1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
|
<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
"http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
<refentry id='netgroup'>
<refmeta>
<refentrytitle>netgroup</refentrytitle>
<manvolnum>5</manvolnum>
<refmiscinfo class='setdesc'>NIS Reference Manual</refmiscinfo>
</refmeta>
<refnamediv id='netgroup-name'>
<refname>netgroup</refname>
<refpurpose>specify network groups</refpurpose>
</refnamediv>
<!-- body begins here -->
<refsect1 id='description'>
<title>DESCRIPTION</title>
<para>
The <filename>netgroup</filename> file defines "netgroups",
which are sets of (host, user, domain) tuples, used for permission
checking when doing remote mounts,remote logins and remote shells.
</para>
<para>
Each line in the file consists of a netgroup name followed by a
by a list of members, where a member is either another netgroup name,
or a triple:
</para>
<programlisting>
(<emphasis>host</emphasis>, <emphasis>user</emphasis>, <emphasis>domain</emphasis>) </programlisting>
<para>
where the <emphasis>host</emphasis>, <emphasis>user</emphasis>, and
<emphasis>domain</emphasis> are character strings for the
corresponding components. Any of the three fields can be empty,
in which case it specifies a "wildcard", or may consist of the string
"-" to specify "no valid value". The <emphasis>domain</emphasis>
field must either be the local domain name or empty for the netgroup
entry to be used. This field does not limit the netgroup or provide
security. The domain field refers to the domain in which the triple
is valid, not the domain containing the the trusted host.
</para>
<para>
A gateway machine should be listed under all possible hostnames by
which it may be recognized:
</para>
<programlisting>
gateway (server, , ) (server-sn, , ) (server-bb, , )</programlisting>
<para>
The <citerefentry><refentrytitle>getnetgrent</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
function should normally be used to access the netgroup database.
</para>
</refsect1>
<refsect1 id='files'>
<title>FILES</title>
<para>
<filename>/etc/netgroup</filename>
</para>
</refsect1>
<refsect1 id='see_also'>
<title>SEE ALSO</title>
<para>
<citerefentry><refentrytitle>getnetgrent</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
<citerefentry><refentrytitle>exports</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
<citerefentry><refentrytitle>makedbm</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
<citerefentry><refentrytitle>ypserv</refentrytitle><manvolnum>8</manvolnum></citerefentry>
</para>
</refsect1>
<refsect1 id='warnings'>
<title>WARNINGS</title>
<para>
The triple (,,domain) allows all users and machines trusted
access, and has the same effect as the triple (,,). Use the
<emphasis>host</emphasis> and <emphasis>user</emphasis>
fields of the triple to restrict the access correctly to a specific
set of members.
</para>
</refsect1>
<refsect1 id='author'>
<title>AUTHOR</title>
<para>Thorsten Kukuk <kukuk@thkukuk.de></para>
</refsect1>
</refentry>
|
