Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 17: Sharing System Files Stephen Workman.

Published byBaldwin Warren Modified over 7 years ago

Similar presentations

Presentation on theme: "Chapter 17: Sharing System Files Stephen Workman."— Presentation transcript:

1 Chapter 17: Sharing System Files Stephen Workman

2 Sharing System Files Tens (or hundreds) of configuration files per host Many hosts on network How do you manage these thousands of configuration files?

3 File Copying Systems A master copy of each configuration file is kept in one place and is distributed to members of the group. this solution is simple it works on every Linux (and UNIX) system easy to set up and maintain clients can miss updates ANY change must propagate to EVERY host

4 Central Database Server Each machine obtains its configuration information from a central database clients can't miss updates, even if they are down when a change is made entire network can hang if server goes down quite a few files are not supported by any of the common database services; copying files may still be needed NIS and LDAP are a few examples (more on this later)

5 Commonly Shared Files /etc/passwd /etc/shadow /etc/group /etc/hosts /etc/networks /etc/services /etc/protocols /etc/ethers /etc/mail/aliases /etc/rpc /etc/netgroup /etc/cups/printcap /etc/printcap.cups /etc/termcap

6 File Copying Systems Push Model master server periodically distributes the freshest files to each client Files can be pushed when a change is made or on a regular schedule Pull Model client responsible for updating itself less centralized, but more adaptable and secure

7 rdist pushes files easiest way to distribute files from a central server rdist uses a control file to manage changes distfile or Distfile

8 rdist Server Side: Distfile label: pathnames -> destination commands label associates name with the statement rdist label distributes only files described in line pathnames and destinations are lists of files to be copied hosts to copy them to by default rdist copies the files and directories listed in pathnames to the equivalent paths on each destination machine

9 Supported Commands install options [destdir]; notify namelist; except pathlist; except_pat patternlist; special [pathlist] string; cmdspecial [pathlist] string; p507

10 Distfile Example

11 Client Side you must tell sshd on the clients to trust the host from which you are distributing files generate a plaintext key for the master host and store a copy of the public portion in the file ~root/.ssh/authorized_keys

12 rsync similar to rdist, but can run as a pull or push doesn't use a file-copying control file transmits differences in files instead of whole files main advantage is that receiving machine can run the remote side as a server process out of xinetd or inetd you cannot rsync to multiple hosts at once or execute arbitrary commands on the client

13 rsync Server Side rsync -gopt --password-file=/etc/rsync.pwd /etc/passwd boulder::sysfiles -gopt: preserves group, owner, permissions, and modification times the password in /etc/rsync.pwd authenticates the connection the '::' makes rsync contact the remote rsync directly on port 873 instead of using ssh /etc/passwd is transfered to boulder

14 Client Side: rsyncd.conf

15 rdist vs. rsync rdist more flexible and configurable can execute arbitrary commands on clients push only rsync more secure push or pull can't execute arbitrary commands on clients can't rsync to multiple hosts at once

16 Pulling Files Easiest way is to use ftp wget ftp://user:password@hostname/path/to/fileftp://user:password@hostname/path/to/file ftp transmits data in plain text bad bad bad rsync can be set up to pull as well slightly more complex than ftp, but all the benefits of rsync

17 NIS: Network Information Service A little history released in the 1980s originally called the Sun Yellow Pages commands still begin with yp supported by every Linux distribution

18 NIS: The record record unit of sharing is not a file, but a record record corresponds to one line in a config file master server maintains the authoritative copies of system files in their original locations data files (stored in /var/yp) preprocessed into hash library after files are edited, running make will convert them into their hashed formats only one key per entry (several maps per file) /etc/passwd into passwd.byname and passwd.byuid

19 NIS: Slave Servers NIS allows you to replicate maps on a set of slave servers relieves the load on the master clients can still work even if some servers are down a change on the master is propagated down to the slave servers clients cannot distinguish between master and slaves NIS domains listed under /etc/yp.conf one line for each server

20 Important NIS Commands and Daemons Daemons ypserv ypbind ypxfrd yppasswdd Commands domainname ypxfr yppush ypset yppoll ypcat yppasswd

21 Slave Servers Map ypservers contains a list of all the servers in the domain automatically constructed when the domain is set up (by ypinit) examined when master needs to distribute maps to slaves

22 NIS: How it Works NIS's data files are stored in /var/yp 1 map for each key by which a file can be searched /var/yp/cssuns/passwd.byname /var/yp/cssuns/passwd.byuid A makefile in /var/yp generates all the common NIS maps after modifying a system file cd to /var/yp and run make

23 Moving Maps to Slave Servers ypxfr this is a pull command and must be run from the slave usually run every so often to ensure most recent maps cron yppush instructs a slave server to execut ypxfr

24 Server Side: Setting up NIS domain Master Server cd /var/yp /*The NIS directory*/ domainname foo/*Name the new domain*/ /usr/lib/yp/ypinit -m/*Initialize as master server*/ ypserv/*Start the NIS server*/ Slave Server cd /var/yp /usr/lib/yp/ypinit -s master ypserv

25 Access Control Options /etc/ypserv.conf

26 Configuring NIS clients Need to inform clients that they are a member of the new domain (servers are generally clients too) domainname name command sets a machine's NIS domain edit /etc/nsswitch.conf chkconfig ypbind on There are some distribution differences...

27 LDAP: Lightweight Directory Access Protocol data takes the form of property lists (entries) LDAP specifications don't really speak to the database itself, jut the way it's accessed entry consists of a set of named attributes along with those attributes' values an attribute can have several values similar to windows registry

28 LDAP entry: /etc/passwd line

29 OpenLDAP slapd is the standard server daemon after editing this file you should be able to start the server with slapd (no arguments)

30 NIS replacement by LDAP RFC2307 describes converting NIS mapping to LDAP very long story short, just use a pearl script like migrate_group to convert to LDAP standard verify by running slapcat, which displays the entire database

Download ppt "Chapter 17: Sharing System Files Stephen Workman."

Similar presentations

Week 6: Chapter 6 Agenda Automation of SQL Server tasks using: SQL Server Agent Scheduling Scripting Technologies.

Week 6: Chapter 6 Agenda Automation of SQL Server tasks using: SQL Server Agent Scheduling Scripting Technologies.
Naming Computer Engineering Department Distributed Systems Course Asst. Prof. Dr. Ahmet Sayar Kocaeli University - Fall 2014.

Naming Computer Engineering Department Distributed Systems Course Asst. Prof. Dr. Ahmet Sayar Kocaeli University - Fall 2014.
NIS Consistent configuration across the network. Why NIS? Primary reason is to provide same user configuration across the network Users go any machine.

NIS Consistent configuration across the network. Why NIS? Primary reason is to provide same user configuration across the network Users go any machine.
3.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.

3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
NIS – Network Information System WeeSan Lee

NIS – Network Information System WeeSan Lee
Hands-On Microsoft Windows Server 2003 Networking Chapter 7 Windows Internet Naming Service.

Hands-On Microsoft Windows Server 2003 Networking Chapter 7 Windows Internet Naming Service.
Chapter 12 Reading assignment n From “Running Linux”, on reserve at PSU Main library (2-hour checkout) Chapter 1 (pages 1 through 41)Chapter 1 (pages 1.

Chapter 12 Reading assignment n From “Running Linux”, on reserve at PSU Main library (2-hour checkout) Chapter 1 (pages 1 through 41)Chapter 1 (pages 1.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Application Layer Functionality and Protocols Network Fundamentals – Chapter.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Application Layer Functionality and Protocols Network Fundamentals – Chapter.
CIT 470: Advanced Network and System Administration

CIT 470: Advanced Network and System Administration
1 Network File System. 2 Network Services A Linux system starts some services at boot time and allow other services to be started up when necessary. These.

1 Network File System. 2 Network Services A Linux system starts some services at boot time and allow other services to be started up when necessary. These.
1 Linux Networking and Security Chapter 3. 2 Configuring Client Services Configure DNS name resolution Configure dial-up network access using PPP Understand.

1 Linux Networking and Security Chapter 3. 2 Configuring Client Services Configure DNS name resolution Configure dial-up network access using PPP Understand.
DHCP. DHCP (Dynamic Host Configuration Protocol) is a network service that enables clients to obtain network settings (IP Address, Subnet Mask, Default.

DHCP. DHCP (Dynamic Host Configuration Protocol) is a network service that enables clients to obtain network settings (IP Address, Subnet Mask, Default.
Overview of Active Directory Domain Services Lesson 1.

Overview of Active Directory Domain Services Lesson 1.
Windows interoperability with Unix/Linux. Introduction to Active Directory Integration for Unix and Linux Systems Unix/Linux interoperability components.

Windows interoperability with Unix/Linux. Introduction to Active Directory Integration for Unix and Linux Systems Unix/Linux interoperability components.
Hands-On Microsoft Windows Server 2008 Chapter 5 Configuring, Managing, and Troubleshooting Resource Access.

Hands-On Microsoft Windows Server 2008 Chapter 5 Configuring, Managing, and Troubleshooting Resource Access.
Lecture – Single Login NIS and Winbind. NIS Network Information Service (NIS) is the traditional directory service on UNIX platforms Still widely used.

Lecture – Single Login NIS and Winbind. NIS Network Information Service (NIS) is the traditional directory service on UNIX platforms Still widely used.
1 Web Server Administration Chapter 9 Extending the Web Environment.

1 Web Server Administration Chapter 9 Extending the Web Environment.
Chapter 10 Networking and the Internet ITSC 1458.

Chapter 10 Networking and the Internet ITSC 1458.
Setting up NIS and HTTP. Network Information Service Reading: 1. Linux NIS HOWTO: howto/HOWTOhttp://www.linux-nis.org/nis-

Setting up NIS and HTTP. Network Information Service Reading: 1. Linux NIS HOWTO: howto/HOWTOhttp://
ITI-481: Unix Administration Meeting 5. Today’s Agenda Network Information Service (NIS) The Cron Program Syslogd and Logging.

ITI-481: Unix Administration Meeting 5. Today’s Agenda Network Information Service (NIS) The Cron Program Syslogd and Logging.

Similar presentations

Ads by Google