18fae3551SRodney W. Grimes.\" Copyright (c) 1992, 1993 28fae3551SRodney W. Grimes.\" The Regents of the University of California. All rights reserved. 38fae3551SRodney W. Grimes.\" 48fae3551SRodney W. Grimes.\" Redistribution and use in source and binary forms, with or without 58fae3551SRodney W. Grimes.\" modification, are permitted provided that the following conditions 68fae3551SRodney W. Grimes.\" are met: 78fae3551SRodney W. Grimes.\" 1. Redistributions of source code must retain the above copyright 88fae3551SRodney W. Grimes.\" notice, this list of conditions and the following disclaimer. 98fae3551SRodney W. Grimes.\" 2. Redistributions in binary form must reproduce the above copyright 108fae3551SRodney W. Grimes.\" notice, this list of conditions and the following disclaimer in the 118fae3551SRodney W. Grimes.\" documentation and/or other materials provided with the distribution. 12*fbbd9655SWarner Losh.\" 3. Neither the name of the University nor the names of its contributors 138fae3551SRodney W. Grimes.\" may be used to endorse or promote products derived from this software 148fae3551SRodney W. Grimes.\" without specific prior written permission. 158fae3551SRodney W. Grimes.\" 168fae3551SRodney W. Grimes.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 178fae3551SRodney W. Grimes.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 188fae3551SRodney W. Grimes.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 198fae3551SRodney W. Grimes.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 208fae3551SRodney W. Grimes.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 218fae3551SRodney W. Grimes.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 228fae3551SRodney W. Grimes.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 238fae3551SRodney W. Grimes.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 248fae3551SRodney W. Grimes.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 258fae3551SRodney W. Grimes.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 268fae3551SRodney W. Grimes.\" SUCH DAMAGE. 278fae3551SRodney W. Grimes.\" 288fae3551SRodney W. Grimes.Dd December 11, 1993 298fae3551SRodney W. Grimes.Dt NETGROUP 5 308fae3551SRodney W. Grimes.Os 318fae3551SRodney W. Grimes.Sh NAME 328fae3551SRodney W. Grimes.Nm netgroup 338fae3551SRodney W. Grimes.Nd defines network groups 348fae3551SRodney W. Grimes.Sh SYNOPSIS 357c7fb079SRuslan Ermilov.Nm 368fae3551SRodney W. Grimes.Sh DESCRIPTION 378fae3551SRodney W. GrimesThe 3874853402SPhilippe Charnier.Nm 398fae3551SRodney W. Grimesfile 408fae3551SRodney W. Grimesspecifies ``netgroups'', which are sets of 418fae3551SRodney W. Grimes.Sy (host, user, domain) 428fae3551SRodney W. Grimestuples that are to be given similar network access. 438fae3551SRodney W. Grimes.Pp 448fae3551SRodney W. GrimesEach line in the file 458fae3551SRodney W. Grimesconsists of a netgroup name followed by a list of the members of the 468fae3551SRodney W. Grimesnetgroup. 478fae3551SRodney W. GrimesEach member can be either the name of another netgroup or a specification 488fae3551SRodney W. Grimesof a tuple as follows: 498fae3551SRodney W. Grimes.Bd -literal -offset indent 508fae3551SRodney W. Grimes(host, user, domain) 518fae3551SRodney W. Grimes.Ed 5274853402SPhilippe Charnier.Pp 538fae3551SRodney W. Grimeswhere the 548fae3551SRodney W. Grimes.Sy host , 558fae3551SRodney W. Grimes.Sy user , 568fae3551SRodney W. Grimesand 578fae3551SRodney W. Grimes.Sy domain 588fae3551SRodney W. Grimesare character string names for the corresponding component. 598fae3551SRodney W. GrimesAny of the comma separated fields may be empty to specify a ``wildcard'' value 608fae3551SRodney W. Grimesor may consist of the string ``-'' to specify ``no valid value''. 618fae3551SRodney W. GrimesThe members of the list may be separated by whitespace and/or commas; 628fae3551SRodney W. Grimesthe ``\e'' character may be used at the end of a line to specify 63f63f700eSSheldon Hearnline continuation. 64f63f700eSSheldon HearnLines are limited to 1024 characters. 658fae3551SRodney W. GrimesThe functions specified in 668fae3551SRodney W. Grimes.Xr getnetgrent 3 678fae3551SRodney W. Grimesshould normally be used to access the 6874853402SPhilippe Charnier.Nm 698fae3551SRodney W. Grimesdatabase. 708fae3551SRodney W. Grimes.Pp 718fae3551SRodney W. GrimesLines that begin with a # are treated as comments. 721e890b05SBill Paul.Sh NIS/YP INTERACTION 731e890b05SBill PaulOn most other platforms, 7474853402SPhilippe Charnier.Nm Ns s 751e890b05SBill Paulare only used in conjunction with 7674853402SPhilippe Charnier.Tn NIS 7774853402SPhilippe Charnierand local 781e890b05SBill Paul.Pa /etc/netgroup 79f63f700eSSheldon Hearnfiles are ignored. 80f63f700eSSheldon HearnWith 81f050f700SMike Pritchard.Fx , 8274853402SPhilippe Charnier.Nm Ns s 8374853402SPhilippe Charniercan be used with either 8474853402SPhilippe Charnier.Tn NIS 8574853402SPhilippe Charnieror local files, but there are certain 86f63f700eSSheldon Hearncaveats to consider. 87f63f700eSSheldon HearnThe existing 8874853402SPhilippe Charnier.Nm 891e890b05SBill Paulsystem is extremely inefficient where 901e890b05SBill Paul.Fn innetgr 3 911e890b05SBill Paullookups are concerned since 9274853402SPhilippe Charnier.Nm 93f63f700eSSheldon Hearnmemberships are computed on the fly. 94f63f700eSSheldon HearnBy contrast, the 9574853402SPhilippe Charnier.Tn NIS 9674853402SPhilippe Charnier.Nm 97e71057d8SMike Pritcharddatabase consists of three separate maps (netgroup, netgroup.byuser 981e890b05SBill Pauland netgroup.byhost) that are keyed to allow 991e890b05SBill Paul.Fn innetgr 3 100f63f700eSSheldon Hearnlookups to be done quickly. 101f63f700eSSheldon HearnThe 102f050f700SMike Pritchard.Fx 10374853402SPhilippe Charnier.Nm 10474853402SPhilippe Charniersystem can interact with the 10574853402SPhilippe Charnier.Tn NIS 10674853402SPhilippe Charnier.Nm 1071e890b05SBill Paulmaps in the following ways: 1081e890b05SBill Paul.Bl -bullet -offset indent 1091e890b05SBill Paul.It 1101e890b05SBill PaulIf the 1111e890b05SBill Paul.Pa /etc/netgroup 1121e890b05SBill Paulfile does not exist, or it exists and is empty, or 11374853402SPhilippe Charnierit exists and contains only a 11474853402SPhilippe Charnier.Sq + , 11574853402SPhilippe Charnierand 11674853402SPhilippe Charnier.Tn NIS 11774853402SPhilippe Charnieris running, 11874853402SPhilippe Charnier.Nm 11974853402SPhilippe Charnierlookups will be done exclusively through 12074853402SPhilippe Charnier.Tn NIS , 12174853402SPhilippe Charnierwith 1221e890b05SBill Paul.Fn innetgr 3 1231e890b05SBill Paultaking advantage of the netgroup.byuser and 1244e86fcacSSheldon Hearnnetgroup.byhost maps to speed up searches. 1254e86fcacSSheldon Hearn(This 1261e890b05SBill Paulis more or less compatible with the behavior of SunOS and 1271e890b05SBill Paulsimilar platforms.) 1281e890b05SBill Paul.It 1291e890b05SBill PaulIf the 1301e890b05SBill Paul.Pa /etc/netgroup 1311e890b05SBill Paulexists and contains only local 13274853402SPhilippe Charnier.Nm 13374853402SPhilippe Charnierinformation (with no 13474853402SPhilippe Charnier.Tn NIS 13574853402SPhilippe Charnier.Sq + 13674853402SPhilippe Charniertoken), then only the local 13774853402SPhilippe Charnier.Nm 13874853402SPhilippe Charnierinformation will be processed (and 13974853402SPhilippe Charnier.Tn NIS 14074853402SPhilippe Charnierwill be ignored). 1411e890b05SBill Paul.It 1421e890b05SBill PaulIf 1431e890b05SBill Paul.Pa /etc/netgroup 1441e890b05SBill Paulexists and contains both local netgroup data 1451e890b05SBill Paul.Pa and 14674853402SPhilippe Charnierthe 14774853402SPhilippe Charnier.Tn NIS 14874853402SPhilippe Charnier.Sq + 14974853402SPhilippe Charniertoken, the local data and the 15074853402SPhilippe Charnier.Tn NIS 15174853402SPhilippe Charniernetgroup 1521e890b05SBill Paulmap will be processed as a single combined 15374853402SPhilippe Charnier.Nm 154f63f700eSSheldon Hearndatabase. 155f63f700eSSheldon HearnWhile this configuration is the most flexible, it 1561e890b05SBill Paulis also the least efficient: in particular, 1571e890b05SBill Paul.Fn innetgr 3 1581e890b05SBill Paullookups will be especially slow if the 1591e890b05SBill Pauldatabase is large. 1601e890b05SBill Paul.El 1618fae3551SRodney W. Grimes.Sh FILES 1628fae3551SRodney W. Grimes.Bl -tag -width /etc/netgroup -compact 1638fae3551SRodney W. Grimes.It Pa /etc/netgroup 16474853402SPhilippe Charnierthe netgroup database 1658fae3551SRodney W. Grimes.El 1668fae3551SRodney W. Grimes.Sh COMPATIBILITY 1678fae3551SRodney W. GrimesThe file format is compatible with that of various vendors, however it 1688fae3551SRodney W. Grimesappears that not all vendors use an identical format. 16959a3c79dSRuslan Ermilov.Sh SEE ALSO 17059a3c79dSRuslan Ermilov.Xr getnetgrent 3 , 17159a3c79dSRuslan Ermilov.Xr exports 5 1728fae3551SRodney W. Grimes.Sh BUGS 1738fae3551SRodney W. GrimesThe interpretation of access restrictions based on the member tuples of a 1748fae3551SRodney W. Grimesnetgroup is left up to the various network applications. 1758fae3551SRodney W. GrimesAlso, it is not obvious how the domain specification 17674853402SPhilippe Charnierapplies to the 17774853402SPhilippe Charnier.Bx 17874853402SPhilippe Charnierenvironment. 1791e890b05SBill Paul.Pp 1801e890b05SBill PaulThe 18174853402SPhilippe Charnier.Nm 1821e890b05SBill Pauldatabase should be stored in the form of a 1831e890b05SBill Paulhashed 1841e890b05SBill Paul.Xr db 3 1851e890b05SBill Pauldatabase just like the 1861e890b05SBill Paul.Xr passwd 5 1871e890b05SBill Pauldatabase to speed up reverse lookups. 188