NETGROUP(5) - File Formats Manual

NETGROUP(5) - File Formats Manual #

NETGROUP(5) - File Formats Manual

NAME #

netgroup - defines network groups

DESCRIPTION #

The netgroup file specifies “netgroups”, which are sets of (host, user, domain) tuples that are to be given similar network access.

Each line in the file consists of a netgroup name followed by a list of the members of the netgroup. Each member can be either the name of another netgroup or a specification of a tuple as follows:

(host, user, domain)

where the host, user, and domain are character string names for the corresponding component. Any of the comma separated fields may be empty to specify a “wildcard” value or may consist of the single character “-” to specify “no valid value”. The members of the list may be separated by whitespace; the “\” character may be used at the end of a line to specify line continuation.

Lines that begin with a ‘#’ are treated as comments.

After modification of /etc/netgroup, netgroup_mkdb(8) should be run, as the getnetgrent(3) functions only operate on the Berkeley DB file /etc/netgroup.db.

If that file is not present, and the system supports NIS, then the netgroup NIS maps are used. The NIS maps are also used if the netgroup file contains a “+” entry.

FILES #

/etc/netgroup

default netgroup list

/etc/netgroup.db

netgroup database

EXAMPLES #

Define a group of three machines:

friends (10.0.0.2,,) (10.0.0.3,,) (10.0.0.4,,)

This group can be used in exports(5) as follows:

/home -maproot=nobody friends

SEE ALSO #

dbopen(3), getnetgrent(3), exports(5), netgroup_mkdb(8)

STANDARDS #

The file format is compatible with that of various vendors, although it appears that not all vendors use an identical format.

BUGS #

The interpretation of access restrictions based on the member tuples of a netgroup is left up to the various network applications.

OpenBSD 7.5 - January 25, 2020