source-git / nss-pam-ldapd

Clone
Source Code
GIT

Blame man/getent.ldap.1

c8 master
  1.   c8
  2.   man
  3.   getent.ldap.1
Blob History Raw
Packit 6bd9ab 
'\" -*- coding: utf-8 -*-
Packit 6bd9ab 
.if \n(.g .ds T< \\FC
Packit 6bd9ab 
.if \n(.g .ds T> \\F[\n[.fam]]
Packit 6bd9ab 
.de URL
Packit 6bd9ab 
\\$2 \(la\\$1\(ra\\$3
Packit 6bd9ab 
..
Packit 6bd9ab 
.if \n(.g .mso www.tmac
Packit 6bd9ab 
.TH getent.ldap 1 "Feb 2018" "Version 0.9.9" "User Commands"
Packit 6bd9ab 
.SH NAME
Packit 6bd9ab 
getent.ldap \- query information from LDAP
Packit 6bd9ab 
.SH SYNOPSIS
Packit 6bd9ab 
'nh
Packit 6bd9ab 
.fi
Packit 6bd9ab 
.ad l
Packit 6bd9ab 
\fBgetent.ldap\fR \kx
Packit 6bd9ab 
.if (\nx>(\n(.l/2)) .nr x (\n(.l/5)
Packit 6bd9ab 
'in \n(.iu+\nxu
Packit 6bd9ab 
[\fIoptions\fR] [\fIDATABASE\fR] [\fIKEY...\fR]
Packit 6bd9ab 
'in \n(.iu-\nxu
Packit 6bd9ab 
.ad b
Packit 6bd9ab 
'hy
Packit 6bd9ab 
.SH DESCRIPTION
Packit 6bd9ab 
The \fBgetent.ldap\fR command can be used to lookup or
Packit 6bd9ab 
enumerate information from LDAP.
Packit 6bd9ab 
Unlike the
Packit 6bd9ab 
\fBgetent\fR(1)
Packit 6bd9ab 
command, this command completely bypasses the lookups configured in
Packit 6bd9ab 
\*(T<\fI/etc/nsswitch.conf\fR\*(T> and queries the
Packit 6bd9ab 
\fBnslcd\fR(8)
Packit 6bd9ab 
daemon directly.
Packit 6bd9ab 
.PP
Packit 6bd9ab 
\fBgetent.ldap\fR tries to match the behaviour and output of
Packit 6bd9ab 
\fBgetent\fR and the format in the corresponding flat files
Packit 6bd9ab 
as much as possible, however there are a number of differences.
Packit 6bd9ab 
If multiple entries are found in LDAP that match a
Packit 6bd9ab 
specific query, multiple values are printed (e.g. ethernet addresses that
Packit 6bd9ab 
have multiple names, services that support multiple protocols, etc.).
Packit 6bd9ab 
Also, some databases have extra options as described below.
Packit 6bd9ab 
.SH OPTIONS
Packit 6bd9ab 
The options that may be specified to the \fBgetent.ldap\fR
Packit 6bd9ab 
command are:
Packit 6bd9ab 
.TP
Packit 6bd9ab 
\*(T<\fB\-h\fR\*(T>, \*(T<\fB\-\-help\fR\*(T>
Packit 6bd9ab 
Display short help and exit.
Packit 6bd9ab 
.TP
Packit 6bd9ab 
\*(T<\fB\-V, \-\-version\fR\*(T>
Packit 6bd9ab 
Output version information and exit.
Packit 6bd9ab 
.SH DATABASES
Packit 6bd9ab 
The \fIDATABASE\fR argument may be any of the
Packit 6bd9ab 
supported databases below:
Packit 6bd9ab 
.TP
Packit 6bd9ab 
\*(T<\fBaliases\fR\*(T>
Packit 6bd9ab 
Lists or queries email aliases.
Packit 6bd9ab 
If \fIKEY\fR is given it searches for the alias
Packit 6bd9ab 
by name, otherwise it returns all aliases from
Packit 6bd9ab 
LDAP.
Packit 6bd9ab 
.TP
Packit 6bd9ab 
\*(T<\fBethers\fR\*(T>
Packit 6bd9ab 
Lists or queries ethernet addresses.
Packit 6bd9ab 
If \fIKEY\fR matches the format of an ethernet
Packit 6bd9ab 
address a search by address is performed, otherwise a search by name
Packit 6bd9ab 
is performed or all entries are returned if
Packit 6bd9ab 
\fIKEY\fR is omitted.
Packit 6bd9ab 
Unlike \fBgetent\fR, \fBgetent.ldapd\fR
Packit 6bd9ab 
does support enumerating all ethernet addresses.
Packit 6bd9ab 
.TP
Packit 6bd9ab 
\*(T<\fBgroup\fR\*(T>
Packit 6bd9ab 
Lists or queries groups.
Packit 6bd9ab 
If \fIKEY\fR is numeric, it searches for the
Packit 6bd9ab 
group by group id.
Packit 6bd9ab 
.TP
Packit 6bd9ab 
\*(T<\fBgroup.bymember\fR\*(T>
Packit 6bd9ab 
The \fIKEY\fR is a user name and groups are
Packit 6bd9ab 
returned for which this user is a member.
Packit 6bd9ab 
The format is similar to the \*(T<\fBgroup\fR\*(T> output but the
Packit 6bd9ab 
group members are left out for performance reasons.
Packit 6bd9ab 
.TP
Packit 6bd9ab 
\*(T<\fBhosts\fR\*(T>
Packit 6bd9ab 
List or search host names and addresses by either host name,
Packit 6bd9ab 
IPv4 or IPv6 address. This returns both IPv4 and IPv6 addresses
Packit 6bd9ab 
(if available).
Packit 6bd9ab 
.TP
Packit 6bd9ab 
\*(T<\fBhostsv4\fR\*(T>
Packit 6bd9ab 
Similar to \*(T<\fBhosts\fR\*(T> but any supplied IPv6 addresses are
Packit 6bd9ab 
treated as host names and only IPv4 addresses are returned.
Packit 6bd9ab 
.TP
Packit 6bd9ab 
\*(T<\fBhostsv6\fR\*(T>
Packit 6bd9ab 
Similar to \*(T<\fBhosts\fR\*(T> but \fIKEY\fR
Packit 6bd9ab 
is treated as an IPv6 address or a host name and only IPv6 addresses
Packit 6bd9ab 
are returned.
Packit 6bd9ab 
.TP
Packit 6bd9ab 
\*(T<\fBnetgroup\fR\*(T>
Packit 6bd9ab 
List or query netgroups and netgroup triples (host, user, domain) that
Packit 6bd9ab 
are a member of the netgroup.
Packit 6bd9ab 
Unlike \fBgetent\fR, \fBgetent.ldapd\fR
Packit 6bd9ab 
does support enumerating all ethernet addresses.
Packit 6bd9ab 
.TP
Packit 6bd9ab 
\*(T<\fBnetgroup.norec\fR\*(T>
Packit 6bd9ab 
Similar to \*(T<\fBnetgroup\fR\*(T> except that no subsequent
Packit 6bd9ab 
lookups are done to expand netgroups which are member of the
Packit 6bd9ab 
supplied netgroup and the output may contain both other netgroup
Packit 6bd9ab 
names and netgroup triples.
Packit 6bd9ab 
.TP
Packit 6bd9ab 
\*(T<\fBnetworks\fR\*(T>
Packit 6bd9ab 
List or query network names and addresses.
Packit 6bd9ab 
\fIKEY\fR may be a network name or address.
Packit 6bd9ab 
This map can return both IPv4 and IPv6 network addresses.
Packit 6bd9ab 
.TP
Packit 6bd9ab 
\*(T<\fBnetworksv4\fR\*(T>
Packit 6bd9ab 
Only return IPv4 network addresses.
Packit 6bd9ab 
.TP
Packit 6bd9ab 
\*(T<\fBnetworksv6\fR\*(T>
Packit 6bd9ab 
Only return IPv6 network addresses.
Packit 6bd9ab 
.TP
Packit 6bd9ab 
\*(T<\fBpasswd\fR\*(T>
Packit 6bd9ab 
Enumerate or search the user account database.
Packit 6bd9ab 
\fIKEY\fR may be a user name or numeric user id
Packit 6bd9ab 
or be omitted to list all users.
Packit 6bd9ab 
.TP
Packit 6bd9ab 
\*(T<\fBprotocols\fR\*(T>
Packit 6bd9ab 
Enumerate the internet protocols database.
Packit 6bd9ab 
.TP
Packit 6bd9ab 
\*(T<\fBrpc\fR\*(T>
Packit 6bd9ab 
List or search user readable names that map to RPC program numbers.
Packit 6bd9ab 
Searching by \fIKEY\fR can be done on name or
Packit 6bd9ab 
rpc program number.
Packit 6bd9ab 
.TP
Packit 6bd9ab 
\*(T<\fBservices\fR\*(T>
Packit 6bd9ab 
List or search the mapping between names for internet services and
Packit 6bd9ab 
their corresponding port numbers and protocol types.
Packit 6bd9ab 
The \fIKEY\fR can be either a service name or
Packit 6bd9ab 
number, followed by an optional slash and protocol name to restrict
Packit 6bd9ab 
the search to only entries for the specified protocol.
Packit 6bd9ab 
.TP
Packit 6bd9ab 
\*(T<\fBshadow\fR\*(T>
Packit 6bd9ab 
Enumerate or search extended user account information.
Packit 6bd9ab 
Note that shadow information is likely only exposed to the root user
Packit 6bd9ab 
and by default \fBnslcd\fR does not expose password
Packit 6bd9ab 
hashes, even to root.
Packit 6bd9ab 
.SH "SEE ALSO"
Packit 6bd9ab 
\fBgetent\fR(1),
Packit 6bd9ab 
\fBnslcd\fR(8)
Packit 6bd9ab 
.SH AUTHOR
Packit 6bd9ab 
This manual was written by Arthur de Jong <arthur@arthurdejong.org>.
Packit 6bd9ab 
.SH BUGS
Packit 6bd9ab 
Currently, \fBgetent.ldapd\fR does not correctly set an
Packit 6bd9ab 
exit code. It should return the same kind of exit codes as
Packit 6bd9ab 
\fBgetent\fR does (e.g. for missing entries).

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation