tail head cat sleep
QR code linking to this page

Manual Pages  — NETGROUP

NAME

netgroup – defines network groups

CONTENTS

SYNOPSIS


netgroup

DESCRIPTION

The netgroup file specifies ``netgroups'', which are sets of (host, user, domain) tuples that are to be given similar network access.

Each line in the file consists of a netgroup name followed by a list of the members of the netgroup. Each member can be either the name of another netgroup or a specification of a tuple as follows:

(host, user, domain)

where the host, user, and domain are character string names for the corresponding component. Any of the comma separated fields may be empty to specify a ``wildcard'' value or may consist of the string ``-'' to specify ``no valid value''. The members of the list may be separated by whitespace and/or commas; the ``\'' character may be used at the end of a line to specify line continuation. Lines are limited to 1024 characters. The functions specified in getnetgrent(3) should normally be used to access the netgroup database.

Lines that begin with a # are treated as comments.

NIS/YP INTERACTION

On most other platforms, Ns are only used in conjunction with NIS and local /etc/netgroup files are ignored. With FreeBSD , Ns can be used with either NIS or local files, but there are certain caveats to consider. The existing netgroup system is extremely inefficient where innetgr(3) lookups are concerned since netgroup memberships are computed on the fly. By contrast, the NIS netgroup database consists of three separate maps (netgroup, netgroup.byuser and netgroup.byhost) that are keyed to allow innetgr(3) lookups to be done quickly. The FreeBSD netgroup system can interact with the NIS netgroup maps in the following ways:

FILES

/etc/netgroup
  the netgroup database

COMPATIBILITY

The file format is compatible with that of various vendors, however it appears that not all vendors use an identical format.

SEE ALSO

getnetgrent(3), exports(5)

BUGS

The interpretation of access restrictions based on the member tuples of a netgroup is left up to the various network applications. Also, it is not obvious how the domain specification applies to the BSD environment.

The netgroup database should be stored in the form of a hashed db(3) database just like the passwd(5) database to speed up reverse lookups.


NETGROUP (5) December 11, 1993

tail head cat sleep
QR code linking to this page


Please direct any comments about this manual page service to Ben Bullock.

A computer would deserve to be called intelligent if it could deceive a human into believing that it was human.
— Alan Turing