Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

rpc.ypxfrd(8) [centos man page]

RPC.YPXFRD(8)						       NIS Reference Manual						     RPC.YPXFRD(8)

NAME

       rpc.ypxfrd - NIS map transfer server

SYNOPSIS

       /usr/sbin/rpc.ypxfrd [-d path] [-p port] [--debug] [-f|--foreground]

       /usr/sbin/rpc.ypxfrd --version

DESCRIPTION

       rpc.ypxfrd is used for speed up the transfer of very large NIS maps from a NIS master to the NIS slave server. If a NIS slave server
       receives a message that there is a new map, it will start ypxfr for transfering the new map.  ypxfr will read the contents of a map from
       the master server using the yp_all() function.

       The rpc.ypxfrd server speeds up the transfer process by allowing NIS slave servers to simply copy the master servers map files rather than
       building their own from scratch.  rpc.ypxfrd uses an RPC-based file transfer protocol.

       If the on-disk format of the database on both machines is not the same, rpc.ypxfrd will refuse to send the data and ypxfr will fallback to
       yp_all() and fetch every single entry alone.

       rpc.ypxfrd could be started by inetd. But since it starts very slowly, it should be started after ypserv from /etc/init.d/ypxfrd.

       It is possible to pass OPTIONS to rpc.ypxfrd using the environment variable YPXFRD_ARGS and this variable can be set in
       /etc/sysconfig/network.

OPTIONS

       --debug
	   Causes the server to run in debugging mode. In debug mode, the server does not background itself and prints extra status messages to
	   stderr for each request that it revceives.

       -d path

	   rpc.ypxfrd is using this directory instead of /var/yp.

       -p port

	   rpc.ypxfrd will bind itself to this port, which makes it possible to have a router filter packets to the NIS ports. This can restricted
	   the access to the NIS server from hosts on the Internet.

       --version
	   Prints the version number

       -f, --foreground
	   will not put itself into background.

SECURITY

       rpc.ypxfrd uses the same functions for checking a host as ypserv. At first, rpc.ypxfrd will check a request from an address with
       /var/yp/securenets or the tcp wrapper. If the host is allowed to connect to the server, rpc.ypxfrd will uses the rules from
       /etc/ypserv.conf to check the requested map. If a mapname doesn't match a rule, rpc.ypxfrd will look for the YP_SECURE key in the map. If
       it exists, rpc.ypxfrd will only allow requests on a reserved port.

NOTES

       The FreeBSD ypxfrd protocol is not compatible with that used by SunOS. This is unfortunate but unavoidable: SUNs protocol is not freely
       available, and even if it were it would probably not be useful since the SunOS NIS v2 implementation uses the original ndbm package for its
       map databases whereas the other implementation uses GNU DBM or Berkeley DB. These packages uses vastly different file formats. Furthermore,
       ndbm and gdbm are byte-order and word width sensitive and not very smart about it, meaning that a gdbm or ndbm database created on a big
       endian or 64bit system cannot be read on a little endian or 32bit system. The FreeBSD ypxfrd protocol checks, if both, master and slave,
       uses the same database packages and, if necessary, the byte order of the system.

FILES

       /etc/ypserv.conf
	   Configuration file for options and access rights

       /var/yp/securenets
	   Configuration file for access rights

       /etc/sysconfig/network
	   Setting additional arguments to rpc.ypxfrd.

SEE ALSO

       ypserv(8), makedbm(8), yppush(8), ypxfr(8)

AUTHOR

       ypxfrd protocol and FreeBSD Implementation: Bill Paul <wpaul@ctr.columbia.edu>

       Linux Implementation: Thorsten Kukuk <kukuk@linux-nis.org>

NIS Reference Manual						    04/15/2008							     RPC.YPXFRD(8)

Check Out this Related Man Page

YPSERV.CONF(5)							 Reference Manual						    YPSERV.CONF(5)

NAME

       ypserv.conf - configuration file for ypserv and rpc.ypxfrd

DESCRIPTION

       ypserv.conf  is	an ASCII file which contains some options for ypserv. It also contains a list of rules for special host and map access for
       ypserv and rpc.ypxfrd. This file will be read by ypserv and rpc.ypxfrd at startup, or when receiving a SIGHUP signal.

       There is one entry per line. If the line is a option line, the format is:

	      option: <argument>

       The line for an access rule has the format:

	      host:domain:map:security

       All rules are tried one by one. If no match is found, access to a map is allowed.

       Following options exist:

       files: 30
	      This option specifies, how many database files should be cached by ypserv.  If 0 is specified, caching is disabled. Decreasing  this
	      number is only possible, if ypserv is restarted.

       trusted_master: server
	      If  this	option is set on a slave server, new maps from the host server will be accepted as master. The default is, that no trusted
	      master is set and new maps will not be accepted.
	      Example:
	      trusted_master: ypmaster.example.org

       xfr_check_port: [<yes>|no]
	      With this option enabled, the NIS master server have to run on a port < 1024. The default is "yes" (enabled).

       The field descriptions for the access rule lines are:

       host   IP address. Wildcards are allowed.
	      Examples:
	      131.234. = 131.234.0.0/255.255.0.0
	      131.234.214.0/255.255.254.0

       domain specifies the domain, for which this rule should be applied. An asterix as wildcard is allowed.

       map    name of the map, or asterisk for all maps.

       security
	      one of none, port, deny:

       none   always allow access.

       port   allow access if from port < 1024. Otherwise do not allow access.

       deny   deny access to this map.

FILES

       /etc/ypserv.conf

SEE ALSO

       ypserv(8), rpc.ypxfrd(8)

WARNINGS

       The access rules for special maps are no real improvement in security, but they make the life a little bit harder for a potential hacker.

BUGS

       Solaris clients don't use privileged ports. All security options which depend on privileged ports cause big problems on Solaris clients.

AUTHOR

       Thorsten Kukuk <kukuk@suse.de>

YP Server							   October 2002 						    YPSERV.CONF(5)
Man Page