- NIS+ database files and directory structure
The Network Information Service Plus (NIS+) uses a memory based, replicated database. This database uses a set of files in the /var/nis directory for checkpointing to table storage and for maintaining a transaction log. Additionally, the NIS+ server and client use files in this directory to store binding and state information.
The NIS+ service implements an authentication and authorization system that is built upon Secure RPC. In this implementation, the service uses a table named cred.org_dir.domain-name to store the public and private keys of principals that are authorized to access the NIS+ namespace. It stores group access information in the subdomain groups_dir.domain-name as group objects. These two tables appear as files in the /var/nis/data directory on the NIS+ server.
Unlike the previous versions of the network information service, in NIS+, the information in the tables is initially loaded into the service from the ASCII files on the server and then updated using NIS+ utilities. See nistbladm(1). Some sites may wish to periodically regenerate the ASCII files for archival purposes. To do this, a script should be added in the crontab(1) of the server that lists these tables and creates the ASCII file from the result.
Note that except for the NIS_COLDSTART and NIS_SHARED_DIRCACHE file, no other files should be manipulated by commands such as cp(1), mv(1) or rm(1). The transaction log file keeps logs of all changes made, and hence the files cannot be manipulated independently.
The files described below are stored in the /var/nis directory:
Contains the current cache of NIS+ bindings being maintained by the cache manager. The contents can be viewed with nisshowcache(1M).
Contains configuration information, for example, preferred servers, options, and the like, for nis_cachemgr(1M) and potentially other NIS+ clients on the system. It is manipulated by the nisprefadm(1M) command.
A cached copy of preferred server information. It is maintained by nis_cachemgr. Do not edit this file manually.
Contains a transaction log that is maintained by the NIS+ service. It can be viewed using the nislog(1M) command. This file contains holes. Its apparent size may be a lot higher than its actual size. There is only one transaction log per server.
A dictionary that is used by the NIS+ database to locate its files. It is created by the default NIS+ database package.
The log file for the database dictionary. When the server is checkpointed, this file will be deleted. See the discussion of the -C option of nisping(1M).
Contains databases that the server uses.
On root servers, this file contains a directory object that describes the root of the name space.
On root servers, this file contains a directory object that describes the parent namespace. This file is created by the nisinit(1M) command.
For each table in the directory there is a file with the same name that stores the information about that table. If there are subdirectories within this directory, the database for the table is stored in the file, table_name.subdirectory.
Contains the database log for the table table_name. The log file maintains the state of individual transactions to each database. When a database has been checkpointed, that is, all changes have been made to the data/table_name stable storage, this log file will be deleted.
Currently, NIS+ does not automatically do checkpointing. The system administrator may want to do nisping-C operations periodically, perhaps once a day, to checkpoint the log file. This can be done either through a cron(1M) job, or manually.
On root servers, this file stores the database associated with the root directory. It is similar to other table databases. The corresponding log file is called root_dir.log.
Table containing the credentials of principals in this NIS+ domain.
Table containing the group authorization objects needed by NIS+ to authorize group access.
Contains a list of all NIS+ directories that are being served by the NIS+ server on this server. When this server is added or deleted from any NIS+ directory object, this file is updated by the server.
cp(1), crontab(1), mv(1), nis(1), nis_cachemgr(1M), niscat(1), nismatch(1), nistbladm(1), rm(1), cron(1M), nisclient(1M), nisinit(1M), nislog(1M), nisping(1M), nisprefadm(1M), nisshowcache(1M), nis_objects(3NSL)
NIS+ might not be supported in future releases of the Solaris Operating system. Tools to aid the migration from NIS+ to LDAP are available in the current Solaris release. For more information, visit http://www.sun.com/directory/nisplus/transition.html.