DOC HOME SITE MAP MAN PAGES GNU INFO SEARCH PRINT BOOK
 
Configuring the Network Information Service (NIS)

Using NIS maps in the password file

You can incorporate NIS maps in a client's /etc/passwd file to supplement entries that are valid only locally. User entries can be added from the NIS password map by starting them with the token ``+''. NIS entries for users have the following format:

+[username]:[password]:::[comment]:[directory]:[program]

The fields have the same meaning as for ordinary passwd(F) file entries except that there are no entries for the user or group IDs. That is, the UID and GID from the NIS entry are always used; they cannot be defined locally. Entries in the password, comment, directory, or program field override the corresponding value obtained from the NIS server.

The following entry inserts the entire NIS password file:

   +:
Netgroup entries are added by specifying them as:

+@netgroup:

Any host information about a netgroup is ignored.


NOTE: You must specify all local entries before NIS map entries. Any local entries that are specified after NIS map entries are ignored.

You can prevent users and members of netgroups from logging in by starting their passwd entries with ``-'' instead of ``+'':

-username:
-@netgroup:

The following example passwd file is used in conjunction with the shadow(F) file to include and exclude certain users and netgroups:

   root:x:0:10:super user:/:/bin/sh
   fran:x:121:100:Fran Sisco:/u/fran/:/bin/ksh
   -renee:
   -@marketing:
   +diego::::::
   +:::::/u/guest:/bin/rksh
   +@developers:
This example, though simple, implies several things:


NOTE: Applications that read passwd stop as soon as they find a matching entry. For this reason, if you want to ban a member of a netgroup or allow access to a member of a banned netgroup, you must place the entry for the user before the netgroup.

See also:



Next topic: Using NIS maps in the group file
Previous topic: About netgroups

© 2003 Caldera International, Inc. All rights reserved.
SCO OpenServer Release 5.0.7 -- 11 February 2003