Viewing an NIS+ Object's Access Rights
The access rights can be viewed by using the niscat command:
niscat -o objectname |
Where objectname is the name of the object whose access rights you want to view.
This command returns the following information about an NIS+ object:
-
Owner. The single NIS+ principal who has ownership rights. This is usually the person who created the object, but it could be someone to whom the original owner transferred ownership rights.
-
Group. The object's NIS+ group.
-
Nobody class access rights. The access rights granted to everyone, whether they are authenticated (have a valid DES credential) or not.
-
Owner class access rights. The access rights granted to the object's owner.
-
Group class access rights. The access rights granted to the principals in the object's group.
-
World class access rights. The access rights granted to all authenticated NIS+ principals.
Access rights for the four authorization classes are displayed as a list of 16 characters, like this:
r---rmcdr---r--- |
Each character represents a type of access right:
-
r represents read rights.
-
m represents modify rights.
-
d represents destroy rights.
-
c represents create rights.
-
- represents no access rights.
The first four characters represent the access rights granted to nobody, the next four to the owner, the next four to the group, and the last four to the world.
Figure 15–1 NIS+ Access Rights Display
Note –
Unlike UNIX file systems, the first set of rights is for nobody, not for the owner.
- © 2010, Oracle Corporation and/or its affiliates