NFS Services Administrator's Guide
Configuring and Administering NFS
Configuring and Using NFS Netgroups
Chapter 2 125
Configuring and Using NFS Netgroups
This section tells you how to create and use NFS netgroups to restrict
NFS access to your system. It describes the following tasks:
• To Create Netgroups in the /etc/netgroup File
• To Create Netgroups in the NIS+ netgroup Table
• To Use Netgroups in Configuration Files
To Create Netgroups in the /etc/netgroup File
1. If you are using the local /etc/netgroup file or the NIS netgroup
map for netgroups, add lines with the following syntax to the
/etc/netgroup file. If you are using NIS, be sure to edit the
/etc/netgroup file only on the NIS master server.
netgroup_name (host, user, NIS_domain), (host, user,
NIS_domain) ...
2. If you are using NIS to manage your netgroups database, issue the
following command on the NIS master server to generate the
netgroup, netgroup.byhost, and netgroup.byuser maps from the
/etc/netgroup file and push the generated maps out to the NIS
slave servers:
cd /var/yp
/usr/ccs/bin/make netgroup
A netgroup can be used in most NFS and NIS configuration files instead
of a host name or a user name. A netgroup does not create a relationship
between users and hosts. When a netgroup is used in a configuration file,
it represents either a group of hosts or a group of users but never both.
If you are using BIND (DNS) for hostname resolution, hosts must be
specified as fully qualified domain names, for example
turtle.bio.nmt.edu.
If the host, user, or NIS_domain is left blank in a netgroup, that field
can take any value. If a dash (-) is specified in any field of a netgroup,
that field can take no value.