test

Trusted Solaris Administrator's Procedures

To Save and Restore NIS+ Tables

Before installing a new Trusted Solaris release, you can save the information in your name service and restore it to the system after installation.

  1. Create a script or use another means to dump the NIS+ tables into text files.

    Note -

    It is a good idea to dump the NIS+ tables into text files routinely, at least every time you make a change to NIS+.

    1. To create a script, assume the security administrator role and use the Admin Editor action to create the script file at ADMIN_LOW.

      The following example shows a script called nisscript that the administrator role can create to do the dumps and to create a list of group members for later re-creation of the groups table.


      #!/bin/sh
# nisscript
# nisplus tables into text files
#
 
mkdir -p /var/nis-backup
chmod 700 /var/nis-backup
cp /etc/.rootkey /var/nis-backup/dot-rootkey
 
# standard Solaris and Trusted Solaris tables
# NOTE: Add any tables created at your site 
 
cd /var/nis/data
for i in audit_user auth_attr aliases bootparams ethers \
exec_attr group hosts netgroup netmasks networks passwd \
prof_attr protocols rpc services timezone tnrhdb tnrhtp \
user_attr shadow
do echo $i
/usr/lib/nis/nisaddent -d $i >/var/nis-backup/$i
done
 
# Use the following if you have any key value tables
 
for i in sendmailvars tntime
do echo $i
/usr/lib/nis/nisaddent -d -t $i.org_dir key-value >/var/nis-backup/$i
done
 
# get a list of each group and list each member in each group
 
mkdir -p /var/nis-backup/groups.list
chmod 700 /var/nis-backup/groups.list
for i in `nisls groups_dir | grep -v `:'`
do nisgrpadm -l $i >> /var/nis-backup/groups.list/group.members
done

    2. Assume the root role and run the nisscript created in the previous step at ADMIN_LOW.

  2. For each group, execute the nisgrpadm -l command to list each of its members and save the output for use in Step 7.


    $ nisgrpadm -l group_name

  3. Copy the directory containing the text dump files to a partition that you plan not to overwrite during installation or use tar to copy the files to tape or floppy.

  4. After installation, if you did not save the text dump files in a saved partition, as root at ADMIN_LOW, create a staging directory for the text file dumps of NIS+ tables and restore the files from tape or floppy.

    The screen example illustrates what to do when restoring the text NIS+ files to a /setup/files directory from a tape. 


    # cd /setup/files
# tar xv
bootparams
ethers
.
.
.

  5. At the appropriate point in "Configuring the NIS+ Domain" in Trusted Solaris Installation and Configuration, re-create the NIS+ environment.


    # nisserver -r -d domain-name.

    Make sure to include the final period (.) in the domain's name.

  6. In the Security Administrator role, at ADMIN_LOW, after running the nisserver command, run the nispopulate command in a profile shell with the -F and -p options followed by the name of the directory where the text dump files reside.


    $ nispopulate -F -p /setup/files

  7. Re-create the NIS+ groups and add members manually from the list of group members saved from the nisscript as described in Step 2.

    There is no easy way to recreate the NIS+ groups automatically.