DOCSDIR%%/HTML/NIS-HOWTO24.html -%%DOCSDIR%%/HTML/NIS-HOWTO25.html -%%DOCSDIR%%/HTML/NIS-HOWTO26.html -%%DOCSDIR%%/HTML/NIS-HOWTO27.html -%%DOCSDIR%%/HTML/NIS-HOWTO28.html -%%DOCSDIR%%/HTML/NIS-HOWTO29.html -%%DOCSDIR%%/HTML/NIS-HOWTO3.html -%%DOCSDIR%%/HTML/NIS-HOWTO30.html -%%DOCSDIR%%/HTML/NIS-HOWTO31.html -%%DOCSDIR%%/HTML/NIS-HOWTO32.html -%%DOCSDIR%%/HTML/NIS-HOWTO33.html -%%DOCSDIR%%/HTML/NIS-HOWTO34.html -%%DOCSDIR%%/HTML/NIS-HOWTO35.html -%%DOCSDIR%%/HTML/NIS-HOWTO36.html -%%DOCSDIR%%/HTML/NIS-HOWTO37.html -%%DOCSDIR%%/HTML/NIS-HOWTO38.html -%%DOCSDIR%%/HTML/NIS-HOWTO39.html -%%DOCSDIR%%/HTML/NIS-HOWTO4.html -%%DOCSDIR%%/HTML/NIS-HOWTO40.html -%%DOCSDIR%%/HTML/NIS-HOWTO5.html -%%DOCSDIR%%/HTML/NIS-HOWTO6.html -%%DOCSDIR%%/HTML/NIS-HOWTO7.html -%%DOCSDIR%%/HTML/NIS-HOWTO8.html -%%DOCSDIR%%/HTML/NIS-HOWTO9.html -%%DOCSDIR%%/HTML/NIS-HOWTO_toc.html -%%DOCSDIR%%/HTML/Security-HOWTO.html -%%DOCSDIR%%/HTML/Security-HOWTO1.html -%%DOCSDIR%%/HTML/Security-HOWTO10.html -%%DOCSDIR%%/HTML/Security-HOWTO11.html -%%DOCSDIR%%/HTML/Security-HOWTO12.html -%%DOCSDIR%%/HTML/Security-HOWTO13.html -%%DOCSDIR%%/HTML/Security-HOWTO14.html -%%DOCSDIR%%/HTML/Security-HOWTO15.html -%%DOCSDIR%%/HTML/Security-HOWTO16.html -%%DOCSDIR%%/HTML/Security-HOWTO17.html -%%DOCSDIR%%/HTML/Security-HOWTO18.html -%%DOCSDIR%%/HTML/Security-HOWTO19.html -%%DOCSDIR%%/HTML/Security-HOWTO2.html -%%DOCSDIR%%/HTML/Security-HOWTO20.html -%%DOCSDIR%%/HTML/Security-HOWTO21.html -%%DOCSDIR%%/HTML/Security-HOWTO22.html -%%DOCSDIR%%/HTML/Security-HOWTO23.html -%%DOCSDIR%%/HTML/Security-HOWTO24.html -%%DOCSDIR%%/HTML/Security-HOWTO25.html -%%DOCSDIR%%/HTML/Security-HOWTO26.html -%%DOCSDIR%%/HTML/Security-HOWTO27.html -%%DOCSDIR%%/HTML/Security-HOWTO28.html -%%DOCSDIR%%/HTML/Security-HOWTO29.html -%%DOCSDIR%%/HTML/Security-HOWTO3.html -%%DOCSDIR%%/HTML/Security-HOWTO30.html -%%DOCSDIR%%/HTML/Security-HOWTO31.html -%%DOCSDIR%%/HTML/Security-HOWTO32.html -%%DOCSDIR%%/HTML/Security-HOWTO33.html -%%DOCSDIR%%/HTML/Security-HOWTO34.html -%%DOCSDIR%%/HTML/Security-HOWTO35.html -%%DOCSDIR%%/HTML/Security-HOWTO36.html -%%DOCSDIR%%/HTML/Security-HOWTO37.html -%%DOCSDIR%%/HTML/Security-HOWTO38.html -%%DOCSDIR%%/HTML/Security-HOWTO39.html -%%DOCSDIR%%/HTML/Security-HOWTO4.html -%%DOCSDIR%%/HTML/Security-HOWTO40.html -%%DOCSDIR%%/HTML/Security-HOWTO41.html -%%DOCSDIR%%/HTML/Security-HOWTO42.html -%%DOCSDIR%%/HTML/Security-HOWTO43.html -%%DOCSDIR%%/HTML/Security-HOWTO44.html -%%DOCSDIR%%/HTML/Security-HOWTO45.html -%%DOCSDIR%%/HTML/Security-HOWTO46.html -%%DOCSDIR%%/HTML/Security-HOWTO47.html -%%DOCSDIR%%/HTML/Security-HOWTO48.html -%%DOCSDIR%%/HTML/Security-HOWTO49.html -%%DOCSDIR%%/HTML/Security-HOWTO5.html -%%DOCSDIR%%/HTML/Security-HOWTO50.html -%%DOCSDIR%%/HTML/Security-HOWTO51.html -%%DOCSDIR%%/HTML/Security-HOWTO52.html -%%DOCSDIR%%/HTML/Security-HOWTO53.html -%%DOCSDIR%%/HTML/Security-HOWTO54.html -%%DOCSDIR%%/HTML/Security-HOWTO55.html -%%DOCSDIR%%/HTML/Security-HOWTO56.html -%%DOCSDIR%%/HTML/Security-HOWTO57.html -%%DOCSDIR%%/HTML/Security-HOWTO58.html -%%DOCSDIR%%/HTML/Security-HOWTO59.html -%%DOCSDIR%%/HTML/Security-HOWTO6.html -%%DOCSDIR%%/HTML/Security-HOWTO60.html -%%DOCSDIR%%/HTML/Security-HOWTO61.html -%%DOCSDIR%%/HTML/Security-HOWTO62.html -%%DOCSDIR%%/HTML/Security-HOWTO63.html -%%DOCSDIR%%/HTML/Security-HOWTO64.html -%%DOCSDIR%%/HTML/Security-HOWTO65.html -%%DOCSDIR%%/HTML/Security-HOWTO66.html -%%DOCSDIR%%/HTML/Security-HOWTO67.html -%%DOCSDIR%%/HTML/Security-HOWTO68.html -%%DOCSDIR%%/HTML/Security-HOWTO69.html -%%DOCSDIR%%/HTML/Security-HOWTO7.html -%%DOCSDIR%%/HTML/Security-HOWTO70.html -%%DOCSDIR%%/HTML/Security-HOWTO71.html -%%DOCSDIR%%/HTML/Security-HOWTO72.html -%%DOCSDIR%%/HTML/Security-HOWTO73.html -%%DOCSDIR%%/HTML/Security-HOWTO74.html -%%DOCSDIR%%/HTML/Security-HOWTO75.html -%%DOCSDIR%%/HTML/Security-HOWTO76.html -%%DOCSDIR%%/HTML/Security-HOWTO77.html -%%DOCSDIR%%/HTML/Security-HOWTO78.html -%%DOCSDIR%%/HTML/Security-HOWTO79.html -%%DOCSDIR%%/HTML/Security-HOWTO8.html -%%DOCSDIR%%/HTML/Security-HOWTO80.html -%%DOCSDIR%%/HTML/Security-HOWTO81.html -%%DOCSDIR%%/HTML/Security-HOWTO82.html -%%DOCSDIR%%/HTML/Security-HOWTO83.html -%%DOCSDIR%%/HTML/Security-HOWTO84.html -%%DOCSDIR%%/HTML/Security-HOWTO85.html -%%DOCSDIR%%/HTML/Security-HOWTO86.html -%%DOCSDIR%%/HTML/Security-HOWTO87.html -%%DOCSDIR%%/HTML/Security-HOWTO88.html -%%DOCSDIR%%/HTML/Security-HOWTO89.html -%%DOCSDIR%%/HTML/Security-HOWTO9.html -%%DOCSDIR%%/HTML/Security-HOWTO_toc.html -%%DOCSDIR%%/Linux+FreeBSD.ascii -%%DOCSDIR%%/Linux+FreeBSD.latin1 -%%DOCSDIR%%/NFS-HOWTO.ascii -%%DOCSDIR%%/NFS-HOWTO.latin1 -%%DOCSDIR%%/NIS-HOWTO.ascii -%%DOCSDIR%%/NIS-HOWTO.latin1 -%%DOCSDIR%%/Security-HOWTO.ascii -%%DOCSDIR%%/Security-HOWTO.latin1 -@dirrm %%DOCSDIR%%/HTML -@dirrm %%DOCSDIR%% |