[ Previous | Next | Table of Contents | Index | Library Home |
Legal |
Search ]
Commands Reference, Volume 4
Updates the public keys in NIS directory objects.
/usr/lib/nis/nisupdkeys [ -a ] | [ -C ] [ -H Hostname ] [ -s ] [ Dirname ]
The nisupdkeys command updates the public keys in an NIS+
directory object. When the public key for an NIS+ server is changed,
the new key must be propagated to all directory objects that reference that
server. nisupdkeys reads a directory object and attempts to
copy the public key for each server of that directory. The key is then
placed in the directory object and then the object is modified to reflect the
new key.
If Dirname exists, then its directory object is updated.
If not, then the directory object for the default domain is updated.
nisupdkeys -s obtains a list of all the directories served by
Hostname and updates those directory objects, assuming that the
caller has the necessary permission rights. That list of directories
can also be obtained by the nisstat command.
Before you run nisupdkeys, make sure you have propagated the new
address/public key to all replica servers.
| -a
| Updates the universal addresses of the NIS+ servers in the directory
object. The -a flag only works for the TCP/IP family of
transports. You should use this flag when the IP address of the server
is changed. The new address is resolved using gethostname on
that server. In order for this resolution to work, the
/etc/nsswitch.conf file must point to the correct source of
the server's entry.
|
| -C
| Clears the public key. Communication with a server that has no
public key does not require the use of a secure remote procedure call.
|
| -H Hostname
| Updates the keys of the server named Hostname for the current
domain directory object. If the host name is not fully qualified, then
nisupdkeys assumes the server is in the default domain. If
Hostname does not serve the directory, then nothing happens.
|
| -s
| Updates all the NIS+ directory objects served by the server
Hostname, assuming that you have the necessary permission
rights. If you do not have permission to update the directory objects,
those updates fail and you will be notified. If the
rpc.nisd on Hostname can't return the list
of servers it serves, nisupdkeys returns an error message.
Then you must invoke the nisupdkeys multiple times, once per NIS+
directory the rpc.nisd serves.
|
| Dirname
| Updates the keys of the directory object for the directory
Dirname.
|
- To update the keys for servers of the abc.def.
domain, enter:
nisupdkeys abc.def.
- To update the keys for host xyzserver that serves the
abc.def. domain, enter:
nisupdkeys -H xyzserver abc.def.
- To clear the keys for host xyzserver in the
abc.def. domain, enter:
nisupdkeys -CH xyzserver abc.def.
- To update the keys in all directory objects served by
xyzserver, enter:
nisupdkeys -sH xyzserver
Access Control: To use the nisupdkeys command, you must
have modify rights to the NIS+ directory object.
| /usr/lib/nis
| Directory where the nisupdkeys command resides.
|
The chkey command, the nisaddcred command, and the niscat command.
The gethostbyname subroutine.
[ Previous | Next | Table of Contents | Index |
Library Home |
Legal |
Search ]