- Table of Contents
- Copyright
- About the Lead Authors
- About the Contributing Authors
- Acknowledgments
- Tell Us What You Think!
- Introduction
- I. Red Hat Linux Installation and User Services
- Chapter 1. Introduction to Red Hat Linux
- Chapter 2. Installation of Your Red Hat System
- Chapter 3. LILO and Other Boot Managers
- Chapter 4. Configuring the X Window System, Version 11
- Chapter 5. Window Managers
- Chapter 6. Connecting to the Internet
- Chapter 7. IRC, ICQ, and Chat Clients
- Chapter 8. Using Multimedia and Graphics Clients
- II. Configuring Services
- Chapter 9. System Startup and Shutdown
- Chapter 10. SMTP and Protocols
- Chapter 11. FTP
- Chapter 12. Apache Server
- Chapter 13. Internet News
- Chapter 14. Domain Name Service and Dynamic Host Configuration Protocol
- Chapter 15. NIS: Network Information Service
- Chapter 16. NFS: Network Filesystem
- Chapter 17. Samba
- III. System Administration and Management
- Chapter 18. Linux Filesystems, Disks, and Other Devices
- Chapter 19. Printing with Linux
- Chapter 20. TCP/IP Network Management
- Chapter 21. Linux System Administration
- Chapter 22. Backup and Restore
- Chapter 23. System Security
- IV. Red Hat Development and Productivity
- Chapter 24. Linux C/C++ Programming Tools
- Chapter 25. Shell Scripting
- Chapter 26. Automating Tasks
- Chapter 27. Configuring and Building Kernels
- Chapter 28. Emulators, Tools, and Window Clients
- V. Appendixes
- A. The Linux Documentation Project
- B. Top Linux Commands and Utilities
- C. The GNU General Public License
- D. Red Hat Linux RPM Package Listings
Using Netgroups
Netgroups are a great way to identify people and machines under nice, neat names for access control. A good example of using this feature is for a site where users are not allowed to log in to server machines. You can create a netgroup for the system administrators and let in members of the group through a special entry in the /etc/passwd file.
Netgroup information is kept in the /etc/netgroup file and shared via NIS.
The format of a netgroups file is as follows:
groupname member-list
groupname is the name of the group being defined, and the member-list consists of other group names or tuples of specific data. Each entry in the member-list is separated by a whitespace.
A tuple containing specific data comes in this form:
(hostname, username, domain name)
hostname is the name of the machine for which that entry is valid, username is the login of the person being referenced, and domain name is the NIS domain name. Any entry left blank is considered a wildcard; for example, (technics,,,) implies everybody on the host technics. An entry with a dash in it (-) means that there are no valid values for that entry. For example, (-,sshah,) implies the user sshah and nothing else. This is useful for generating a list of users or machine names for use in other netgroups.
In files where netgroups are supported (such as /etc/passwd), you reference them by placing an @ sign in front of them. If you want to give the netgroup sysadmins consisting of (-,sshah,) (-,heidis,) permission to log in to a server, you add this line to your /etc/passwd file:
+@sysadmins
An example of a full netgroups file follows:
sysadmins (-,sshah,) (-,heidis,) (-,jnguyen,) (-,mpham,) servers (numark,-,) (vestax,-,) clients (denon,-,) (technics,-,) (mtx,-,) research-1 (-,boson,) (-,jyom,) (-,weals,) (-,jaffe,) research-2 (-,sangeet,) (-,mona,) (-,paresh,) (-,manjari,) (-,jagdish,) consultants (-,arturo,) allusers sysadmins research-1 research-2 consultants allhosts servers clients
As a general rule, the line lengths should be no more than 1,024 characters. Although the system has no problems with the greater line lengths, it is difficult to edit the file because vi, view, and perhaps other editors have a 1,024-character line-length limitation.
Some Troubleshooting Tips | Next Section
Account Sign In
View your cart