I took the easy way out and disabled selinux. So far so good with the NIS server, however the client nodes still don't work. See below I'm not sure I understand the audit2allow command, [root@toulouse ~]# grep ypbind /var/log/audit/audit.log | audit2allow unable to open (null): Bad address [root@toulouse ~]# ls /var/log/audit/ audit.log On the client node [root@toulouse ~]# rpcinfo -p localhost program vers proto port service 100000 4 tcp 111 portmapper 100000 3 tcp 111 portmapper 100000 2 tcp 111 portmapper 100000 4 udp 111 portmapper 100000 3 udp 111 portmapper 100000 2 udp 111 portmapper [root@toulouse ~]# systemctl enable ypbind [root@toulouse ~]# systemctl start ypbind Job for ypbind.service failed. See 'systemctl status ypbind.service' and 'journalctl -xn' for details. [root@toulouse ~]# systemctl -l status ypbind.service ypbind.service - NIS/YP (Network Information Service) Clients to NIS Domain Binder Loaded: loaded (/usr/lib/systemd/system/ypbind.service; enabled) Active: failed (Result: exit-code) since Sat 2015-08-08 12:25:54 CDT; 1min 23s ago Process: 4531 ExecStartPost=/usr/libexec/ypbind-post-waitbind (code=exited, status=1/FAILURE) Process: 4527 ExecStart=/usr/sbin/ypbind -n $OTHER_YPBIND_OPTS (code=exited, status=0/SUCCESS) Process: 4524 ExecStartPre=/usr/sbin/setsebool allow_ypbind=1 (code=exited, status=1/FAILURE) Process: 4519 ExecStartPre=/usr/libexec/ypbind-pre-setdomain (code=exited, status=0/SUCCESS) Main PID: 4527 (code=exited, status=0/SUCCESS) Status: "Processing requests..." Aug 08 12:25:09 toulouse setsebool[4524]: setsebool: SELinux is disabled. Aug 08 12:25:54 toulouse systemd[1]: ypbind.service: control process exited, code=exited status=1 Aug 08 12:25:54 toulouse systemd[1]: Failed to start NIS/YP (Network Information Service) Clients to NIS Domain Binder. Aug 08 12:25:54 toulouse systemd[1]: Unit ypbind.service entered failed state. [root@toulouse ~]# journalctl -xn -- Logs begin at Sat 2015-08-08 10:58:14 CDT, end at Sat 2015-08-08 12:25:54 CDT. -- Aug 08 12:25:09 toulouse systemd[1]: Starting NIS/YP (Network Information Service) Clients to NIS Domain Binder... -- Subject: Unit ypbind.service has begun with start-up -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit ypbind.service has begun starting up. Aug 08 12:25:09 toulouse setsebool[4524]: setsebool: SELinux is disabled. Aug 08 12:25:09 toulouse ypbind[4532]: Binding NIS service Aug 08 12:25:54 toulouse ypbind[4615]: Binding took 45 seconds Aug 08 12:25:54 toulouse ypbind[4617]: NIS server for domain natural_philosophy is not responding. Aug 08 12:25:54 toulouse ypbind[4618]: Killing ypbind with PID 4527. Aug 08 12:25:54 toulouse ypbind[4619]: Try increase NISTIMEOUT in /etc/sysconfig/ypbind Aug 08 12:25:54 toulouse systemd[1]: ypbind.service: control process exited, code=exited status=1 Aug 08 12:25:54 toulouse systemd[1]: Failed to start NIS/YP (Network Information Service) Clients to NIS Domain Binder. -- Subject: Unit ypbind.service has failed -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit ypbind.service has failed. -- -- The result is failed. Aug 08 12:25:54 toulouse systemd[1]: Unit ypbind.service entered failed state. On Sat, Aug 8, 2015 at 10:42 AM, Vladimir Mosgalin <[log in to unmask] > wrote: > Hi Nathan Moore! > > On 2015.08.08 at 08:36:24 -0500, Nathan Moore wrote next: > > > Working through a SL7 migration. > > > > Right now, I can't get ypbind to start, or rather, it starts in a clunky > > way. > > > > Using systemctl, > > [root@pilgrim ~]# systemctl enable ypbind > > [root@pilgrim ~]# systemctl start ypbind > > Job for ypbind.service failed. See 'systemctl status ypbind.service' and > > 'journalctl -xn' for details. > > > > but, I can get the daemon to start by running the bare command, > > [root@pilgrim ~]# /usr/sbin/ypbind > > [root@pilgrim ~]# rpcinfo -p localhost | grep ypbind > > 100007 2 udp 785 ypbind > > 100007 1 udp 785 ypbind > > 100007 2 tcp 788 ypbind > > 100007 1 tcp 788 ypbind > > > > Any ideas? Is this a known bug? The output below makes it seem like > this > > is a conflict with selinux? > > If nothing else helps, you could always disable selinux protection for > ypbind by doing > semanage permissive -a ypbind_t > (as per "man ypbind_selinux" page). However, before that: > > > > # grep ypbind > > /var/log/audit/audit.log | audit2allow -M mypol > > # semodule -i mypol.pp > > > > Can you please show the output of > grep ypbind /var/log/audit/audit.log | audit2allow > ? > Without that (or AVC exception itself) it's impossible to say what > exactly went wrong. audit2allow is in policycoreutils-python package. > > -- > > Vladimir > -- - - - - - - - - - - - - - - - - - - - - - Nathan Moore Mississippi River and 44th Parallel - - - - - - - - - - - - - - - - - - - - -