![[OpenBSDsupport]](images/smalltitle-support.png){kind=small}
This document describes how to setup OpenBSD 3.6 so that user accounts and home directories on one machine (the master) can be shared among a number of hosts on a lan (the clients) using the tools in the OpenBSD default install. We make use of NIS, NFS and Amd to accomplish this.
/etc/rc.conf:
portmap=YES
/etc/rc.conf:
nfs_server=YES
lockd=YES
nfs_flags="-tun 4" # 4 simultaneous clients. Crank if needed
/etc/exports:
# change to match your lan addresses and requirements
/home -maproot=0 -network 172.21.0.0 -mask 255.255.0.0
root # echo "mynisdomain" > /etc/defaultdomain
(Change 'mynisdomain' to something suitable)
root # ypinit -m
/etc/rc.conf:
ypserv_flags=
yppasswdd_flags= # Allows password changes from remote machines
root # portmap
root # nfsd -tun 4
root # mountd
root # rpc.lockd
root # ypserv
root # ypbind
root # rpc.yppasswdd
These will all be restarted on reboot.
Install favourite shells (for example zsh, bash). Update /etc/shells, /etc/usermgmt.conf and /etc/skel with preferences and defaults, for example, supply a default password and provide shell startup scripts.
root # useradd -m newuser
...
Add new users to supplementary groups in /etc/group, wheel for example.
Edit /etc/amd/amd.home to contain these 2 lines:
/defaults type:=nfs;sublink:=${key};opts:=rw,soft,intr,vers=2,proto=udp
* rhost:=mymasterhost;rfs:=/home
Change mymasterhost to hostname of master server. Can also have special
per-user settings if needed.
[Note vers=2 is the only option I could get locking over NFS working with a FreeBSD NFS client. OpenBSD's amd complains that these are old style options. What should I be using that's portable?]
root # cd /var/yp; make
/etc/rc.conf:
portmap=YES
root # echo mynisdomain > /etc/defaultdomain
(Other client OSes may do this differently.)
We'll start ypbind later.
/etc/rc.conf:
amd=YES
root # echo "/home amd.home" >> /etc/amd/master
Note that the automounted home is mounted on top of the existing /home.
/etc/rc.conf:
rpc.lockd=YES
root # vipw # Append the following line
+:*::::::::
root # pwd_mkdb /etc/master.passwd
root # vi /etc/group # Append the following line
+:*::
Might also want to prepend a '+' to existing group entries so that they
are overriden by the NIS map entry. For example +wheel:*:0:rootSee passwd(5), group(5) and afterboot(8) for details.
Need to add shells needed by master accounts in same locations. For example if master has users with /bin/zsh then client needs a /bin/zsh too.
root # portmap
root # ypbind
root # amd -x error,noinfo,nostats -a /tmp_mnt -l syslog /home amd.home
root # rpc.lockd
These will restart on boot.
Non OpenBSD clients are similar but differ in the details, for example, my FreeBSD 5.3 client has an /etc/rc.conf containing these lines:
rpcbind_enable="YES"
nisdomainname="mynisdomain"
nis_client_enable="YES"
amd_enable="YES"
amd_flags="-x error,noinfo,nostats -a /.amd_mnt -l syslog /home amd.home"
nfs_client_enable="YES"
rpc_lockd_enable="YES"
After changes are made to any of the mapped files on the master, you should run
cd /var/yp; maketo push the changes to the clients.
Things to check if it's not working:
rpcinfo -p host # to see rpc registered progs on host
mount -v # to check nfs mounts
ypcat amd.home # to check yp amd.home map
ypmatch user passwd # to check user entry in passwd map
id # to check user belongs to correct groups
less /var/log/daemon # error messages
cd /var/yp; make # you forgot, didn't you :¬)
amq # various options for controlling amd