Forge Home

yp

Puppet Module for managing YP

12,922 downloads

1,646 latest version

5.0 quality score

We run a couple of automated
scans to help you access a
module's quality. Each module is
given a score based on how well
the author has formatted their
code and documentation and
modules are also checked for
malware using VirusTotal.

Please note, the information below
is for guidance only and neither of
these methods should be considered
an endorsement by Puppet.

Version information

  • 4.0.0 (latest)
  • 3.0.0
  • 2.0.2
  • 2.0.1
  • 2.0.0
  • 1.0.0
released Nov 9th 2020
This version is compatible with:
  • Puppet Enterprise 2019.8.x, 2019.7.x, 2019.5.x, 2019.4.x, 2019.3.x, 2019.2.x, 2019.1.x, 2019.0.x, 2018.1.x
  • Puppet >=5.5.10 <7.0.0
  • , , , ,

Start using this module

  • r10k or Code Manager
  • Bolt
  • Manual installation
  • Direct download

Add this module to your Puppetfile:

mod 'bodgit-yp', '4.0.0'
Learn more about managing modules with a Puppetfile

Add this module to your Bolt project:

bolt module add bodgit-yp
Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install bodgit-yp --version 4.0.0

Direct download is not typically how you would use a Puppet module to manage your infrastructure, but you may want to download the module in order to inspect the code.

Download

Documentation

bodgit/yp — version 4.0.0 Nov 9th 2020

yp

Build Status Codecov Puppet Forge version Puppet Forge downloads Puppet Forge - PDK version

Table of Contents

  1. Description
  2. Setup - The basics of getting started with yp
  3. Usage - Configuration options and additional functionality
  4. Reference - An under-the-hood peek at what the module is doing and how
  5. Limitations - OS compatibility, etc.
  6. Development - Guide for contributing to the module

Description

This module manages YP/NIS.

This module can configure the YP/NIS domain, manage the ypbind daemon to bind a client to a YP server and create and maintain master & slave YP servers using ypserv and associated daemons. It can also in the special case of OpenBSD manage the ypldap daemon to fetch YP maps from LDAP.

Setup

What yp affects

On OpenBSD this module will add the traditional +::... entries to the bottom of the /etc/passwd and /etc/group files.

Setup Requirements

You will need to manage the RPC portmapper by using bodgit/portmap or by other means.

On Linux you will need to adjust the /etc/nsswitch.conf file and PAM configuration yourself. Both trlinkin/nsswitch and herculesteam/augeasproviders_pam are known to work and used in the examples and tests in this module.

Beginning with yp

Bind a client to a YP domain using three YP servers:

include ::portmap

class { '::yp':
  domain => 'example.com',
}

class { '::yp::bind':
  domain  => 'example.com',
  servers => ['192.0.2.1', '192.0.2.2', '192.0.2.3'],
}

Class['::portmap'] ~> Class['::yp::bind'] <~ Class['::yp']

if $::osfamily == 'RedHat' {
  class { '::nsswitch':
    passwd    => ['files', 'nis', 'sss'],
    shadow    => ['files', 'nis', 'sss'],
    group     => ['files', 'nis', 'sss'],
    hosts     => ['files', 'nis', 'dns'],
    netgroup  => ['files', 'nis', 'sss'],
    automount => ['files', 'nis'],
    require   => Class['::yp::bind'],
  }

  pam { 'nis':
    ensure    => present,
    service   => 'system-auth-ac',
    type      => 'password',
    control   => 'sufficient',
    module    => 'pam_unix.so',
    arguments => [
      'md5',
      'shadow',
      'nis',
      'nullok',
      'try_first_pass',
      'use_authtok',
    ],
    require   => Class['::yp::bind'],
  }
}

Usage

Create a standalone YP server:

include ::portmap

class { '::yp':
  domain => 'example.com',
}

class { '::yp::serv':
  domain => 'example.com',
}

Class['::portmap'] ~> Class['::yp::serv'] <- Class['::yp']

Create a master YP server with two additional slaves:

include ::portmap

class { '::yp':
  domain => 'example.com',
}

class { '::yp::serv':
  domain => 'example.com',
  maps   => [
    'passwd.byname',
    'passwd.byuid',
    'group.bygid',
    'group.byname',
    'netid.byname',
  ],
  slaves => [
    '192.0.2.2',
    '192.0.2.3',
  ],
}

Class['::portmap'] ~> Class['::yp::serv'] <- Class['::yp']

Create a slave YP server pointing at the above master YP server:

include ::portmap

class { '::yp':
  domain => 'example.com',
}

class { '::yp::serv':
  domain => 'example.com',
  maps   => [
    'passwd.byname',
    'passwd.byuid',
    'group.bygid',
    'group.byname',
    'netid.byname',
  ],
  master => '192.0.2.1',
}

class { '::yp::bind':
  domain => 'example.com',
}

Class['::portmap'] ~> Class['::yp::serv'] <- Class['::yp']
Class['::yp::serv'] -> Class['::yp::bind'] <~ Class['::yp']

For OpenBSD only, set up ypldap to create YP maps from an LDAP server and also bind to it. This is the equivalent to PAM/LDAP on Linux:

include ::portmap

class { '::yp::ldap':
  domain      => 'example.com',
  directories => {
    'dc=example,dc=com' => {
      bind_dn => 'cn=ypldap,dc=example,dc=com',
      bind_pw => 'password',
      server  => '192.0.2.1',
    },
  },
}

class { '::yp':
  domain => 'example.com',
}

class { '::yp::bind':
  domain => 'example.com',
}

Class['::portmap'] ~> Class['::yp::ldap'] ~> Class['::yp::bind'] <~ Class['::yp']

Reference

The reference documentation is generated with puppet-strings and the latest version of the documentation is hosted at https://bodgit.github.io/puppet-yp/ and available also in the REFERENCE.md.

Limitations

This module was primarily written with deploying ypldap on OpenBSD in mind however to do that I realised I had classes for everything bar ypserv so I added that and made sure it was portable enough to work on one other OS. It works however I don't expect many people to still be using traditional YP/NIS.

This module has been built on and tested against Puppet 5 and higher.

The module has been tested on:

  • RedHat Enterprise Linux 6/7
  • OpenBSD 6.0/6.1/6.2/6.3

Development

The module relies on PDK and has both rspec-puppet and beaker-rspec tests. Run them with:

$ bundle exec rake spec
$ PUPPET_INSTALL_TYPE=agent PUPPET_INSTALL_VERSION=x.y.z bundle exec rake beaker:<nodeset>

Please log issues or pull requests at github.