1nisaddent(1M) System Administration Commands nisaddent(1M)
2
3
4
6 nisaddent - create NIS+ tables from corresponding /etc files or NIS
7 maps
8
10 /usr/lib/nis/nisaddent [-D defaults] [-Paorv] [-t table] type
11 [nisdomain]
12
13
14 /usr/lib/nis/nisaddent [-D defaults] [-Paprmov] -f file
15 [-t table] type [nisdomain]
16
17
18 /usr/lib/nis/nisaddent [-D defaults] [-Parmv] [-t table] -y ypdomain
19 [-Y map] type [nisdomain]
20
21
22 /usr/lib/nis/nisaddent -d [-AMoq] [-t table] type
23 [nisdomain]
24
25
27 nisaddent creates entries in NIS+ tables from their corresponding /etc
28 files and NIS maps. This operation is customized for each of the stan‐
29 dard tables that are used in the administration of Solaris systems. The
30 type argument specifies the type of the data being processed. Legal
31 values for this type are one of aliases, bootparams, ethers, group,
32 hosts, ipnodes, netid, netmasks, networks, passwd, protocols, pub‐
33 lickey, rpc, services, shadow, or timezone for the standard tables, or
34 key-value for a generic two-column (key, value) table. For a site spe‐
35 cific table, which is not of key-value type, one can use nistbladm(1)
36 to administer it.
37
38
39 The NIS+ tables should have already been created by nistbladm(1), nis‐
40 setup(1M), or nisserver(1M).
41
42
43 It is easier to use nispopulate(1M) instead of nisaddent to populate
44 the system tables.
45
46
47 By default, nisaddent reads from the standard input and adds this data
48 to the NIS+ table associated with the type specified on the command
49 line. An alternate NIS+ table may be specified with the -t option. For
50 type key-value, a table specification is required.
51
52
53 Note that the data type can be different than the table name (-t). For
54 example, the automounter tables have key-value as the table type.
55
56
57 Although, there is a shadow data type, there is no corresponding shadow
58 table. Both the shadow and the passwd data is stored in the passwd ta‐
59 ble itself.
60
61
62 Files may be processed using the -f option, and NIS version 2 ( YP)
63 maps may be processed using the -y option. The merge option is not
64 available when reading data from standard input.
65
66
67 When a ypdomain is specified, the nisaddent command takes its input
68 from the dbm files for the appropriate NIS map (mail.aliases, boot‐
69 params, ethers.byaddr, group.byname, hosts.byaddr, hosts.byname, ipn‐
70 odes.byaddr,ipnodes.byname, netid.byname, netmasks.byaddr, net‐
71 works.byname, passwd.byname, protocols.byname, publickey.byname,
72 rpc.bynumber, services.byname, or timezone.byname). An alternate NIS
73 map may be specified with the -Y option. For type key-value, a map
74 specification is required. The map must be in the /var/yp/ypdomain
75 directory on the local machine. Note that ypdomain is case sensitive.
76 ypxfr(1M) can be used to get the NIS maps.
77
78
79 If a nisdomain is specified, nisaddent operates on the NIS+ table in
80 that NIS+ domain, otherwise the default domain is used.
81
82
83 In terms of performance, loading up the tables is fastest when done
84 through the dbm files (-y).
85
86
87 To accommodate other credential entries used by other authentication
88 mechanisms stored in the cred.org_dir table, the publickey dump output
89 has been modified to include a special algorithm type field. This for‐
90 mat is incompatible with older versions of nisaddent. To produce dumps
91 that can be read by older versions of nisaddent, or to load dumps cre‐
92 ated by such older versions, use the -o option.
93
95 The following options are supported:
96
97 -a Add the file or map to the NIS+ table without deleting
98 any existing entries. This option is the default. Note
99 that this mode only propagates additions and modifica‐
100 tions, not deletions.
101
102
103 -A All data. This option specifies that the data within the
104 table and all of the data in tables in the initial ta‐
105 ble's concatenation path be returned.
106
107
108 -d Dump the NIS+ table to the standard output in the appro‐
109 priate format for the given type. For tables of type
110 key-value, use niscat(1) instead. To dump the cred ta‐
111 ble, dump the publickey and the netid types.
112
113
114 -D defaults This option specifies a different set of defaults to be
115 used during this operation. The defaults string is a
116 series of tokens separated by colons. These tokens rep‐
117 resent the default values to be used for the generic
118 object properties. All of the legal tokens are described
119 below.
120
121 ttl=time This token sets the default time to
122 live for objects that are created by
123 this command. The value time is spec‐
124 ified in the format as defined by the
125 nischttl(1) command. The default is
126 12 hours.
127
128
129 owner=ownername This token specifies that the NIS+
130 principal ownername should own the
131 created object. The default for this
132 value is the principal who is execut‐
133 ing the command.
134
135
136 group=groupname This token specifies that the group
137 groupname should be the group owner
138 for the object that is created. The
139 default is NULL.
140
141
142 access=rights This token specifies the set of
143 access rights that are to be granted
144 for the given object. The value
145 rights is specified in the format as
146 defined by the nischmod(1) command.
147 The default is
148
149 −−−−rmcdr−−−r−−−
150
151
152
153
154
155 -f file Specify that file should be used as the source of input
156 (instead of the standard input).
157
158
159 -m Merge the file or map with the NIS+ table. This is the
160 most efficient way to bring an NIS+ table up to date
161 with a file or NIS map when there are only a small num‐
162 ber of changes. This option adds entries that are not
163 already in the database, modifies entries that already
164 exist (if changed), and deletes any entries that are not
165 in the source. Use the -m option whenever the database
166 is large and replicated, and the map being loaded dif‐
167 fers only in a few entries. This option reduces the num‐
168 ber of update messages that have to be sent to the
169 replicas. Also see the -r option.
170
171
172 -M Master server only. This option specifies that lookups
173 should be sent to the master server. This guarantees
174 that the most up-to-date information is seen at the pos‐
175 sible expense that the master server may be busy, or
176 that it may be made busy by this operation.
177
178
179 -o Use strictly conforming publickey files. Dumps will not
180 add the algorithm type field used by additional authen‐
181 tication mechanisms that might be configured using
182 nisauthconf(1M). 192-bit keys that are dumped using this
183 option can be read by previous versions of nisaddent.
184 However, the algorithm field will be lost and assumed to
185 be "0" when read. Use the -o option when reading pub‐
186 lickey files from previous versions of nisaddent to
187 avoid warnings about the missing algorithm field.
188
189
190 -p Process the password field when loading password infor‐
191 mation from a file. By default, the password field is
192 ignored because it is usually not valid (the actual
193 password appears in a shadow file).
194
195
196 -P Follow concatenation path. This option specifies that
197 lookups should follow the concatenation path of a table
198 if the initial search is unsuccessful.
199
200
201 -q Dump tables in "quick" mode. The default method for
202 dumping tables processes each entry individually. For
203 some tables, for example, hosts, multiple entries must
204 be combined into a single line, so extra requests to the
205 server must be made. In "quick" mode, all of the entries
206 for a table are retrieved in one call to the server, so
207 the table can be dumped more quickly. However, for large
208 tables, there is a chance that the process will run out
209 of virtual memory and the table will not be dumped.
210
211
212 -r Replace the file or map in the existing NIS+ table by
213 first deleting any existing entries, and then add the
214 entries from the source (/etc files, or NIS+ maps). This
215 option has the same effect as the -m option. The use of
216 this option is strongly discouraged due to its adverse
217 impact on performance, unless there are a large number
218 of changes.
219
220
221 -t table Specify that table should be the NIS+ table for this
222 operation. This should be a relative name as compared to
223 your default domain or the domainname if it has been
224 specified.
225
226
227 -v Verbose.
228
229
230 -y ypdomain Use the dbm files for the appropriate NIS map, from the
231 NIS domain ypdomain, as the source of input. The files
232 are expected to be on the local machine in the
233 /var/yp/ypdomain directory. If the machine is not an NIS
234 server, use ypxfr(1M) to get a copy of the dbm files for
235 the appropriate map.
236
237
238 -Y map Use the dbm files for map as the source of input.
239
240
242 Example 1 Using nisaddent
243
244
245 This example adds the contents of /etc/passwd to the passwd.org_dir ta‐
246 ble:
247
248
249 example% cat /etc/passwd | nisaddent passwd
250
251
252
253
254 The next example adds the shadow information. Note that the table type
255 here is "shadow", not "passwd", even though the actual information is
256 stored in the passwd table:
257
258
259 example% cat /etc/shadow | nisaddent shadow
260
261
262
263
264 This example replaces the hosts.org_dir table with the contents of
265 /etc/hosts (in verbose mode):
266
267
268 example% nisaddent -rv -f /etc/hosts hosts
269
270
271
272
273 This example merges the passwd map from yypdomain with the
274 passwd.org_dir.nisdomain table (in verbose mode). The example assumes
275 that the /var/yp/myypdomain directory contains the yppasswd map.
276
277
278 example% nisaddent -mv -y myypdomain passwd nisdomain
279
280
281
282
283 This example merges the auto.master map from myypdomain with the
284 auto_master.org_dir table:
285
286
287 example% nisaddent -m -y myypdomain -Y auto.master \
288 -t auto_master.org_dir key-value
289
290
291
292
293 This example dumps the hosts.org_dir table:
294
295
296 example% nisaddent -d hosts
297
298
299
300
301 This example dumps the ipnodes.org_dir table:
302
303
304 example% nisaddent -d ipnodes
305
306
307
309 NIS_DEFAULTS This variable contains a default string that will over‐
310 ride the NIS+ standard defaults. If the -D switch is
311 used, those values will then override both the
312 NIS_DEFAULTS variable and the standard defaults. To
313 avoid security accidents, the access rights in the
314 NIS_DEFAULTS variable are ignored for the passwd table
315 (but access rights specified with -D are used).
316
317
318 NIS_PATH If this variable is set, and neither the nisdomain nor
319 the table are fully qualified, each directory specified
320 in NIS_PATH will be searched until the table is found
321 (see nisdefaults(1)).
322
323
325 The following exit values are returned:
326
327 0 Successful operation.
328
329
330 1 Failure caused by an error other than parsing.
331
332
333 2 A parsing error occurred on an entry. A parsing error does not
334 cause termination; the invalid entries are simply skipped.
335
336
338 See attributes(5) for descriptions of the following attributes:
339
340
341
342
343 ┌─────────────────────────────┬─────────────────────────────┐
344 │ ATTRIBUTE TYPE │ ATTRIBUTE VALUE │
345 ├─────────────────────────────┼─────────────────────────────┤
346 │Availability │SUNWnisu │
347 └─────────────────────────────┴─────────────────────────────┘
348
350 niscat(1), nischmod(1), nischttl(1), nisdefaults(1), nistbladm(1),
351 nisauthconf(1M), nispopulate(1M), nisserver(1M), nissetup(1M),
352 ypxfr(1M), hosts(4), passwd(4), shadow(4), attributes(5)
353
355 NIS+ might not be supported in future releases of the Solaris operating
356 system. Tools to aid the migration from NIS+ to LDAP are available in
357 the current Solaris release. For more information, visit
358 http://www.sun.com/directory/nisplus/transition.html.
359
360
361
362SunOS 5.11 17 Aug 2006 nisaddent(1M)