source-git / nss-pam-ldapd

Clone
Source Code
GIT

Blame man/getent.ldap.1.xml

c8 master
  1.   eeafda94ee58ef961485e06ba34df5ebe163fd52
  2.   man
  3.   getent.ldap.1.xml
Blob History Raw
Packit 6bd9ab
Packit 6bd9ab
Packit 6bd9ab 
                   "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
Packit 6bd9ab
Packit 6bd9ab
Packit 6bd9ab 
   getent.ldap.1.xml - docbook manual page for getent.ldap
Packit 6bd9ab
Packit 6bd9ab 
   Copyright (C) 2013-2018 Arthur de Jong
Packit 6bd9ab
Packit 6bd9ab 
   This library is free software; you can redistribute it and/or
Packit 6bd9ab 
   modify it under the terms of the GNU Lesser General Public
Packit 6bd9ab 
   License as published by the Free Software Foundation; either
Packit 6bd9ab 
   version 2.1 of the License, or (at your option) any later version.
Packit 6bd9ab
Packit 6bd9ab 
   This library is distributed in the hope that it will be useful,
Packit 6bd9ab 
   but WITHOUT ANY WARRANTY; without even the implied warranty of
Packit 6bd9ab 
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
Packit 6bd9ab 
   Lesser General Public License for more details.
Packit 6bd9ab
Packit 6bd9ab 
   You should have received a copy of the GNU Lesser General Public
Packit 6bd9ab 
   License along with this library; if not, write to the Free Software
Packit 6bd9ab 
   Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
Packit 6bd9ab 
   02110-1301 USA
Packit 6bd9ab 
-->
Packit 6bd9ab
Packit 6bd9ab 
<refentry id="getentldap1">
Packit 6bd9ab
Packit 6bd9ab 
 <refentryinfo>
Packit 6bd9ab 
  <author>
Packit 6bd9ab 
   <firstname>Arthur</firstname>
Packit 6bd9ab 
   <surname>de Jong</surname>
Packit 6bd9ab 
  </author>
Packit 6bd9ab 
 </refentryinfo>
Packit 6bd9ab
Packit 6bd9ab 
 <refmeta>
Packit 6bd9ab 
  <refentrytitle>getent.ldap</refentrytitle>
Packit 6bd9ab 
  <manvolnum>1</manvolnum>
Packit 6bd9ab 
  <refmiscinfo class="version">Version 0.9.9</refmiscinfo>
Packit 6bd9ab 
  <refmiscinfo class="manual">User Commands</refmiscinfo>
Packit 6bd9ab 
  <refmiscinfo class="date">Feb 2018</refmiscinfo>
Packit 6bd9ab 
 </refmeta>
Packit 6bd9ab
Packit 6bd9ab 
 <refnamediv id="name">
Packit 6bd9ab 
  <refname>getent.ldap</refname>
Packit 6bd9ab 
  <refpurpose>query information from LDAP</refpurpose>
Packit 6bd9ab 
 </refnamediv>
Packit 6bd9ab
Packit 6bd9ab 
 <refsynopsisdiv id="synopsis">
Packit 6bd9ab 
  <cmdsynopsis>
Packit 6bd9ab 
   <command>getent.ldap</command>
Packit 6bd9ab 
   <arg choice="opt"><replaceable>options</replaceable></arg>
Packit 6bd9ab 
   <arg><replaceable>DATABASE</replaceable></arg>
Packit 6bd9ab 
   <arg choice="opt"><replaceable>KEY...</replaceable></arg>
Packit 6bd9ab 
  </cmdsynopsis>
Packit 6bd9ab 
 </refsynopsisdiv>
Packit 6bd9ab
Packit 6bd9ab 
 <refsect1 id="description">
Packit 6bd9ab 
  <title>Description</title>
Packit 6bd9ab 
  <para>
Packit 6bd9ab 
   The <command>getent.ldap</command> command can be used to lookup or
Packit 6bd9ab 
   enumerate information from LDAP.
Packit 6bd9ab 
   Unlike the
Packit 6bd9ab 
   <citerefentry><refentrytitle>getent</refentrytitle><manvolnum>1</manvolnum></citerefentry>
Packit 6bd9ab 
   command, this command completely bypasses the lookups configured in
Packit 6bd9ab 
   <filename>/etc/nsswitch.conf</filename> and queries the
Packit 6bd9ab 
   <citerefentry><refentrytitle>nslcd</refentrytitle><manvolnum>8</manvolnum></citerefentry>
Packit 6bd9ab 
   daemon directly.
Packit 6bd9ab 
  </para>
Packit 6bd9ab 
  <para>
Packit 6bd9ab 
   <command>getent.ldap</command> tries to match the behaviour and output of
Packit 6bd9ab 
   <command>getent</command> and the format in the corresponding flat files
Packit 6bd9ab 
   as much as possible, however there are a number of differences.
Packit 6bd9ab 
   If multiple entries are found in LDAP that match a
Packit 6bd9ab 
   specific query, multiple values are printed (e.g. ethernet addresses that
Packit 6bd9ab 
   have multiple names, services that support multiple protocols, etc.).
Packit 6bd9ab 
   Also, some databases have extra options as described below.
Packit 6bd9ab 
  </para>
Packit 6bd9ab 
 </refsect1>
Packit 6bd9ab
Packit 6bd9ab 
 <refsect1 id="options">
Packit 6bd9ab 
  <title>Options</title>
Packit 6bd9ab 
  <para>
Packit 6bd9ab 
   The options that may be specified to the <command>getent.ldap</command>
Packit 6bd9ab 
   command are:
Packit 6bd9ab 
  </para>
Packit 6bd9ab 
  <variablelist remap="TP">
Packit 6bd9ab
Packit 6bd9ab 
   <varlistentry id="help">
Packit 6bd9ab 
    <term>
Packit 6bd9ab 
     <option>-h</option>, <option>--help</option>
Packit 6bd9ab 
    </term>
Packit 6bd9ab 
    <listitem>
Packit 6bd9ab 
     <para>Display short help and exit.</para>
Packit 6bd9ab 
    </listitem>
Packit 6bd9ab 
   </varlistentry>
Packit 6bd9ab
Packit 6bd9ab 
   <varlistentry id="version">
Packit 6bd9ab 
    <term>
Packit 6bd9ab 
     <option>-V, --version</option>
Packit 6bd9ab 
    </term>
Packit 6bd9ab 
    <listitem>
Packit 6bd9ab 
     <para>Output version information and exit.</para>
Packit 6bd9ab 
    </listitem>
Packit 6bd9ab 
   </varlistentry>
Packit 6bd9ab
Packit 6bd9ab 
  </variablelist>
Packit 6bd9ab 
 </refsect1>
Packit 6bd9ab
Packit 6bd9ab 
 <refsect1 id="databases">
Packit 6bd9ab 
  <title>Databases</title>
Packit 6bd9ab 
  <para>
Packit 6bd9ab 
   The <replaceable>DATABASE</replaceable> argument may be any of the
Packit 6bd9ab 
   supported databases below:
Packit 6bd9ab 
  </para>
Packit 6bd9ab 
  <variablelist remap="TP">
Packit 6bd9ab
Packit 6bd9ab 
   <varlistentry id="aliases">
Packit 6bd9ab 
    <term><option>aliases</option></term>
Packit 6bd9ab 
    <listitem>
Packit 6bd9ab 
     <para>
Packit 6bd9ab 
      Lists or queries email aliases.
Packit 6bd9ab 
      If <replaceable>KEY</replaceable> is given it searches for the alias
Packit 6bd9ab 
      by name, otherwise it returns all aliases from
Packit 6bd9ab 
      LDAP.
Packit 6bd9ab 
     </para>
Packit 6bd9ab 
    </listitem>
Packit 6bd9ab 
   </varlistentry>
Packit 6bd9ab
Packit 6bd9ab 
   <varlistentry id="ethers">
Packit 6bd9ab 
    <term><option>ethers</option></term>
Packit 6bd9ab 
    <listitem>
Packit 6bd9ab 
     <para>
Packit 6bd9ab 
      Lists or queries ethernet addresses.
Packit 6bd9ab 
      If <replaceable>KEY</replaceable> matches the format of an ethernet
Packit 6bd9ab 
      address a search by address is performed, otherwise a search by name
Packit 6bd9ab 
      is performed or all entries are returned if
Packit 6bd9ab 
      <replaceable>KEY</replaceable> is omitted.
Packit 6bd9ab 
      Unlike <command>getent</command>, <command>getent.ldapd</command>
Packit 6bd9ab 
      does support enumerating all ethernet addresses.
Packit 6bd9ab 
     </para>
Packit 6bd9ab 
    </listitem>
Packit 6bd9ab 
   </varlistentry>
Packit 6bd9ab
Packit 6bd9ab 
   <varlistentry id="group">
Packit 6bd9ab 
    <term><option>group</option></term>
Packit 6bd9ab 
    <listitem>
Packit 6bd9ab 
     <para>
Packit 6bd9ab 
      Lists or queries groups.
Packit 6bd9ab 
      If <replaceable>KEY</replaceable> is numeric, it searches for the
Packit 6bd9ab 
      group by group id.
Packit 6bd9ab 
     </para>
Packit 6bd9ab 
    </listitem>
Packit 6bd9ab 
   </varlistentry>
Packit 6bd9ab
Packit 6bd9ab 
   <varlistentry id="group.bymember">
Packit 6bd9ab 
    <term><option>group.bymember</option></term>
Packit 6bd9ab 
    <listitem>
Packit 6bd9ab 
     <para>
Packit 6bd9ab 
      The <replaceable>KEY</replaceable> is a user name and groups are
Packit 6bd9ab 
      returned for which this user is a member.
Packit 6bd9ab 
      The format is similar to the <option>group</option> output but the
Packit 6bd9ab 
      group members are left out for performance reasons.
Packit 6bd9ab 
     </para>
Packit 6bd9ab 
    </listitem>
Packit 6bd9ab 
   </varlistentry>
Packit 6bd9ab
Packit 6bd9ab 
   <varlistentry id="hosts">
Packit 6bd9ab 
    <term><option>hosts</option></term>
Packit 6bd9ab 
    <listitem>
Packit 6bd9ab 
     <para>
Packit 6bd9ab 
      List or search host names and addresses by either host name,
Packit 6bd9ab 
      IPv4 or IPv6 address. This returns both IPv4 and IPv6 addresses
Packit 6bd9ab 
      (if available).
Packit 6bd9ab 
     </para>
Packit 6bd9ab 
    </listitem>
Packit 6bd9ab 
   </varlistentry>
Packit 6bd9ab
Packit 6bd9ab 
   <varlistentry id="hostsv4">
Packit 6bd9ab 
    <term><option>hostsv4</option></term>
Packit 6bd9ab 
    <listitem>
Packit 6bd9ab 
     <para>
Packit 6bd9ab 
      Similar to <option>hosts</option> but any supplied IPv6 addresses are
Packit 6bd9ab 
      treated as host names and only IPv4 addresses are returned.
Packit 6bd9ab 
     </para>
Packit 6bd9ab 
    </listitem>
Packit 6bd9ab 
   </varlistentry>
Packit 6bd9ab
Packit 6bd9ab 
   <varlistentry id="hostsv6">
Packit 6bd9ab 
    <term><option>hostsv6</option></term>
Packit 6bd9ab 
    <listitem>
Packit 6bd9ab 
     <para>
Packit 6bd9ab 
      Similar to <option>hosts</option> but <replaceable>KEY</replaceable>
Packit 6bd9ab 
      is treated as an IPv6 address or a host name and only IPv6 addresses
Packit 6bd9ab 
      are returned.
Packit 6bd9ab 
     </para>
Packit 6bd9ab 
    </listitem>
Packit 6bd9ab 
   </varlistentry>
Packit 6bd9ab
Packit 6bd9ab 
   <varlistentry id="netgroup">
Packit 6bd9ab 
    <term><option>netgroup</option></term>
Packit 6bd9ab 
    <listitem>
Packit 6bd9ab 
     <para>
Packit 6bd9ab 
      List or query netgroups and netgroup triples (host, user, domain) that
Packit 6bd9ab 
      are a member of the netgroup.
Packit 6bd9ab 
      Unlike <command>getent</command>, <command>getent.ldapd</command>
Packit 6bd9ab 
      does support enumerating all ethernet addresses.
Packit 6bd9ab 
     </para>
Packit 6bd9ab 
    </listitem>
Packit 6bd9ab 
   </varlistentry>
Packit 6bd9ab
Packit 6bd9ab 
   <varlistentry id="netgroup.norec">
Packit 6bd9ab 
    <term><option>netgroup.norec</option></term>
Packit 6bd9ab 
    <listitem>
Packit 6bd9ab 
     <para>
Packit 6bd9ab 
      Similar to <option>netgroup</option> except that no subsequent
Packit 6bd9ab 
      lookups are done to expand netgroups which are member of the
Packit 6bd9ab 
      supplied netgroup and the output may contain both other netgroup
Packit 6bd9ab 
      names and netgroup triples.
Packit 6bd9ab 
     </para>
Packit 6bd9ab 
    </listitem>
Packit 6bd9ab 
   </varlistentry>
Packit 6bd9ab
Packit 6bd9ab 
   <varlistentry id="networks">
Packit 6bd9ab 
    <term><option>networks</option></term>
Packit 6bd9ab 
    <listitem>
Packit 6bd9ab 
     <para>
Packit 6bd9ab 
      List or query network names and addresses.
Packit 6bd9ab 
      <replaceable>KEY</replaceable> may be a network name or address.
Packit 6bd9ab 
      This map can return both IPv4 and IPv6 network addresses.
Packit 6bd9ab 
     </para>
Packit 6bd9ab 
    </listitem>
Packit 6bd9ab 
   </varlistentry>
Packit 6bd9ab
Packit 6bd9ab 
   <varlistentry id="networksv4">
Packit 6bd9ab 
    <term><option>networksv4</option></term>
Packit 6bd9ab 
    <listitem>
Packit 6bd9ab 
     <para>
Packit 6bd9ab 
      Only return IPv4 network addresses.
Packit 6bd9ab 
     </para>
Packit 6bd9ab 
    </listitem>
Packit 6bd9ab 
   </varlistentry>
Packit 6bd9ab
Packit 6bd9ab 
   <varlistentry id="networksv6">
Packit 6bd9ab 
    <term><option>networksv6</option></term>
Packit 6bd9ab 
    <listitem>
Packit 6bd9ab 
     <para>
Packit 6bd9ab 
      Only return IPv6 network addresses.
Packit 6bd9ab 
     </para>
Packit 6bd9ab 
    </listitem>
Packit 6bd9ab 
   </varlistentry>
Packit 6bd9ab
Packit 6bd9ab 
   <varlistentry id="passwd">
Packit 6bd9ab 
    <term><option>passwd</option></term>
Packit 6bd9ab 
    <listitem>
Packit 6bd9ab 
     <para>
Packit 6bd9ab 
      Enumerate or search the user account database.
Packit 6bd9ab 
      <replaceable>KEY</replaceable> may be a user name or numeric user id
Packit 6bd9ab 
      or be omitted to list all users.
Packit 6bd9ab 
     </para>
Packit 6bd9ab 
    </listitem>
Packit 6bd9ab 
   </varlistentry>
Packit 6bd9ab
Packit 6bd9ab 
   <varlistentry id="protocols">
Packit 6bd9ab 
    <term><option>protocols</option></term>
Packit 6bd9ab 
    <listitem>
Packit 6bd9ab 
     <para>
Packit 6bd9ab 
      Enumerate the internet protocols database.
Packit 6bd9ab 
     </para>
Packit 6bd9ab 
    </listitem>
Packit 6bd9ab 
   </varlistentry>
Packit 6bd9ab
Packit 6bd9ab 
   <varlistentry id="rpc">
Packit 6bd9ab 
    <term><option>rpc</option></term>
Packit 6bd9ab 
    <listitem>
Packit 6bd9ab 
     <para>
Packit 6bd9ab 
      List or search user readable names that map to RPC program numbers.
Packit 6bd9ab 
      Searching by <replaceable>KEY</replaceable> can be done on name or
Packit 6bd9ab 
      rpc program number.
Packit 6bd9ab 
     </para>
Packit 6bd9ab 
    </listitem>
Packit 6bd9ab 
   </varlistentry>
Packit 6bd9ab
Packit 6bd9ab 
   <varlistentry id="services">
Packit 6bd9ab 
    <term><option>services</option></term>
Packit 6bd9ab 
    <listitem>
Packit 6bd9ab 
     <para>
Packit 6bd9ab 
      List or search the mapping between names for internet services and
Packit 6bd9ab 
      their corresponding port numbers and protocol types.
Packit 6bd9ab 
      The <replaceable>KEY</replaceable> can be either a service name or
Packit 6bd9ab 
      number, followed by an optional slash and protocol name to restrict
Packit 6bd9ab 
      the search to only entries for the specified protocol.
Packit 6bd9ab 
     </para>
Packit 6bd9ab 
    </listitem>
Packit 6bd9ab 
   </varlistentry>
Packit 6bd9ab
Packit 6bd9ab 
   <varlistentry id="shadow">
Packit 6bd9ab 
    <term><option>shadow</option></term>
Packit 6bd9ab 
    <listitem>
Packit 6bd9ab 
     <para>
Packit 6bd9ab 
      Enumerate or search extended user account information.
Packit 6bd9ab 
      Note that shadow information is likely only exposed to the root user
Packit 6bd9ab 
      and by default <command>nslcd</command> does not expose password
Packit 6bd9ab 
      hashes, even to root.
Packit 6bd9ab 
     </para>
Packit 6bd9ab 
    </listitem>
Packit 6bd9ab 
   </varlistentry>
Packit 6bd9ab
Packit 6bd9ab 
  </variablelist>
Packit 6bd9ab 
 </refsect1>
Packit 6bd9ab
Packit 6bd9ab
Packit 6bd9ab 
 <refsect1 id="see_also">
Packit 6bd9ab 
  <title>See Also</title>
Packit 6bd9ab 
  <para>
Packit 6bd9ab 
   <citerefentry><refentrytitle>getent</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
Packit 6bd9ab 
   <citerefentry><refentrytitle>nslcd</refentrytitle><manvolnum>8</manvolnum></citerefentry>
Packit 6bd9ab 
  </para>
Packit 6bd9ab 
 </refsect1>
Packit 6bd9ab
Packit 6bd9ab 
 <refsect1 id="author">
Packit 6bd9ab 
  <title>Author</title>
Packit 6bd9ab 
  <para>This manual was written by Arthur de Jong <arthur@arthurdejong.org>.</para>
Packit 6bd9ab 
 </refsect1>
Packit 6bd9ab
Packit 6bd9ab 
 <refsect1 id="bugs">
Packit 6bd9ab 
  <title>Bugs</title>
Packit 6bd9ab 
  <para>
Packit 6bd9ab 
   Currently, <command>getent.ldapd</command> does not correctly set an
Packit 6bd9ab 
   exit code. It should return the same kind of exit codes as
Packit 6bd9ab 
   <command>getent</command> does (e.g. for missing entries).
Packit 6bd9ab 
  </para>
Packit 6bd9ab 
 </refsect1>
Packit 6bd9ab
Packit 6bd9ab 
</refentry>

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation