HP-UX Reference (11i v2 07/12) - 3 Library Functions N-Z (vol 7)
n
nis_objects(3N) nis_objects(3N)
group.domain.
which the server then maps into a name of the form
group.groups_dir. domain.
The purpose of this mapping is to prevent NIS+ group names from conflicting with user specified domain or
table names. For example, if a domain was called engineering.foo.com., then without the mapping a NIS+
group of the same name to represent members of engineering would not be possible. The contents of
groups are lists of NIS+ principal names which are used exactly like the zo_owner name in the object.
See nis_groups(3N) for more details.
The zo_access member contains the bitmask of access rights assigned to this object. There are four
access rights defined, and four are reserved for future use and must be zero. This group of 8 access rights
can be granted to four categories of client. These categories are the object’s owner, the object’s group
owner, all authenticated clients (world), and all unauthenticated clients (nobody). Note that access granted
to ‘‘nobody’’ is really access granted to everyone, authenticated and unauthenticated clients.
The zo_ttl member contains the number of seconds that the object can ‘‘live’’ in a cache before it is
expired. This value is called the time to live (ttl) for this object. This number is particularly important on
group and directory (domain) objects. When an object is cached, the current time is added to the value in
zo_ttl. Then each time the cached object is used, the time in zo_ttl is compared with the current time.
If the current time is later than the time in zo_ttl the object is said to have expired and the cached copy
should not be used.
Setting the ttl is somewhat of an art. You can think of it as the ‘‘half life’’ of the object, or half the amount of
time you believe will pass before the object changes. The benefit of setting the ttl to a large number is that
the object will stay in a cache for long periods of time. The problem with setting it to a large value is that
when the object changes it will take a long time for the caches to flush out old copies of that object. The
problems and benefits are reversed for setting the time to a small value. Generally setting the value to
43200 (12 hrs) is reasonable for things that change day to day, and 3024000 is good for things that change
week to week. Setting the value to 0 will prevent the object from ever being cached since it would expire
immediately.
The zo_data member is a discriminated union with the following members:
zotypes zo_type;
union {
struct directory_obj di_data;
struct group_obj gr_data;
struct table_obj ta_data;
struct entry_obj en_data;
struct link_obj li_data;
struct {
u_int po_data_len;
char *po_data_val;
} po_data;
} objdata_u;
The union is discriminated based on the type value contained in zo_type. There six types of objects
currently defined in the NIS+ service. These types are the directory, link, group, table, entry, and private
types.
enum zotypes {
BOGUS_OBJ = 0,
NO_OBJ = 1,
DIRECTORY_OBJ = 2,
GROUP_OBJ = 3,
TABLE_OBJ = 4,
ENTRY_OBJ = 5,
LINK_OBJ = 6,
PRIVATE_OBJ = 7
};
typedef enum zotypes zotypes;
All object types define a structure that contains data specific to that type of object. The simplest are private
objects which are defined to contain a variable length array of octets. Only the owner of the object is
expected to understand the contents of a private object. The following section describe the other five object
HP-UX 11i Version 2: December 2007 Update − 2 − Hewlett-Packard Company 91