HP-UX Reference (11i v2 03/08) - 3 Library Functions N-Z (vol 7)
n
nis_objects(3N) nis_objects(3N)
describing an X.500 namespace that is ‘‘under’’ the NIS+ directory eng.hp.com., this name might contain
‘‘/C=US, /O=Hewlett-Packard, /OU=Engineering/’’. The type of nameservice that is being described is
determined by the value of the member do_type.
The do_servers structure contains two members. do_servers_val is an array of nis_server struc-
tures; do_servers_len is the number of cells in the array. The nis_server structure is designed to con-
tain enough information such that machines on the network providing name services can be contacted
without having to use a name service. In the case of NIS+ servers, this information is the name of the
machine in name, its public key for authentication in pkey, and a variable length array of endpoints, each
of which describes the network endpoint for the rpcbind daemon on the named machine. The client
library uses the addresses to contact the server using a transport that both the client and server can com-
municate on and then queries the rpcbind daemon to get the actual transport address that the server is
using.
Note that the first server in the do_servers list is always the master server for the directory.
The key_type field describes the type of key stored in the pkey netobj (see
/usr/include/rpc/xdr.h
for a definition of the network object structure). Currently supported types are
NIS_PK_NONE for no
public key and
NIS_PK_DH for a Diffie-Hellman type public key.
The do_ttl member contains a copy of the zo_ttl member from the common attributes. This is dupli-
cated because the cache manager only caches the variant part of the directory object.
The do_armask structure contains two members. do_armask_val is an array of oar_mask structures;
do_armask_len is the number of cells in the array. The oar_mask structure contains two members:
oa_rights specifies the access rights allowed for objects of type oa_otype. These access rights are used
for objects of the given type in the directory when they are present in this array.
The granting of access rights for objects contained within a directory is actually two-tiered. If the direc-
tory object itself grants a given access right (using the zo_access member in the nis_object struc-
ture representing the directory), then all objects within the directory are allowed that access. Otherwise,
the do_armask structure is examined to see if the access is allowed specifically for that type of structure.
This allows the administrator of a namespace to set separate policies for different object types, for exam-
ple, one policy for the creation of tables and another policy for the creation of other directories. See
nis+(1) for more details.
Link Objects
Link objects provide a means of providing aliases or symbolic links within the namespace. Their variant
part is defined as follows.
struct link_obj {
zotypes li_rtype;
struct {
u_int li_attrs_len;
nis_attr *li_attrs_val;
} li_attrs;
nis_name li_name;
}
The li_rtype member contains the object type of the object pointed to by the link. This is only a hint,
since the object which the link points to may have changed or been removed. The fully qualified name of
the object (table or otherwise) is specified in the member li_name.
NIS+ links can point to either other objects within the NIS+ namespace, or to entries within a NIS+ table.
If the object pointed to by the link is a table and the member li_attrs has a nonzero number of attri-
butes (index name/value pairs) specified, the table is searched when this link is followed. All entries that
match the specified search pattern are returned. Note that unless the flag
FOLLOW_LINKS is specified,
the nis_lookup (3N) function will always return non-entry objects.
Group Objects
Group objects contain a membership list of NIS+ principals. The group objects’ variant part is defined as
follows.
struct group_obj {
u_long gr_flags;
struct {
u_int gr_members_len;
HP-UX 11i Version 2: August 2003 − 4 − Hewlett-Packard Company Section 3−−655