[Freeipa-users] fixing port numbers associated with the NIS
Nalin Dahyabhai
nalin at redhat.com
Tue Nov 15 00:16:24 UTC 2011
On Mon, Nov 14, 2011 at 05:19:44PM -0500, Boris Epstein wrote:
> Hello all,
>
> I am using the FreeIPA to run NIS via a plugin. Works great - except
> that the ypserv port numbers end up different after every reboot. That
> makes it hard to run it with the firewall activated.
>
> Does anybody know how to make those port number assignments permanent?
There's no tooling specifically for doing this, but the plugin supports
it. In order to get it to use a fixed port, you'll need to edit the
directory server entry for "cn=NIS Server, cn=plugins, cn=config" and
add a "nsslapd-pluginarg0" value which contains the port number you'd
like it to use.
You can do this either by stopping the directory server, editing its
dse.ldif file directly, and then restarting it, or by editing the entry
"live" using ldapmodify and then restarting the server. The latter
method (I'm using port 541 here) looks something like this:
# ldapmodify -x -D "cn=Directory Manager" -W <<- EOF
dn: cn=NIS Server,cn=plugins,cn=config
changetype: modify
replace: nsslapd-pluginarg0
nsslapd-pluginarg0: 541
-
EOF
# ipactl restart
You'll need to supply the Directory Manager password. Once that's done,
running "rpcinfo -p" on the server should show that the NIS service is
listening on the desired port.
HTH,
Nalin
More information about the Freeipa-users
mailing list