HP-UX Reference (11i v2 07/12) - 3 Library Functions N-Z (vol 7)
n
nis_groups(3N) nis_groups(3N)
NAME
nis_groups(), nis_addmember(), nis_creategroup(), nis_destroygroup(), nis_ismember(), nis_map_group(),
nis_print_group_entry(), nis_removemember(), nis_verifygroup(), _nis_map_group() - NIS+ group manipula-
tion functions
SYNOPSIS
Invocation: cc [flag]... file ...
-lnsl [library]...
#include <rpcsvc/nis.h>
bool_t nis_ismember(const nis_name
principal, const nis_name
group);
nis_error nis_addmember(const nis_name
member, const nis_name
group);
nis_error nis_removemember(const nis_name
member
, const nis_name group);
nis_error nis_creategroup(const nis_name
group, const u_long
flags);
nis_error nis_destroygroup(const nis_name
group
);
void nis_print_group_entry(const nis_name
group);
nis_error nis_verifygroup(const nis_name
group);
DESCRIPTION
These functions manipulate NIS+ groups. They are used by NIS+ clients and servers, and are the inter-
faces to the group authorization object.
The names of NIS+ groups are syntactically similar to names of NIS+ objects but they occupy a separate
namespace. A group named "a.b.c.d." is represented by a NIS+ group object named "a.groups_dir.b.c.d.";
the functions described here all expect the name of the group, not the name of the corresponding group
object.
There are three types of group members:
• An explicit member is just a NIS+ principal name, for example "wickedwitch.west.oz."
• An implicit ("domain") member, written "*.west.oz.", means that all principals in the given domain
belong to this member. No other forms of wildcarding are allowed: "wickedwitch.*.oz." is invalid, as
is "wickedwitch.west.*.". Note that principals in subdomains of the given domain are not included.
• A recursive ("group") member, written "@cowards.oz.", refers to another group; all principals that
belong to that group are considered to belong here.
Any member may be made negative by prefixing it with a minus sign (’-’). A group may thus contain expli-
cit, implicit, recursive, negative explicit, negative implicit, and negative recursive members.
A principal is considered to belong to a group if it belongs to at least one non-negative group member of the
group and belongs to no negative group members.
The
nis_ismember() function returns
TRUE if it can establish that principal belongs to group; other-
wise, it returns
FALSE.
The nis_addmember()
and nis_removemember() functions add or remove a member. They do not
check whether the member is valid. The user must have read and modify rights for the group in question.
The
nis_creategroup() and nis_destroygroup()
functions create and destroy group objects.
The user must have create or destroy rights, respectively, for the groups_dir directory in the appropriate
domain. The parameter flags to
nis_creategroup() is currently unused and should be set to zero.
The nis_print_group_entry() function lists a group’s members on the standard output.
The nis_verifygroup() function returns NIS_SUCCESS if the given group exists, otherwise it
returns an error code.
Notes
These functions only accept fully-qualified NIS+ names.
A group is represented by a NIS+ object (see nis_objects(3N)) with a variant part that is defined in the
group_obj structure. It contains the following fields:
u_long gr_flags; /* Interpretation Flags
(currently unused) */
82 Hewlett-Packard Company − 1 − HP-UX 11i Version 2: December 2007 Update