ypAnything is an open-source NIS gateway to non NIS sources, such as LDAP.
ypAnything is an NIS gateway to non NIS sources, such as an LDAP server or a database. It's intended use is to allow platforms without adequate PAM and NSS support to authenticate to a unified directory service.
ypAnything's intended platform is a Linux box using GNU development tools. It runs successfully on AIX and Solaris with a few tweaks. The source code is small and generic so porting it to new environments should be a simple task.
ypAnything can be downloaded from sourceforge.net Download Here
src | Directory containing the source. |
README | Readme file. |
basic.conf | A sample configuration file. |
basic.group.sh | A shell script used by the sample configuration file basic.conf. |
basic.passwd.sh | A shell script used by the sample configuration file basic.conf. |
ldap.conf | A sample configuration file which retrieves info from an LDAP server. |
ldap.group.pl | A shell script used by the sample configuration file ldap.conf. |
ldap.passwd.pl | A shell script used by the sample configuration file ldap.conf. |
ypanything | A precompiled version of ypAnything. |
Unpack the distribution TAR file into the desired directory.
ypAnything comes with a precompiled executible. Should this executible not work and you need to recompile ypAnything, you will need gcc, flex, and bison installed on your server.
To compile ypAnything go to the src directory and run the 'make' command. If it is successful, the binary 'ypanything' will be built in the parent directory.
Before testing, make sure that that you are not currently running ypbind or ypserv. Also make sure that you *are* running portmapper. Then follow the following shell session as root (NOTE: This example was run on a Redhat box. If you are running a different distribution then the procedures may vary slightly):
[root@test-box ypanything-1.1]# cd /usr/local [root@test-box ypanything-1.1]# tar -xzf ypanything-1.1.tgz [root@test-box ypanything-1.1]# cd ypanything-1.1 [root@test-box ypanything-1.1]# domainname "test.domain1" [root@test-box ypanything-1.1]# ./ypanything -d -f ./basic.conf ypAnything version 1.1, Copyright (C) 2004 Jeff McElroy jmcelroy11@sio.midco.net ypAnything comes with ABSOLUTELY NO WARRANTY; for details see the file 'COPYING'. This is free software, and you are welcome to redistribute it under certain conditions; see the file 'COPYING' for details. [root@test-box ypanything-1.1]# /etc/rc.d/init.d/ypbind start Binding to the NIS domain... [ OK ] Listening for an NIS domain server: test-box.radux.com [root@test-box ypanything-1.1]# finger ypanything Login: ypuser1 Name: ypanything test user1 Directory: /tmp Shell: /bin/bash Never logged in. No mail. No Plan. Login: ypuser2 Name: ypanything test user2 Directory: /tmp Shell: /bin/bash Never logged in. No mail. No Plan. [root@test-box ypanything-1.1]# /etc/rc.d/init.d/ypbind stop Shutting down NIS services: [ OK ] [root@test-box ypanything-1.1]# killall ypanything [root@test-box ypanything-1.1]# domainname ""
When ypAnything starts, it reads the configuration file given with the '-f' argument. This configuration file specifies what domains ypAnything should handle; what maps are contained in each domain; and how the data for those maps should be gathered.
In our example, basic.conf specifies that ypAnything should handle two NIS domains: 'test.domain1' and 'test.domain2'.
Lets take a closer look at the NIS domain 'test.domain1'. This domain consists of four NIS maps: passwd.byname, passwd.byuid, group.byname, and group.bygid. The first two maps are configured in the the stanza:
map "passwd" { script "./basic.passwd.sh" # script to run. refresh 30 # delay in seconds # between refreshes. memblock_size 8192 # internal settings ioblock_size 4096 deliminator ":" # field deliminator index "byname" { # the login is the first field 1 # field in passwd } index "byuid" { # the userid is the third field 3 # field in passwd } }
This stanza states that every 30 seconds the script ./basic.passwd.sh should be run. The output of this script is in the same format as the file /etc/passwd. It is split into fields using a ':' (colon) as the delimator. The output is stored in memory and indexed by name (field 1) and by uid (field 3). When a lookup occurs on the NIS map passwd.byname, the first field is searched. If a lookup on the NIS map passwd.byuid is occurs then the third field is searched.
The NIS maps group.byname and group.bygid are handled in the same manner as the passwd maps.
The first step in configuring ypAnything is to write a script for each NIS map you wish to support. The output of these tables should closely resemble the UNIX configuration file that corrosponds to the NIS maps.
After you are satisfied with your scripts, edit the configuration file appropriately to periodically call your scripts. Rather than starting from scratch, Follow the examples given in basic.conf and ldap.conf.
If you write NIS support for a new source. Please submit it to jmcelroy11@sio.midco.net so That it can added to the distribution. You will get full credit for this and become famous.
Source Forge Project Page | http://sourceforge.net/projects/ypanything |
User Forums | http://sourceforge.net/forum/?group_id=23783 |