netgroup(4) netgroup(4)
NAME
netgroup - list of network groups
SYNOPSIS
/etc/netgroup
DESCRIPTION
The netgroup file defines network wide groups, used for
permission checking when doing remote mounts, remote logins,
and remote shells.
Files
/var/yp/domainname/netgroup.byhost Corresponding NIS map
containing group
names, user names and
host names. The host
name is the key in the
map.
/var/yp/domainname/netgroup.byuser Same as
netgroup.byhost,
except key is user
name instead of host
name.
/var/yp/domainname/netgroup Same as
netgroup.byhost,
except key is group
name instead of host
name.
USAGE
For remote mounts, the information in the netgroup file is
used to classify machines; for remote logins and remote
shells, it is used to classify users.
Each line of the netgroup file defines a group and has the
form:
groupname members
where members is either another group name, or a triple:
(hostname, username, domainname)
Any of these three fields can be empty, in which case it
signifies a wild card. Thus
Copyright 1994 Novell, Inc. Page 1
netgroup(4) netgroup(4)
universal (,,)
defines a group to which everyone belongs. The domainname
field must either be the local domain name or empty for the
netgroup entry to be used. Note that this field does not
limit the netgroup or provide security. The domainname field
refers to the domain in which the triple is valid, not to the
domain containing the trusted host.
A gateway machine should be listed under all possible
hostnames by which it may be recognized:
wan (gateway,,) (gateway-ebb,,)
Field names that begin with something other than a letter,
digit or underscore (such as ` - ') work in precisely the
opposite fashion. For example, consider the following
entries:
justmachines (analytica,-,sun)
justpeople (-,babbage,sun)
The machine analytica belongs to the group justmachines in the
domain sun, but no users belong to it. Similarly, the user
babbage belongs to the group justpeople in the domain sun, but
no machines belong to it.
When the Network Information Service (NIS) is in use, it
references the NIS maps netgroup.byhost, netgroup.byuser or
netgroup on the NIS server instead of /etc/netgroup.
Warnings
The triple (,, domain) allows all users and machines trusted
access, and has the same effect as the triple (,,). To
correctly restrict access to a specific set of members, use
the hostname and username fields of the triple.
REFERENCES
getnetgrent(3N), makedbm(1M), ypserv(1M)
Copyright 1994 Novell, Inc. Page 2