yppasswd 命令详解

| 选择喜欢的代码风格  

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

yppasswd 命令安装:


-bash/zsh: yppasswd: command not found

#Debian
apt-get install yp-tools

#Ubuntu
apt-get install yp-tools

#Kali Linux
apt-get install nis

#CentOS
yum install yp-tools
yum -y install ypbind rpcbind

#Fedora
dnf install yp-tools

#Raspbian
apt-get install nis

NIS Client 配置:


配置 NIS 客户端,本示例基于以下环境。

+----------------------+          |          +----------------------+
| [    NIS Server    ] |10.0.0.30 | 10.0.0.31| [    NIS Client    ] |
|     dlp.srv.world    +----------+----------+     www.srv.world    |
|                      |                     |                      |
+----------------------+                     +----------------------+

[1] 在 NIS 客户端上配置。

# set NIS domain
[root@www ~]
$ ypdomainname srv.world

[root@www ~]
$ echo "NISDOMAIN=srv.world" >> /etc/sysconfig/network

[root@www ~]
$ vi /etc/hosts

# add IP addresses for NIS server and clients
10.0.0.30   dlp.srv.world dlp
10.0.0.31   www.srv.world www

[root@www ~]
$ authconfig \
--enablenis \
--nisdomain=srv.world \
--nisserver=dlp.srv.world \
--enablemkhomedir \
--update

[root@www ~]
$ systemctl start rpcbind ypbind

[root@www ~]
$ systemctl enable rpcbind ypbind


[root@www ~]
$ exit

www login: redhat     # NIS user
Password:     # NIS password
Creating directory '/home/redhat'.
[redhat@www ~]$     # just logined
# validation
[redhat@www ~]
$ ypwhich

dlp.srv.world

# try to change NIS password

[redhat@www ~]
$ yppasswd

Changing NIS account information for redhat on dlp.srv.world.
Please enter old password:     # current one
Changing NIS password for redhat on dlp.srv.world.
Please enter new password:     # new one
Please retype new password:
The NIS password has been changed on dlp.srv.world.

[2] 如果启用了 SELinux,则需要添加一条规则以允许 mkhomedir 自动创建主目录。

[root@www ~]
$ vi mkhomedir.te

# create new

module mkhomedir 1.0;

require {
        type unconfined_t;
        type oddjob_mkhomedir_exec_t;
        class file entrypoint;
}

#============= unconfined_t ==============
allow unconfined_t oddjob_mkhomedir_exec_t:file entrypoint;

[root@www ~]
$ checkmodule -m -M -o mkhomedir.mod mkhomedir.te

checkmodule: loading policy configuration from mkhomedir.te
checkmodule: policy configuration loaded
checkmodule: writing binary representation (version 17) to mkhomedir.mod

[root@www ~]
$ semodule_package --outfile mkhomedir.pp --module mkhomedir.mod

[root@www ~]
$ semodule -i mkhomedir.pp

yppasswd 命令语法:


yppasswd [ username ]

yppasswd 命令选项:


username: 用户名更改 NIS 数据库记录的用户名。

yppasswd 命令实例


为用户希望更改 NIS 数据库。 要执行此命令需要超级用户权限

yppasswd hope

yppasswd 命令扩展阅读:




yppasswd 命令评论