[Sderby] Configuration settings for NIS

David Jolley sderby at mailman.lug.org.uk
Tue May 27 08:23:01 2003


* David Bottrill (david@bottrill.org) wrote:
> Hi Andre,
> 
> While you are in yast, go to System and select runlevel editor, select
> the runlevel properties and see if the portmapp daemon is actually
> running. If it isn't tell it to run in run levels 3 and 5 if you then
> manually start the service from the same screen YAST will report the
> output of the service starting. If there are no errors then try to setup
> your NIS server again after selecting finish from the runlevel editor
> screen.
> 

I think it's also worth mentioning that the portmapper is considered
to be a hideous security risk; make *very* sure that it's firewalled
off from the internet at large.  At the very least, your hosts.allow
and hosts.deny should be extremely restrictive - hosts.deny should
contain lines like 

ALL except portmap: <specific IP address>
ALL: PARANOID

Note that for the portmap service, only IP addresses can be used,
hostnames won't work.

Cheers,

Dave.


-- 
  Imagination abandoned by reason produces impossible monsters;
  united with her, she is the mother of the arts.
     -- Goya.