System Administration Guide: Naming and Directory Services (FNS and NIS+)

Changing Object and Entry Access Rights

The nischmod command operates on the access rights of an NIS+ object or table entry. It does not operate on the access rights of a table column; for columns, use the nistbladm command with the -D option. For all nischmod operations, you must already have modify rights to the object or entry.

Using nischmod to Add Rights

To add rights for an object or entry use:

For object


nischmod class+right object-name

For table entry


nischmod class+right [column-name=value],table-name

For example, to add read and modify rights to the group of the sales.doc.com. directory object you would type:


client% nischmod g+rm sales.doc.com.

For example to add read and modify rights to group for the name=abe entry in the hosts.org_dir.doc.com. table you would type:


client% nischmod g+rm '[name=abe],hosts.org_dir.doc.com.'

Using nischmod to Remove Rights

To remove rights for an object or entry use:

For object


nischmod class-right object-name

For entry


nischmod class-right [column-name=value],table-name

For example, to remove create and destroy rights from the group of the sales.doc.com. directory object you would type:


client% nischmod g-cd sales.doc.com.

For example to remove destroy rights from group for the name=abe entry in the hosts.org_dir.doc.com. table, you would type:


client% nischmod g-d '[name=abe],hosts.org_dir.doc.com.'