xref: /freebsd/usr.sbin/mountd/netgroup.5 (revision f63f700eead0ba7d5c6f70df1a0bedc055bc8734)
18fae3551SRodney W. Grimes.\" Copyright (c) 1992, 1993
28fae3551SRodney W. Grimes.\"	The Regents of the University of California.  All rights reserved.
38fae3551SRodney W. Grimes.\"
48fae3551SRodney W. Grimes.\" Redistribution and use in source and binary forms, with or without
58fae3551SRodney W. Grimes.\" modification, are permitted provided that the following conditions
68fae3551SRodney W. Grimes.\" are met:
78fae3551SRodney W. Grimes.\" 1. Redistributions of source code must retain the above copyright
88fae3551SRodney W. Grimes.\"    notice, this list of conditions and the following disclaimer.
98fae3551SRodney W. Grimes.\" 2. Redistributions in binary form must reproduce the above copyright
108fae3551SRodney W. Grimes.\"    notice, this list of conditions and the following disclaimer in the
118fae3551SRodney W. Grimes.\"    documentation and/or other materials provided with the distribution.
128fae3551SRodney W. Grimes.\" 3. All advertising materials mentioning features or use of this software
138fae3551SRodney W. Grimes.\"    must display the following acknowledgement:
148fae3551SRodney W. Grimes.\"	This product includes software developed by the University of
158fae3551SRodney W. Grimes.\"	California, Berkeley and its contributors.
168fae3551SRodney W. Grimes.\" 4. Neither the name of the University nor the names of its contributors
178fae3551SRodney W. Grimes.\"    may be used to endorse or promote products derived from this software
188fae3551SRodney W. Grimes.\"    without specific prior written permission.
198fae3551SRodney W. Grimes.\"
208fae3551SRodney W. Grimes.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
218fae3551SRodney W. Grimes.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
228fae3551SRodney W. Grimes.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
238fae3551SRodney W. Grimes.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
248fae3551SRodney W. Grimes.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
258fae3551SRodney W. Grimes.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
268fae3551SRodney W. Grimes.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
278fae3551SRodney W. Grimes.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
288fae3551SRodney W. Grimes.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
298fae3551SRodney W. Grimes.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
308fae3551SRodney W. Grimes.\" SUCH DAMAGE.
318fae3551SRodney W. Grimes.\"
328fae3551SRodney W. Grimes.\"     @(#)netgroup.5	8.2 (Berkeley) 12/11/93
337f3dea24SPeter Wemm.\" $FreeBSD$
348fae3551SRodney W. Grimes.\"
358fae3551SRodney W. Grimes.Dd December 11, 1993
368fae3551SRodney W. Grimes.Dt NETGROUP 5
378fae3551SRodney W. Grimes.Os
388fae3551SRodney W. Grimes.Sh NAME
398fae3551SRodney W. Grimes.Nm netgroup
408fae3551SRodney W. Grimes.Nd defines network groups
418fae3551SRodney W. Grimes.Sh SYNOPSIS
428fae3551SRodney W. Grimes.Nm netgroup
438fae3551SRodney W. Grimes.Sh DESCRIPTION
448fae3551SRodney W. GrimesThe
4574853402SPhilippe Charnier.Nm
468fae3551SRodney W. Grimesfile
478fae3551SRodney W. Grimesspecifies ``netgroups'', which are sets of
488fae3551SRodney W. Grimes.Sy (host, user, domain)
498fae3551SRodney W. Grimestuples that are to be given similar network access.
508fae3551SRodney W. Grimes.Pp
518fae3551SRodney W. GrimesEach line in the file
528fae3551SRodney W. Grimesconsists of a netgroup name followed by a list of the members of the
538fae3551SRodney W. Grimesnetgroup.
548fae3551SRodney W. GrimesEach member can be either the name of another netgroup or a specification
558fae3551SRodney W. Grimesof a tuple as follows:
568fae3551SRodney W. Grimes.Bd -literal -offset indent
578fae3551SRodney W. Grimes(host, user, domain)
588fae3551SRodney W. Grimes.Ed
5974853402SPhilippe Charnier.Pp
608fae3551SRodney W. Grimeswhere the
618fae3551SRodney W. Grimes.Sy host ,
628fae3551SRodney W. Grimes.Sy user ,
638fae3551SRodney W. Grimesand
648fae3551SRodney W. Grimes.Sy domain
658fae3551SRodney W. Grimesare character string names for the corresponding component.
668fae3551SRodney W. GrimesAny of the comma separated fields may be empty to specify a ``wildcard'' value
678fae3551SRodney W. Grimesor may consist of the string ``-'' to specify ``no valid value''.
688fae3551SRodney W. GrimesThe members of the list may be separated by whitespace and/or commas;
698fae3551SRodney W. Grimesthe ``\e'' character may be used at the end of a line to specify
70f63f700eSSheldon Hearnline continuation.
71f63f700eSSheldon HearnLines are limited to 1024 characters.
728fae3551SRodney W. GrimesThe functions specified in
738fae3551SRodney W. Grimes.Xr getnetgrent 3
748fae3551SRodney W. Grimesshould normally be used to access the
7574853402SPhilippe Charnier.Nm
768fae3551SRodney W. Grimesdatabase.
778fae3551SRodney W. Grimes.Pp
788fae3551SRodney W. GrimesLines that begin with a # are treated as comments.
791e890b05SBill Paul.Sh NIS/YP INTERACTION
801e890b05SBill PaulOn most other platforms,
8174853402SPhilippe Charnier.Nm Ns s
821e890b05SBill Paulare only used in conjunction with
8374853402SPhilippe Charnier.Tn NIS
8474853402SPhilippe Charnierand local
851e890b05SBill Paul.Pa /etc/netgroup
86f63f700eSSheldon Hearnfiles are ignored.
87f63f700eSSheldon HearnWith
88f050f700SMike Pritchard.Fx ,
8974853402SPhilippe Charnier.Nm Ns s
9074853402SPhilippe Charniercan be used with either
9174853402SPhilippe Charnier.Tn NIS
9274853402SPhilippe Charnieror local files, but there are certain
93f63f700eSSheldon Hearncaveats to consider.
94f63f700eSSheldon HearnThe existing
9574853402SPhilippe Charnier.Nm
961e890b05SBill Paulsystem is extremely inefficient where
971e890b05SBill Paul.Fn innetgr 3
981e890b05SBill Paullookups are concerned since
9974853402SPhilippe Charnier.Nm
100f63f700eSSheldon Hearnmemberships are computed on the fly.
101f63f700eSSheldon HearnBy contrast, the
10274853402SPhilippe Charnier.Tn NIS
10374853402SPhilippe Charnier.Nm
104e71057d8SMike Pritcharddatabase consists of three separate maps (netgroup, netgroup.byuser
1051e890b05SBill Pauland netgroup.byhost) that are keyed to allow
1061e890b05SBill Paul.Fn innetgr 3
107f63f700eSSheldon Hearnlookups to be done quickly.
108f63f700eSSheldon HearnThe
109f050f700SMike Pritchard.Fx
11074853402SPhilippe Charnier.Nm
11174853402SPhilippe Charniersystem can interact with the
11274853402SPhilippe Charnier.Tn NIS
11374853402SPhilippe Charnier.Nm
1141e890b05SBill Paulmaps in the following ways:
1151e890b05SBill Paul.Bl -bullet -offset indent
1161e890b05SBill Paul.It
1171e890b05SBill PaulIf the
1181e890b05SBill Paul.Pa /etc/netgroup
1191e890b05SBill Paulfile does not exist, or it exists and is empty, or
12074853402SPhilippe Charnierit exists and contains only a
12174853402SPhilippe Charnier.Sq + ,
12274853402SPhilippe Charnierand
12374853402SPhilippe Charnier.Tn NIS
12474853402SPhilippe Charnieris running,
12574853402SPhilippe Charnier.Nm
12674853402SPhilippe Charnierlookups will be done exclusively through
12774853402SPhilippe Charnier.Tn NIS ,
12874853402SPhilippe Charnierwith
1291e890b05SBill Paul.Fn innetgr 3
1301e890b05SBill Paultaking advantage of the netgroup.byuser and
1311e890b05SBill Paulnetgroup.byhost maps to speed up searches. (This
1321e890b05SBill Paulis more or less compatible with the behavior of SunOS and
1331e890b05SBill Paulsimilar platforms.)
1341e890b05SBill Paul.It
1351e890b05SBill PaulIf the
1361e890b05SBill Paul.Pa /etc/netgroup
1371e890b05SBill Paulexists and contains only local
13874853402SPhilippe Charnier.Nm
13974853402SPhilippe Charnierinformation (with no
14074853402SPhilippe Charnier.Tn NIS
14174853402SPhilippe Charnier.Sq +
14274853402SPhilippe Charniertoken), then only the local
14374853402SPhilippe Charnier.Nm
14474853402SPhilippe Charnierinformation will be processed (and
14574853402SPhilippe Charnier.Tn NIS
14674853402SPhilippe Charnierwill be ignored).
1471e890b05SBill Paul.It
1481e890b05SBill PaulIf
1491e890b05SBill Paul.Pa /etc/netgroup
1501e890b05SBill Paulexists and contains both local netgroup data
1511e890b05SBill Paul.Pa and
15274853402SPhilippe Charnierthe
15374853402SPhilippe Charnier.Tn NIS
15474853402SPhilippe Charnier.Sq +
15574853402SPhilippe Charniertoken, the local data and the
15674853402SPhilippe Charnier.Tn NIS
15774853402SPhilippe Charniernetgroup
1581e890b05SBill Paulmap will be processed as a single combined
15974853402SPhilippe Charnier.Nm
160f63f700eSSheldon Hearndatabase.
161f63f700eSSheldon HearnWhile this configuration is the most flexible, it
1621e890b05SBill Paulis also the least efficient: in particular,
1631e890b05SBill Paul.Fn innetgr 3
1641e890b05SBill Paullookups will be especially slow if the
1651e890b05SBill Pauldatabase is large.
1661e890b05SBill Paul.El
1678fae3551SRodney W. Grimes.Sh FILES
1688fae3551SRodney W. Grimes.Bl -tag -width /etc/netgroup -compact
1698fae3551SRodney W. Grimes.It Pa /etc/netgroup
17074853402SPhilippe Charnierthe netgroup database
1718fae3551SRodney W. Grimes.El
1728fae3551SRodney W. Grimes.Sh SEE ALSO
1738fae3551SRodney W. Grimes.Xr getnetgrent 3 ,
1748fae3551SRodney W. Grimes.Xr exports 5
1758fae3551SRodney W. Grimes.Sh COMPATIBILITY
1768fae3551SRodney W. GrimesThe file format is compatible with that of various vendors, however it
1778fae3551SRodney W. Grimesappears that not all vendors use an identical format.
1788fae3551SRodney W. Grimes.Sh BUGS
1798fae3551SRodney W. GrimesThe interpretation of access restrictions based on the member tuples of a
1808fae3551SRodney W. Grimesnetgroup is left up to the various network applications.
1818fae3551SRodney W. GrimesAlso, it is not obvious how the domain specification
18274853402SPhilippe Charnierapplies to the
18374853402SPhilippe Charnier.Bx
18474853402SPhilippe Charnierenvironment.
1851e890b05SBill Paul.Pp
1861e890b05SBill PaulThe
18774853402SPhilippe Charnier.Nm
1881e890b05SBill Pauldatabase should be stored in the form of a
1891e890b05SBill Paulhashed
1901e890b05SBill Paul.Xr db 3
1911e890b05SBill Pauldatabase just like the
1921e890b05SBill Paul.Xr passwd 5
1931e890b05SBill Pauldatabase to speed up reverse lookups.
194