![[PukiWiki]](image/picc.png "[PukiWiki]")
nisがRHEL9から使えなくなった
でも既存のnisシステムがあるので外せない. なら作ってしまおう.
ここではクライアントのypbindを扱います.
gitでypbindのソースが公開されている
https://github.com/thkukuk/ypbind-mt
同じように
libnss
https://github.com/thkukuk/libnss_nis
yp-tools
https://github.com/thkukuk/yp-tools
と用意されている
[root@rockylinux9 ~]# cat /etc/redhat-release
Rocky Linux release 9.4 (Blue Onyx)
[root@rockylinux9 ~]#
[root@rockylinux9 ~]# git clone https://github.com/thkukuk/ypbind-mt
[root@rockylinux9 ~]# cd ypbind-mt
[root@rockylinux9 ypbind-mt]# git checkout v2.7.2
[root@rockylinux9 ypbind-mt]# cd ..
[root@rockylinux9 ~]#
[root@rockylinux9 ~]# tar --exclude-vcs --transform 's/ypbind-mt/ypbind-mt-2.7.2/' -cvzf ypbind-mt-2.7.2.tar.gz ypbind-mtrockylinux8のypbindのsrpmを取得してそれをテンプレートに作ってみる. それって単に「rpmbuild --rebuild」でよくね?って思うが最新バージョンにしたかったので
[root@rockylinux9 ~]# curl -O http://dl.rockylinux.org/pub/rocky/8/AppStream/source/tree/Packages/y/ypbind-2.5-2.el8.src.rpm
[root@rockylinux9 ~]# rpm -Uvh ypbind-2.5-2.el8.src.rpm
[root@rockylinux9 ~]# vi rpmbuild/SPECS/ypbind.specSPECファイルをちょいと修正
|
gitから取得したソースを rpmbuild/SOURCES に移してrpmbuildする
[root@rockylinux9 ~]# dnf --enablerepo=devel install dbus-glib-devel libnsl2-devel libtirpc-devel systemd-devel
[root@rockylinux9 ~]# cp ypbind-mt-2.7.2.tar.gz rpmbuild/SOURCES/
[root@rockylinux9 ~]# rpmbuild -bb rpmbuild/SPECS/ypbind.spec
[root@rockylinux9 ~]# ls -l rpmbuild/RPMS/x86_64/ypbind-*
-rw-r--r--. 1 root root 53515 Oct 14 00:54 ypbind-2.7.2-2.el9.x86_64.rpm
-rw-r--r--. 1 root root 61045 Oct 14 00:54 ypbind-debuginfo-2.7.2-2.el9.x86_64.rpm
-rw-r--r--. 1 root root 27247 Oct 14 00:54 ypbind-debugsource-2.7.2-2.el9.x86_64.rpm
[root@rockylinux9 ~]#このypbindを入れれば..になりますが、あとnss_nisとyp-toolsが必要です
同じように
[root@rockylinux9 ~]# git clone https://github.com/thkukuk/libnss_nis
[root@rockylinux9 ~]# cd libnss_nis
[root@rockylinux9 libnss_nis]# git checkout v3.2
[root@rockylinux9 libnss_nis]# cd ..
[root@rockylinux9 ~]# tar --exclude-vcs --transform 's/libnss_nis/libnss_nis-3.2/' -cvzf libnss_nis-3.2.tar.gz libnss_nis[root@rockylinux9 ~]# curl -O http://dl.rockylinux.org/pub/rocky/8/BaseOS/source/tree/Packages/n/nss_nis-3.0-8.el8.src.rpm
[root@rockylinux9 ~]# rpm -Uvh nss_nis-3.0-8.el8.src.rpm
[root@rockylinux9 ~]# vi rpmbuild/SPECS/nss_nis.spec |
[root@rockylinux9 ~]# cp libnss_nis-3.2.tar.gz rpmbuild/SOURCES/
[root@rockylinux9 ~]# rpmbuild -bb rpmbuild/SPECS/nss_nis.spec
[root@rockylinux9 ~]# ls -l rpmbuild/RPMS/x86_64/nss_nis-*
-rw-r--r--. 1 root root 41646 Oct 14 00:57 nss_nis-3.2-8.el9.x86_64.rpm
-rw-r--r--. 1 root root 77067 Oct 14 00:57 nss_nis-debuginfo-3.2-8.el9.x86_64.rpm
-rw-r--r--. 1 root root 28048 Oct 14 00:57 nss_nis-debugsource-3.2-8.el9.x86_64.rpm
[root@rockylinux9 ~]#git由来のversionを調べたら Rokylinux8 と同じ 4.2.3 なので「rpmbuild --rebuild」で済ます
[root@rockylinux9 ~]# curl -O http://dl.rockylinux.org/pub/rocky/8/AppStream/source/tree/Packages/y/yp-tools-4.2.3-2.el8.src.rpm
[root@rockylinux9 ~]# rpmbuild --rebuild yp-tools-4.2.3-2.el8.src.rpm
[root@rockylinux9 ~]# ls -l rpmbuild/RPMS/x86_64/yp-tools-*
-rw-r--r--. 1 root root 84056 Oct 14 00:58 rpmbuild/RPMS/x86_64/yp-tools-4.2.3-2.el9.x86_64.rpm
-rw-r--r--. 1 root root 91355 Oct 14 00:58 rpmbuild/RPMS/x86_64/yp-tools-debuginfo-4.2.3-2.el9.x86_64.rpm
-rw-r--r--. 1 root root 26816 Oct 14 00:58 rpmbuild/RPMS/x86_64/yp-tools-debugsource-4.2.3-2.el9.x86_64.rpm
[root@rockylinux9 ~]#っでインストール
[root@rockylinux9 ~]# dnf localinstall rpmbuild/RPMS/x86_64/ypbind-2.7.2-2.el9.x86_64.rpm \
rpmbuild/RPMS/x86_64/nss_nis-3.2-8.el9.x86_64.rpm \
rpmbuild/RPMS/x86_64/yp-tools-4.2.3-2.el9.x86_64.rpm
[root@rockylinux9 ~]# vi /etc/yp.conf
domain sybyl server nis
[root@rockylinux9 ~]# systemctl enable ypbind --nowこれで直接pamやnsswitch.confを修正させてnis対応にすることができるが、RHEL9の行儀に倣えばauthselectを使う事になる
っが、RHEL9で提供される authselect はRHEL9の方針でnisのサポートは当然抜けている.
本来のauthselectはnisもカバー範囲でオリジナルをみると今時点もnisをサポートしている
https://github.com/authselect/authselect
なのでsrpmを取得してnis排除を無効にしてみた
[root@rockylinux9 ~]# curl -O http://dl.rockylinux.org/pub/rocky/9/BaseOS/source/tree/Packages/a/authselect-1.2.6-2.el9.src.rpm
[root@rockylinux9 ~]# rpm -Uvh authselect-1.2.6-2.el9.src.rpm
[root@rockylinux9 ~]# vi rpmbuild/SPECS/authselect.spec |
[root@rockylinux9 ~]# dnf --enablerepo=devel install libcmocka-devel popt-devel po4a python3-devel
[root@rockylinux9 ~]# rpmbuild -bb rpmbuild/SPECS/authselect.spec
[root@rockylinux9 ~]# ls -l rpmbuild/RPMS/x86_64/authselect-*
-rw-r--r--. 1 root root 143120 Oct 14 01:03 rpmbuild/RPMS/x86_64/authselect-1.2.6-2.el9.x86_64.rpm
-rw-r--r--. 1 root root 33165 Oct 14 01:03 rpmbuild/RPMS/x86_64/authselect-compat-1.2.6-2.el9.x86_64.rpm
-rw-r--r--. 1 root root 38782 Oct 14 01:03 rpmbuild/RPMS/x86_64/authselect-debuginfo-1.2.6-2.el9.x86_64.rpm
-rw-r--r--. 1 root root 51186 Oct 14 01:03 rpmbuild/RPMS/x86_64/authselect-debugsource-1.2.6-2.el9.x86_64.rpm
-rw-r--r--. 1 root root 12093 Oct 14 01:03 rpmbuild/RPMS/x86_64/authselect-devel-1.2.6-2.el9.x86_64.rpm
-rw-r--r--. 1 root root 242934 Oct 14 01:03 rpmbuild/RPMS/x86_64/authselect-libs-1.2.6-2.el9.x86_64.rpm
-rw-r--r--. 1 root root 97197 Oct 14 01:03 rpmbuild/RPMS/x86_64/authselect-libs-debuginfo-1.2.6-2.el9.x86_64.rpm
[root@rockylinux9 ~]#
[root@rockylinux9 ~]# dnf reinstall rpmbuild/RPMS/x86_64/authselect-libs-1.2.6-2.el9.x86_64.rpm
[root@rockylinux9 ~]# authselect list
- minimal Local users only for minimal installations
- nis Enable NIS for system authentication
- sssd Enable SSSD for system authentication (also for local users only)
- winbind Enable winbind for system authentication
[root@rockylinux9 ~]#
[root@rockylinux9 ~]# authselect select nis --forceこれでnisサーバからアカウント情報が引けます.
RHEL9でサポートから外したnisを復活させてみたけど、自己責任. でもそもそもRHELとか使ってもRHELは瑕疵に賠償はせんよな
忘れてたautofsもnis対応に戻します
[root@rockylinux9 ~]# curl -O http://dl.rockylinux.org/pub/rocky/9/devel/source/tree/Packages/a/autofs-5.1.7-58.el9.src.rpm
[root@rockylinux9 ~]# rpm -Uvh autofs-5.1.7-58.el9.src.rpm
[root@rockylinux9 ~]# vi rpmbuild/SOURCES/autofs-5.1.7-fix-dangling-symlink-creation-if-nis-support-is-not-available.patch |
[root@rockylinux9 ~]# dnf install cyrus-sasl-devel krb5-devel libsss_autofs libxml2-devel openldap-devel
[root@rockylinux9 ~]# rpmbuild -bb rpmbuild/SPECS/autofs.spec
[root@rockylinux9 ~]# ls -l rpmbuild/RPMS/x86_64/autofs-*
-rw-r--r--. 1 root root 385292 Oct 14 01:08 rpmbuild/RPMS/x86_64/autofs-5.1.7-58.el9.x86_64.rpm
-rw-r--r--. 1 root root 725206 Oct 14 01:08 rpmbuild/RPMS/x86_64/autofs-debuginfo-5.1.7-58.el9.x86_64.rpm
-rw-r--r--. 1 root root 270815 Oct 14 01:08 rpmbuild/RPMS/x86_64/autofs-debugsource-5.1.7-58.el9.x86_64.rpm
[root@rockylinux9 ~]#
[root@rockylinux9 ~]# dnf install nfs-utils
[root@rockylinux9 ~]# dnf localinstall rpmbuild/RPMS/x86_64/autofs-5.1.7-58.el9.x86_64.rpm
(既にautofsが入っていたら)
[root@rockylinux9 ~]# dnf reinstall rpmbuild/RPMS/x86_64/autofs-5.1.7-58.el9.x86_64.rpm本家様 https://github.com/thkukuk/ypserv
nisサーバもrockylinux9 で賄うなら.
[root@rockylinux9 ~]# curl -O http://dl.rockylinux.org/pub/rocky/8/AppStream/source/tree/Packages/y/ypserv-4.1-1.el8.src.rpm
[root@rockylinux9 ~]# rpm -Uvh ypserv-4.1-1.el8.src.rpm
[root@rockylinux9 ~]# git clone https://github.com/thkukuk/ypserv
[root@rockylinux9 ~]# cd ypserv
[root@rockylinux9 ypserv]# git checkout v4.2
[root@rockylinux9 ypserv]# cd ..
[root@rockylinux9 ~]#
[root@rockylinux9 ~]# tar --exclude-vcs --transform 's/ypserv/ypserv-4.2/' -cvzf ypserv-4.2.tar.gz ypserv
[root@rockylinux9 ~]# cp ypserv-4.2.tar.gz rpmbuild/SOURCES/
[root@rockylinux9 ~]# vi rpmbuild/SPECS/ypserv.specrockylinux8のypservを参照に作ります
|
[root@rockylinux9 ~]# dnf --enablerepo=devel install tokyocabinet-devel libnsl2-devel libtirpc-devel systemd-devel
[root@rockylinux9 ~]# rpmbuild -bb rpmbuild/SPECS/ypserv.spec
[root@rockylinux9 ~]# ls -l rpmbuild/RPMS/x86_64/ypserv-*
-rw-r--r--. 1 root root 156556 Oct 14 01:11 rpmbuild/RPMS/x86_64/ypserv-4.2-1.el9.x86_64.rpm
-rw-r--r--. 1 root root 198005 Oct 14 01:11 rpmbuild/RPMS/x86_64/ypserv-debuginfo-4.2-1.el9.x86_64.rpm
-rw-r--r--. 1 root root 64892 Oct 14 01:11 rpmbuild/RPMS/x86_64/ypserv-debugsource-4.2-1.el9.x86_64.rpm
[root@rockylinux9 ~]#dnfで上書きされて困るので「/etc/yum.conf」に下記を加えておく
exclude=ypbind nss_nis yp-tools authselect-libs autofs
