NETINFO(5) File Formats Manual NETINFO(5)
netinfo - network administrative information
NetInfo stores its administration information in a hierarchical data-
base. The hierarchy is composed of nodes called NetInfo directories.
Each directory may have zero or more NetInfo properties associated with
it. Each property has a name and zero or more values.
This man page describes those directories and properties which have
meaning in the system distributed by Apple. Users and 3rd-parties may
create other directories and properties, which of course cannot be
Virtually everything that utilizes NetInfo for lookups adheres to the
following convention. Search the local domain first. If found, return
the answer. Otherwise, try the next level up and so on until the top of
the domain hierarchy is reached. For compatibility with Yellow Pages
and BIND, see lookupd(8).
At the top level, the root directory contains a single property called
master. This properties indicates who is the master of this database,
i.e., which server contains the master copy of the database. The singu-
lar value of master contains two fields, a hostname and a domain tag
separated by a '/' which uniquely identifies the machine and process
serving as master of this data. For example, the entry clothier/net-
work says that the netinfod(8) process serving domain tag network on
the machine clothier controls the master copy of the database.
For added security, a second property can be installed in the root
directory to limit who can connect to the domain. By default, anybody
can connect to the domain, which would allow them to read anything that
is there (writes are protected however). If this default is undesir-
able, a property called trusted_networks should be enabled in the root
directory. Its values should be the network (or subnet) addresses which
are assumed to contain trusted machines which are allowed to connect to
the domain. Any other clients are assumed to be untrustworthy. A name
may be used instead of an address. If a name is given, then that name
should be listed as a subdirectory of "/networks" within the same
domain and resolve to the appropriate network address.
At the second level, the following directories exist which have the
following names (property named "name" has these values):
These directories contain, for the most part, only the single property
named "name". The exception is the "machines" directory which contains
other properties having to do with automatic host installation. These
properties are the following:
"promiscuous" - if it exists, the bootpd(8) daemon is promiscu-
ous. Has no value.
"assignable_ipaddr" - a range of IP addresses to automatically
assigned, specified with two values as endpoints.
"configuration_ipaddr" - the temporary IP address given to
unknown machines in the process of booting.
"default_bootfile" - the default bootfile to assign to a new
"net_passwd" - optional property. If it exists, it's the
encrypted password for protecting automatic host installations.
The directory "/aliases" contains directories which refer to individual
mailing aliases. The relevant properties are:
"name" - the name of the alias
"members" - a list of values, each of which is a member of this
The directory "/groups" contains directories which refer to individual
system groups. The relevant properties are:
"name" - the name of the system group
"passwd" - the associated password
"gid" - the associated group id
"users" - a list of values, each of which is a user who is a
member of this system group.
The directory "/machines" contains directories which refer to individ-
ual machines. The relevant properties are:
"name" - the name of this machine. This property can have multi-
ple values if the machine name has aliases.
"ip_address" - the Internet Protocol address of the machine.
This property can have multiple values if the machine has multi-
ple IP addresses. Note that the address MUST be stored in deci-
mal-dot notation with no leading zeroes.
"en_address" - the Ethernet address of the machine. Note that
the address MUST be stored in standard 6 field hex Ethernet
notation, with no leading zeros. For example, "0:0:f:0:7:5a" is
a valid Ethernet address, "00:00:0f:00:07:5a" is not.
"serves" - a list of values, each of which is information about
which NetInfo domains this machine serves. Each value has the
format domain-name/domain-tag. The domain name is the external
name of the domain served by this machine as seen from this
level of hierarchy. The domain tag is the internal name associ-
ated with the actual process on the machine that serves this
"bootfile" - the name of the kernel that this machine will use
by default when NetBooting.
"bootparams" - a list of values, each of which is a Bootparams
protocol key-value pair. For example, "root=parrish:/" has the
Bootparams key "root" and Bootparams value "parrish:/".
"netgroups" - a list of values, each of which is the name of a
netgroup of which this machine is a member.
The directory "/mounts" contains directories which refer to filesys-
tems. The relevant properties are:
"name" - the name of the filesytem. For example, "/dev/od0a" or
"dir" - the directory upon which this filesystem is mounted.
"type" - the filesystem type of the mount
"opts" - a list of values, each of which is a mount(8) option
associated with the mounting of this filesystem.
"passno" - pass number on parallel fsck(8)
"freq" - dump frequency, in days.
The directory "/networks" contains directories which refer to Internet
networks. The relevant properties are:
"name" - the name of the network. If the network has aliases,
there may be more than one value for this property.
"address" - the network number of this network. The value MUST
be in decimal-dot notation with no leading zeroes.
The directory "/printers" contains directories which refer to printer
entries. The relevant properties are:
"name" - the name of the printer. If the printer has alias, this
property will have multiple values.
"lp", "sd", etc. - the names of printcap(5) properties associ-
ated with this printer. If the value associated with the prop-
erty name is numeric, the number has a leading "#" prepended to
The directory "/protocols" contains directories which refer to trans-
port protocols. The relevant properties are:
"name" - the name of the protocol. If the protocol has aliases,
the property will have multiple values.
"number" - the associated protocol number.
The directory "/services" contains directories which refer to ARPA ser-
vices. The relevant properties are:
"name" - the name of the service. If the service has aliases,
the property will have multiple values.
"protocol" - the name of the protocol upon which the service
runs. If the service runs on multiple protocols, this property
will have multiple values.
"port" - the associated port number of the service.
The directory "/users" contains information which refer to users. The
relevant properties are:
"name" - the login name of the user.
"passwd" - the encrypted password of the user.
"uid" - the user id of the user.
"gid" - the default group id of the user.
"realname" - the real name of the user.
"home" - the home directory of the user.
"shell" - the login shell of the user.
Apple Computer, Inc. October 8, 1990 NETINFO(5)