Managing Users Through NetInfo

 < Day Day Up > 

Using NetInfo Manager

The Accounts pane is intended to be a simple interface to the user accounts of the system and doesn't provide access to more complex aspects of users' accounts nor to more sophisticated configuration options. For this, you need to use NetInfo Manager. The principles behind the use of NetInfo Manager are very Unix-like, but the NetInfo database itself is unfamiliar to most traditional Unix users. NetInfo is a vestige of Mac OS X's NeXTStep heritage that has been integrated into the more traditional Unix underpinnings of Mac OS X because it's a considerably more powerful information sharing system than its traditional Unix counterparts. The NetInfo database is a hierarchical database that stores information on your machine's configuration and resources.

The NetInfo hierarchy is composed of directories. Each directory has properties. Each property has a name and value. The main directory on a given machine is the root directory, represented by /. Each machine has a local database with information about the machine's local resources.

The NetInfo hierarchy can extend beyond your local machine. As you might have guessed, your machine can be part of a NetInfo network. A NetInfo network is a hierarchical collection of domains, where each domain has a corresponding NetInfo database. A NetInfo network could have an unlimited number of domains, but up to three domains is most common. Your machine has its own local domain, but it could belong to a domain comprised of it and other machines. That domain could describe resources available to your local cluster of machines; it could also belong to another domain that might include information on yet another level of resources available, and so on.

Your machine could be part of a larger NetInfo network. However, because NetInfo isn't a widespread network type, it's more likely your machine is using its NetInfo database either as a standalone machine or, possibly, as part of a Unix cluster (a cooperating group of machines).

This chapter examines the NetInfo database using the graphical interface, NetInfo Manager, as well as a few command-line tools. You'll learn how to work with the NetInfo database by customizing several aspects of your system, modifying a local user, and adding arbitrary data structures into the NetInfo database.

Using NetInfo Manager to Examine the NetInfo Database

NetInfo Manager (path: /Applications/Utilities/NetInfo Manager) is the graphical interface to the NetInfo database. Using NetInfo Manager to examine some of the contents of your NetInfo database is the easiest way to see the hierarchical arrangement of the database.

When you first start NetInfo Manager, it should open to the local domain /. If it doesn't, open the NetInfo database on your machine by choosing Open under the Domain menu and selecting the domain /. This opens a window from which you can select a domain.If your machine is using the default configuration, the / domain is your only choice, as shown in Figure 20.1.

Figure 20.1. Opening your machine's NetInfo database from the top level.

Your machine's local NetInfo database also has the name, or tag, local. When you looked at the Domain menu, you might have noticed the option to Open by Tag. If you try to Open by Tag rather than Open, the dialog box shown in Figure 20.2 asks for the hostname or IP address and the NetInfo database tag. Possible entries you can use for your own host include its IP address, or, or localhost. For the tag, enter local.

Figure 20.2. Opening your machine's NetInfo database by tag.


If you are trying to serve a NetInfo domain to other machines in addition to your local domain, the NetInfo server should start automatically using the automatic configuration. If it does not, you can override this by changing NETINFOSERVER=-AUTOMATIC- to NETINFOSERVER=-YES- in /etc/hostconfig.

No matter which way you choose to open your NetInfo database, after you have it open, the result is the same except that how the name of the local database is displayed might vary. Figure 20.3 shows what you get if you choose to open your NetInfo database using Open and selecting the default domain. Here the name is displayed as local@localhost - /. In our case, the Open by Tag window displays the database as local@

Figure 20.3. The top level of your NetInfo database as seen in NetInfo Manager.

As you can see in Figure 20.3, the hierarchical nature of the NetInfo database is immediately apparent. You see a directory browser in the top portion of a split view and a properties table in the bottom portion. In the leftmost column, it's in the top level, /. In the second column is a list of directories. If you scroll through the list, you'll see some of the types of information that the NetInfo database stores. In the bottom portion are the properties for a given directory. Figure 20.3 shows the properties for the / directory. We see that our machine is the master of its local database and that we could add a list of trusted networks.

Let's examine the NetInfo database using NetInfo Manager. If we click the aliases directory in the second column, more data appears in the third column. In the properties table, we see the property values for the aliases directory. It has only a property called name with a value of aliases. Yes, the name property is indeed the name of the directory. The third column displays the actual contents of the aliases directory. The hierarchical information appears directly above the directory browser.

Figure 20.4 shows where we are at this point. Note that above the second column, the one that shows the contents of /, is a /, and that above the third column, which shows the contents of aliases, is aliases.

Figure 20.4. The third column shows the contents of the aliases directory. The bottom properties table shows any properties associated with the aliases directory.

If we click the postmaster directory in the third column, we see that we have reached the end of the hierarchy. What was the third column is now the second column. The third column has no data. The labels above the directory browser also show in addition to labeling the contents of a column. The bottom split view shows the properties of the postmaster directory. In addition to the name property, we see that the postmaster directory also has a members property with a value of root. What we learn from Figure 20.5 is that postmaster is aliased to root. The portion of the NetInfo database that we just looked at is what, in Unix machines, is usually stored in the file /etc/aliases or /etc/mail/aliases, depending on the system.

Figure 20.5. The bottom properties table shows the contents of the postmaster directory. The lack of data in the third column shows that we've reached the end of the hierarchy.

Let's look at something else in the NetInfo database. If we click groups in the left column, we see the same behavior we saw with the aliases directory. It has only a name property. Similar to the aliases directory, it has additional directories under it, as displayed in the third column. The third column has enough directories to have to scroll through the listing. If you scroll to the sshd group and click it, you'll see what's shown in Figure 20.6.

Figure 20.6. The contents of the /groups/sshd directory of the NetInfo database.

In Figure 20.6, we see that the /groups/sshd directory of the NetInfo database contains a name property with the value sshd, a passwd property with the value *, and a gid property with the value 75. As you might have guessed, this is NetInfo's way of displaying information that would normally be stored in a file, /etc/group, on a typical Unix machine. Unlike the typical /etc/group file, though, the NetInfo database currently also includes entries for generateduid and smb_sid. For a group, the generateduid might involve the group's password. For typical Mac OS X users, the generateduid is associated with the storage of the user's password. The smb_sid entry involves Samba.

As you've have seen in your brief tour of the NetInfo database, the hierarchical nature of the database indeed becomes apparent when viewed in the NetInfo Manager.

Creating a Backup of the Local NetInfo Database

Because the NetInfo database is so important to maintaining the machine's internal world view, it's important for you to make backups of it periodically especially if you're going to be doing experiments that you might not be able to back out of neatly. Without a properly functioning NetInfo system, Mac OS X is rendered almost inoperable. In Mac OS X 10.2 and earlier, NetInfo Manager provided a graphical way to make a backup of the database. However, starting with Mac OS X 10.3, NetInfo Manager no longer has this feature.

In the command line, you could use cp or tar to create your backup. The NetInfo database is in the directory /var/db/netinfo/local.nidb. When backing up the NetInfo database from the command line, Apple recommends making the backup in single-user mode.

Because the NetInfo database is stored as a collection of data files in a directory, you can make a backup of the NetInfo database either by copying the directory, or by tarring the directory. Apple seems to prefer the recursive copy of the directory, but I find tarring it into a single file to be more useful.

 brezup:root ray # cd /var/db/netinfo/ brezup:root netinfo # cp -R local.nidb  local.nidb-backup 


 brezup:root netinfo # tar -cf local.nidb-backup.tar local.nidb 

No matter which method you use to make your backup, remember to double-check /var/db/netinfo to verify that your backups agree with your actual NetInfo database:

 brezup:root netinfo # ls -l local.nidb-backup total 200 -rw-r--r--   1 root  wheel     4 Mar  7 09:30 Clean -rw-r--r--   1 root  wheel     4 Mar  7 09:30 Config -rw-------   1 root  wheel  5120 Mar  7 09:30 Store.1024 -rw-------   1 root  wheel  4224 Mar  7 09:30 Store.1056 -rw-------   1 root  wheel  1088 Mar  7 09:30 Store.1088 -rw-r--r--   1 root  wheel  4352 Mar  7 09:30 Store.128 -rw-r--r--   1 root  wheel  2880 Mar  7 09:30 Store.160 -rw-------   1 root  wheel   576 Mar  7 09:30 Store.192 -rw-------   1 root  wheel  2240 Mar  7 09:30 Store.224 -rw-------   1 root  wheel  1536 Mar  7 09:30 Store.256 -rw-------   1 root  wheel  6336 Mar  7 09:30 Store.288 -rw-------   1 root  wheel  4160 Mar  7 09:30 Store.320 -rw-------   1 root  wheel  2112 Mar  7 09:30 Store.352 -rw-r--r--   1 root  wheel  8832 Mar  7 09:30 Store.384 -rw-r--r--   1 root  wheel   832 Mar  7 09:30 Store.416 -rw-------   1 root  wheel   672 Mar  7 09:30 Store.672 -rw-------   1 root  wheel  1408 Mar  7 09:30 Store.704 -rw-r--r--   1 root  wheel  1056 Mar  7 09:30 Store.96 brezup:root netinfo # ls -l local.nidb-backup.tar -rw-r--r--   1 root  wheel  71680 Mar  7 09:33 local.nidb-backup.tar 

Versions of the NetInfo Manager utility that provide a graphical interface for creating backups created the same types of backups as can be created with cp -R. The default name under which the database was stored by the backup was local.nibak.

The NetInfo Manager Interface

Now that you've had a chance to explore NetInfo Manager, let's take a brief look at the NetInfo Manager interface itself. NetInfo Manager and the NetInfo database can seem so overwhelming at first that now is a good time to take a step back and look at the interface itself.

As you've seen throughout this chapter, many options are available under the menu items of NetInfo Manager. Because there are so many options, it can be easy to overlook the buttons that are included in the upper left of the NetInfo Manager window.

The buttons provide some useful shortcuts for some actions. Here are descriptions for the buttons, from left to right:

  • Create New Directory, the button with a folder and a plus sign, is used to add a new subdirectory to the NetInfo database.

  • Duplicate Selected Directory, the button with two folders, causes the selected folder to be duplicated. You might find this button particularly useful as you create more groups and some types of users.

  • Delete Selected Directory, the button showing a circle with a slash in the middle, deletes the selected directory when clicked.

  • Open Parent Domain, the button with an earth and an up arrow, causes NetInfo to move to the parent domain of the current domain. If your machine isn't part of a complicated network, you might not find much use for this button. For the typical user whose machine is only a part of its own local NetInfo domain, this button is grayed out.

  • Show Find Dialog, represented by button containing a magnifying glass, is used to open the Find dialog box. You might find this button useful for searching the NetInfo database. Figure 20.7 shows the results of using Find on software in our NetInfo database.

    Figure 20.7. The Find button can be used to search the NetInfo database.

In addition to the buttons is the folder at the right that we mentioned earlier. The folder was originally used to indicate your present location in the NetInfo database. However, starting with the Mac OS X 10.2 release, that information is displayed above the directory browser in the upper splitview. The folder can be used to drag and drop directories for copying or moving them. The upper split view is where you navigate through the NetInfo database. The lower split view is where you view the contents of a specific directory in the NetInfo database.

Finally, you can control some aspects of the NetInfo Manager through its preferences. You can confirm modifications always or never. The default is always. Additionally, you can select what domain should be opened at startup. Choices are Local, None, or some other specific domain. The default is the local domain. Finally, within the browser itself, you can choose to display directory ID numbers or to display directories with no subdirectories as leaves. When you choose to display the directory ID numbers, you can see some of the same output you see when you run command-line tools. With the other option, you can more easily tell at a glance when a hierarchy ends.

     < Day Day Up > 

    Mac OS X Tiger Unleashed
    Mac OS X Tiger Unleashed
    ISBN: 0672327465
    EAN: 2147483647
    Year: 2005
    Pages: 251 © 2008-2017.
    If you may any questions please contact us: