What do I need to know about administering NIS?

NIS Basics

The purpose of NIS (also called YP, for yellow pages) is to make administration of large *nix labs easier by storing configuration files in a central location. I switched to NIS because I was frustrated with the tedious process of adding a user. Because there was no central user account information, I had to add the user to each and every machine in the lab. This is exactly the sort of problem NIS is intended to solve.

NIS has one master server, zero or more slave servers, and any number of clients. The master server contains the authoritative copies of configuration files, the slave server replicates these files for redundancy, and the clients use the information from the servers. The database containing the authoritative information is in /var/yp on a server.

Instead of going into great detail here, I will refer to the FreeBSD Handbook section on NIS. (I also found an older version.)

DIRT-specific setup

In our lab, brutus is the master server, professor is the only slave server, and the NIS domain name is "dirt-cs". brutus contains the passwd and master.passwd files used in the creation of the maps in its /var/yp directory.


Note that NIS is not a very secure solution. Encrypted passwords (which are easily cracked) are transmitted in plain text over the network. There are other security issues as well, but I feel this risk is worth it as long as the firewalls are in place. (As a precedent, rsh, rlogin, and rcp have similar security flaws, but we have used them for several years now.)

Other Issues

Because an NIS client will need to talk to an NIS server, the deployment of NIS means there will be slightly more network traffic in the dirt lab. I feel the precedent has been set by the deployment of NFS that this is not a concern, even for experimental networks.

Jeff Terrell 01/11/06