Provided by: ypserv_4.2-2build2_amd64 bug

NAME
       ypserv.conf - configuration file for ypserv and rpc.ypxfrd


DESCRIPTION
       ypserv.conf is an ASCII file which contains some options for ypserv. It also contains a list of rules for
       special host and map access for ypserv and rpc.ypxfrd. This file will be read by ypserv and rpc.ypxfrd at
       startup, or when receiving a SIGHUP signal.

       There is one entry per line. If the line is a option line, the format is:

              option: argument

       The line for an access rule has the format:

              host:domain:map:security

       All rules are tried one by one. If no match is found, access to a map is allowed.

       Following options exist:

       files: 30
           This option specifies, how many database files should be cached by ypserv. If 0 is specified, caching
           is disabled. Decreasing this number is only possible, if ypserv is restarted.

       trusted_master: server
           If this option is set on a slave server, new maps from the host server will be accepted as master.
           The default is, that no trusted master is set and new maps will not be accepted.

           Example:

                  trusted_master: ypmaster.example.org

       slp: [yes|<no>|domain]
           If this option is enabled and SLP support compiled in, the NIS server registers itself on a SLP
           server. If the variable is set to domain, an attribute domain with a comma seperated list of
           supported domainnames is set. Else this attribute will not be set. The default is "no" (disabled).

       xfr_check_port: [<yes>|no]
           With this option enabled, the NIS master server have to run on a port < 1024. The default is "yes"
           (enabled).

       The field descriptions for the access rule lines are:

       host
           IPv4 only address. Wildcards are allowed. This rules are ignored for IPv6, which means it is better
           to not use this option at all anymore.

           Examples:

                  131.234. = 131.234.0.0/255.255.0.0
                  131.234.214.0/255.255.254.0

       domain
           specifies the domain, for which this rule should be applied. An asterix as wildcard is allowed.

       map
           name of the map, or asterisk for all maps.

       security
           one of none, port, deny:

           none
               always allow access.

           port
               allow access if from port < 1024. Otherwise do not allow access.

           deny
               deny access to this map.


FILES
       /etc/ypserv.conf


SEE ALSO
       ypserv(8), rpc.ypxfrd(8)


WARNINGS
       The access rules for special maps are no real improvement in security, but they make the life a little
       bit harder for a potential hacker.

       Solaris clients don't use privileged ports. All security options which depend on privileged ports cause
       big problems on Solaris clients.


AUTHOR
       Thorsten Kukuk <kukuk@thkukuk.de>

NIS Reference Manual                               03/04/2016                                     YPSERV.CONF(5)