big-one Udiff usr/src/man/man4/netgroup.4

Print this page

re #11201 nss: need local netgroup implementation

@@ -13,18 +13,19 @@
        A netgroup defines a network-wide group of hosts and users. Use a
        netgroup to restrict access to shared NFS filesystems and to restrict
        remote login and shell access.
 
 
-       Network groups are stored in a network information service, such as
-       LDAP or NIS, not in a local file.
+       Network groups are usually stored in network information services, such
+       as LDAP, or NIS, but may alternatively be stored in the local
+       /etc/netgroup file.  The netgroup line of the nsswitch.conf(4) file
+       determines which of those sources are used.
 
 
        This manual page describes the format for a file that is used to supply
-       input to a program such as ldapaddent(1M) for LDAP or makedbm(1M) for
-       NIS. These programs build maps or tables used by their corresponding
-       network information services.
+       input to a program such as ldapaddent(1M) for LDAP, or makedbm(1M) for
+       NIS.  The same file format is used in the local /etc/netgroup file.
 
 
        Each line of the file defines the name and membership of a network
        group. The line should have the format:

@@ -103,26 +104,21 @@
        /etc/netgroup
                         Used by a network information service's utility to
                         construct a map or table that contains netgroup
                         information. For example, ldapaddent(1M) uses
                         /etc/netgroup to construct an LDAP container.
+                        Alternatively, the /etc/netgroup file may be used
+                        directly if the files source is specified in
+                        nsswitch.conf(4) for the netgroup database.
 
 
 
-       Note that the netgroup information must always be stored in a network
-       information service, such as LDAP or NIS. The local file is only used
-       to construct a map or table for the network information service. It is
-       never consulted directly.
-
 SEE ALSO
        ldapaddent(1M), makedbm(1M), share_nfs(1M), innetgr(3C), hosts(4),
        hosts.equiv(4), nsswitch.conf(4), passwd(4), shadow(4)
 
 NOTES
-       netgroup requires a network information service such as LDAP or NIS.
-
-
        Applications may make general membership tests using the innetgr()
        function. See innetgr(3C).
 
 
        Because the "-" character will not match any specific username or