netgroup (5)
specify network groups
DESCRIPTION
The
netgroup
file defines "netgroups", which are sets of (host, user, domain)
tuples, used for permission checking when doing remote mounts,
remote logins and remote shells.
Each line in the file consists of a netgroup name followed by a
by a list of members. Where members is either another netgroup name,
or a triple:
where the
host
,
user
, and
domain
are character strings for the
correspoinding components. Any of the three fields can be empty,
in which case it specify a "wildcard", or may consist of the string
"-" to specify "no valid value". The
domain
field must either be the local domain name or empty for the netgroup
entry to be used. This field does not limit the netgroup or provide
security. The domain field refers to the domain in which the triple
is valid, not the domain containing the the trusted host.
A gateway machine should be listed under all possible
hostnames by which it may be recognized:
gateway (server,\|,\|) (server-sn,\|,\|) (server-bb,\|,\|)
The getnetgrent functions should normally be used to access the
netgroup database.
FILES
SEE ALSO
WARNINGS
The triple (,,domain) allows all users and machines trusted
access, and has the same effect as the triple (,,). Use the
host
and
user
fields of the triple to restrict the access
correctly to a specific set of members.
BUGS
The Linux libc5 does not query the /etc/netgroup file directly,
it only querys the NIS server for the groups. So the netgroup
database must be stared in the form of a hashed dbm database
just like the passwd(5) and group(5) databases.
AUTHOR
Thorsten Kukuk <kukuk@suse.de>
|
|