이 섹션의 샘플 프로파일을 템플리트로 사용하여 고유의 프로파일을 만들거나, sysconfig 도구를 naming_services 그룹과 함께 사용하여 프롬프트할 응답에 따라 프로파일을 만들 수 있습니다. sysconfig를 사용하여 시스템 구성 파일을 만드는 방법은 SCI 도구를 사용하여 시스템 구성 프로파일 만들기 및 sysconfig(1M) 매뉴얼 페이지를 참조하십시오.
이 예제 프로파일은 다음 구성을 수행합니다.
my.domain.com에 대해 NIS를 사용으로 설정합니다.
NIS 서버를 검색하는 브로드캐스팅을 사용합니다(동일한 서브넷에 있어야 함).
이름 서비스 캐시 서비스를 사용으로 설정합니다(필수).
<?xml version="1.0"?>
<!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1">
<!--
Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
-->
<service_bundle type='profile' name='default'>
<service name='network/nis/domain' type='service' version='1'>
<property_group name='config' type='application'>
<propval name='domainname' type='hostname' value='my.domain.com'/>
</property_group>
<instance name='default' enabled='true' />
</service>
<service name='network/nis/client' type='service' version='1'>
<property_group name='config' type='application'>
<propval name='use_broadcast' type='boolean' value='true'/>
</property_group>
<instance name='default' enabled='true' />
</service>
<service name='system/name-service/switch' type='service' version='1'>
<property_group name='config' type='application'>
<propval name='default' type='astring' value='files nis'/>
<propval name='printer' type='astring' value='user files nis'/>
<propval name='netgroup' type='astring' value='nis'/>
</property_group>
<instance name='default' enabled='true' />
</service>
<service name='system/name-service/cache' type='service' version='1'>
<instance name='default' enabled='true' />
</service>
</service_bundle>
예 11-10 NIS 구성 및 DNS 사용 안함
이 예제 프로파일은 다음 구성을 수행합니다.
NIS 서버에 대한 자동 브로드캐스팅으로 이름 서비스 NIS를 구성합니다(동일한 서브넷에 있어야 함).
NIS 도메인 my.domain.com을 구성합니다.
이름 서비스 캐시 서비스를 사용으로 설정합니다(필수).
DNS 이름 서비스를 사용 안함으로 설정합니다.
<?xml version='1.0'?>
<!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1">
<service_bundle type="profile" name="sysconfig">
<!-- service name-service/switch below for NIS only - (see nsswitch.conf(4)) -->
<service version="1" type="service" name="system/name-service/switch">
<property_group type="application" name="config">
<propval type="astring" name="default" value="files nis"/>
<propval type="astring" name="printer" value="user files nis"/>
<propval type="astring" name="netgroup" value="nis"/>
</property_group>
<instance enabled="true" name="default"/>
</service>
<!-- service name-service/cache must be present along with name-service/switch -->
<service version="1" type="service" name="system/name-service/cache">
<instance enabled="true" name="default"/>
</service>
<!-- if no DNS, must be explicitly disabled to avoid error msgs -->
<service version="1" type="service" name="network/dns/client">
<instance enabled="false" name="default"/>
</service>
<service version="1" type="service" name="network/nis/domain">
<property_group type="application" name="config">
<propval type="hostname" name="domainname" value="my.domain.com"/>
</property_group>
<instance enabled="true" name="default"/>
</service>
<!-- configure the NIS client service to broadcast the subnet for a NIS server -->
<service version="1" type="service" name="network/nis/client">
<property_group type="application" name="config">
<propval type="boolean" name="use_broadcast" value="true"/>
</property_group>
<instance enabled="true" name="default"/>
</service>
</service_bundle>
예 11-11 NIS 구성
다음 프로파일은 서버 IP 주소 10.0.0.10 및 도메인 mydomain.com으로 이름 서비스 NIS를 구성합니다. 서버 IP 주소가 명시적으로 지정된 경우 NIS 서버가 동일한 서브넷에 있을 필요가 없습니다.
<?xml version='1.0'?>
<!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1">
<service_bundle type="profile" name="sysconfig">
<!-- name-service/switch below for NIS only - (see nsswitch.conf(4)) -->
<service version="1" type="service" name="system/name-service/switch">
<property_group type="application" name="config">
<propval type="astring" name="default" value="files nis"/>
<propval type="astring" name="printer" value="user files nis"/>
<propval type="astring" name="netgroup" value="nis"/>
</property_group>
<instance enabled="true" name="default"/>
</service>
<!-- name-service/cache must be present along with name-service/switch -->
<service version="1" type="service" name="system/name-service/cache">
<instance enabled="true" name="default"/>
</service>
<!-- if no DNS, must be explicitly disabled to avoid error msgs -->
<service version="1" type="service" name="network/dns/client">
<instance enabled="false" name="default"/>
</service>
<service version="1" type="service" name="network/nis/domain">
<property_group type="application" name="config">
<propval type="hostname" name="domainname" value="mydomain.com"/>
<!-- Note: use property with net_address_list and value_node as below -->
<property type="net_address" name="ypservers">
<net_address_list>
<value_node value="10.0.0.10"/>
</net_address_list>
</property>
</property_group>
<!-- configure default instance separate from property_group -->
<instance enabled="true" name="default"/>
</service>
<!-- enable the NIS client service -->
<service version="1" type="service" name="network/nis/client">
<instance enabled="true" name="default"/>
</service>
</service_bundle>
예 11-12 지정된 도메인에 대해 NIS 및 DNS 사용
이 예는 DNS 및 NIS 이름 서비스를 모두 구성합니다.
다중 DNS 이름 서버를 지정합니다.
DNS 도메인 검색 목록을 지정합니다.
NIS 도메인을 지정합니다.
NIS 서버를 검색하는 브로드캐스팅을 지정합니다.
<?xml version="1.0"?>
<!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1">
<!--
Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
-->
<service_bundle type='profile' name='default'>
<service name='network/dns/client' type='service' version='1'>
<property_group name='config' type='application'>
<propval name='domain' type='astring' value='us.oracle.com'/>
<property name='nameserver' type='net_address'>
<net_address_list>
<value_node value='130.35.249.52' />
<value_node value='130.35.249.41' />
<value_node value='130.35.202.15' />
</net_address_list>
</property>
<property name='search' type='astring'>
<astring_list>
<value_node value='us.oracle.com oracle.com oraclecorp.com' />
</astring_list>
</property>
</property_group>
<instance name='default' enabled='true' />
</service>
<service name='network/nis/domain' type='service' version='1'>
<property_group name='config' type='application'>
<propval name='domainname' type='hostname' value='mydomain.com'/>
</property_group>
<instance name='default' enabled='true' />
</service>
<service name='network/nis/client' type='service' version='1'>
<property_group name='config' type='application'>
<propval name='use_broadcast' type='boolean' value='true'/>
</property_group>
<instance name='default' enabled='true' />
</service>
<service name='system/name-service/switch' type='service' version='1'>
<property_group name='config' type='application'>
<propval name='default' type='astring' value='files nis'/>
<propval name='host' type='astring' value='files dns'/>
<propval name='printer' type='astring' value='user files nis'/>
<propval name='netgroup' type='astring' value='nis'/>
</property_group>
<instance name='default' enabled='true' />
</service>
<service name='system/name-service/cache' type='service' version='1'>
<instance name='default' enabled='true' />
</service>
</service_bundle>
다음 예제 프로파일은 다음 매개변수를 구성합니다.
이름 서비스 DNS
서버 IP 주소 1.1.1.1 및 2.2.2.2
도메인 dom.ain.com
<?xml version='1.0'?>
<!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1">
<service_bundle type="profile" name="sysconfig">
<!-- name-service/switch below for DNS only - (see nsswitch.conf(4)) -->
<service version="1" type="service" name="system/name-service/switch">
<property_group type="application" name="config">
<propval type="astring" name="default" value="files"/>
<propval type="astring" name="host" value="files dns"/>
<propval type="astring" name="printer" value="user files"/>
</property_group>
<instance enabled="true" name="default"/>
</service>
<!-- name-service/cache must be present along with name-service/switch -->
<service version="1" type="service" name="system/name-service/cache">
<instance enabled="true" name="default"/>
</service>
<service version="1" type="service" name="network/dns/client">
<property_group type="application" name="config">
<!-- Note: use property with net_address_list and value_node as below -->
<property type="net_address" name="nameserver">
<net_address_list>
<value_node value="1.1.1.1"/>
<value_node value="2.2.2.2"/>
</net_address_list>
</property>
<!-- Note: use property with astring_list and value_node,
concatenating search names, as below -->
<property type="astring" name="search">
<astring_list>
<value_node value="dom.ain.com ain.com"/>
</astring_list>
</property>
</property_group>
<instance enabled="true" name="default"/>
</service>
</service_bundle>
이 예제 프로파일은 다음 매개변수를 구성합니다.
이름 서비스 LDAP에 서버 IP 주소 10.0.0.10 사용
system/nis/domain 서비스에 지정된 도메인 my.domain.com
LDAP 검색 기준(필수), dc=my,dc=domain,dc=com
<?xml version='1.0'?>
<!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1">
<service_bundle type="profile" name="sysconfig">
<service version="1" type="service" name="system/name-service/switch">
<property_group type="application" name="config">
<propval type="astring" name="default" value="files ldap"/>
<propval type="astring" name="printer" value="user files ldap"/>
<propval type="astring" name="netgroup" value="ldap"/>
</property_group>
<instance enabled="true" name="default"/>
</service>
<service version="1" type="service" name="system/name-service/cache">
<instance enabled="true" name="default"/>
</service>
<service version="1" type="service" name="network/dns/client">
<instance enabled="false" name="default"/>
</service>
<service version="1" type="service" name="network/ldap/client">
<property_group type="application" name="config">
<propval type="astring" name="profile" value="default"/>
<property type="host" name="server_list">
<host_list>
<value_node value="10.0.0.10"/>
</host_list>
</property>
<propval type="astring" name="search_base" value="dc=my,dc=domain,dc=com"/>
</property_group>
<instance enabled="true" name="default"/>
</service>
<service version="1" type="service" name="network/nis/domain">
<property_group type="application" name="config">
<propval type="hostname" name="domainname" value="my.domain.com"/>
</property_group>
<instance enabled="true" name="default"/>
</service>
</service_bundle>
예 11-15 보안 LDAP 서버로 LDAP 구성
이 예제 프로파일은 다음 매개변수를 구성합니다.
이름 서비스 LDAP에 서버 IP 주소 10.0.0.10 사용
system/nis/domain 서비스에 지정된 도메인 my.domain.com
LDAP 검색 기준(필수), dc=my,dc=domain,dc=com
LDAP 프록시 바인드 고유 이름 cn=proxyagent,ou=profile,dc=my,dc=domain,dc=com
LDAP 프록시 바인드 암호, 보안 조치로 암호화됨. 다음 방식 중 하나를 사용하여 암호화된 값을 찾을 수 있습니다.
sysconfig create-profile에서 bind_passwd 등록 정보 값을 가져옵니다.
LDAP 서버의 SMF 구성에서 값을 가져옵니다.
<?xml version='1.0'?>
<!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1">
<service_bundle type="profile" name="sysconfig">
<service version="1" type="service" name="system/name-service/switch">
<property_group type="application" name="config">
<propval type="astring" name="default" value="files ldap"/>
<propval type="astring" name="printer" value="user files ldap"/>
<propval type="astring" name="netgroup" value="ldap"/>
</property_group>
<instance enabled="true" name="default"/>
</service>
<service version="1" type="service" name="system/name-service/cache">
<instance enabled="true" name="default"/>
</service>
<service version="1" type="service" name="network/dns/client">
<instance enabled="false" name="default"/>
</service>
<service version="1" type="service" name="network/ldap/client">
<property_group type="application" name="config">
<propval type="astring" name="profile" value="default"/>
<property type="host" name="server_list">
<host_list>
<value_node value="10.0.0.10"/>
</host_list>
</property>
<propval type="astring" name="search_base" value="dc=my,dc=domain,dc=com"/>
</property_group>
<property_group type="application" name="cred">
<propval type="astring" name="bind_dn" value="cn=proxyagent,ou=profile,dc=my,dc=domain,dc=com"/>
<!-- note that the password below is encrypted -->
<propval type="astring" name="bind_passwd" value="{NS1}c2ab873ae7c5ceefa4b9"/>
</property_group>
<instance enabled="true" name="default"/>
</service>
<service version="1" type="service" name="network/nis/domain">
<property_group type="application" name="config">
<propval type="hostname" name="domainname" value="my.domain.com"/>
</property_group>
<instance enabled="true" name="default"/>
</service>
</service_bundle>
DNS 이름 서비스를 LDAP 이름 서비스와 함께 사용할 수 있습니다. 전형적인 사용법은, DNS로 노드 이름(LDAP 서버 이름 포함)을 분석하고 LDAP로 기타 다른 이름을 분석하는 것입니다. 이 예의 첫번째 service 요소에 표시된 대로, system/name-service/switch 서비스에서 노드 이름 검색에 DNS를 지정하고 LDAP로 다른 이름을 분석할 수 있습니다.
<?xml version='1.0'?>
<!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1">
<service_bundle type="profile" name="sysconfig">
<service version="1" type="service" name="system/name-service/switch">
<property_group type="application" name="config">
<propval type="astring" name="default" value="files ldap"/>
<propval type="astring" name="host" value="files dns"/>
<propval type="astring" name="printer" value="user files ldap"/>
</property_group>
<instance enabled="true" name="default"/>
</service>
<service version="1" type="service" name="system/name-service/cache">
<instance enabled="true" name="default"/>
</service>
<service version="1" type="service" name="network/dns/client">
<property_group type="application" name="config">
<property type="net_address" name="nameserver">
<net_address_list>
<value_node value="10.0.0.10"/>
</net_address_list>
</property>
<propval type="astring" name="domain" value="my.domain.com"/>
<property type="astring" name="search">
<astring_list>
<value_node value="my.domain.com"/>
</astring_list>
</property>
</property_group>
<instance enabled="true" name="default"/>
</service>
<service version="1" type="service" name="network/ldap/client">
<property_group type="application" name="config">
<propval type="astring" name="profile" value="default"/>
<property type="host" name="server_list">
<host_list>
<!-- here, DNS is expected to resolve the LDAP server by name -->
<value_node value="ldapserver.my.domain.com"/>
</host_list>
</property>
<propval type="astring" name="search_base" value="dc=my,dc=domain,dc=com"/>
</property_group>
<instance enabled="true" name="default"/>
</service>
<service version="1" type="service" name="network/nis/domain">
<property_group type="application" name="config">
<propval type="hostname" name="domainname" value="my.domain.com"/>
</property_group>
<instance enabled="true" name="default"/>
</service>
</service_bundle>
비슷한 방법으로 NIS를 DNS와 함께 사용할 수 있습니다.
<?xml version='1.0'?>
<!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1">
<service_bundle type="profile" name="sysconfig">
<service version="1" type="service" name="system/name-service/switch">
<property_group type="application" name="config">
<propval type="astring" name="default" value="files nis"/>
<propval type="astring" name="host" value="files dns"/>
<propval type="astring" name="printer" value="user files nis"/>
</property_group>
<instance enabled="true" name="default"/>
</service>
<service version="1" type="service" name="system/name-service/cache">
<instance enabled="true" name="default"/>
</service>
<service version="1" type="service" name="network/dns/client">
<property_group type="application" name="config">
<property type="net_address" name="nameserver">
<net_address_list>
<value_node value="10.0.0.10"/>
</net_address_list>
</property>
<propval type="astring" name="domain" value="my.domain.com"/>
<property type="astring" name="search">
<astring_list>
<value_node value="my.domain.com"/>
</astring_list>
</property>
</property_group>
<instance enabled="true" name="default"/>
</service>
<service version="1" type="service" name="network/nis/domain">
<property_group type="application" name="config">
<propval type="hostname" name="domainname" value="my.domain.com"/>
</property_group>
<instance enabled="true" name="default"/>
</service>
<service version="1" type="service" name="network/nis/client">
<property_group type="application" name="config">
<propval type="boolean" name="use_broadcast" value="true"/>
</property_group>
<instance enabled="true" name="default"/>
</service>
</service_bundle>