Skip Navigation Links | |
Exit Print View | |
System Administration Guide: Naming and Directory Services (NIS+) |
Part I About Naming and Directory Services
Part II NIS+ Setup and Configuration
4. Configuring NIS+ With Scripts
5. Setting Up the NIS+ Root Domain
8. Configuring an NIS+ Non-Root Domain
10. NIS+ Tables and Information
12. Administering NIS+ Credentials
14. Administering Enhanced NIS+ Security Credentials
15. Administering NIS+ Access Rights
Introduction to NIS+ Authorization and Access Rights
NIS+ Authorization Classes - Review
Concatenation of NIS+ Access Rights
How NIS+ Access Rights Are Assigned and Changed
Specifying Different Default Rights in NIS+
Changing Access Rights to an Existing NIS+ Object
NIS+ Table, Column, and Entry Security
NIS+ Table, Column, Entry Example
NIS+ Rights at Different Levels
Where NIS+ Access Rights Are Stored
Viewing an NIS+ Object's Access Rights
How an NIS+ Server Grants Access Rights to Tables
Specifying NIS+ Access Rights in Commands
NIS+ Class, Operator, and Rights Syntax
NIS+ Syntax for Owner and Group
NIS+ Syntax for Objects and Table Entries
Displaying NIS+ Defaults With nisdefaults
Specifying Non-Default Security Values at Creation Time in NIS+
Changing NIS+ Object and Entry Access Rights
Using nischmod to Add NIS+ Rights
Using nischmod to Remove NIS+ Rights
Specifying Column Access Rights in NIS+
Setting Column Rights When Creating an NIS+ Table
Adding Rights to an Existing NIS+ Table Column
Removing Rights to an NIS+ Table Column
Changing Ownership of NIS+ Objects and Entries
Changing an NIS+ Object Owner With nischown
Changing an NIS+ Table Entry Owner With nischown
Changing an NIS+ Object or Entry's Group
Changing an NIS+ Object's Group With nischgrp
Changing an NIS+ Table Entry's Group With nischgrp
16. Administering NIS+ Passwords
18. Administering NIS+ Directories
20. NIS+ Server Use Customization
23. Information in NIS+ Tables
Common NIS+ Namespace Error Messages
This section describes how to perform tasks related to the nisdefaults command, the NIS_DEFAULTS environment variable, and the -D option.
The NIS_DEFAULTS environment variable specifies the following default values:
Owner
Group
Access rights
Time-to-live
The values that you set in the NIS_DEFAULTS environment variable are the default values applied to all NIS+ objects that you create using that shell (unless overridden by using the -D option with the command that creates the object).
You can specify the default values (owner, group, access rights, and time-to-live) specified with the NIS_DEFAULTS environment variable. Once you set the value of NIS_DEFAULTS, every object you create from that shell will acquire those defaults, unless you override them by using the -D option when you invoke a command.
You can check the setting of an environment variable by using the echo command, as shown below:
client% echo $NIS_DEFAULTS owner=butler:group=gamblers:access=o+rmcd
You can also display a general list of the NIS+ defaults active in the namespace by using the nisdefaults command as described in Displaying NIS+ Defaults With nisdefaults.
You can change the default access rights, owner, and group, by changing the value of the NIS_DEFAULTS environment variable.
Use the environment command that is appropriate for your shell (setenv for C-shell or $NIS_DEFAULTS=, export for Bourne and Korn shells) with the following arguments:
access=right, where right are the access rights using the formats described in Specifying NIS+ Access Rights in Commands.
owner=name, where name is the user name of the owner.
group=group, where group is the name of the default group.
You can combine two or more arguments into one line separated by colons:
-owner=principal-name:-group=group-name
Table 15-10 shows some examples.
Table 15-10 Changing NIS+ Defaults – Examples
|
All objects and entries created from the shell in which you changed the defaults will have the new values you specified. You cannot specify default settings for a table column or entry; the columns and entries simply inherit the defaults of the table.
You can reset the NIS_DEFAULTS variable to its original values, by typing the name of the variable without arguments, using the format appropriate to your shell:
For C shell
client# unsetenv NIS_DEFAULTS
For Bourne or Korn shell
client$ NIS_DEFAULTS=; export NIS_DEFAULTS