0

I've got a new Rocky 8.6 system, and I've run into an issue I've never seen before. The ypbind.service times out when I try to start/restart, but if I run ypbind as root, it starts just fine.The client is in the securenets of the ypserver. Firewall is open. SELinux is disabled.

 [root@ypclient ~]# ypbind -d
296044: parsing config file
296044: Trying entry: domain ypdom server 10.xxx.xx.xx
296044: parsed domain 'ypdom' server '10.xxx.xx.xx'
296044: add_server() domain: ypdom, host: 10.xxx.xx.xx, slot: 0
296044: [Welcome to ypbind-mt, version 2.5]

296044: ping interval is 300 seconds

296044: Register ypbind for inet,udp
296044: Register ypbind for inet,tcp
296044: Register ypbind for inet6,udp
296044: Register ypbind for inet6,tcp
296044: ypbindproc_domain_3_svc (ypdom) from 127.0.0.1 port 694
296044: Ping active server for 'ypdom'
^C

[root@ypclient ~]# systemctl restart ypbind.service 
Job for ypbind.service failed because a timeout was exceeded.
See "systemctl status ypbind.service" and "journalctl -xe" for details.

Sep 13 12:53:11 ypclient systemd[1]: Starting NIS/YP (Network Information Service) Clients to NIS Domain Binder...
Sep 13 12:53:11 ypclient setsebool[294999]: Could not change active booleans: Invalid boolean
Sep 13 12:54:41 ypclient systemd[1]: ypbind.service: Start-post operation timed out. Stopping.
Sep 13 12:54:41 ypclient systemd[1]: ypbind.service: Failed with result 'timeout'.
Sep 13 12:54:41 ypclient systemd[1]: Failed to start NIS/YP (Network Information Service) Clients to NIS Domain Binder.

While I'm trying to startup ypbind I can get rpcinfo from the server:

[root@ypserv ~]# rpcinfo 10.xxx.xx.xxx |grep ypbind
    100007    3    udp       0.0.0.0.3.228          ypbind     superuser
    100007    2    udp       0.0.0.0.3.228          ypbind     superuser
    100007    1    udp       0.0.0.0.3.228          ypbind     superuser
    100007    3    tcp       0.0.0.0.3.228          ypbind     superuser
    100007    2    tcp       0.0.0.0.3.228          ypbind     superuser
    100007    1    tcp       0.0.0.0.3.228          ypbind     superuser
    100007    3    udp6      ::.3.228               ypbind     superuser
    100007    3    tcp6      ::.3.228               ypbind     superuser

But after timeout it doesn't show anything with rpcinfo. From the client rpcinfo -p things look fine:

[root@ypclient ~]# rpcinfo -p ypserv
   program vers proto   port  service
    100000    4   tcp    111  portmapper
    100000    3   tcp    111  portmapper
    100000    2   tcp    111  portmapper
    100000    4   udp    111  portmapper
    100000    3   udp    111  portmapper
    100000    2   udp    111  portmapper
    100005    1   udp  20048  mountd
    100005    1   tcp  20048  mountd
    100005    2   udp  20048  mountd
    100005    2   tcp  20048  mountd
    100005    3   udp  20048  mountd
    100005    3   tcp  20048  mountd
    100003    3   tcp   2049  nfs
    100003    4   tcp   2049  nfs
    100227    3   tcp   2049  nfs_acl
    100021    1   udp  49486  nlockmgr
    100021    3   udp  49486  nlockmgr
    100021    4   udp  49486  nlockmgr
    100021    1   tcp  32977  nlockmgr
    100021    3   tcp  32977  nlockmgr
    100021    4   tcp  32977  nlockmgr
    100024    1   udp  59518  status
    100024    1   tcp  42633  status
    100004    2   udp    695  ypserv
    100004    1   udp    695  ypserv
    100004    2   tcp    695  ypserv
    100004    1   tcp    695  ypserv
    100009    1   udp    918  yppasswdd
    100009    1   tcp    918  yppasswdd
    100007    3   udp    882  ypbind
    100007    2   udp    882  ypbind
    100007    1   udp    882  ypbind
    100007    3   tcp    882  ypbind
    100007    2   tcp    882  ypbind
    100007    1   tcp    882  ypbind

The only thing that I can think of is that nsswitch.conf has changed. I'm using the one the rest of my cluster is using, but I noticed the default one had other issues, and I had to move things around just to get it to resolve the ypserv.

nsswitch.conf

passwd:     files nis
shadow:     files nis
group:      files nis

hosts:      files nis dns

services:   nis [NOTFOUND=return] files
networks:   nis [NOTFOUND=return] files
protocols:  nis [NOTFOUND=return] files
rpc:        nis [NOTFOUND=return] files
ethers:     nis [NOTFOUND=return] files
netmasks:   nis [NOTFOUND=return] files     
bootparams: nis [NOTFOUND=return] files

netgroup:   nis

publickey:  nis

automount:  files nis
aliases:    files nis
Astro.Bacon
  • 1
  • 1

1 Answers1

0

Well, after fiddling and fiddling, I did find that my inclination was correct. It was nsswitch.conf. This works:

aliases:    files nis
automount:  files nis
ethers:     files nis
group:      files nis systemd
hosts:      files nis dns myhostname
initgroups: files nis
netgroup:   files nis
networks:   files nis
passwd:     files nis systemd
protocols:  files nis
publickey:  files nis
rpc:        files nis
services:   files nis
shadow:     files nis
Astro.Bacon
  • 1
  • 1
  • i suspect it was probably for rpc. do you actually have nis maps for all of those files? if not it's perfectly okay, and better just to only have nis entries for when there is nis, and leave it just as files for most of the entries. And the sequence (as you discovered matters) – toppk Sep 14 '22 at 02:00