=====EOCE 0x1 Documentation=====
----
====Objective====
----
My objective in this section is to create three VMs on any of the four vmservers. I will create one server and two clients that can access that server. The server will contain:
* At least three user accounts
* My own.
* wedge, password:bob
* test1, password:test1
* NFS (Network File System) of /home that only the clients can access
* As well as an NIS (Network Information Service) that will serve any and all user accounts on the server.
The client VMs will contain:
* NO local user accounts
* configured to be an NFS client (**nfs-common**)
* configured as an NIS client
* automount (autofs5) of user home directories in /home
====Down to Business====
I created my server and clients using
root@vmserver01:~# xen-create-image --hostname='desired-hostname-here' --dhcp --verbose
The VMs are the following:
* Server: srv-059 (CNAME cortana)
* Client1: client-058 (CNAME masterchief)
* Client2: client-059 (CNAME arbiter)
The dhcp settings are as follows for the VMs (this includes my other VMs as well):
==dhcpd.conf==
----
##
## Jawsh's VMs
##
host pancake.projects.lan {
hardware ethernet 00:16:3E:E3:96:8F;
fixed-address pancake.projects.lan;
}
host arbiter.projects.lan {
hardware ethernet 00:16:3E:23:8E:65;
fixed-address arbiter.projects.lan;
}
host masterchief.projects.lan {
hardware ethernet 00:16:3E:A3:B6:5A;
fixed-address masterchief.projects.lan;
}
host cortana.projects.lan {
hardware ethernet 00:16:3E:C9:42:89;
fixed-address cortana.projects.lan;
}
The DNS records are as follows (including my other VMs):
==10.80.3 DNS==
----
; jcavalu3 (50-59)
50 IN PTR pancake.projects.lan.
51 IN PTR vm-051.projects.lan.
52 IN PTR vm-052.projects.lan.
53 IN PTR vm-053.projects.lan.
54 IN PTR vm-054.projects.lan.
55 IN PTR vm-055.projects.lan.
56 IN PTR vm-056.projects.lan.
57 IN PTR arbiter.projects.lan.
58 IN PTR masterchief.projects.lan.
59 IN PTR cortana.projects.lan.
==projects.lan DNS==
----
; jcavalu3 (50-59)
;Group Pancake
pancake IN A 10.80.3.50
vm-051 IN A 10.80.3.51
vm-052 IN A 10.80.3.52
vm-053 IN A 10.80.3.53
vm-054 IN A 10.80.3.54
vm-055 IN A 10.80.3.55
vm-056 IN A 10.80.3.56
client-057 IN A 10.80.3.57
client-058 IN A 10.80.3.58
srv-059 IN A 10.80.3.59
arbiter IN CNAME client-057
masterchief IN CNAME client-058
cortana IN CNAME srv-059
===NFS Configuration===
----
Required packages for cortana (NFS server):
* **nfs-kernel-server**
* **nfs-common**
* **portmap** (comes with nfs-common)
Required packages for masterchief and arbiter (clients):
* **nfs-common**
* **portmap** (comes with nfs-common)
After installing the **nfs-kernel-server** and **nfs-common** packages, **/etc/exports** is your best friend.
The **/dev/exports** file:
# /etc/exports: the access control list for filesystems which may be exported
# to NFS clients. See exports(5).
#
# Example for NFSv2 and NFSv3:
/srv masterchief(rw,sync,no_subtree_check,no_root_squash) arbiter(rw,sync,no_subtree_check,no_root_squash)
#
# Example for NFSv4:
# /srv/nfs4 gss/krb5i(rw,sync,fsid=0,crossmnt,no_subtree_check,no_root_squash)
# /srv/nfs4/homes gss/krb5i(rw,sync,no_subtree_check,no_root_squash)
#
**The uncommented line contains the client mount settings.**
**fstab** has been configured to mount cortana:/home to the client's /home directory on startup.
# /etc/fstab: static file system information.
#
#
proc /proc proc defaults 0 0
devpts /dev/pts devpts rw,noexec,nosuid,gid=5,mode=620 0 0
/dev/xvda1 none swap sw 0 0
/dev/xvda2 / ext3 noatime,nodiratime,errors=remount-ro 0 1
cortana:/home /home nfs rw,sync,hard,intr 0 0
====NIS Configuration====
----
I followed a tutorial online to set up the NIS server and clients.
Server configuration can be seen [[http://www.server-world.info/en/note?os=Debian_7.0&p=nis|here]].
Client configuration can be seen [[http://www.server-world.info/en/note?os=Debian_7.0&p=nis&f=2|here]].
===Server===
The NIS domain is on the cortana server (srv-059).
The first order of business is installing the **nis** package onto the server:
apt-get install nis
At the end of the installation, it will ask you to to choose the NIS "domainname" for the server, which I called **cortana** to keep the naming scheme for the project uniform. Next comes the file configuration:
To go along with the tutorial and keep things simple and readable, I will only list the important changes in each file (all changes indicated with **change**):
root@cortana:~# vi /etc/default/nis
# line 6: set NISSERVER to master
NISSERVER=**master**
root@cortana:~# vi /etc/ypserv.securenets
# This line gives access to everybody
0.0.0.0 0.0.0.0
root@cortana:~# vi /var/yp/Makefile
# add shadow in front of passwd on line 119
ALL = passwd **shadow** group hosts rpc services netid protocols netgrp
root@cortana:~# vi /etc/hosts
127.0.0.1 localhost
127.0.1.1 cortana cortana
# add the IP address for the NIS database
**10.80.3.59 cortana**
#update NIS database (press control-d when prompted)
root@cortana:~# /usr/lib/yp/ypinit -m
# start the NIS server
root@cortana:~# /etc/init.d/nis start
# When adding new users, you MUST UPDATE THE NIS DATABASE with the following method
root@cortana:~# cd /var/yp
root@cortana:~# make
===Client Configuration===
Client configuration begins with the installation of the NIS package and asks for the NIS domain name, which will be **cortana**.
Next, the real configuration:
root@client:~# vi /etc/yp.conf
# At the end of the file, add the domain name followed by the server in the following format:
cortana cortana.projects.lan
root@client:~# vi /etc/nsswitch.conf
passwd: compat **nis** # added on line 7
group: compat **nis** # added
shadow: compat **nis** # added
hosts: files dns **nis** # added
# Lastly, reboot the client.
With NFS and NIS configured correctly, you should now be able to log onto cortana from arbiter and masterchief as the users on cortana.