ONC+ Developer's Guide

NIS+ Sample Program

This sample program performs the following tasks:

Determines the local principal and local domain
Looks up the local directory object
Creates a directory called foo under the local domain
Creates the groups_dir and org_dir directories under domain foo
Creates a group object admins.foo
Adds the local principal to the admins group
Creates a table under org_dir.foo
Adds two entries to the org_dir.foo table
Retrieves and displays the new membership list of the admins group
Lists the namespace under the foo domain using callbacks
Lists the contents of the table created using callbacks
Cleans up all the objects that were created by removing the following:
- The local principal from the admins group
- The admins group
- The entries in the table followed by the table
- The groups_dir and org_dir directory objects
- The foo directory object

The example program is not a typical application. In a normal situation the directories and tables would be created or removed through the command line interface, and applications would manipulate NIS+ entry objects.

Unsupported Macros

The sample program uses unsupported macros that are defined in the file <rpcsvc/nis.h>. These macros are not public APIs and can change or disappear in the future. They are used for illustration purposes only and if you choose to use them, you do so at your own risk. The macros used are:

NIS_RES_OBJECT
ENTRY_VAL
DEFAULT_RIGHTS

Functions Used in the Example

The use of the following NIS+ C API functions is illustrated through this example.

nis_add()
nis_add_entry()
nis_addmember()
nis_creategroup()
nis_destroygroup()
nis_domain_of()
nis_freeresult()
nis_leaf_of()
nis_list()
nis_local_directory()
nis_local_principal()
nis_lookup()
nis_mkdir()
nis_perror()
nis_remove()
nis_remove_entry()
nis_removemember()

Program Compilation

The NIS+ principal running this application has permission to create directory objects in the local domain. The program is compiled by typing:

% cc -o example.c example -lnsl

It is invoked by typing:

% example [dir]

where dir is the NIS+ directory in which the program creates all the NIS+ objects. Specifying no directory argument causes the objects to be created in the parent directory of the local domain. Note that for the call to nis_lookup(), a space and the name of the local domain are appended to the string that names the directory. The argument is the name of the NIS+ directory in which to create the NIS+ objects. The principal running this program should have create permission in the directory.

The following code example shows the routine is called by main() to create directory objects.

Example 9–1 NIS+ Routine to Create Directory Objects

void
dir_create (dir_name, dirobj)
	nis_name			dir_name;
	nis_object			*dirobj;
{
	nis_result 	*cres;
	nis_error			err;

	printf ("\n Adding Directory %s to namespace ... \n",
dir_name);
	cres = nis_add (dir_name, dirobj);

	if (cres->status != NIS_SUCCESS) {
		nis_perror (cres->status, "unable to add directory foo.");
		exit (1);
	}

	(void) nis_freeresult (cres);

	/*
	 * NOTE: you need to do a nis_mkdir to create the table to
store the
	 * contents of the directory you are creating.
	 */
	err = nis_mkdir (dir_name,

						dirobj->DI_data.do_servers.do_servers_val);
	if (err != NIS_SUCCESS) {
		(void) nis_remove (dir_name, 0);

		nis_perror (err,
				"unable to create table for  directory object foo.");
		exit (1);
	}
}

This routine is called by main() to create the group object. Because nis_creategroup() works only on group objects, the “groups_dir” literal is not needed in the group name.

Example 9–2 NIS+ Routine to Create Group Objects

void
grp_create (grp_name)
	nis_name			grp_name;
{
	nis_error			err;

	printf ("\n Adding %s group to namespace ... \n", grp_name);
	err = nis_creategroup (grp_name, 0);
	if (err != NIS_SUCCESS) {
		nis_perror (err, "unable to create group.");
		exit (1);
	}
}

The routine shown in the following example is called by main() to create a table object laid out as shown in the following table.

Table 9–3 NIS+ Table Objects


	Column1	Column2
Name:	id	name
Attributes:	Searchable, Text	Searchable, Text
Access Rights	----rmcdr---r---	----rmcdr---r---

The TA_SEARCHABLE constant indicates to the service that the column is searchable. Only TEXT (the default) columns are searchable. TA_CASE indicates to the service that the column value is to be treated in a case-insensitive manner during searches.

Example 9–3 NIS+ Routine to Create Table Objects

#define			TABLE_MAXCOLS 2
#define			TABLE_COLSEP ':'
#define			TABLE_PATH 0

void
tbl_create (dirobj, table_name)
	nis_object 	*dirobj;		/* need to use some of the fields */
	nis_name			table_name;
{
	nis_result				*cres;
	static nis_object					tblobj;
	static table_col					tbl_cols[TABLE_MAXCOLS] = {
		{"Id", TA_SEARCHABLE | TA_CASE, DEFAULT_RIGHTS},
		{"Name", TA_SEARCHABLE | TA_CASE, DEFAULT_RIGHTS}
	};

	tblobj.zo_owner = dirobj->zo_owner;
	tblobj.zo_group = dirobj->zo_group;
	tblobj.zo_access = DEFAULT_RIGHTS;    /* macro defined in nis.h  */
	tblobj.zo_data.zo_type = TABLE_OBJ;   /* enumerated type in nis.h */
	tblobj.TA_data.ta_type = TABLE_TYPE;
	tblobj.TA_data.ta_maxcol = TABLE_MAXCOLS;
	tblobj.TA_data.ta_sep = TABLE_COLSEP;
	tblobj.TA_data.ta_path = TABLE_PATH;
	tblobj.TA_data.ta_cols.ta_cols_len =
		tblobj.TA_data.ta_maxcol;				 /* ALWAYS ! */
	tblobj.TA_data.ta_cols.ta_cols_val = tbl_cols;

/*
 * Use a fully qualified table name i.e. the "org_dir" literal
should

 * be embedded in the table name. This is necessary because
nis_add
 * operates on all types of NIS+ objects and needs the full path
name
 * if a table is created.
 */
	printf ("\n Creating table %s ... \n", table_name);
	cres = nis_add (table_name, &tblobj);
	if (cres->status != NIS_SUCCESS) {
		nis_perror (cres->status, "unable to add table.");
		exit (1);
	}
	(void) nis_freeresult (cres);
}

The routine shown in the following example is called by main() to add entry objects to the table object. Two entries are added to the table object. Note that the column width in both entries is set to include the NULL character for a string terminator.

Example 9–4 NIS+ Routine to Add Objects to Table

#define			MAXENTRIES 2
void
stuff_table(table_name)
	nis_name 	table_name;
{
	int			i;
	nis_object			entdata;
	nis_result			*cres;
	static entry_col ent_col_data[MAXENTRIES][TABLE_MAXCOLS] = {
			{0, 2, "1", 0, 5, "John"},
			{0, 2, "2", 0, 5, "Mary"}
	};

	printf ("\n Adding entries to table ... \n");

	/*
	 * Look up the table object first since the entries being added
	 * should have the same owner, group owner and access rights as
	 * the table they go in.
	 */
	cres = nis_lookup (table_name, 0);

	if (cres->status != NIS_SUCCESS) {
		nis_perror (cres->status, "Unable to lookup table");
		exit(1);
	}
	entdata.zo_owner = NIS_RES_OBJECT (cres)->zo_owner;
	entdata.zo_group = NIS_RES_OBJECT (cres)->zo_group;
	entdata.zo_access = NIS_RES_OBJECT (cres)->zo_access;
	
	/* Free cres, so that it can be reused. */
	(void) nis_freeresult (cres);

	entdata.zo_data.zo_type = ENTRY_OBJ; /* enumerated type in
nis.h */
	entdata.EN_data.en_type = TABLE_TYPE;
	entdata.EN_data.en_cols.en_cols_len = TABLE_MAXCOLS;
	for (i = 0; i < MAXENTRIES; ++i) {
		entdata.EN_data.en_cols.en_cols_val = &ent_col_data[i][0];
		cres = nis_add_entry (table_name, &entdata, 0);

		if (cres->status != NIS_SUCCESS) {
			nis_perror (cres->status, "unable to add entry.");
			exit (1);
		}
		(void) nis_freeresult (cres);
	}
}

The routine shown in the following example is the print function for the nis_list() call. When list_objs() calls nis_list(), a pointer to print_info() is one of the calling arguments. Each time the service calls this function, it prints the contents of the entry object. The return value indicates to the library to call with the next entry from the table.

Example 9–5 NIS+ Routine for `nis_list` Call

int
print_info (name, entry, cbdata)
	nis_name			name;			/* Unused */
	nis_object			*entry;			/* The NIS+ entry object */
	void			*cbdata;			/* Unused */
{
	static u_int				firsttime = 1;
	entry_col	*tmp;		/* only to make source more readable */
	u_int				i, terminal;

	if (firsttime) {
		printf ("\tId.\t\t\tName\n");
		printf ("\t---\t\t\t----\n");
		firsttime = 0;
	}
	for (i = 0; i < entry->EN_data.en_cols.en_cols_len; ++i) {
		tmp = &entry->EN_data.en_cols.en_cols_val[i];
		terminal = tmp->ec_value.ec_value_len;
		tmp->ec_value.ec_value_val[terminal] = '\0';
	}

	/*
	 * ENTRY_VAL is a macro that returns the value of a specific
	 * column value of a specified entry.
	 */
	printf("\t%s\t\t\t%s\n", ENTRY_VAL (entry, 0),
								ENTRY_VAL (entry, 1));
	return (0); /* always ask for more */
}

The routine shown in the following example is called by main() to list the contents of the group, table, and directory objects. The routine demonstrates the use of callbacks also. It retrieves and displays the membership of the group. The group membership list is not stored as the contents of the object. So, the list is queried through the nis_lookup() instead of the nis_list() call. You must use the “groups_dir” form of the group because nis_lookup() works on all types of NIS+ objects.

Example 9–6 NIS+ Routine to List Objects

void
list_objs(dir_name, table_name, grp_name)
         nis_name   dir_name, table_name, grp_name;
{
	group_obj			*tmp; 	/* only to make source more readable */
	u_int			i;
	char			grp_obj_name [NIS_MAXNAMELEN];
	nis_result			*cres;
	char			index_name [BUFFER_SIZE];

	sprintf (grp_obj_name, "%s.groups_dir.%s",
				nis_leaf_of (grp_name), nis_domain_of (grp_name));
	printf ("\nGroup %s membership is: \n", grp_name);

	cres = nis_lookup(grp_obj_name, 0);

	if (cres->status != NIS_SUCCESS) {
		nis_perror (cres->status, "Unable to lookup group object.");
		exit(1);
	}

	tmp = &(NIS_RES_OBJECT(cres)->GR_data);
	for (i = 0; i < tmp->gr_members.gr_members_len; ++i)
		printf ("\t %s\n", tmp->gr_members.gr_members_val[i]);
	(void) nis_freeresult (cres);

	/*
	 * Display the contents of the foo domain without using
callbacks.
	 */
	printf ("\nContents of Directory %s are: \n", dir_name);
	cres = nis_list (dir_name, 0, 0, 0);
	if (cres->status != NIS_SUCCESS) {
		nis_perror (cres->status,
                                "Unable to list Contents of
Directory foo.");
		exit(1);
	}
	for (i = 0; i < NIS_RES_NUMOBJ(cres); ++i)
		printf("\t%s\n", NIS_RES_OBJECT(cres)[i].zo_name);
	(void) nis_freeresult (cres);

	/*
	 * List the contents of the table we created using the callback
form
	 * of nis_list().
	 */
	printf ("\n Contents of Table %s are: \n", table_name);
	cres = nis_list (table_name, 0, print_info, 0);
	if(cres->status != NIS_CBRESULTS && cres->status !=
NIS_NOTFOUND){
		nis_perror (cres->status,
			"Listing entries using callback failed");
		exit(1);
	}
	(void) nis_freeresult (cres);

	/*

	 * List only one entry from the table we created. Use 
	 * indexed names to do this retrieval.
	 */

	printf("\n Entry corresponding to id 1 is:\n");
	/*
	 * The name of the column is usually extracted from the table
	 * object, which would have to be retrieved first.
	 */
	sprintf(index_name, "[Id=1],%s", table_name);
	cres = nis_list (index_name, 0, print_info, 0);
	if(cres->status != NIS_CBRESULTS && cres->status !=
NIS_NOTFOUND){
		nis_perror (cres->status,
		"Listing entry using indexed names and callback failed");
		exit(1);
	}
	(void) nis_freeresult (cres);
}

The routine in the following table is called by cleanup() to remove a directory object from the namespace. The routine also informs the servers serving the directory about this deletion. Note that the memory containing result structure, pointed to by cres, must be freed after the result has been tested.

Example 9–7 NIS+ Routine to Remove Directory Objects

void
dir_remove(dir_name, srv_list, numservers)
	nis_name			dir_name;
	nis_server			*srv_list;
	u_int			numservers;
{
	nis_result			*cres;
	nis_error			err;
	u_int			i;

	printf ("\nRemoving %s directory object from namespace ...
\n",
								dir_name);
	cres = nis_remove (dir_name, 0);
	if (cres->status != NIS_SUCCESS) {
		nis_perror (cres->status, "unable to remove directory");
		exit (1);
	}
	(void) nis_freeresult (cres);

	for (i = 0; i < numservers; ++i) {
		err = nis_rmdir (dir_name, &srv_list[i]);
		if (err != NIS_SUCCESS) {
			nis_perror (err,
			"unable to remove server from directory");
			exit (1);
		}
	}
}

The following routine is called by main() to delete all the objects that were created in this example. Note the use of the REM_MULTIPLE flag in the call to nis_remove_entry(). You must delete all entries from a table before the table itself can be deleted.

Example 9–8 NIS+ Routine to Remove All Objects

void
cleanup(local_princip, grp_name, table_name, dir_name, dirobj)
	nis_name			local_princip, grp_name, table_name, dir_name;
	nis_object			*dirobj;
{
	char		grp_dir_name [NIS_MAXNAMELEN];
	char		org_dir_name [NIS_MAXNAMELEN];
	nis_error			err;
	nis_result			*cres;

	sprintf(grp_dir_name, "%s.%s", "groups_dir", dir_name);
	sprintf(org_dir_name, "%s.%s", "org_dir", dir_name);

	printf("\n\n\nStarting to Clean up ... \n");
	printf("\n\nRemoving principal %s from group %s \n",
						local_princip, grp_name);
	err = nis_removemember (local_princip, grp_name);

	if (err != NIS_SUCCESS) {
		nis_perror (err,
		"unable to delete local principal from group.");
		exit (1);
	}

	/*
	 * Delete the admins group. We do not use the "groups_dir" form
	 * of the group name since this API is applicable to groups
only.
	 * It automatically embeds the groups_dir literal in the name
of 
	 * the group.
	 */
	printf("\nRemoving %s group from namespace ... \n",
grp_name);
	err = nis_destroygroup (grp_name);
	if (err != NIS_SUCCESS) {
		nis_perror (err, "unable to delete group.");
		exit (1);
	}


	printf("\n Deleting all entries from table %s ... \n",
table_name);

	cres = nis_remove_entry(table_name, 0, REM_MULTIPLE);
	switch (cres->status) {
		case NIS_SUCCESS:
		case NIS_NOTFOUND:
			break;
		default:
			nis_perror(cres->status, "Could not delete entries from
										table");
			exit(1);
	}
	(void) nis_freeresult (cres);

	printf("\n Deleting table %s itself ... \n", table_name);
	cres = nis_remove(table_name, 0);

	if (cres->status != NIS_SUCCESS) {
		nis_perror(cres->status, "Could not delete table.");
	exit(1);
	}
	(void) nis_freeresult (cres);

	/* delete the groups_dir, org_dir and foo  directory objects.
*/

	dir_remove (grp_dir_name,
						dirobj->DI_data.do_servers.do_servers_val,
						dirobj->DI_data.do_servers.do_servers_len);
	dir_remove (org_dir_name,
						dirobj->DI_data.do_servers.do_servers_val,
						dirobj->DI_data.do_servers.do_servers_len);
	dir_remove (dir_name, dirobj-
>DI_data.do_servers.do_servers_val,
						  dirobj->DI_data.do_servers.do_servers_len);
}

Running the program displays on the screen, as shown in the following code example.

Example 9–9 NIS+ Program Execution

myhost% domainname
 sun.com
 myhost% ./sample
 Adding Directory foo.sun.com. to namespace ...
 Adding Directory groups_dir.foo.sun.com. to namespace ...
 Adding Directory org_dir.foo.sun.com. to namespace ...
 Adding admins.foo.sun.com. group to namespace ...
 Adding principal myhost.sun.com. to group admins.foo.sun.com. ...
 Creating table test_table.org_dir.foo.sun.com. ...
 Adding entries to table ...
 Group admins.foo.sun.com. membership is:
         myhost.sun.com.
 Contents of Directory foo.sun.com. are:
         groups_dir
         org_dir

 Contents of Table test_table.org_dir.foo.sun.com. are:
         Id.                     Name
         ---                     ----
         1                       John
         2                       Mary

 Entry corresponding to id 1 is:
         1                       John

 Starting to Clean up ...

 Removing principal myhost.sun.com. from group admins.foo.sun.com.
 Removing admins.foo.sun.com. group from namespace ...
 Deleting all entries from table test_table.org_dir.foo.sun.com. ...
 Deleting table test_table.org_dir.foo.sun.com. itself ...
 Removing groups_dir.foo.sun.com. directory object from namespace ...
 Removing org_dir.foo.sun.com. directory object from namespace ...
 Removing foo.sun.com. directory object from namespace ...
 myhost%

As a debugging aid, the same operations are performed by the following command sequence. The first command displays the name of the master server.

Substitute the master server name where the variable master appears in the following.

% niscat -o `domainname`

% nismkdir -m master foo.`domainname`.
 
 # Create the org_dir.foo subdirectory with the specified master
 % nismkdir -m master org_dir.foo.`domainname`.
 # Create the groups_dir.foo subdirectory with the specified master
 % nismkdir -m master groups_dir.foo.`domainname`.
 # Create the “admins” group
 % nisgrpadm -c admins.foo.`domainname`.
 
 # Add yourself as a member of this group
 % nisgrpadm -a admins.foo.`domainname`. `nisdefaults -p`
 
 # Create a test_table with two columns : Id and Name
 % nistbladm -c test_data id=SI Name=SI \
 test_table.org_dir.foo.`domainname`
 
 # Add one entry to that table.
 % nistbladm -a id=1 Name=John test_table.org_dir.foo.`domainname`.
 # Add another entry to that table.
 % nistbladm -a id=2 Name=Mary test_table.org_dir.foo.`domainname`.
 
 # List the members of the group admins
 % nisgrpadm -l admins.foo.`domainname`.
 # List the contents of the foo directory
 % nisls foo.`domainname`.
 # List the contents of the test_table along with its header
 % niscat -h test_table.org_dir.foo.`domainname`.
 
 # Get the entry from the test_table where id = 1
 % nismatch id=1 test_table.org_dir.foo.`domainname`.
 
 # Delete all we created.
 # First, delete yourself from the admins group
 % nisgrpadm -r admins.foo.`domainname`. `nisdefaults -p`
 # Delete the admins group
 % nisgrpadm -d admins.foo.`domainname`.
 # Delete all the entries from the test_table
 % nistbladm -r “[],test_table.org_dir.foo.`domainname`.”
 # Delete the test_table itself.
 % nistbladm -d test_table.org_dir.foo.`domainname`.
 # Delete all three directories that we created
 % nisrmdir groups_dir.foo.`domainname`.
 % nisrmdir org_dir.foo.`domainname`.
 % nisrmdir foo.`domainname`.