Setting NIS+ Default Security Values
This section describes how to perform tasks related to the nisdefaults command, the NIS_DEFAULTS environment variable, and the -D option.
The NIS_DEFAULTS environment variable specifies the following default values:
-
Owner
-
Group
-
Access rights
-
Time-to-live
The values that you set in the NIS_DEFAULTS environment variable are the default values applied to all NIS+ objects that you create using that shell (unless overridden by using the -D option with the command that creates the object).
You can specify the default values (owner, group, access rights, and time-to-live) specified with the NIS_DEFAULTS environment variable. Once you set the value of NIS_DEFAULTS, every object you create from that shell will acquire those defaults, unless you override them by using the -D option when you invoke a command.
Displaying the Value of the NIS+ NIS_DEFAULTS Variable
You can check the setting of an environment variable by using the echo command, as shown below:
client% echo $NIS_DEFAULTS owner=butler:group=gamblers:access=o+rmcd |
You can also display a general list of the NIS+ defaults active in the namespace by using the nisdefaults command as described in Displaying NIS+ Defaults With nisdefaults.
Changing NIS+ Defaults
You can change the default access rights, owner, and group, by changing the value of the NIS_DEFAULTS environment variable.
Use the environment command that is appropriate for your shell (setenv for C-shell or $NIS_DEFAULTS=, export for Bourne and Korn shells) with the following arguments:
-
access=right, where right are the access rights using the formats described in Specifying NIS+ Access Rights in Commands.
-
owner=name, where name is the user name of the owner.
-
group=group, where group is the name of the default group.
You can combine two or more arguments into one line separated by colons:
-owner=principal-name:-group=group-name |
Table 15–10 shows some examples.
Table 15–10 Changing NIS+ Defaults – Examples|
Tasks |
Examples |
|---|---|
|
This command grants owner read access as the default access right. |
client% setenv NIS_DEFAULTS access=o+r |
|
This command sets the default owner to be the user abe whose home domain is doc.com. |
client% setenv NIS_DEFAULTS owner=abe.doc.com. |
|
This command combines the first two examples on one code line. |
client% setenv NIS_DEFAULTS access=o+r:owner=abe.doc.com. |
All objects and entries created from the shell in which you changed the defaults will have the new values you specified. You cannot specify default settings for a table column or entry; the columns and entries simply inherit the defaults of the table.
Resetting the Value of NIS_DEFAULTS
You can reset the NIS_DEFAULTS variable to
its original values, by typing the name of the variable without arguments,
using the format appropriate to your shell:
For C shell
client# unsetenv NIS_DEFAULTS |
For Bourne or Korn shell
client$ NIS_DEFAULTS=; export NIS_DEFAULTS |
- © 2010, Oracle Corporation and/or its affiliates