SourceFiles.org - Use the Source, Luke
Home | Register | News | Forums | Guide | MyLinks | Bookmark

Related Sites

Latest News
  General News
  Reviews
  Press Releases
  Software
  Hardware
  Security
  Tutorials
  Off Topic


Back to files
* GPL NOTICE *

ypAnything, an NIS gateway to non-NIS sources. Copyright (C) 2004 Jeff McElroy <jmcelroy11@sio.midco.net>

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA

* ypanything 1.1 *

Jeff McElroy
jmcelroy11@sio.midco.net

* Description *

ypanything is an NIS gateway to non NIS sources, such as an LDAP server or a SQL database. It's intended use is to allow platforms without adequate PAM and NSS support to authenticate to a unified directory service.

* Platforms Supported *

ypanything's intended platform is a Linux box using GNU development tools. It has run successfully on AIX 4.2 with a few tweaks. The source code is small and generic so porting it to new environments should be a simple task.

* TAR File Contents *

The distribution tar file contains the following: 

  src ................. Directory containing the source.
  README .............. This file.
  basic.conf .......... A sample configuration file.
  basic.group.sh ...... A shell script used by the sample configuration file
                        basic.conf.
  basic.passwd.sh ..... A shell script used by the sample configuration file
                        basic.conf.
  ldap.conf ........... A sample configuration file which retrieves info from
                        an LDAP server.
  ldap.group.pl ....... A shell script used by the sample configuration file
                        ldap.conf.
  ldap.passwd.pl ...... A shell script used by the sample configuration file
                        ldap.conf.
  ypanything .......... A precompiled version of ypanything.
* Installation *

Unpack the distribution TAR file into the desired directory.

* Compilation *

ypanything comes with a precompiled executible. Should this executible not work and you need to recompile ypanything, you will need gcc, flex, and bison installed on your server.

To compile ypanything go to the src directory and run the 'make' command. If it is successful, the binary 'ypanything' will be built in the parent directory.

* Testing *

Before testing, make sure that that you are not currently running ypbind or ypserv. Also make sure that you are running portmapper. Then follow the following shell session as root (NOTE: This example was run on a Redhat box. If you are running a different distribution then the procedures may vary slightly):

[root@test-box ypanything-1.1]# cd /usr/local

[root@test-box ypanything-1.1]# tar -xzf ypanything-1.1.tgz

[root@test-box ypanything-1.1]# cd ypanything-1.1

[root@test-box ypanything-1.1]# domainname "test.domain1"

[root@test-box ypanything-1.1]# ./ypanything -d -f ./basic.conf

ypAnything version 1.1, Copyright (C) 2004 Jeff McElroy jmcelroy11@sio.midco.net ypAnything comes with ABSOLUTELY NO WARRANTY; for details see the file 'COPYING'. This is free software, and you are welcome to redistribute it under certain conditions; see the file 'COPYING' for details.

[root@test-box ypanything-1.1]# /etc/rc.d/init.d/ypbind start Binding to the NIS domain... [ OK ] Listening for an NIS domain server: test-box.radux.com

[root@test-box ypanything-1.1]# finger ypanything 

Login: ypuser1                          Name: ypanything test user1
Directory: /tmp                         Shell: /bin/bash

Never logged in.
No mail.
No Plan. 

Login: ypuser2                          Name: ypanything test user2
Directory: /tmp                         Shell: /bin/bash

Never logged in.
No mail.
No Plan.

[root@test-box ypanything-1.1]# /etc/rc.d/init.d/ypbind stop

Shutting down NIS services: [ OK ]

[root@test-box ypanything-1.1]# killall ypanything

[root@test-box ypanything-1.1]# domainname ""

* How it works *

When ypanything starts, it reads the configuration file given with the '-f' argument. This configuration file specifies what domains ypanything should handle; what maps are contained in each domain; and how the data for those maps should be gathered.

In our example, basic.conf specifies that ypanything should handle two NIS domains: 'test.domain1' and 'test.domain2'.

Lets take a closer look at the NIS domain 'test.domain1'. This domain consists of four NIS maps: passwd.byname, passwd.byuid, group.byname, and group.bygid. The first two maps are configured in the the stanza:

map "passwd" {

script "./basic.passwd.sh" # script to run. 

        refresh       30                   # delay in seconds
                                           # between refreshes.

        memblock_size 8192                 # internal settings
        ioblock_size  4096

        deliminator   ":"                  # field deliminator

        index "byname" {                   # the login is the first
                field 1                    #  field in passwd
        }
        index "byuid" {                    # the userid is the third
                field 3                    #  field in passwd
        }

}

This stanza states that every 30 seconds the script ./basic.passwd.sh should be run. The output of this script is in the same format as the file /etc/passwd. It is split into fields using a ':' (colon) as the delimator. The output is stored in memory and indexed by name (field 1) and by uid (field 3). When a lookup occurs on the NIS map passwd.byname, the first field is searched. If a lookup on the NIS map passwd.byuid is occurs then the third field is searched.

The NIS maps group.byname and group.bygid are handled in the same manner as the passwd maps.

* Configuration *

The first step in configuring ypanything is to write a script for the NIS maps you wish to support. The output of these tables should closely resemble the UNIX configuration file that corrosponds to the NIS maps.

After you are satisfied with your scripts, edit the configuration file appropriately to periodically call your scripts. Rather than starting from scratch, Follow the examples given in basic.conf and ldap.conf.

If you write NIS support for a new source. Please submit it to jmcelroy11@sio.midco.net so That it can added to the distribution. You will get full credit for this and become famous.

* TODO *
  1. Add support for NIS master/slave relationships.
  2. Add support for 'ypcat' type of commands.
  3. Add support for a source to push information to the ypanything server rather than having the ypanything server pull the information from the source at regular intervals.
  4. If others port this to new platforms, I will work on setting up autoconf to automatically configure the source code.
  5. add support for users to update the NIS maps similar to yppasswdd.


Other Sites

Discussion Groups
  Beginners
  Distributions
  Networking / Security
  Software
  PDAs

About | FAQ | Privacy | Awards | Contact
Comments to the webmaster are welcome.
Copyright 2006 Sourcefiles.org All rights reserved.