Thank you to all of you brilliant SUN managers out there. I've got my
netgroups working correctly now. My original question was basically this:
I couldn't get certain groups built from other groups defined in /etc/netgroups.
As a result I was having problems with trusting during rlogins, rcps, as well
as exporting filesystems via /etc/exports. I could only get the desired results
by referencing hosts defined directly from triplets in /etc/netgroups.
My sun manager replies pointed out that netgroups is quite bug-ridden. There
are a lot of things NOT-TO-DO. Most replies pointed out that netgroups
insists that groups be in lower case.
Bret Lymn pointed out further that... "Another thing to watch out for with
netgroups is that you must not have a negations at the start of a hosts.equiv
file as this will allow all machines access, you must have at least one +
entry at the start of the file (I think this applies to .rhosts as well)"
Dave Mitchell pointed out... "...you do a ypcat -k netgroup.byhost, to see
what netgroups the system thinks (the host) is in." VERY USEFUL!
Michael Maciolek clued me in to the fact that /etc/netgroups is not necessarily
read top-to-bottom or bottom-to-top. That is to say, entries can be in any
order. Apparently it's sorted in the map by NIS.
Joel Shandelman pointed out that lines are limited to 256 characters and the
standard "\" line delimiter doesn't help. "If you have many members even
split across multiple lines with a "\" you're bound t orun into some strange
anomolies. The work-around is to create smaller subgroups and group them
under ne larger heading."
Many many thanks to the followin gurus:
firstname.lastname@example.org (Michael J Maciolek)
D.Mitchell@dcs.sheffield.ac.uk (Dave Mitchell)
email@example.com.AU (Brett Lymn)
firstname.lastname@example.org (Joel Shandelman)
email@example.com (John Valdes)
stern@sunne.East.Sun.COM (Hal Stern)
firstname.lastname@example.org (Thomas W. Oliver)
This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:07:55 CDT