Class, Operator, and Rights Syntax
Access rights, whether specified in an environment variable or a command, are identified with three types of arguments: class, operator, and right.
-
Class. Class refers to the type of NIS+ principal (authorization class) to which the rights will apply.
|
Class |
Description |
|---|---|
|
n |
Nobody: all unauthenticated requests |
|
o |
The owner of the object or table entry |
|
g |
The group owner of the object or table entry |
|
w |
World: all authenticated principals |
|
a |
All: shorthand for owner, group, and world (this is the default) |
-
Operator. The operator indicates the kind of operation that will be performed with the rights.
|
Operator |
Description |
|---|---|
|
+ |
Adds the access rights specified by right |
|
- |
Revokes the access rights specified by right |
|
= |
Explicitly changes the access rights specified by right; in other words, revokes all existing rights and replaces them with the new access rights. |
-
Rights. The rights are the access rights themselves. The accepted values for each are listed below.
|
Right |
Description |
|---|---|
|
r |
Reads the object definition or table entry |
|
m |
Modifies the object definition or table entry |
|
c |
Creates a table entry or column |
|
d |
Destroys a table entry or column |
You can combine operations on a single command line by separating each operation from the next with a comma (,).
Table 15–10 Class, Operator, and Rights Syntax—Examples|
Operations |
Syntax |
|---|---|
|
Add read access rights to the owner class |
o+r |
|
Change owner. group, and world classes' access rights to modify only from whatever they were before |
a=m |
|
Add read and modify rights to the world and nobody classes |
wn+m |
|
Remove all four rights from the group, world, and nobody classes |
gwn-rmcd |
|
Add create and destroy rights to the owner class and add read and modify rights to the world and nobody classes |
o+cd,wn+rm |
- © 2010, Oracle Corporation and/or its affiliates