Am 2022-02-04 13:21, schrieb Stefan Seyfried:
On 04.02.22 12:52, Mathias Homann wrote:
Am 2022-02-04 12:32, schrieb Thorsten Kukuk:
Hi,
I think it's time to retire NIS.
I disagree. NIS still works, and does what it is supposed to.
I agree with the disagreement ;-)
My usecase here: propagate user ids and automounter maps for nfs mounts (home and some file shares) from my central server to all machines in the network.
Security is not really a concern in this setup, and NIS / ypbind is simple and "just works".
LDAP for this usecase was a major PITA last I looked (ok, 15 years back), even the userid lookup was orders of magnitude slower (and this was in a professionally managed corporate setup, I did not even have to care for the LDAP server setup. Still it worked much better with NIS than with LDAP back in the nürnberg suse network).
Let's assume that this gets dropped from openSUSE: Is there a replacement that's simple to set up? something like dnsmasq is for dhcp, just for LDAP? Just to publish a central /etc/passwd into the network, I don't really want to research database layouts, LDAP schemes, object classes and whatever. So like dnsmasq simply uses /etc/hosts to configure its name server, is there something similar for LDAP that just reads /etc/passwd and friends and publishes this in a ready-to-use LDAP format?
If not, this will be hard loss.
I've been teaching people how to set up and use FreeIPA for five years in RH413, and I've been pondering switching from NIS to FreeIPA ever since I first saw it - and every time I hit that "NFSv4 fro kerberized NFS" part I realize that NFSv4 has no support for standard linux ACLs, and does NFS ACLs *instead* which would mean that for each file I'd have TWO sets of ACLs (for NFS and for SMB), and that usually is when I quote that line from game of thrones... "not today." Seriously, completely dropping nis would be a seriously hard loss. Cheers MH -- Mathias Homann Mathias.Homann@openSUSE.org xmpp: lemmy@tuxonline.tech matrix: @mathias:eregion.de irc: [Lemmy] on liberachat and ircnet obs/pmbs: lemmy04 gpg key fingerprint: 8029 2240 F4DD 7776 E7D2 C042 6B8E 029E 13F2 C102