NIS on Linux

Top Articles

* Writing a Linux device driver
* The Linux filesystem explained
* Samba NT Domain Controller
* Setting up Squid as your caching HTTP/FTP proxy
* Web server tutorial - Part 1

FreeOS Highlights

* Howtos (72)
* Reviews (20)
* Opinions (18)
* Interviews (8)
* News (3)

My FreeOS

Nick:
Pass:
Register
Forgot your password?

Project: Linux Howtos

NIS on Linux

By Vans Information <content@vansinfo.com>
Posted: ( 2001-06-27 03:15:04 EST by )
In this article we introduce Network Information System (NIS) in brief and describe how to setup NIS on a Linux system.

When running a local area network, one of the goals is usually to provide an environment to the users that make the network transparent. An important step for this is to keep vital data such as user account information (e.g. /etc/hosts, /etc/passwd and /etc/group files) synchronized between all hosts. For host name resolution, a powerful and sophisticated service - DNS exists. For other tasks, there is no such specialized service. Moreover, if you manage only a small closed intranet without Internet connectivity, setting up DNS may not seem worth the trouble for many administrators.

This led to the development of NIS, the Network Information System. NIS provides simple and generic client-server database access facilities that can be used to distribute information such as that contained in the passwd and groups files to all hosts on your network. This makes the network appear just as a single system, with the same accounts on all hosts.

NIS is based on RPC, and comprises a server, a client-side library, and several administrative tools. Originally, NIS was called Yellow Pages, or YP, which is still widely used to informally refer this service. On the other hand, Yellow Pages is a trademark of British Telecom, which required Sun to drop that name. As things go, some names stick with people, and so YP lives on as a prefix to the names of most NIS-related commands such as ypserv, ypbind, etc.

There are some configuration files, which are not host specific but they are to be maintained and synchronized over all the hosts. /etc/passwd, /etc/group and /etc/hosts are such files. NIS enables us to set up a master server where such files are stored and set up other machines on the network as clients to this server. Future references to these files on the client side would lead to a consultation with the server.

But first, the files to be sharable via NIS should meet two requirements. Firstly, the file must be tabular with at least one entry that is unique in the file (e.g. the login or UID entry in the /etc/passwd file). Secondly, the file should be a plain text file.

NIS keeps database information in so-called maps containing key-value pairs. Maps are stored on a central host running the NIS server, from which clients may retrieve the information through various RPC calls. Quite frequently, maps are stored in DBM files, which allows for quick searches. For each key to be searched, a separate DBM file must be created. For example, in the /etc/passwd file, the database must be searchable by the login and the UID. The result is two DBM files, passwd.byname and passwd.byuid.

The NIS server is called ypserv. For an average network, a single server usually suffices; large networks may choose to run several of these on different machines and to relieve the load on the server machines and routers. Making one of them a master server and others as slave servers, these are synchronized. Maps will be created only on the master server's host and distributed to all slaves from here.

There's a distinctive concept in NIS that refers to a network, that is the collection of all hosts that share part of their system configuration data through NIS: The NIS domain. NIS domains have absolutely nothing in common with the domains encountered in DNS, although both can have same domain names.

A common scheme is to simply use the DNS domain name for NIS as well. To set and display the NIS domain name of your host, use the domainname command. When invoked without any argument, it prints the current NIS domain name. To set the domain name, login as root and type:
domainname domain
where domain is the domain-name selected for NIS.

NIS domains determine which NIS server an application will query. But how does a client find out which server to connect to? The simplest approach would be to have a configuration file that names the host on which to find the server. However, this approach is rather inflexible, because it doesn't allow clients to use different servers (from the same domain, of course), depending on their availability. Therefore, traditional NIS implementations rely on a special daemon called ypbind to detect a suitable NIS server in their NIS domain. Before being able to perform any NIS queries, an application finds out, from ypbind, which server to use.

ypbind probes for servers by broadcasting to the local IP-network; the first to respond is assumed to be the potentially fastest one and will be used in all subsequent NIS queries. After a certain interval has elapsed, or if the server becomes unavailable, ypbind will probe for active servers again.

Now, the arguable point about dynamic binding is that you rarely need it, and that it introduces a security problem: ypbind blindly believes whoever answers, which could be a humble NIS server as well as a malicious intruder. Needless to say this becomes especially troublesome if you manage your password databases over NIS. To guard against this, NIS does not use ypbind by default, but rather picks up the server host name from a configuration file.

NIS+

NIS and NIS+ share little more than their name and a common goal. NIS+ addresses many of the concerns with NIS, most notably in the areas of security. NIS+ is structured in an entirely different way. Instead of maps, tables are used that are made up of rows and columns, where each row represents an object in the NIS+ database, while the columns cover those properties of the objects that NIS+ knows and cares about. Each table for a given NIS+ domain comprises of its parent domains. In addition, an entry in a table may contain a link to another table. These features make it possible to structure information in many ways.

Configuring a Master NIS Server

For running the NIS service, we installed the following components on the system:
yp-tools
ypbind
ypserv

Check for their presence using the following command:
rpm - q rpm-package-name

The sample configuration files mentioned in this document are given for the disney.com and the host name of the machine on which all configurations is being done is goofy.

Now, we set the domain-name of the NIS Service as follows:
domainname goofy.disney.com
where goofy.disney.com is the domain-name of NIS.

We added the following line in the /etc/sysconfig/network file:
NIS_DOMAIN=goofy.disney.com
So that the /etc/rc.d/init.d/ypserv script at booting time would come to know of the domain-name.

After that, we decided which files were needed to share via NIS. The files were:
/etc/passwd
/etc/hosts
/etc/services
/etc/protocols
/etc/networks
/etc/auto.master

We shared these files by editing the /var/yp/Makefile. This file is used when NIS builds its maps through the make utility. Our /var/yp/Makefile looked like this:
B=-b
B=
NOPUSH=true
MINUID=500
MINGID=500
MERGE_PASSWD=true
MERGE_GROUP=true
AWK = /usr/bin/gawk
MAKE = /usr/bin/gmake
UMASK = umask 066
YPSRCDIR = /etc
YPPWDDIR = /etc
YPBINDIR = /usr/lib/yp
YPSBINDIR = /usr/sbin
YPDIR = /var/yp
YPMAPDIR = $(YPDIR)/$(DOMAIN)
GROUP = $(YPPWDDIR)/group
PASSWD = $(YPPWDDIR)/passwd
SHADOW = $(YPPWDDIR)/shadow
GSHADOW = $(YPPWDDIR)/gshadow
ADJUNCT = $(YPPWDDIR)/passwd.adjunct
#ALIASES = $(YPSRCDIR)/aliases
ALIASES = /etc/aliases
ETHERS = $(YPSRCDIR)/ethers
BOOTPARAMS = $(YPSRCDIR)/bootparams (bootparamd)
HOSTS = $(YPSRCDIR)/hosts
NETWORKS = $(YPSRCDIR)/networks
PROTOCOLS = $(YPSRCDIR)/protocols
PUBLICKEYS = $(YPSRCDIR)/publickey
RPC = $(YPSRCDIR)/rpc
SERVICES = $(YPSRCDIR)/services
NETGROUP = $(YPSRCDIR)/netgroup
NETID = $(YPSRCDIR)/netid
AMD_HOME = $(YPSRCDIR)/amd.home
AUTO_MASTER = $(YPSRCDIR)/auto.master
AUTO_HOME = $(YPSRCDIR)/auto.home
YPSERVERS = $(YPDIR)/ypservers
target: Makefile
@test ! -d $(LOCALDOMAIN) && mkdir $(LOCALDOMAIN) ;
cd $(LOCALDOMAIN) ;
$(NOPUSH) || $(MAKE) -f ../Makefile ypservers;
$(MAKE) -f ../Makefile all
all: passwd hosts services protocols networks auto.master
#shadow publickey
#auto.master auto.home passwd.adjunct

# do not edit if novice

DBLOAD = /usr/lib/yp/makedbm -c -m $(YPBINDIR)/yphelper-hostname'
MKNETID = $(YPBINDIR)/mknetid
YPPUSH = $(YPSBINDIR)/yppush
MERGER = $(YPBINDIR)/yphelper
DOMAIN = 'basename 'pwd"
LOCALDOMAIN = '/bin/domainname'
REVNETGROUP = $(YPBINDIR)/revnetgroup
ethers: ethers.byname ethers.byaddr
hosts: hosts.byname hosts.byaddr
networks: networks.byaddr networks.byname
protocols: protocols.bynumber protocols.byname
rpc: rpc.byname rpc.bynumber
services: services.byname
passwd: passwd.byname passwd.byuid
group: group.byname group.bygid
shadow: shadow.byname
passwd.adjunct: passwd.adjunct.byname
netid: netid.byname
netgrp: netgroup netgroup.byhost netgroup.byuser
publickey: publickey.byname
mail: mail.aliases
ypservers: $(YPSERVERS) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(AWK) '{ if ($$1 != "" && $$1 !~ "#") print $$0"t"$$0 }'
$(YPSERVERS) | $(DBLOAD) -i $(YPSERVERS) -o $(YPMAPDIR)/$@ -
$@
@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@ $(YPSERVERS):
@echo -n "Generating $*..."
@uname -n > $(YPSERVERS)
bootparams: $(BOOTPARAMS) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(AWK) '{ if ($$1 != "" && $$1 !~ "#" && $$1 != "+")
print $$0 }' $(BOOTPARAMS) | $(DBLOAD) -r -i $(BOOTPARAMS)

o $(YPMAPDIR)/$@ - $@
@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@

ethers.byname: $(ETHERS) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(AWK) '{ if ($$1 != "" && $$1 !~ "#" && $$1 != "+")
print $$2"t"$$0 }' $(ETHERS) | $(DBLOAD) -r -i $(ETHERS)
o $(YPMAPDIR)/$@ - $@
@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@

ethers.byaddr: $(ETHERS) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(AWK) '{ if ($$1 != "" && $$1 !~ "#" && $$1 != "+")
print $$1"t"$$0 }' $(ETHERS) | $(DBLOAD) -r -i $(ETHERS)
o $(YPMAPDIR)/$@ - $@
@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@

netgroup: $(NETGROUP) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(AWK) '{ if ($$1 != "" && $$1 !~ "#" && $$1 != "+")
print $$0 }' $(NETGROUP) | $(DBLOAD) -i $(NETGROUP)
o $(YPMAPDIR)/$@ - $@
@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
br> netgroup.byhost: $(NETGROUP) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(REVNETGROUP) -h < $(NETGROUP) | $(DBLOAD) -i $(NETGROUP)
-o $(YPMAPDIR)/$@ - $@
@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@

netgroup.byuser: $(NETGROUP) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(REVNETGROUP) -u < $(NETGROUP) | $(DBLOAD) -i $(NETGROUP)
-o $(YPMAPDIR)/$@ - $@
@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@

hosts.byname: $(HOSTS) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(AWK) '/^[0-9]/ { for (n=2; n<=NF && $$n !~ "#"; n++)
print $$n"t"$$0 }' $(HOSTS) | $(DBLOAD) -r $(B) -l
i $(HOSTS) -o $(YPMAPDIR)/$@ - $@
@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@ hosts.byaddr: $(HOSTS) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(AWK) '{ if ($$1 !~ "#" && $$1 != "") print $$1"t"$$0 }'
$(HOSTS) | $(DBLOAD) -r $(B) -i $(HOSTS) -o $(YPMAPDIR)/$@ -
$@
@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@

networks.byname: $(NETWORKS) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(AWK) '{ if($$1 !~ "#" && $$1 != "") { print $$1"t"$$0;
for (n=3; n<=NF && $$n !~ "#"; n++) print $$n"t"$$0

}}' $(NETWORKS) | $(DBLOAD) -r -i $(NETWORKS)
o $(YPMAPDIR)/$@ - $@
@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@

networks.byaddr: $(NETWORKS) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(AWK) '{ if ($$1 !~ "#" && $$1 != "") print $$2"t"$$0}'
$(NETWORKS) | $(DBLOAD) -r -i $(NETWORKS)
o $(YPMAPDIR)/$@ - $@
@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@

protocols.byname: $(PROTOCOLS) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(AWK) '{ if ($$1 !~ "#" && $$1 != "") { print $$1"t"$$0;
for (n=3; n<=NF && $$n !~ "#"; n++)
print $$n"t"$$0}}' $(PROTOCOLS) | $(DBLOAD) -r -i
$(PROTOCOLS) -o $(YPMAPDIR)/$@ - $@
@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@

protocols.bynumber: $(PROTOCOLS) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(AWK) '{ if ($$1 !~ "#" && $$1 != "") print $$2"t"$$0 }'
$(PROTOCOLS) | $(DBLOAD) -r -i $(PROTOCOLS)
o $(YPMAPDIR)/$@ - $@
@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@

rpc.byname: $(RPC) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(AWK) '{ if ($$1 !~ "#" && $$1 != "") { print $$1"t"$$0;
for (n=3; n<=NF && $$n !~ "#"; n++) print $$n"t"$$0
}}' $(RPC) | $(DBLOAD) -r -i $(RPC) -o $(YPMAPDIR)/$@ -
$@
@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@

rpc.bynumber: $(RPC) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(AWK) '{ if ($$1 !~ "#" && $$1 != "") print $$2"t"$$0 }'
$(RPC)
| $(DBLOAD) -r -i $(RPC) -o $(YPMAPDIR)/$@ - $@
@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@

services.byname: $(SERVICES) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(AWK) '{ if ($$1 !~ "#" && $$1 != "") print $$2"t"$$0 }'
$(SERVICES) | $(DBLOAD) -r -i $(SERVICES)
o $(YPMAPDIR)/$@ - $@
@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@

ifeq (x$(MERGE_PASSWD),xtrue)
passwd.byname: $(PASSWD) $(SHADOW) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(UMASK);
$(MERGER) -p $(PASSWD) $(SHADOW) |
$(AWK) -F: '!/^[-+#]/ { if ($$1 != "" && $$3 >= $(MINUID) )
print $$1"t"$$0 }' | $(DBLOAD) -i $(PASSWD)
o $(YPMAPDIR)/$@ - $@
@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@ passwd.byuid: $(PASSWD) $(SHADOW) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(UMASK);
$(MERGER) -p $(PASSWD) $(SHADOW) |
$(AWK) -F: '!/^[-+#]/ { if ($$1 != "" && $$3 >= $(MINUID) )
print $$3"t"$$0 }' | $(DBLOAD) -i $(PASSWD)
o $(YPMAPDIR)/$@ - $@
@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@ else passwd.byname: $(PASSWD) $(YPDIR)/Makefile
@echo "Updating $@..." @$(UMASK);
$(AWK) -F: '!/^[-+#]/ { if ($$1 != "" && $$3 >= $(MINUID) )
print $$1"t"$$0 }' $(PASSWD) | $(DBLOAD) -i $(PASSWD)
o $(YPMAPDIR)/$@ - $@
@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
passwd.byuid: $(PASSWD) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(UMASK);
$(AWK) -F: '!/^[-+#]/ { if ($$1 != "" && $$3 >= $(MINUID) )
print $$3"t"$$0 }' $(PASSWD) | $(DBLOAD) -i $(PASSWD)
o $(YPMAPDIR)/$@ - $@
@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@ endif shadow.byname: $(SHADOW) $(YPDIR)/Makefile
@echo "Updating $@..." @$(UMASK);
$(AWK) -F: '!/^[-+#]/ { if ($$1 != "" ) print $$1"t"$$0 }'
$(SHADOW) | $(DBLOAD) -s -i $(SHADOW) -o $(YPMAPDIR)/$@ -
$@
@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@ passwd.adjunct.byname: $(ADJUNCT) $(YPDIR)/Makefile
@echo "Updating $@..." @$(UMASK);
$(AWK) -F: '!/^[-+#]/ { if ($$1 != "" ) print $$1"t"$$0 }'
$(ADJUNCT) | $(DBLOAD) -s -i $(ADJUNCT) -o $(YPMAPDIR)/$@ -
$@
@chmod 700 $(YPDIR)/$(DOMAIN)/$@*
@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@ ifeq (x$(MERGE_GROUP),xtrue) group.byname:
$(GROUP) $(GSHADOW) $(YPDIR)/Makefile @echo "Updating $@..." $(MERGER)
-g $(GROUP) $(GSHADOW) |
$(AWK) -F: '!/^[-+#]/ { if ($$1 != "" && $$3 >= $(MINGID) )
print $$1"t"$$0 }' | $(DBLOAD) -i $(GROUP) -o $(YPMAPDIR)/$@ -
$@
@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@ group.bygid: $(GROUP) $(GSHADOW) $(YPDIR)/Makefile
@echo "Updating $@..." $(MERGER) -g $(GROUP) $(GSHADOW) |
$(AWK) -F: '!/^[-+#]/ { if ($$1 != "" && $$3 >= $(MINGID) )
print $$3"t"$$0 }' | $(DBLOAD) -i $(GROUP) -o $(YPMAPDIR)/$@ -
$@
@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
else
group.byname: $(GROUP) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(AWK) -F: '!/^[-+#]/ { if ($$1 != "" && $$3 >= $(MINGID) )
print $$1"t"$$0 }' $(GROUP)
| $(DBLOAD) -i $(GROUP) -o $(YPMAPDIR)/$@ - $@
@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@ group.bygid: $(GROUP) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(AWK) -F: '!/^[-+#]/ { if ($$1 != "" && $$3 >= $(MINGID) )
print $$3"t"$$0 }' $(GROUP)
| $(DBLOAD) -i $(GROUP) -o $(YPMAPDIR)/$@ - $@
@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@ endif $(NETID):
netid.byname: $(GROUP) $(PASSWD) $(HOSTS) $(NETID) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(MKNETID) -q -p $(PASSWD) -g $(GROUP) -h $(HOSTS) -d $(DOMAIN)

n $(NETID) | $(DBLOAD) -o $(YPMAPDIR)/$@ - $@
@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@

mail.aliases: $(ALIASES) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(AWK) '{ if ($$1 != "" && $$1 !~ "#" && $$1 != "+")
print $$0 }' $(ALIASES) | $(DBLOAD) --aliases
i $(ALIASES) -o $(YPMAPDIR)/$@ - $@
@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@

publickey.byname: $(PUBLICKEYS) $(YPDIR)/Makefile
@echo "Updating $@..."
@$(AWK) '{ if($$1 !~ "#" && $$1 != "") { print $$1"t"$$2 }}'
$(PUBLICKEYS) | $(DBLOAD) -i $(PUBLICKEYS)
o $(YPMAPDIR)/$@ - $@
@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@
auto.master: $(AUTO_MASTER) $(YPDIR)/Makefile @echo "Updating $@..."
@sed -e "/^#/d" -e s/#.*$$// $(AUTO_MASTER) | $(DBLOAD)
i $(AUTO_MASTER) -o $(YPMAPDIR)/$@ - $@
@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@ auto.home: $(AUTO_HOME) $(YPDIR)/Makefile @echo "Updating $@..."
@sed -e "/^#/d" -e s/#.*$$// $(AUTO_HOME) | $(DBLOAD)
i $(AUTO_HOME) -o $(YPMAPDIR)/$@ - $@
@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@

amd.home: $(AMD_HOME) $(YPDIR)/Makefile
@echo "Updating $@..."
@sed -e "s/#.*$$//" -e "/^$$/d" $(AMD_HOME) |
$(AWK) '{
for (i = 1; i <= NF; i++)
if (i == NF) {
if (substr($$i, length($$i), 1) == "")
printf("%s", substr($$i, 1, length($$i) -1));

else
printf("%sn",$$i);
}
else
printf("%s ",$$i);
}' | $(DBLOAD) -i $(AMD_HOME) -o $(YPMAPDIR)/$@ - $@
@$(NOPUSH) || $(YPPUSH) -d $(DOMAIN) $@

This file, which is rather lengthy, does not need full-fledged editing for our purposes. The strings beginning with $ such as $(YPPWDDIR) are variables set at the top of the file. Thus, $(YPPWDDIR) is set to the path /etc. The string after $(YPPWDDIR) is the name of the file in /etc that will be shared via NIS.

Now, we determine which files are to be shared via NIS. Look at the following group of lines in the file:
all: passwd hosts services protocols networks auto.master
#shadow publickey
# networks ethers bootparams amd.home
#auto.master auto.home passwd.adjunct

These lines indicate that the files passwd, hosts, services, protocols, networks, auto.master are to be shared while those commented out are not be shared.
At this point, we have to construct a list of the hosts, which will run NIS servers.

Now, we initialized the NIS database with the following command:
/usr/lib/yp/ypinit
The output we got was:
goofy is in the list of NIS server hosts. Please continue to add the names for the other hosts, one per line. When you are done with the list, type a <control D>.
next host to add: goofy
next host to add:
The current list of NIS servers looks like this:
goofy
Is this correct? [y/n: y] We need some minutes to build the databases...
Building /var/yp/goofy.disney.com/ypservers...
Running /var/yp/Makefile...
gmake[1]: Entering directory '/var/yp/goofy.disney.com'
Updating passwd.byname...
Updating passwd.byuid...
Updating hosts.byname...
Updating hosts.byaddr...
Updating services.byname...
Updating protocols.bynumber...
Updating protocols.byname...
Updating networks.byaddr...
Updating networks.byname...
Updating auto.master...
gmake[1]: Leaving directory '/var/yp/goofy.disney.com'

If anywhere in between the output, if there is a message like this
Make[1]:***No rule to make target /etc/shadow
Stop.
Make[1]: Leaving directory /var/yp/goofy.disney.com

Then one of the files listed in the Makefile are missing.
To start NIS automatically at boot time, type the following at prompt:
[root@goofy /root]# /etc/rc.d/rc3.d
[root@goofy /root]# ln -s ../init.d/ypserv ypserv

This creates a symbolic link from the runlevel 3 startup directory. Now, we have a NIS master server running.
We now need a NIS client to work with. We can run the NIS client on the same machine running the NIS server
First of all, create the /etc/yp.conf file. This file has only two lines, which are as follows:
domain domainname
server nis_server

domainname is the name of our NIS domain and nis_server is the server's hostname.
Our file looked like this:
domain goofy.disney.com
server goofy.disney.com

The next file to edit is /etc/sysconfig/network file to set the NIS domainname at boot time which was discussed above.
The last file to edit is /etc/nsswitch.conf file.
# /etc/nsswitch.conf
# An example Name Service Switch config file. This file should
# be sorted with the
# most-used services at the beginning.
# The entry '[NOTFOUND=return]' means that the search for an
# entry should stop if the
# search in the previous entry turned
# up nothing. Note that if the search failed due to some other
# reason (like no NIS
# server responding) then the search
# continues with the next entry.
# Legal entries are:
# nisplus or nis+ Use NIS+ (NIS version 3)
# nis or yp Use NIS (NIS version 2), also called YP
# dns Use DNS (Domain Name Service)
# files Use the local files
# db Use the local database (.db) files
# compat Use NIS on compat mode
# [NOTFOUND=return] Stop searching if not found so far
# To use db, put the "db" in front of "files" for entries you
# want to be looked up
# first in the databases

Example:
# passwd: db files nisplus nis
# shadow: db files nisplus nis
# group: db files nisplus nis
passwd: files nis
shadow: files nis
group: files nis
#hosts: db files nisplus nis dns
hosts: files nis dns
services: nis [NOTFOUND=return] files
networks: nis [NOTFOUND=return] files
protocols: nis [NOTFOUND=return] files
rpc: nis [NOTFOUND=return] files
ethers: nis [NOTFOUND=return] files
netmasks: nis [NOTFOUND=return] files
bootparams: nis [NOTFOUND=return] files
netgroup: nis
publickey: nis
automount: files nis
aliases: files nis

Look at the following lines in the file
passwd: files nis
shadow: files nis
group: files nis
hosts: files nis dns

The first column indicates the file in question. For ex. Passwd. The next column indicates the source of the file.
We then set up the client daemon to start at boot time as follows:
cd /etc/rc.d/rc3.d
ln -s ../init.d/ypbind ypbind.

Now it was time to communicate with the NIS server. We did this by the command:
/etc/rc.d/init.d/ypbind start
With the client and server configured, we tested our valuable work with
ypcat passwd
Our output was as follows:
client1:x:503:504:client1:/home/httpd/html/client1:/bin/bash
john:x:502:503:john mathews:/home/john:/bin/bash
client2:x:504:505:client2:/home/httpd/html/client2:/bin/bash
joe:x:500:503:joe smith:/home/joe:/bin/bash
bill:x:501:503:bill gates:/home/bill:/bin/bash

With that the NIS services are successfully up and running.