Mark Brown wrote:
On Fri, Sep 23, 2005 at 09:04:19AM +0200, Bas van der Vlies wrote:
After reading your mail i have now configured both ypserv files: (see
attachments)
OK, I'm stumped. Your securenets configuration looks like it will do
what you're looking for and the ypserv logs you provided in the other
report appear to show it doing just what you asked for. Would it be
possible for you to capture trace of ypbind finding the wrong server?
After an day of debugging and restarting some servers. I have a strace
of binding to the wrong server. Hopefully t is enough.
gb-r8n1# ypwhich
ib-r7n15.irc.sara.nl
gb-r8n1# ypcat passwd
No such map passwd.byname. Reason: Internal NIS error
ypserv.securenets:
# Always allow access for localhost
255.0.0.0 127.0.0.0
# Only 192.168.160.0 network
#
255.255.252.0 192.168.16.0
~
ypserv.conf:
# This is the default - restrict access to the shadow password file,
# allow access to all others.
* : * : shadow.byname : port
* : * : passwd.adjunct.byname : port
# Default access is allow everybody on each interface
#* : * : * : none
# New SARA syntax from Debian NIS maintainer, BvdV thanks
#
127.0.0.1 : * : * : none
192.168.16.0/255.255.252.0 : * : * : none
#10.0.16.0/255.255.252.0 : * : * : none
# This an bug in ypbind localhost, so list all ypservers
#
10.0.17.130 : * : * : none
145.100.29.212 : * : * : none
145.100.29.214 : * : * : none
# Deny the rest
#
* : * : * : deny
Regards
--
--
********************************************************************
* *
* Bas van der Vlies e-mail: [EMAIL PROTECTED] *
* SARA - Academic Computing Services phone: +31 20 592 8012 *
* Kruislaan 415 fax: +31 20 6683167 *
* 1098 SJ Amsterdam *
* *
********************************************************************
Pinging all active server.
[{fd=4, events=POLLIN|POLLPRI|POLLRDNORM|POLLRDBAND,
revents=POLLIN|POLLRDNORM}, {fd=5,
events=POLLIN|POLLPRI|POLLRDNORM|POLLRDBAND}], 2, -1) = 1
recvmsg(4, {msg_name(16)={sa_family=AF_INET, sin_port=htons(845),
sin_addr=inet_addr("127.0.0.1")},
msg_iov(1)=[{"}\321UV\0\0\0\0\0\0\0\2\0\1\206\247\0\0\0\2\0\0\0\1\0\0"...,
8800}], msg_controllen=24, {cmsg_len=24, cmsg_level=SOL_IP, cmsg_type=, ...},
msg_flags=0}, 0) = 52
write(2, "ypbindproc_domain_2_svc (elsacaf"..., 34ypbindproc_domain_2_svc
(elsacafe)) = 34
write(2, "\n", 1
) = 1
write(2, "Pinging all active server.", 26Pinging all active server.) = 26
write(2, "\n", 1
) = 1
sendto(7, "%$e\202\0\0\0\0\0\0\0\2\0\1\206\244\0\0\0\2\0\0\0\1\0\0"..., 52, 0,
{sa_family=AF_INET, sin_port=htons(666), sin_addr=inet_addr("192.168.16.19")},
16) = 52
poll([{fd=7, events=POLLIN, revents=POLLERR}], 1, 1000) = 1
recvmsg(7, {msg_name(16)={sa_family=AF_INET, sin_port=htons(666),
sin_addr=inet_addr("192.168.16.19")},
msg_iov(1)=[{"%$e\202\0\0\0\0\0\0\0\2\0\1\206\244\0\0\0\2\0\0\0\1\0\0"...,
52}], msg_controllen=44, {cmsg_len=44, cmsg_level=SOL_IP, cmsg_type=, ...},
msg_flags=MSG_ERRQUEUE}, MSG_ERRQUEUE) = 52
write(2, "Server for domain \'elsacafe\' doe"..., 44Server for domain
'elsacafe' doesn't answer.) = 44
write(2, "\n", 1
) = 1
close(7) = 0
write(2, "do_broadcast() for domain \'elsac"..., 46do_broadcast() for domain
'elsacafe' is called) = 46
write(2, "\n", 1
) = 1
uname({sys="Linux", node="ib-r8n1.irc.sara.nl", ...}) = 0
geteuid32() = 0
getegid32() = 0
getgroups32(32, [0]) = 1
gettimeofday({1127756111, 931571}, NULL) = 0
socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP) = 6
setsockopt(6, SOL_SOCKET, SO_BROADCAST, [1], 4) = 0
ioctl(6, SIOCGIFCONF, {96, {{"lo", {AF_INET, inet_addr("127.0.0.1")}}, {"ib0",
{AF_INET, inet_addr("10.0.17.135")}}, {"eth0", {AF_INET,
inet_addr("192.168.17.135")}}}}) = 0
ioctl(6, SIOCGIFFLAGS, 0xbfd08f1c) = 0
ioctl(6, SIOCGIFFLAGS, 0xbfd08f1c) = 0
ioctl(6, SIOCGIFBRDADDR, 0xbfd08f1c) = 0
ioctl(6, SIOCGIFFLAGS, 0xbfd08f1c) = 0
ioctl(6, SIOCGIFBRDADDR, 0xbfd08f1c) = 0
sendto(6, "_\256\177o\0\0\0\0\0\0\0\2\0\1\206\240\0\0\0\2\0\0\0\5"..., 112, 0,
{sa_family=AF_INET, sin_port=htons(111), sin_addr=inet_addr("10.0.19.255")},
16) = 112
sendto(6, "_\256\177o\0\0\0\0\0\0\0\2\0\1\206\240\0\0\0\2\0\0\0\5"..., 112, 0,
{sa_family=AF_INET, sin_port=htons(111), sin_addr=inet_addr("192.168.19.255")},
16) = 112
poll([{fd=6, events=POLLIN, revents=POLLIN}], 1, 4000) = 1
recvfrom(6, "_\256\177o\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 8800,
0, {sa_family=AF_INET, sin_port=htons(111), sin_addr=inet_addr("10.0.17.130")},
[16]) = 36
socket(PF_FILE, SOCK_STREAM, 0) = 7
connect(7, {sa_family=AF_FILE, path="/var/run/.nscd_socket"}, 110) = -1 ENOENT
(No such file or directory)
close(7) = 0
open("/etc/hosts", O_RDONLY) = 7
fcntl64(7, F_GETFD) = 0
fcntl64(7, F_SETFD, FD_CLOEXEC) = 0
fstat64(7, {st_mode=S_IFREG|0644, st_size=367, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0xb7ef7000
read(7, "#\n# Created by SystemImager\n#\n12"..., 4096) = 367
read(7, "", 4096) = 0
close(7) = 0
munmap(0xb7ef7000, 4096) = 0
gettimeofday({1127756111, 933346}, NULL) = 0
getpid() = 7142
open("/etc/resolv.conf", O_RDONLY) = 7
fstat64(7, {st_mode=S_IFREG|0644, st_size=91, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0xb7ef7000
read(7, "search irc.sara.nl\nnameserver\t19"..., 4096) = 91
read(7, "", 4096) = 0
close(7) = 0
munmap(0xb7ef7000, 4096) = 0
socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) = 7
connect(7, {sa_family=AF_INET, sin_port=htons(53),
sin_addr=inet_addr("192.168.16.3")}, 28) = 0
send(7, "\27L\1\0\0\1\0\0\0\0\0\0\003130\00217\0010\00210\7in-a"..., 42, 0) = 42
gettimeofday({1127756111, 934035}, NULL) = 0
poll([{fd=7, events=POLLIN, revents=POLLIN}], 1, 5000) = 1
ioctl(7, FIONREAD, [143]) = 0
recvfrom(7, "\27L\205\200\0\1\0\1\0\2\0\2\003130\00217\0010\00210\7"..., 1024,
0, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("192.168.16.3")},
[16]) = 143
close(7) = 0
write(2, "Answer for domain \'elsacafe\' fro"..., 63Answer for domain
'elsacafe' from server 'ib-r7n15.irc.sara.nl') = 63
write(2, "\n", 1
) = 1
socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP) = 7
bind(7, {sa_family=AF_INET, sin_port=htons(971),
sin_addr=inet_addr("0.0.0.0")}, 16) = 0
ioctl(7, FIONBIO, [1]) = 0
setsockopt(7, SOL_IP, IP_RECVERR, [1], 4) = 0
close(6) = 0
open("/var/yp/binding/elsacafe.1", O_RDWR|O_CREAT|O_TRUNC, 0644) = 6
writev(6, [{"\377\377", 2}, {"\1\0\0\0\n\0\21\202\3\331\0\0", 12}], 2) = 14
close(6) = 0
open("/var/yp/binding/elsacafe.2", O_RDWR|O_CREAT|O_TRUNC, 0644) = 6
writev(6, [{"\377\377", 2}, {"\1\0\0\0\n\0\21\202\3\331\0\0", 12}], 2) = 14
close(6) = 0
write(2, "leave do_broadcast() for domain "..., 42leave do_broadcast() for
domain 'elsacafe') = 42
write(2, "\n", 1
) = 1
write(2, "YPBINDPROC_DOMAIN: server \'10.0."..., 49YPBINDPROC_DOMAIN: server
'10.0.17.130', port 985) = 49
write(2, "\n", 1
) = 1
write(2, "Status: YPBIND_SUCC_VAL", 23Status: YPBIND_SUCC_VAL) = 23
write(2, "\n", 1
) = 1
sendmsg(4, {msg_name(16)={sa_family=AF_INET, sin_port=htons(845),
sin_addr=inet_addr("127.0.0.1")},
msg_iov(1)=[{"}\321UV\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\1"...,
36}], msg_controllen=24, {cmsg_len=24, cmsg_level=SOL_IP, cmsg_type=, ...},
msg_flags=0}, 0) = 36
poll(Pinging all active server.
Pinging all active server.
[{fd=4, events=POLLIN|POLLPRI|POLLRDNORM|POLLRDBAND,
revents=POLLIN|POLLRDNORM}, {fd=5,
events=POLLIN|POLLPRI|POLLRDNORM|POLLRDBAND}], 2, -1) = 1
recvmsg(4, {msg_name(16)={sa_family=AF_INET, sin_port=htons(849),
sin_addr=inet_addr("127.0.0.1")},
msg_iov(1)=[{"\177\25\245\330\0\0\0\0\0\0\0\2\0\1\206\247\0\0\0\2\0\0"...,
8800}], msg_controllen=24, {cmsg_len=24, cmsg_level=SOL_IP, cmsg_type=, ...},
msg_flags=0}, 0) = 52
write(2, "ypbindproc_domain_2_svc (elsacaf"..., 34ypbindproc_domain_2_svc
(elsacafe)) = 34
write(2, "\n", 1
) = 1
write(2, "Pinging all active server.", 26Pinging all active server.) = 26
write(2, "\n", 1
) = 1
sendto(7, "F\201\223\375\0\0\0\0\0\0\0\2\0\1\206\244\0\0\0\2\0\0\0"..., 52, 0,
{sa_family=AF_INET, sin_port=htons(985), sin_addr=inet_addr("10.0.17.130")},
16) = 52
poll([{fd=7, events=POLLIN, revents=POLLIN}], 1, 1000) = 1
recvfrom(7, "F\201\223\375\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 8800,
0, {sa_family=AF_INET, sin_port=htons(985), sin_addr=inet_addr("10.0.17.130")},
[16]) = 28
write(2, "YPBINDPROC_DOMAIN: server \'10.0."..., 49YPBINDPROC_DOMAIN: server
'10.0.17.130', port 985) = 49
write(2, "\n", 1
) = 1
write(2, "Status: YPBIND_SUCC_VAL", 23Status: YPBIND_SUCC_VAL) = 23
write(2, "\n", 1
) = 1
sendmsg(4, {msg_name(16)={sa_family=AF_INET, sin_port=htons(849),
sin_addr=inet_addr("127.0.0.1")},
msg_iov(1)=[{"\177\25\245\330\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"...,
36}], msg_controllen=24, {cmsg_len=24, cmsg_level=SOL_IP, cmsg_type=, ...},
msg_flags=0}, 0) = 36
poll(Pinging all active server.
Pinging all active server.
