An email message from Spider Boardman indirectly reminded me that I had
forgotten to post a summary of the replies to this question. My apologies
to all of you. I hope the information is still useful.
I wanted to have shared password data between TruCluster hosts without YP or
NFS. My basic concern was that both methods were either insecure or prone
to single point failure. I received several replies -- unfortunately I've
misplaced the names, so my apologies again -- suggesting that I use various
file copying schemes such as rdist to copy /etc/password and
/tcb/files/auth.db between hosts. After trying it manually, I can say that
this does work. However, it's unsupported, use at your own risk, etc.
Spider argued for using NIS (YP) within the cluster. TruCluster 1.6
supports building a highly available authentication scheme using NIS, NFS,
and a disk service. Details are in the release notes:
http://www.unix.digital.com/faqs/publications/cluster_doc/cluster_16/TCR_RNS
/TITLE.HTM. This would be for DU 4.0F and TruCluster 1.6. The setup seems
a bit intimidating, but I think I'll use it once we upgrade from 4.0D and
1.5.
SB> Alternatively, you can have /tcb/files and /var/tcb/files
SB> available as NFS services which you fail over. This also
SB> keeps everything in sync between the two nodes. However,
SB> this approach requires exporting the directories with root
SB> permissions, so it's not suitable in all environments. If
SB> you only need to have the two cluster nodes see that profile
SB> data, then you can restrict the export to those nodes, and
SB> you're fine (so long as your routers are helping to protect
SB> you from IP source address spoofing, anyway)
Received on Fri Oct 15 1999 - 14:23:58 NZDT