nisserver.sh revision 7c478bd95313f5f23a4c958a745db2134aa03244
#
# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License, Version 1.0 only
# (the "License"). You may not use this file except in compliance
# with the License.
#
# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
# If applicable, add the following below this CDDL HEADER, with the
# fields enclosed by brackets "[]" replaced with your own identifying
# information: Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#
#
# Copyright 2004 Sun Microsystems, Inc. All rights reserved.
# Use is subject to license terms.
#
#ident "%Z%%M% %I% %E% SMI"
#
# nisserver -- script to setup NIS+ servers
#
# print_usage(): ask user if they want to see detailed usage msg.
#
{
echo
get_yesno " Do you want to see more information on this command? \\n\
(type 'y' to get a detailed description, 'n' to exit)"
then
echo
return 1
else
fi
exit 1
}
#
# print_more(): print the usage message.
#
{
more << EOF
USAGE:
o to set up root master server:
$PROG -r [-f] [-v] [-x] [-Y] [-d <NIS+_domain>]
[-g <NIS+_groupname>] [-l <NIS+_passwd>]
o to set up non-root master server:
$PROG -M [-f] [-v] [-x] [-Y] [-d <NIS+_domain>]
[-g <NIS+_groupname>] [-h <NIS+_server_host>]
o to set up replica server:
$PROG -R [-f] [-v] [-x] [-Y] [-d <NIS+_domain>]
[-h <NIS+_server_host>]
OPTIONS:
-d <NIS+_domain>
specifies the name for the NIS+ domain. The default is your
local domain.
-f forces the NIS+ server setup without prompting for confirmation.
-g <NIS+_groupname>
specifies the NIS+ group name for the new domain. This option is
not valid with "-R" option. The default group is admin.<domain>.
-h <NIS+_server_host>
specifies the hostname for the NIS+ server. It must be a
valid host in the local domain. Use a fully qualified
hostname (for example, hostx.xyz.sun.com.) to specify a host
outside of your local domain. The default for non-root master
server setup is to use the same list of servers as the parent
domain. The default for replica server setup is the local
hostname. This option is *ONLY* used for non-root master or
replica servers setup.
-l <network_password>
specifies the network password with which to create the
credentials for the root master server. This option is *ONLY*
used for master root server setup (-r). If this option is not
specified, this script will prompt you for the login password.
-M sets up the specified host as a non-root master server.
Make sure that rpc.nisd(1M) is running on the new master server
before this command is executed.
-R sets up the specified host as a replica server. Make sure that
rpc.nisd(1M) is running on the new replica server.
-r sets up the server as a root master server. Use the -R option
to set up a root replica server.
-v runs this script in verbose mode.
-x turns the "echo" mode on. This script just prints the commands
that it would have executed. The commands are printed with
leading "+++". Note that the commands are not actually executed.
The default is off.
-Y sets up an NIS+ server with NIS-compatibility mode. The default
is to set up the server without NIS-compatibility mode.
EOF
}
#
# print MR usage
#
{
then
echo "**WARNING: You have specified the '$MRr_OPTION' option twice."
return 0
fi
echo
echo "**ERROR: You have specified the '$ERRMRr_OPTION' option after"
echo " having selected the '$MRr_OPTION' option."
echo "Please select only one of these options: '-M', '-R', or '-r'."
exit 1
}
#
# Generic Routines:
# -----------------
#
# This section contains general routines.
# get_ans() - prompts the message and waits for an input
# get_yesno() - prompts the message and waits for a y or n answer
# restart_process()
# - kills and starts a specified process
# kill_process() - kills a specified process
# check_dot() - check if the argument ends with a dot
# check_host() - check if the hostname specified is a valid one
# tolower(): converts upper to lower case.
#
#
# get_ans(): gets an asnwer from the user.
# $2 default value
#
get_ans()
{
if [ -z "$2" ]
then
echo "$1 \c"
else
echo "$1 [$2] \c"
fi
read ANS
then
ANS=$2
fi
}
########## get_yesno constants:
##
## There are two very common phrases passed to get_yesno:
## These have been parameterized to provide "ease of use".
## Thus, there are three message "types" which are possible:
## --$CONTINUE: "Do you want to continue? (type 'y' to continue, 'n' to exit this script)"
## --$CONFIRM: "Is this information correct? (type 'y' to accept, 'n' to change)"
## --actual string is passed.
##
## If the message is $CONTINUE, get_yesno will exit if the response is no.
##
###########
CONTINUE=2
CONFIRM=1
#
# get_yesno(): get the yes or no answer.
# $1 message type or message.
#
#
#
{
ANS="X"
case $1 in
INFOTEXT="Do you want to continue? (type 'y' to continue, 'n' to exit this script)"
;;
$CONFIRM )
INFOTEXT="Is this information correct? (type 'y' to accept, 'n' to change)"
;;
*) INFOTEXT="$1"
;;
esac
do
done
then
exit
fi
fi
}
#
# check_dot(): checks if the argument specified ends with a dot.
# $1 argument to be checked
#
{
then
return 1
fi
return 0
}
#
# check_host(): checks if the host specified is in the credential table of
# the its domain. If it's a valid host, then it'll assign the host
# principal name to HOSTPRINC.
# $1 host name (this can be a fully qualified name)
#
{
if [ -z "$1" ]
then
return 1
fi
if check_dot $1;
then
HOSTPRINC=$1
MESS="principal"
else
LDOM=`nisdefaults -d`
MESS="host"
fi
if [ $? -eq 0 ]
then
return 1
fi
echo "**ERROR: the principal name for host $1 is not defined in domain"
echo "\"$LDOM\". You must either add the credential for host $1"
echo "in domain \"$LDOM\" or specify a fully qualified hostname (with"
echo "the ending dot \".\") if the principal name is defined in a"
echo "different domain. Use nisclient -c to create the host credential."
return 0
}
#
# tolower_single(): converts upper to lower case and single token.
# Single token means the first token if the argument contains "."
# dots as in the fully qualified hostname.
# $1 string to convert
#
{
}
#
# tolower(): converts upper to lower case.
# $1 string to convert
#
tolower()
{
}
#
# smf(5) routines
# restart_instance() - restart instance or enable if not enabled
#
#
# restart_instance [-t] instance_fmri
#
if [ "$1" = "-t" ]; then
flag=-t
shift
else
flag=
fi
then
else
fi
}
#
# Common Routines:
# ---------------
#
# This section contains common routines for master and replica setups for
# root and non-root domains.
# init() - initializes all the variables
# parse_arg() - parses the command line arguments
# get_security() - gets the security information
# update_info() - updates the setup information
# print_info() - prints the setup information
# confirm() - confirms the setup information
# setup_domain() - sets up the domain
# setup_switch() - sets up the switch
# nis_server() - get the server's name for a domain
# is_server() - checks if the specified host is already a server
# for current domain $DOM.
# check_perm() - checks for the write permission for an object
# nis_chown() - changes the owner for a domain
#
# init(): initializes variables and options
#
init()
{
BACKUP=no_nisplus # backup suffix
# domainname without DOT
SEC=2 # 2=DES or 3=RSA
DEFSEC=2 # default security
## The following variable allows for variation in a specific user message:
}
#
# parse_arg(): parses the input arguments.
# It returns the number to be shift in the argument list.
#
{
do
then
else
fi ;;
then
echo "**ERROR: you must specify a fully qualified groupname."
exit 1
fi
then
ACTION="master"
MRr_OPTION="-M"
else
ERRMRr_OPTION="-M"
fi;;
then
ACTION="replica"
MRr_OPTION="-R"
else
ERRMRr_OPTION="-R"
fi;;
r) ROOT="root"
then
ACTION="master"
MRr_OPTION="-r"
else
ERRMRr_OPTION="-r"
fi;;
Y) YP="-Y"
\?) print_usage
exit 1;;
*) echo "**ERROR: Should never get to this point!!!!!"
exit 1;;
esac
done
}
#
# check_rootgrp(): check if the group name specified is an valid group for
# root master server setup.
# $1 the groupname to be checked
#
{
if [ ! -z "$1" ]
then
then
then
return 1
fi
fi
fi
}
#
# check_domainname(): check validity of a domain name. Currently we check
# that it has at least two components.
# $1 the domain name to be checked
#
{
if [ ! -z "$1" ]
then
if [ "$t" = 0 ]
then
echo '**ERROR: invalid domain name ('$1')'
echo ' It must have at least two components.'
echo ' For example, "company.com.".'
exit 1
fi
fi
}
#
# get_security(): gets the security information
#
{
do
then
echo "**ERROR: invalid security level."
echo " It must be either 2 or 3."
else
break
fi
done
}
#
# update_info(): updates the information.
#
{
echo ""
then
else
fi
# ...host name
then
do
then
break
fi
if check_host $ANS;
then
break
fi
done
then
do
then
break
fi
if check_host $ANS;
then
break
fi
done
fi
# ...group name
then
do
then
then
if check_rootgrp $ANS;
then
break
fi
echo "**ERROR: invalid group name."
echo " It must be a group in the $DOM domain."
continue
fi
echo "**ERROR: NIS+ group name must end with a \".\"."
else
break
fi
done
fi
# ...YP compatibility
then
DEFAULT=1
then
DEFAULT=0
fi
ANS=2
do
done
then
YP="-Y"
echo ""
else
YP=""
fi
fi
}
#
# print_info(): prints the information on the screen.
#
{
echo "Domain name : $DOM"
then
echo "NIS+ server : $HOST"
then
fi
# ...admin group
then
echo "NIS+ group : ${GROUP:-$MESS}"
fi
# ...YP compatibility
then
then
MESS="OFF"
fi
echo "NIS (YP) compatibility : $MESS"
fi
# ...security level
then
esac
echo "Security level : $MESS"
fi
}
#
# confirm(): asks for user confirmation. If declined, then it will step
# the user through a question answer session.
#
confirm()
{
do
echo ""
echo ""
then
return
fi
done
}
#
# setup_domain(): sets up "domainname" and "/etc/defaultdomain" with the
# specified domain information.
#
{
echo "setting up domain information \"$DOM\" ..."
then
# NODOT is used to support 4.x YP clients
if [ ! -f /etc/defaultdomain.$BACKUP ]
then
fi
$ECHO "domainname > /etc/defaultdomain"
fi
echo ""
}
#
# setup_switch(): copies the nisplus switch configuration file to
#
{
then
echo "setting up switch information ..."
if [ $? -eq 0 ]
then
eval "echo switch configuration file already set to use NIS+. $VERB"
echo ""
return
fi
if [ ! -f /etc/nsswitch.conf.$BACKUP ]
then
fi
echo ""
fi
}
#
# nis_server(): returns the master server for specified domain.
# $1 domain
#
{
if [ $? -ne 0 ]
then
exit 1
fi
ALLSERVERS=""
while read LINE
do
then
ALLSERVERS="${ALLSERVERS} $EA"
fi
done
eval "echo nis_servers: ALLSERVERS=$ALLSERVERS ... $VERB"
}
#
# is_server(): checks if the specified host is already a server for
# current domain $DOM.
# $1 server principal
#
{
for EA in $ALLSERVERS
do
then
return 0
fi
done
return 1
}
#
# check_perm(): checks if we have write permission to the NIS+ object
# This should be replaced with nisaccess command when it's available
# $1 the table to be checked.
#
{
then
return
fi
eval "echo checking $1 permission ... $VERB"
MYPRINC=`nisdefaults -p`
then
if nistest -a n=c $1;
then
return
else
return 1
fi
fi
if [ $? -ne 0 ]
then
exit 1
fi
then
if nistest -a o=c $1;
then
return
else
return 1
fi
fi
if [ $? -ne 0 ]
then
exit 1
fi
then
then
if nistest -a g=c $1;
then
return
else
return 1
fi
fi
fi
if nistest -a w=c $1;
then
return
else
return 1
fi
}
#
# nis_chown(): changes the owner for the entire domain specified.
# $1 the new owner's principal
# $2 the domain
#
{
then
return
fi
$ECHO nischown $1 org_dir.$2 groups_dir.$2 $2
}
#
# setup_properties(): modifies repository properties such that we run
# with the proper options.
# $* list of servers
#
{
eval "echo YP emulation disabled ... $VERB"
emulyp_active=`/usr/bin/svcprop -p \
[ $? != 0 ] || \
/usr/sbin/svccfg -s $nisplus_fmri \
boolean: false
fi
else
eval "echo YP emulation enabled ... $VERB"
echo ""
if /usr/bin/svcprop -q -p application $nisplus_fmri;
then :; else
/usr/sbin/svccfg -s $nisplus_fmri \
fi
/usr/sbin/svccfg -s $nisplus_fmri \
setprop application/emulate_yp = boolean: true
fi
if /usr/bin/svcprop -q -p application $nisplus_fmri;
then :; else
/usr/sbin/svccfg -s $nisplus_fmri \
fi
/usr/sbin/svccfg -s $nisplus_fmri \
else
eval "echo using default security ... $VERB"
/usr/sbin/svccfg -s $nisplus_fmri \
fi
fi
# Finally, make nis_cachemgr run with -i for the duration of the
# current OS instantiation.
#
# Create application_ovr property group. Suppress
# errors as it may already exist.
#
if /usr/bin/svcprop -q -p application_ovr $nisplus_fmri; then :; else
/usr/sbin/svccfg -s $nisplus_fmri \
fi
/usr/sbin/svccfg -s $nisplus_fmri \
setprop application_ovr/clear_cache = boolean: true
}
#
# root master setup Routine:
# -------------------------
#
# This section contains the routine to setup a ROOT master server.
# NOTE: you can only configure your local machine as a root master. You
# cannot configure other machines across the net.
# root_master() - sets up the local machine as a root master server
#
#
# root_master(): sets up a the local machine as the root master server.
#
{
then
echo "This script must be run as root ..."
exit 1
fi
then
echo "**ERROR: you cannot set up $HOST remotely."
echo " To set up $HOST as an NIS+ root master server, run"
echo " nisserver on $HOST."
exit 1
fi
then
echo ""
echo "You must specify the security level:"
eval "echo get security info ... $VERB"
echo ""
fi
echo "This script sets up this machine \"$LOCALHOST\" as an NIS+"
echo "root master server for domain $DOM."
then
else
echo ""
fi
echo ""
echo "This script will set up your machine as a root master server for"
echo ""
if [ -f /var/nis/NIS_COLD_START ]
then
echo "WARNING: this script removes directories and files"
echo "exception of the client_info NIS_COLD_START file which"
echo "will be renamed to <file>.${BACKUP}. If you want to save"
echo "these files, you should abort from this script now to"
echo "save these files first."
echo ""
then
echo "WARNING: once this script is executed, you will not be able to"
echo "restore the existing NIS+ server environment. However, you can"
echo "restore your NIS+ client environment using \"nisclient -r\""
echo "with the proper domain name and server information."
else
echo "Use \"nisclient -r\" to restore your NIS+ client environment."
fi
echo ""
else
echo "Use \"nisclient -r\" to restore your current network service environment."
echo ""
fi
then
echo ""
fi
eval "echo killing NIS and NIS+ processes ... $VERB"
eval "echo stopping nscd ... $VERB"
eval "echo '' $VERB"
eval "echo setup NIS_GROUP environment variable ... $VERB"
eval "echo '' $VERB"
# Save NIS_COLD_START file
if [ -f /var/nis/NIS_COLD_START ]
then
fi
eval "echo '' $VERB"
echo "running nisinit ..."
$ECHO "nisinit -r"
if [ $? -ne 0 ]
then
echo "**ERROR: it failed to initialize the root server."
exit 1
fi
echo ""
echo "starting root server at security level 0 to create credentials..."
echo ""
sleep 2
echo "running nissetup to create standard directories and tables ..."
if [ $? -ne 0 ]
then
echo "**ERROR: it failed to create the tables."
exit 1
fi
then
fi
echo ""
*) ;;
esac
if [ $? -ne 0 ]
then
echo "**ERROR: it failed to add the credential for root."
exit 1
fi
sleep 1
echo ""
echo "creating NIS+ administration group: ${GROUP} ..."
if [ $? -ne 0 ]
then
echo "**WARNING: failed to create the $GROUP group."
echo " You will need to create this group manually:"
else
echo "adding principal ${HOST}.${DOM} to $GROUP ..."
if [ $? -ne 0 ]
then
echo "the $GROUP group."
echo " You will need to add this member manually:"
fi
fi
echo ""
eval "echo updating the keys for directories ... $VERB"
if [ $? -ne 0 ]
then
echo "WARNING: nisupdkeys failed on directory $DOM"
echo " You will need to run nisupdkeys manually:"
echo " 1. /usr/lib/nis/nisupdkeys $DOM"
echo ""
fi
if [ $? -ne 0 ]
then
echo "WARNING: nisupdkeys failed on directory org_dir.$DOM"
echo " You will need to run nisupdkeys manually:"
echo " 1. /usr/lib/nis/nisupdkeys org_dir.$DOM"
echo ""
fi
if [ $? -ne 0 ]
then
echo "WARNING: nisupdkeys failed on directory groups_dir.$DOM"
echo " You will need to run nisupdkeys manually:"
echo " 1. /usr/lib/nis/nisupdkeys groups_dir.$DOM"
echo ""
fi
eval "echo $VERB"
then
# ... g=rmcd is just a temporary fix for nisinit bug
eval "echo add read access for nobody ... $VERB"
fi
echo "restarting NIS+ root master server at security level $SEC ..."
eval "echo starting Name Service Cache Daemon nscd ... $VERB"
echo ""
echo "This system is now configured as a root server for domain $DOM"
echo "You can now populate the standard NIS+ tables by using the"
}
#
# Non-root master setup Routine:
# ------------------------------
#
# This section contains the routine to setup a non-ROOT master server.
# NOTE: If the -h <hostname> is specified, then it will configure the
# specified host as the master of the new domain. Otherwise, it will
# use the same servers information as in the parent domain.
# nonroot_master()
# - sets up a non-root master server.
#
#
# nonroot_master(): sets up a nonroot master server.
#
{
# ... local variables
PROMOTE="make"
# ...check parent domain
then
:
else
echo "**ERROR: $PAR_DOM does not exist."
exit 1
fi
then
echo ""
echo "You must specify the security level:"
eval "echo get security info ... $VERB"
echo ""
fi
then
exit 1
fi
# ...check permission
if [ $? -ne 0 ]
then
echo "**ERROR: no permission to create directory $DOM"
exit 1
fi
echo "This script sets up a non-root NIS+ master server for domain"
echo "$DOM"
then
else
echo ""
fi
echo ""
then
HOSTDEF=""
echo "This script will set up an NIS+ non-root master for domain"
echo "domain $PAR_DOM."
echo "servers: $ALLSERVERS"
else
echo "This script sets up machine \"$HOST\" as an NIS+"
HOSTDEF="yes"
eval "echo $VERB"
if [ $? -ne 0 ]
then
echo "**ERROR: NIS+ server is not running on $HOST."
echo " You must do the following before becoming an NIS+ server:"
echo " 1. become an NIS+ client of the parent domain or any domain"
echo " above the domain which you plan to serve. (nisclient)"
echo " 2. start the NIS+ server. (rpc.nisd)"
exit 1
fi
fi
echo ""
then
echo ""
fi
# ...check domain
then
echo "**WARNING: domain $DOM already exists."
then
then
echo "$HOSTPRINC is already a master server for thisdomain."
echo "If you choose to continue with this script, it will"
echo "try to create the groups_dir and org_dir directories"
echo "for this domain."
IGNORE="yes"
else
if [ $? -eq 0 ]
then
echo "$HOSTPRINC is already a replica server for this domain."
fi
echo "If you choose to continue with this script, it will"
echo "promote $HOSTPRINC to be the new master for $DOM"
PROMOTE="promote new master for"
fi
else
echo "If you choose to continue with this script, it will"
echo "try to create the groups_dir and org_dir directories"
echo "for this domain."
IGNORE="yes"
fi
echo ""
then
echo ""
fi
fi
eval "echo setup NIS_GROUP environment variable ... $VERB"
eval "echo '' $VERB"
eval "echo running nismkdir ... $VERB"
DEF_PERM="-D access=g=rmcd,n=r"
then
else
fi
then
exit 1
fi
if [ $? -ne 0 ]
then
echo "**WARNING: nisupdkeys failed on directory $DOM"
echo " This script will not be able to continue."
echo " Please remove the $DOM directory using 'nisrmdir'."
exit 1
fi
sleep 4
then
DEF_PERM="-D access=g=rmcd,n=r"
else
DEF_PERM=""
fi
then
if [ $? -ne 0 ]
then
exit 1
fi
if [ $? -ne 0 ]
then
exit 1
fi
fi
echo "running nissetup ..."
then
echo "**ERROR: it failed to create the tables."
exit 1
fi
then
fi
echo ""
then
echo "setting NIS+ group to ${GROUP} ..."
if [ $? -ne 0 ]
then
echo "**WARNING: failed to create the $GROUP group."
echo " You will need to create this group manually:"
echo " 2. /usr/bin/nisgrpadm -a $GROUP $ALLSERVERS"
else
$ECHO "nisgrpadm -a $GROUP $ALLSERVERS > /dev/null"
if [ $? -ne 0 ]
then
echo "**WARNING: failed to add the following members into"
echo "the $GROUP group:"
echo $ALLSERVERS
echo ""
echo " You will need to add this member manually:"
echo " 1. /usr/bin/nisgrpadm -a $GROUP $ALLSERVERS"
else
fi
fi
fi
echo ""
eval "echo updating the keys for directories ... $VERB"
if [ $? -ne 0 ]
then
echo "WARNING: nisupdkeys failed on directory org_dir.$DOM"
echo " You will need to run nisupdkeys manually:"
echo " 1. /usr/lib/nis/nisupdkeys org_dir.$DOM"
echo ""
fi
if [ $? -ne 0 ]
then
echo "WARNING: nisupdkeys failed on directory groups_dir.$DOM"
echo " You will need to run nisupdkeys manually:"
echo " 1. /usr/lib/nis/nisupdkeys groups_dir.$DOM"
echo ""
fi
eval "echo $VERB"
then
eval "echo changing the owner on the directory ... $VERB"
eval "echo $VERB"
fi
then
echo ""
fi
# start rpc.nispasswdd if setting up on localhost
then
# check to see if already running...
PROC=`pgrep -z $zone rpc.nispasswdd`
then
# We are displaying this message for
# compatibility; at present, rpc.nispasswdd(1M)
# was started by our enabling of
# exited by this point.
eval "echo starting NIS+ password daemon ... $VERB"
else
eval "echo NIS+ password daemon already running ... $VERB"
fi
else
# else need to print message saying start it up
echo ""
echo "**IMPORTANT:"
echo " Be sure to start the NIS+ password daemon (rpc.nispasswdd) on the"
then
echo " new NIS+ non-root (subdomain) master server IF NOT ALREADY."
else
echo " new NIS+ non-root (subdomain) master server $HOST IF NOT ALREADY."
fi
echo ""
fi
echo ""
echo "The server(s) for the non-root domain $DOM is(are) now"
echo "configured. You can now populate the standard NIS+ tables by"
}
#
# replica setup Routine:
# ----------------------
#
# This section contains the routine to setup a replica server.
# NOTE: If the -h <hostname> is specified, then it will configure the
# specified host as a replica of the domain. Otherwise, it will
# configure the local machine as a replica of the domain.
# replica() - sets up replica server.
#
#
# replica(): sets up a replica server.
#
replica()
{
# ...check domain
then
:
else
echo "**ERROR: $DOM does not exist."
exit 1
fi
then
exit 1
fi
# ...check permission
if [ $? -ne 0 ]
then
echo "**ERROR: no permission to replicate directory $DOM"
exit 1
fi
echo "This script sets up an NIS+ replica server for domain"
echo "$DOM"
then
HOSTPRINC=$HOST.`nisdefaults -d`
fi
then
else
echo ""
fi
echo ""
then
echo "ERROR: $HOST is a master server for this domain."
echo "You cannot demote a master server to replica."
echo "If you really want to demote this master, you should"
echo "promote a replica server to master using nisserver"
echo "with the -M option."
exit 1
fi
if [ $? -eq 0 ]
then
echo "WARNING: $HOST is already a server for this domain."
echo "If you choose to continue with this script, it will"
echo "try to replicate the groups_dir and org_dir directories"
echo "for this domain."
IGNORE="yes"
else
echo "This script will set up machine \"$HOST\" as an NIS+"
echo "with the proper options to serve this domain."
fi
echo ""
then
echo ""
fi
if [ $? -ne 0 ]
then
echo "**ERROR: NIS+ server is not running on $HOST."
echo " You must do the following before becoming an NIS+ server:"
echo " 1. become an NIS+ client of the parent domain or any domain"
echo " above the domain which you plan to serve. (nisclient)"
echo " 2. start the NIS+ server. (rpc.nisd)"
exit 1
fi
eval "echo running nismkdir ... $VERB"
then
echo "**ERROR: it failed to replicate the directory."
exit 1
fi
sleep 3
if [ $? -ne 0 ]
then
echo "**WARNING: nisupdkeys failed on directory $DOM"
echo " This script will not be able to continue."
echo " Please remove the $DOM directory using 'nisrmdir'."
exit 1
fi
then
echo "**ERROR: it failed to replicate the org_dir directory."
exit 1
fi
sleep 3
then
echo "**ERROR: it failed to replicate the groups_dir directory."
exit 1
fi
sleep 3
eval "echo updating the keys for directories ... $VERB"
if [ $? -ne 0 ]
then
echo "WARNING: nisupdkeys failed on directory org_dir.$DOM"
echo " You will need to run nisupdkeys manually:"
echo " 1. /usr/lib/nis/nisupdkeys org_dir.$DOM"
echo ""
fi
if [ $? -ne 0 ]
then
echo "WARNING: nisupdkeys failed on directory groups_dir.$DOM"
echo " You will need to run nisupdkeys manually:"
echo " 1. /usr/lib/nis/nisupdkeys groups_dir.$DOM"
echo ""
fi
eval "echo $VERB"
then
if nisgrpadm -s -t $GROUPSERVER $HOSTPRINC;
then
:
else
eval "echo adding replica principal into group owner ...$VERB"
fi
fi
sleep 10
sleep 10
echo ""
echo "The system ${HOST} is now configured as a replica server for"
echo "domain $DOM."
echo "with the proper options to serve this domain."
echo ""
echo "If you want to run this replica in NIS (YP) compatibility"
echo "NIS-compatibility mode. Then, restart rpc.nisd with the"
echo "-Y' option. These actions should be taken after this"
echo "script completes."
}
#
#
# * * * MAIN * * *
#
# Display the obsolescence message in all the cases
echo ""
echo "******** ******** WARNING ******** ********"
echo "NIS+ might not be supported in a future release. Tools to aid"
echo "the migration from NIS+ to LDAP are available in the Solaris 9"
echo "operating environment. For more information, visit"
echo "******** ******** ******* ******** ********"
echo ""
parse_arg $*
shift $?
if [ $? -ne 0 ]
then
echo "**ERROR: invalid group name."
echo " It must be a group in the $DOM domain."
exit 1
fi
"master")
"replica")
replica;;
*)
echo "**ERROR: you must specify one of these options: -r, -M or -R"
exit 1
esac
# As this operation is likely configuration changing, restart the
# name-services milestone (such that configuration-sensitive services
# are in turn restarted).