NIS and NFS on OS X Leopard
So, I’ve recently been working to get NIS accounts available on the OS X machines in the SCCS media lounge. There are four facets: getting NIS working, and getting NFS working, and both of those on the client and the server. We have NIS and NFS servers working, but they required a little routine adjustment to allow the new Macs to connect. What follows is a brain-dump.
NIS:
Server configuration: as per a normal NIS set up.
Client configuration: in Directory Utility, add your NIS server and domain. Check “Use NIS domain for authentication”. I followed Bresink’s suggestions (mentioned elsewhere on the net, but no longer there — I had to go to archive.org to get them) for making sure the system can connect to the NIS server, and, with a standard Leopard install, it could. Might want to edit /etc/sudoers (through visudo) to recognize your linux admin group as your OS X admin group — or not.
NFS:
Server configuration: make sure that your Mac is in /etc/exports in one fashion or another. In my case, that meant putting the hostname of the new mac in /etc/netgroup, since our trusted NFS users are defined by netgroup.
Client configuration: if the mounts are not nested, you can do it through Directory Utility. If they’re nested, you really need to use static mounts through fstab. Just sudo vifs, and make a normal fstab file, though you only need to specify the NFS mounts; the other mounts will be handled through automounter. Then run sudo automount -vc and sudo mount -a to remount things.
There are two special things, though: one, the mounts must, no matter whether they’re from fstab or Directory Utility, have the resvport option specified, if you’ve got a normal linux NFS server. Otherwise you get an error like mount_nfs: /foo operation not permitted. Let me repeat that: specify resvport. Also, if you’re mounting at /home (a not uncommon thing), you should edit /etc/auto_master and comment out the line there that mounts at /home, and then run sudo automount -vc to unmount that, so you can do the fstab or Directory Utility mount there. That’ll disable your ability to do fancy LDAP-specified automounted home directory things, but for a simple NIS/NFS setup, that should be OK.
[...] For some details on what I did to get this working, see my post on my under-used blog. [...]