I think it's time to retire NIS. The current code is now over 25 years
old, and the protocol had already 25 years ago big drawbacks. Which SUN
tried to solve with NIS+, but that wasn't really successful.
Which leads to the problem that the few NIS users run more and more into
problems, since NIS doesn't fit anymore together with current network
technologies, security requirements and in general modern technologies
like Container and k8s.
Additional quite some of the features don't work anymore in most networks
or at all and we had to patch several core libraries so that NIS can still
RPC itself, the base service, also has many limitations and was never
designed for current network technologies and is creating more and more
problems today. So the increasing work is not because of bugs in the code,
but because the technology around changed incompatible.
My plan is:
- drop ypserv from Factory
- remove our own changes for NIS from the code
- drop ypbind/yp-tools/libnss_nis/... from Factory
Of course, the code will still exist in the network:NIS devel project
and continues to stay there, at least as long as it works without major
efford. But we will not revert new changes in core libraries only to keep
And we will of course not patch upstream tools having NIS support like the
dhcp server and clients, but you will have to configure this yourself.
So if you are still using NIS, you should think about switching to
something more modern and secure, e.g. LDAP.
Thorsten Kukuk, Distinguished Engineer, Senior Architect
SUSE Software Solutions Germany GmbH, Maxfeldstr. 5, 90409 Nuernberg, Germany
Managing Director: Ivo Totev (HRB 36809, AG Nürnberg)