Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help 
YPBIND(8)		    System Manager's Manual		     YPBIND(8)

NAME
       ypbind -- NIS domain binding daemon

SYNOPSIS
       ypbind	     [-ypset]	    [-ypsetme]	     [-s]	[-m]	   [-S
	      domainname,server1,server2,...]

DESCRIPTION
       The ypbind utility is the process that maintains	NIS  binding  informa-
       tion.   At startup, it searches for an NIS server responsible for serv-
       ing the system's	default	domain (as set by the  domainname(1)  command)
       using  network broadcasts.  Once	it receives a reply, it	will store the
       address of the server and other information in a	special	 file  located
       in  /var/yp/binding.   The  NIS	routines in the	standard C library can
       then use	this file when processing NIS requests.	 There may be  several
       such  files  since it is	possible for an	NIS client to be bound to more
       than one	domain.

       After a binding has been	established, ypbind  will  send	 DOMAIN_NONACK
       requests	to the NIS server at one minute	intervals.  If it fails	to re-
       ceive  a	reply to one of	these requests,	ypbind assumes that the	server
       is no longer running and	resumes	its network broadcasts	until  another
       binding	is established.	 The ypbind utility will also log warning mes-
       sages using the syslog(3) facility each time it detects that  a	server
       has stopped responding, as well as when it has bound to a new server.

       The following options are available:

       -ypset  It  is  possible	 to  force  ypbind to bind to a	particular NIS
	       server host for a given domain by using the  ypset(8)  command.
	       However,	 ypbind	 refuses YPBINDPROC_SETDOM requests by default
	       since it	has no way of knowing exactly  who  is	sending	 them.
	       Using the -ypset	flag causes ypbind to accept YPBINDPROC_SETDOM
	       requests	 from  any  host.  This	option should only be used for
	       diagnostic purposes and only for	limited	periods	since allowing
	       arbitrary users to reset	the binding of an NIS client  poses  a
	       severe security risk.

       -ypsetme
	       This is similar to the -ypset flag, except that it only permits
	       YPBINDPROC_SETDOM  requests  to be processed if they originated
	       from the	local host.

       -s      Cause ypbind to run in secure mode: it will refuse to  bind  to
	       any  NIS	 server	that is	not running as root (i.e., that	is not
	       using privileged	TCP ports).

       -S domainname,server1,server2,server3,...
	       Allow the system	administrator to lock ypbind to	 a  particular
	       domain  and  group  of  NIS  servers.  Up to ten	servers	can be
	       specified.  There must not be any spaces	between	the commas  in
	       the domain/server specification.	 This option is	used to	ensure
	       that the	system binds only to one domain	and only to one	of the
	       specified  servers,  which  is useful for systems that are both
	       NIS servers and NIS clients: it provides	a way to restrict what
	       machines	the system can bind to without the need	for specifying
	       the -ypset or -ypsetme options, which are often	considered  to
	       be  security  holes.  The specified servers must	have valid en-
	       tries in	the local /etc/hosts file.  IP addresses may be	speci-
	       fied in place of	hostnames.  If ypbind cannot make sense	out of
	       the arguments, it will ignore the -S flag and continue  running
	       normally.

	       Note  that  ypbind  will	consider the domainname	specified with
	       the -S flag to be the system default domain.

       -m      Cause ypbind to use a 'many-cast' rather	than a	broadcast  for
	       choosing	 a  server  from  the restricted mode server list.  In
	       many-cast mode, ypbind will transmit directly to	the YPPROC_DO-
	       MAIN_NONACK procedure of	 the  servers  specified  in  the  re-
	       stricted	list and bind to the server that responds the fastest.
	       This mode of operation is useful	for NIS	clients	on remote sub-
	       nets where no local NIS servers are available.  The -m flag can
	       only  be	 used  in  conjunction with the	-S flag	above (if used
	       without the -S flag, it has no effect).

NOTES
       The ypbind utility will not make	continuous attempts to keep  secondary
       domains	bound.	If a server for	a secondary domain fails to respond to
       a ping, ypbind will broadcast for a new server only once	before	giving
       up.   If	 a  client  program  attempts to reference the unbound domain,
       ypbind will try broadcasting again.  By contrast, ypbind	will automati-
       cally maintain a	binding	for the	default	domain whether client programs
       reference it or not.

FILES
       /var/yp/binding/[domainname].[version]
		     the files used to hold binding information	for  each  NIS
		     domain
       /etc/rc.conf  system configuration file where the system	default	domain
		     and ypbind	startup	options	are specified

SEE ALSO
       domainname(1), syslog(3), yp(8),	ypserv(8), ypset(8)

AUTHORS
       Theo de Raadt <deraadt@fsa.ca>

FreeBSD	14.3			 April 9, 1995			     YPBIND(8)

Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=ypbind&sektion=8&manpath=FreeBSD+14.3-RELEASE+and+Ports>

home | help