Skip Navigation Links | |
Exit Print View | |
System Administration Guide: Naming and Directory Services (NIS+) |
Part I About Naming and Directory Services
Part II NIS+ Setup and Configuration
4. Configuring NIS+ With Scripts
5. Setting Up the NIS+ Root Domain
8. Configuring an NIS+ Non-Root Domain
10. NIS+ Tables and Information
12. Administering NIS+ Credentials
14. Administering Enhanced NIS+ Security Credentials
15. Administering NIS+ Access Rights
Introduction to NIS+ Authorization and Access Rights
NIS+ Authorization Classes - Review
Concatenation of NIS+ Access Rights
How NIS+ Access Rights Are Assigned and Changed
Specifying Different Default Rights in NIS+
Changing Access Rights to an Existing NIS+ Object
NIS+ Table, Column, and Entry Security
NIS+ Table, Column, Entry Example
NIS+ Rights at Different Levels
Where NIS+ Access Rights Are Stored
Viewing an NIS+ Object's Access Rights
How an NIS+ Server Grants Access Rights to Tables
Specifying NIS+ Access Rights in Commands
NIS+ Class, Operator, and Rights Syntax
NIS+ Syntax for Owner and Group
NIS+ Syntax for Objects and Table Entries
Displaying NIS+ Defaults With nisdefaults
Setting NIS+ Default Security Values
Displaying the Value of the NIS+ NIS_DEFAULTS Variable
Resetting the Value of NIS_DEFAULTS
Specifying Non-Default Security Values at Creation Time in NIS+
Specifying Column Access Rights in NIS+
Setting Column Rights When Creating an NIS+ Table
Adding Rights to an Existing NIS+ Table Column
Removing Rights to an NIS+ Table Column
Changing Ownership of NIS+ Objects and Entries
Changing an NIS+ Object Owner With nischown
Changing an NIS+ Table Entry Owner With nischown
Changing an NIS+ Object or Entry's Group
Changing an NIS+ Object's Group With nischgrp
Changing an NIS+ Table Entry's Group With nischgrp
16. Administering NIS+ Passwords
18. Administering NIS+ Directories
20. NIS+ Server Use Customization
23. Information in NIS+ Tables
Common NIS+ Namespace Error Messages
The nischmod command operates on the access rights of an NIS+ object or table entry. It does not operate on the access rights of a table column; for columns, use the nistbladm command with the -D option. For all nischmod operations, you must already have modify rights to the object or entry.
To add rights for an object or entry use:
For object
nischmod class+right object-name
For table entry
nischmod class+right [column-name=value],table-name
For example, to add read and modify rights to the group of the sales.doc.com. directory object you would type:
client% nischmod g+rm sales.doc.com.
For example to add read and modify rights to group for the name=abe entry in the hosts.org_dir.doc.com. table you would type:
client% nischmod g+rm '[name=abe],hosts.org_dir.doc.com.'
To remove rights for an object or entry use:
For object
nischmod class-right object-name
For entry
nischmod class-right [column-name=value],table-name
For example, to remove create and destroy rights from the group of the sales.doc.com. directory object you would type:
client% nischmod g-cd sales.doc.com.
For example to remove destroy rights from group for the name=abe entry in the hosts.org_dir.doc.com. table, you would type:
client% nischmod g-d '[name=abe],hosts.org_dir.doc.com.'