netgroup - specify network groups
The netgroup file defines "netgroups", which are sets of (host, user,
domain) tuples, used for permission checking when doing remote mounts,
remote logins and remote shells.
Each line in the file consists of a netgroup name followed by a by a
list of members. Where members is either another netgroup name, or a
triple:
(host, user, domain)
where the host , user , and domain are character strings for the correspoinding
components. Any of the three fields can be empty, in which
case it specify a "wildcard", or may consist of the string "-" to specify
"no valid value". The domain field must either be the local domain
name or empty for the netgroup entry to be used. This field does not
limit the netgroup or provide security. The domain field refers to the
domain in which the triple is valid, not the domain containing the the
trusted host.
A gateway machine should be listed under all possible hostnames by
which it may be recognized:
gateway (server,,) (server-sn,,) (server-bb,,)
The getnetgrent functions should normally be used to access the netgroup
database.
/etc/netgroup
getnetgrent(3), exports(5), makedbm(8), ypserv(8)
The triple (,,domain) allows all users and machines trusted access, and
has the same effect as the triple (,,). Use the host and user fields of
the triple to restrict the access correctly to a specific set of members.
The Linux libc5 does not query the /etc/netgroup file directly, it only
querys the NIS server for the groups. So the netgroup database must be
stared in the form of a hashed dbm database just like the passwd(5) and
group(5) databases.
This manpage mentions getnetgrent(3), but it seems that manpage hasn't
been written yet. Since getnetgrent() is part of GNU libc it might also
be that it is documented in info format.
Thorsten Kukuk <[email protected]>
NIS May 1999 netgroup(5)
[ Back ] |
