Recipe 2.4 Configuring Red Hat 7.3 to Read Aliases from a NIS Server

Previous page
Table of content
Next page

Problem

You want to use NIS to access the aliases database on a Red Hat 7.3 system.

Solution

Change to the /etc/mail directory and create a service.switch file. Here is an example: 

 #  cd /etc/mail  #  cat - > service.switch  aliases nis files hosts   dns files passwd  files nis

Discussion

No m4 configuration commands are needed to enable support for the service.switch file ”it is available by default. The basic sendmail configuration already installed on your system will probably work with this file; the generic configuration discussed in Recipe 1.8 certainly will.

Network Information Service (NIS), developed by Sun Microsystems, makes many system administration databases available over the network. NIS allows an organization to centrally control and maintain important configuration files for all Unix clients . The aliases database is one of the files that can be centrally maintained and accessed through NIS.

A service switch file defines the sources for various system administration files and the order in which those sources should be queried. service.switch is the default filename that sendmail uses for a service switch file if the system does not have a service switch file that sendmail can use. [6] When running on a Red Hat Linux system, current versions of sendmail look for service.switch in the /etc/mail directory; earlier versions looked for the file in the /etc directory. The path to the sendmail service switch file can be changed using the confSERVICE_SWITCH_FILE define. However, it is generally easier to place the service.switch file in the /etc/mail directory where sendmail, and most administrators, expect to find it.

[6] Red Hat 7.3 has a service switch file named /etc/nsswitch.conf . However, as the manpage makes clear, the aliases entry in the nsswitch.conf file is ignored.

The sendmail service.switch file is much shorter than the system's service switch file because sendmail is only interested in three types of system administration information: mail aliases, host information, and user information.

The service.switch file contains an entry for each type of information identified by the name of the file that traditionally provides the information: aliases , hosts , or passwd . The name is followed by the list of sources for that type of information. The aliases entry in the example is: 

 aliases nis files

NIS is listed first, meaning that sendmail will first attempt to resolve an alias via NIS and will only look the alias up in the local aliases file if NIS cannot resolve the alias. Thus, aliases that only exist in the local file will still be resolved, but aliases in the NIS map file will take precedence.

Several sources of information can be specified in the service.switch file:


files

The local /etc/mail/aliases , /etc/hosts , and /etc/passwd files.


nis

NIS Version 2, which can be used for aliases , hosts , and passwd information.


nisplus

NIS Version 3, which can be used for aliases , hosts , and passwd information.


ldap

LDAP can be used for aliases , hosts , and passwd information. Recipe 2.3 shows the correct way to read aliases from an LDAP server.


hesiod

The Hesiod service can be used for aliases , hosts , and passwd information, but it is primarily used for passwd information.


dns

DNS can be used for hosts information.

To use any of these services, your system must be able to act as a client for the service and must be properly configured. Configuring these services is beyond the scope of this book.

Wrapping some tests around our recipe shows the immediate impact of our solution: 

 #  praliases bin  bin:craig #  ypmatch bin aliases  root #  sendmail -bv bin  craig... deliverable: mailer local, user craig #  cd /etc/mail  #  cat - > service.switch  aliases nis files hosts   dns files passwd  files nis  Ctrl-D  #  sendmail -bv bin  root... deliverable: mailer local, user root #  praliases kathy  kathy:kathy@chef.wrotethebook.com #  ypmatch kathy aliases  Can't match key kathy in map mail.aliases. Reason: No such key in map #  sendmail -bv kathy  kathy@chef.wrotethebook.com... deliverable: mailer esmtp, host chef.wrotethebook.com. , user kathy@chef.wrotethebook.com

The first praliases command shows the value stored for the bin alias in the local aliases database, and the first ypmatch command shows the value stored for that alias in the NIS database. The local file maps bin to craig and the NIS database maps bin to root ” a more reasonable value. The first sendmail -bv test shows that the delivery address from the local file is being used. Then we prepare our simple recipe. As soon as the service.switch file is built, the sendmail -bv test is rerun. This time, the delivery address used for bin is the one defined on the NIS server. Clearly, our simple recipe causes the local system to use NIS to resolve aliases.

The last three lines in the test illustrate the fact that the local file is still used when NIS cannot resolve an alias. In this case, an alias exists for kathy in the local file but not in the NIS map. Still, mail will be delivered to kathy using the value from the local file.

Alternatives

An alternative to creating a service.switch file is to define the sources of information, and the order in which they are searched, using the ALIAS_FILE define in sendmail.cf . For example, the following define would do the same thing as the aliases entry from the service.switch file in our recipe: 

 define(ALIAS_FILE, `nis:mail.aliases,/etc/mail/aliases')

This define tells sendmail that the first source of alias information is the NIS mail.aliases map, and the second source of information is the local /etc/mail/aliases file. To implement this alternative solution, add this line to the sendmail.mc file, rebuild the sendmail.cf file, copy the sendmail.cf file to /etc/mail , and restart sendmail.

This alternative solution is harder to implement and more difficult to maintain than the service.switch file. Changing the search order requires modifying sendmail.mc , rebuilding sendmail.cf , copying the sendmail.cf file to the correct directory, and restarting sendmail. To modify the search order using the service.switch file, simply change the aliases line in that file. The change is immediately effective. Time and again, the best sendmail configuration solutions do not involve any changes to the sendmail.cf file.

One final note about this alternative. Don't use both solutions at the same time. If we used both the service.switch file created in our recipe and the ALIAS_FILE define just shown, sendmail would first follow the instructions in the service.switch file and lookup the alias via NIS and in the local aliases file. Then sendmail would perform any optional processing requested by the ALIAS_FILE define, meaning it would lookup the same alias with NIS again. This is not a major problem, but it does add unnecessary overhead.

See Also

Recipe 2.5 provides a solution to a similar configuration problem for Solaris. The sendmail book covers the service.switch file in 12.1.1, the confSERVICE_SWITCH_FILE define in 24.9.100, and the ALIAS_FILE define in 24.9.1. Managing NFS and NIS , Second Edition, by Stern, Eisler, and Labiaga (O'Reilly), covers NIS in detail.


Previous page
Table of content
Next page
Sendmail Cookbook
sendmail Cookbook
ISBN: 0596004710
EAN: 2147483647
Year: 2005
Pages: 178
Authors: Craig Hunt
BUY ON AMAZON
Interprocess Communications in Linux: The Nooks and Crannies
Google Maps Hacks: Tips & Tools for Geographic Searching and Remixing
Ruby Cookbook (Cookbooks (OReilly))
Cisco ASA: All-in-One Firewall, IPS, and VPN Adaptive Security Appliance
The Lean Six Sigma Pocket Toolbook. A Quick Reference Guide to Nearly 100 Tools for Improving Process Quality, Speed, and Complexity
Telecommunications Essentials, Second Edition: The Complete Global Source (2nd Edition)
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy