nicl(1) BSD General Commands Manual nicl(1)
NAME
nicl -- NetInfo command line utility
SYNOPSIS
nicl [options] datasource [command]
options:
-c create new datasource
-ro read-only
-p prompt for password
-u user authenticate as user
-P password authentication password
-raw datasource is a NetInfo directory
-t datasource is host/tag
-v verbose output
-q quiet - no interactive prompt
-x500 X.500 names
commands:
-read dir [key ...]
-list dir [key]
-search dir scopemin scopemax key val [key val] ...
-path dir
-load [delim key val ...] ...
-create [path [key [val ...]]]
-append dir key val ...
-merge dir key val ...
-insert dir key val index
-rename dir old_key new_key
-delete dir [key [val ...]]
-copy dir new_parent
-move dir new_parent
-source file
-echo string
-history [<=>] [version]
-statistics
-domainname
-rparent
-resync
-flush
available only in interactive mode:
-cd dir
-pwd
-auth [user [password]]
-quit
support for experimental X.500 mode:
-refs
-setrdn dir key
DESCRIPTION
nicl is general-purpose utility for operating on NetInfo databases. Its commands allow one to create, read, and manage NetInfo data. If
invoked without any commands, nicl runs in an interactive mode, reading commands from standard input. Interactive processing is terminated
by the quit command, or by end of file. Leading dashes ("-") are optional for all commands.
nicl operates on a datasource specified on the command line. This may be a domain name, a NetInfo server of the form "host/tag", or a file.
Domain names may be absolute paths beginning with a slash ("/"), or relative domain paths beginning with a dot (".") character, which speci-
fies the local domain, or "..", specifying the local domain's parent. If the -t option has been specified, then the datasource is a host/tag
specification. Hosts may be given by name or IP address. If the -raw option has been specified, then the datasource is a NetInfo-format
database, for example "/var/db/netinfo/local.nidb". The user invoking nicl must have sufficient file-system permissions to read the database
files.
In "raw" mode, nicl operates directly on the database without communicating with a server for that database.
DIRECTORY SPECIFICATION
Many commands take a directory as an option. Directories may be specified as a directory ID number or as a path. NetInfo paths are speci-
fied by a list of slash-separated components. Each component is of the form:
value
or
key=value
In the first form, the key defaults to "name". Thus the following two paths are equivalent:
/users/alice
/name=users/name=alice
Note that NetInfo does not require any key to have unique values. When matching a directory path, NetInfo will match the first directory it
finds with a given key and value. For example, the following path will locate a user with a gid of "100":
/users/gid=100
Many users may have a gid value of 100. This path will match the first in some search order. The only unique identifier for NetInfo direc-
tories is the directory ID number. This number is printed in the output of the list command, and is printed by the read command if the nicl
is invoked with the -v (verbose) flag.
If path components contain keys or values with embedded slash characters, the slash characters must be escaped with a leading backslash char-
acter. Since the shell also processes escape characters, an extra backslash is required to correctly specify an escape. For example, to
read a directory with the name "/Alpha" in the "/exports" directory, one of the following paths could be used:
nicl . -read /exports/\/Alpha
nicl . -read /exports/name=\/Alpha
X.500 MODE
nicl was developed using an internal datastore "engine" with operations supporting both the legacy NetInfo network protocol and LDAP Version
3. Development work is still in progress in this area. Some nicl commands have been written for use in "X.500" mode, invoked by use of the
-x500 flag. Support for X.500-style data organization, naming, and access is still experimental and under active development.
COMMANDS
The action of each command is described below. Some commands have aliases. For example, "cat" and "." are aliases for "read". Command
aliases are listed in parentheses.
read (cat .)
Usage: read dir [key ...]
Prints a directory. Each properties are printed one per line. The property key is followed by a colon, then a space-separated list of the
values for that property. Note that a value which contains embedded spaces will appear identical to a pair of values. If The -v flag for
verbose output has been given, then read prints the directory (record) ID number, its version number, serial number, a count of child direc-
tories and a list of child directory ID numbers. Attributes are printed separately from meta-attributes (those having a leading underscore
character).
list (ls)
Usage: list dir [key]
Lists the subdirectories of the given directory. Subdirectories are listed one per line. The directory ID number is printed first, then the
values of "name" key. If an optional key argument is given, then the values for that key are used, rather than the values for the "name"
key.
Note that subdirectories that do not have a "name" key (or the key given as an option) are not listed.
search
path scopemin scopemax key val [key val] ...
Searches for directories that match a pattern. The search is rooted at the given directory. The following two arguments control the scope
of the search by specifying the starting and ending depth of the search. If scopemin argument is 0, for example, the search will include the
starting directory itself. A value of 1 will start searching at the subdirectories of the starting directory. The value of scopemax speci-
fies the maximum depth of the search. A value of 0 stops the search at the starting directory. A value of 1 stops the search one level
down. A value of -1 causes the search to have no maximum depth.
Following the scope arguments are one or more key and value pairs. Directories that have matching keys and values will be printed.
path
Usage: path path
Prints the directories from the given directory to the root directory.
load
Usage: load [delim key val ...] ...
Creates a child directory of the current directory. This command allows a directory to be created with a number of properties. The first
character given in the input is subsequently used as a delimiter to separate key val ... sets. For example, to create a directory with the
name "foo", and a property "bar" with the values "a", "b", and "c", and a property "baz" with the values "abc" and "def":
load + name foo + bar a b c + baz abc def
Any single character may be used as a delimiter.
create (mk)
Usage: create [path [key [val ...]]]
Creates a new directory, property, or value. If a directory path is given, the create command will create the directory path if it does not
exist. If a key is given, then a property with that key will be created.
WARNING - If a property with the given key already exists, it will be destroyed and a new property will be created in its place. To add val-
ues to an existing property, use the append or merge commands.
If values are included in the command, these values will be set for the given key.
If it is invoked without any arguments as a single command-line argument to nicl , the create command will create a new database. For exam-
ple, to create a new database "/tmp/test_db":
nicl -raw /tmp/test_db -create
The "mk" alias is not available for creating a new database. Note that a new database may also be created by using the -c option on the com-
mand line.
append
Usage: append path key val ...
Appends one or more values to a property in a given directory. The property is created if it does not exist.
merge
Usage: merge path key val ...
Appends one or more values to a property in a given directory if the property does not already have those values. The property is created if
it does not exist.
insert
Usage: insert path key val index Inserts the given value in the list of values of the given key in the specified directory. index is an
integer value. An index of 0 specifies that the value should be inserted at the head of the list. An index greater than the number of val-
ues in the list causes the value to be appended. The property is created if it does not exist.
rename
Usage: rename path old_key new_key
Changes a property key.
delete (rm)
Usage: delete path [key [val ...]]
Delete a directory, property, or value. If a directory path is given, the delete command will delete the directory. If a key is given, then
a property with that key will be deleted. If one or more values are given, those values will be removed from the property with the given
key.
copy (cp)
Usage: copy path new_parent
Recursively copies a directory to a new parent directory.
move (mv)
Usage: move path new_parent
Moves a directory to a new parent directory. In raw mode, move moves a directory by detaching it from its parent directory and re-attaching
it to a new parent. When connected to a NetInfo server, the directory is recursively copied to the new parent directory, then the original
is removed.
history (hist)
Usage: history [<=>] [version]
Locates directories by reference to the database version number. When a new database is created, it starts with a version number of zero.
Each modification of the database causes the version number to be incremented. The database version number is saved with the directory that
was modified at that time. When a directory is added or removed, the parent directory is modified, and thus the parent directory carries the
version number for that modification.
The history command lists directories that have been modified before, at, or after a specific version of the database. The < argument is
used to locate directories that changed before a specific version. The > argument locates directories that changed after a specific version.
The = after locates the single directory that changed at a specific version. This is also the default if none of these arguments is given.
If a version number is omitted, the current database version number is used. To determine the current database version:
nicl . -history
statistics (stats)
Usage: statistics
Prints various statistics. If the datasource is a raw database this includes the database checksum, version number, maximum directory ID
number, and counts of fetch, save, and remove operations. If the datasource is a NetInfo server, then this command prints all statistics
available from the server.
domainname (name)
Usage: domainname
Prints the NetInfo domain name. Not available in raw mode.
rparent
Usage: rparent
Prints the IP address and tag of the server's parent domain server. No output is printed if the server has no parent. Not available in raw
mode.
resync
Usage: resync
If connected to a NetInfo clone server, this command causes the clone to check its database and re-synchronize with the master if necessary.
If connected to a master server, this command causes the master to send a message to all clones, causing them all to re-synchronize. Not
available in raw mode.
flush
Usage: flush
Flushes the directory cache.
echo
Usage: echo string
Prints the string to standard output. This is handy when executing a script.
source (<)
Usage: source file
Redirects standard input to read commands from the named file. After the commands in the file have been processed, control returns to the
command line (if invoked interactively).
INTERACTIVE COMMANDS
cd
Usage: cd dir
Sets the current directory. Path names for other nicl commands may be relative to the current directory.
pwd
Usage: pwd Prints the path of the current directory.
auth (su)
Usage: auth [user [password]]
Authenticate as the named user, or as "root" if no user is specified. If a password is supplied, then that password is used for authentica-
tion, otherwise the command prompts for a password.
quit (q exit)
Usage: quit Ends processing of interactive commands and terminates the program.
X.500 MODE COMMANDS
refs
Usage: refs Used with -x500 mode. Lists parent domain and child domain references. Domains are printed as LDAP URLS.
setrdn
Usage: setrdn path key
Used with -x500 mode. This command creates a meta-attribute "rdn" key in the specified directory, with the key as the value of the "rdn"
meta-attribute. When nicl is invoked with the -x500 flag, X.500-style naming is used. The "rdn" meta-attribute of a directory specifies
which key will be used for the relative distinguished name (RDN). By default, the "name" property is used to form the RDN.
FILES
/var/db/netinfo/*.nidb
SEE ALSO
nidump(8), nifind(1), nigrep(1), niload(8), nireport(1), niutil(1)
Mac OS December 15, 2000 Mac OS