[prev in list] [next in list] [prev in thread] [next in thread]
List: suse-linux-e
Subject: Re: [SLE] NIS, NIS+, Automount which combinations work
From: Dylan <dylan () dylan ! me ! uk>
Date: 2004-01-30 20:44:51
Message-ID: 200401302044.51735.dylan () dylan ! me ! uk
[Download RAW message or body]
On Friday 30 January 2004 20:03 pm, Steven T. Hatton wrote:
> I've never found time to focus on this topic, but I believe it is
> very important. I discovered automount purely by accident. It
> wasn't until I removed NIS that I learned that automount required
> NIS.
It doesn't. but works well with it. It may be a dependency, but
automount (actually autofs) is independent of NIS. If you are thinking
of using it then I'd reccomend getting the latest autofs4 from
www.kernel.org.
> I seem to recall that it does (did) not work with NIS+, or
> something like that. I'm trying to get all this straight in my head.
>
> What are the various options available in SuSE 9.0 as regards NIS,
> NIS+, Automount, NFS, etc. I.e., what versions and variants are
> available, and how do they work together?
NIS+ is only available as a client - SFAIK there is no Linux server for
it, only a Solaris one. Can't say any more about it that that...
NIS works well, but you may need to hack the makefile to get it to
distribute non-standard autofs maps. I simply added the necessary
sections for my setup and it worked fine. There is no encryption on the
passwords, so it shouldn't be used on an open or untrusted network.
Also, you might need to consider which groups you map (I had to do some
shenanigans to get GID uucp right so my client boxes can access serial
devices.)
Autofs3 doesn't (IME, YMMV) work well, especially with NIS. autofs4 (and
I really do suggest getting the latest build) functions as described -
I share all the autofs configs with NIS over 8 boxes without problems -
but there are pitfalls which I'll happily help you with, or you can try
the mailing list.
NFS has some peculiarities - it doesn't co-exist well with reiserfs, no
matter what people say about the problems being fixed. Security is
basic to say the least, but if you configure it sensibly you should be
safe on a closed network. It's not easy to get it running through NAT,
to the extent that I wouldn't bother trying (again, YMMV.) Also, it's
picky about whitespace in the /etc/exports file, and the file locking
is not what it should be!
> What are the advantages
> and limitations of each?
>
> What kinds of security is available with each? Can the entire data
> transfer be encrypted?
Definitely not in the basic setups, but I suppose you could tunnel the
connections over a secure link of some kind.
> How. Can the authentication be encrypted or
> PKI based?
Not with NIS, and I don't know what PKI is.
HTH
Dylan
>
> I know I could probably formulate more coherent questions. I'm just
> trying to get some discussion going. I know LDAP, DNS, and DHCP can
> also play into this topic, as can IPv6.
>
> STH
--
"They that can give up essential liberty to obtain a little
temporary safety, deserve neither liberty nor safety."
-Benjamin Franklin
--
Check the headers for your unsubscription address
For additional commands send e-mail to suse-linux-e-help@suse.com
Also check the archives at http://lists.suse.com
Please read the FAQs: suse-linux-e-faq@suse.com
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic