Listing Context Contents
The fnlist command displays the names and references bound in the context of name.
fnlist [-lvA] [name] |
Table 25-2 fnlist Command Options
Option | Description |
|---|---|
name | A composite name. Displays the names bound in the context of name |
-v | Verbose. Displays the binding in more detail |
-l | Also displays the bindings of the names bound in the named context |
-A | Forces fnlist to obtain its information from the authoritative server. Under NIS and NIS+, that is the domain master server. The -A option has no effect when the primary naming service is files. |
For example:
To list names in the initial context:
% fnlist |
To list in detail all the users in the current organizational unit:
% fnlist -v user |
To list the contents of the service context for the user pug:
% fnlist user/pug/service |
To list names and bindings from the authoritative server:
% fnlist -l -A |
Displaying the Bindings of a Composite Name
The fnlookup command shows the binding of the given composite name.
fnlookup [-vAL] [name] |
Table 25-3 fnlookup Command Options
Option | Description |
|---|---|
name | The name of a context. Displays the binding and XFN link of name |
-v | Verbose. Displays the binding in more detail |
-L | Also displays the XFN link that the name is bound to |
-A | Forces fnlist to obtain its information from the authoritative server. Under NIS and NIS+, that is the domain master server. The -A option has no effect when the primary naming service is files-based. |
For example: to display the binding of user/ana/service/printer:
# fnlookup user/ana/service/printer |
Showing the Attributes of a Composite Name
The fnattr command displays (and updates) the attributes of the given composite name.
For example, to search for the attributes associated with a user named ada:
# fnattr user/ada |
To search for the attributes associated with a printer named laser-9:
# fnattr thisorgunit/service/printer/laser-9 |
See "Working With Attributes" for more details.
Searching for FNS Information
The fnsearch command displays the names and, optionally, the attributes and references of objects bound at or below a composite name whose attributes satisfy the given search criteria.
For example:
To list the users and their attributes who have an attribute called realname:
% fnsearch user realname |
To list the users with the attribute realname whose value is Ravi Chattha:
% fnsearch user "realname == 'Ravi Chattha'" |
The fnsearch command uses the common Boolean operators. Note the use of double and single quotes and double equals sign in the above example.
Updating the Namespace
Once the namespace has been set up, you can add, delete, and modify elements using the following commands:
fnbind to bind new references to a composite name (see "Binding a Reference to a Composite Name").
fnunbind to remove bindings (see "Removing Bindings").
fncreate to create new organization, user, host, site, and service contexts (see "Creating New Contexts").
fncreate_fs to create new file system contexts (see "Creating File Contexts").
fncreate_printer to create new printer contexts (see "Creating Printer Contexts").
fndestroy to destroy contexts (see "Destroying Contexts").
fnattr to display, create, modify, and remove attributes (see "Working With Attributes").
fncopy to copy FNS contexts and attributes from one naming service to another (see "Copying and Converting FNS Contexts").
FNS Administration Privileges
FNS System administration varies according to the underlying naming service:
NIS+. Under NIS+, FNS system administration tasks can only be performed by those with authorization to do so. The usual method of granting system administration privileges is to create an NIS+ group and assign that group the necessary privileges for that domain. Any member of the group can then perform system administration functions.
NIS. Under NIS, FNS administration tasks must be performed by root on the NIS master server.
Files. Under a files-based naming system, FNS administration tasks must be performed by someone with root access to the /var/fn directory.
The ability of users to make changes to their own user sub-contexts varies according to the underlying naming service:
NIS+. Under NIS+, a user's context (and associated sub-contexts) are owned by them. When logged in as an NIS+ principle, users who have the appropriate credentials and privileges can make changes to their own context using the fncreate, fnbind, fnunbind, and similar commands.
NIS. Under NIS, users cannot make any changes to any FNS data. Only those with root access on the NIS master server can change FNS data.
Files. Under a files-based naming system, users own their own contexts. Standard UNIX access controls apply to FNS files.