Nevertheless, it may be instructive to share my own learning process.
As an example I will take the NIS maps' source files directory tree:
├── acct
│ ├── passwd
│ └── shadow
├── aliases
├── auto_home
├── auto_master
├── ethers
├── group
├── hosts
├── ipnodes -> hosts
├── netgroup
├── netid
├── netmasks
├── networks
├── project
├── protocols
├── publickey
├── rbac
│ ├── auth_attr
│ ├── exec_attr
│ └── prof_attr
├── rpc
├── services
├── sudoers
└── user_attr
This directory tree will turn into a Mercurial repository on the NIS master.
Of course, this repository will be central and sysadmins will have their own.
This will help organize the shared management by several sysadmins.
The first concern is with the directory tree permissions.
The trouble is to share the directory tree with all sysadmins.
Giving root (sudo) access to sysadmins is a security problem.
Creating a group for the sysadmins may hit system limits.
The natural solution in Solaris is to share a role.
So, adjust the directory tree owner and group:
(the mode was already set according to NIS maps' source files)
nis-1# chown -R nis:nis /var/share/nis
nis-1# ls -lh /var/nis/*
total ...
-rw-r----- 1 nis nis ... aliases
-rw-r----- 1 nis nis ... auto_home
-rw-r----- 1 nis nis ... auto_master
-rw-r----- 1 nis nis ... ethers
-rw-r----- 1 nis nis ... group
-rw-r----- 1 nis nis ... hosts
lrwxrwxrwx 1 root root ... ipnodes -> hosts
-rw-r----- 1 nis nis ... netgroup
-rw-r----- 1 nis nis ... netid
-rw-r----- 1 nis nis ... netmasks
-rw-r----- 1 nis nis ... networks
-rw-r----- 1 nis nis ... project
-rw-r----- 1 nis nis ... protocols
-rw-r----- 1 nis nis ... publickey
-rw-r----- 1 nis nis ... rpc
-rw-r----- 1 nis nis ... services
-r--r----- 1 nis nis ... sudoers
-rw-r----- 1 nis nis ... user_attr
/var/nis/acct:
total ...
-rw-r----- 1 nis nis ... passwd
-r-------- 1 nis nis ... shadow
/var/nis/rbac:
total ...
-rw-r----- 1 nis nis ... auth_attr
-rw-r----- 1 nis nis ... exec_attr
-rw-r----- 1 nis nis ... prof_attr
Log in as a user who has been granted the above role:
$ su - nis
Password:
Oracle Corporation SunOS 5.11 11.1 December 2013
$ who am i
user2 pts/1 ...
Go to the NIS sources directory and do some adjustment:
$ cd /var/nis
$ rm ipnodes
$ ln -s hosts ipnodes
Create the Mercurial repository and minimal configuration file:
$ hg init
$ hg root
/var/share/nis
$ cat ~/.hgrc
[ui]
username = NIS role
Create a baseline (the initial snapshot or changeset):
$ hg status
? acct/passwd
? acct/shadow
? aliases
? auto_home
? auto_master
? ethers
? group
? hosts
? ipnodes
? netgroup
? netid
? netmasks
? networks
? project
? protocols
? publickey
? rbac/auth_attr
? rbac/exec_attr
? rbac/prof_attr
? rpc
? services
? sudoers
? user_attr
$ hg add
adding acct/passwd
adding acct/shadow
adding aliases
adding auto_home
adding auto_master
adding ethers
adding group
adding hosts
adding ipnodes
adding netgroup
adding netid
adding netmasks
adding networks
adding project
adding protocols
adding publickey
adding rbac/auth_attr
adding rbac/exec_attr
adding rbac/prof_attr
adding rpc
adding services
adding sudoers
adding user_attr
$ hg status
A acct/passwd
A acct/shadow
A aliases
A auto_home
A auto_master
A ethers
A group
A hosts
A ipnodes
A netgroup
A netid
A netmasks
A networks
A project
A protocols
A publickey
A rbac/auth_attr
A rbac/exec_attr
A rbac/prof_attr
A rpc
A services
A sudoers
A user_attr
$ hg commit -m "Baseline"
$ hg summary
parent: 0:79f1ad4f096b tip
Baseline
branch: default
commit: (clean)
update: (current)
$ hg tip
changeset: 0:79f1ad4f096b
tag: tip
user: NIS role
date: Wed Apr 09 15:10:24 2014 -0300
summary: Baseline
