NETGROUP(5) - File Formats Manual #
NETGROUP(5) - File Formats Manual
NAME #
netgroup - defines network groups
DESCRIPTION #
The netgroup file specifies “netgroups”, which are sets of (host, user, domain) tuples that are to be given similar network access.
Each line in the file consists of a netgroup name followed by a list of the members of the netgroup. Each member can be either the name of another netgroup or a specification of a tuple as follows:
(host, user, domain)
where the host, user, and domain are character string names for the corresponding component. Any of the comma separated fields may be empty to specify a “wildcard” value or may consist of the single character “-” to specify “no valid value”. The members of the list may be separated by whitespace; the “\” character may be used at the end of a line to specify line continuation.
Lines that begin with a
‘#
’
are treated as comments.
After modification of /etc/netgroup, netgroup_mkdb(8) should be run, as the getnetgrent(3) functions only operate on the Berkeley DB file /etc/netgroup.db.
If that file is not present, and the system supports NIS, then the netgroup NIS maps are used. The NIS maps are also used if the netgroup file contains a “+” entry.
FILES #
/etc/netgroup
default netgroup list
/etc/netgroup.db
netgroup database
EXAMPLES #
Define a group of three machines:
friends (10.0.0.2,,) (10.0.0.3,,) (10.0.0.4,,)
This group can be used in exports(5) as follows:
/home -maproot=nobody friends
SEE ALSO #
dbopen(3), getnetgrent(3), exports(5), netgroup_mkdb(8)
STANDARDS #
The file format is compatible with that of various vendors, although it appears that not all vendors use an identical format.
BUGS #
The interpretation of access restrictions based on the member tuples of a netgroup is left up to the various network applications.
OpenBSD 7.5 - January 25, 2020