SUMMARY: Using netgroups with share command

From: Beppe Coffano (Beppe.Coffano@mains.fiat.it)
Date: Thu May 08 1997 - 11:14:18 CDT


Hi to all,

my original question was : ----------------------------------------

In Solaris 2.5.X the NFS share command doesn't accept netgroups with
different access permissions on the same line.
For example :
         share -o ro=netgroup1,rw=netgroup2 /export_fs

generates the following error message :
         share_nfs: netgroup1: network address not known

Viceversa :
         share -o ro=netgroup1,rw=list-netgroup2-elements /export_fs

is accepted, but it is not useful when list-netgroup2-elements contains
many items.

A long list could be generated with the following command (it is correctly
accepted by the system):
         share -o ro=netgroup1,rw=`get_n2_elem` /export_fs

where get_n2_elem is a script file that, managing at run time the
`ypcat -k netgroup` command output, creates the list of elements in
netgroup2.
This is a good solution, but it works only if the list generated is not
longer than (about) 1000 chars.

This limitation doesn't exist if you exec share command in sh environment
instead of csh. So a working solution is the following:

         SHARE -o ro=netgroup1,rw=netgroup2 /export_fs

where SHARE is a sh script that uses the same original share command syntax,
substituting netgroup2 with a run time generated list as described above.
--------------------------------------------------------------------------

About 1000 chars limit : the suggestion of using \ to break long lines
doesn't work, but we've found that this limit doesn't exist if you
exec the share command in sh environment instead of csh.

Some people asked us to send them the SHARE script : it is included below.
It seems working well. Please let's know your evaluation (if any).

                                 \\\|///
                                \\ ~ ~ //
                                (/ @ @ /)
    +-------------------------oOOo-(_)-oOOo-----------------------------+
    | Beppe Coffano |
    | Torino Italy | Learning is a treasure |
    | voice : +39 11 6852380 | which accompanies its |
    | fax : +39 11 6853088 | owner everywhere. |
    | e-mail : coffano@mains.fiat.it| anonymous |
    +-------------------------------------------------------------------+
 


#!/bin/sh
#
#
# NAME
# SHARE - share command for use with netgroups on Solaris 2.5
#
# SYNOPSIS
# SHARE [ -F FSType ] [ -o options ] [ -d description ] [ pathname ]
#
# DESCRIPTION
# SHARE exec share command replacing each netgroup name in -o option
# with the corresponding list of hosts.
# With SHARE it's possible to use netgroups in root access list.
#
# EXAMPLES
# The command
# SHARE -o ro=ng1:ng2,rw=ng3,root=ng4:ng5 /fs
# runs like
# share _o ro=ng1_list:ng2_list,rw=ng3_list,root=ng4_list:ng5_list /fs
#
#

USAGE="usage: SHARE [ -F FSType ] [ -o options ] [ -d description ] [ pathname ]"

#
# Function getlist()
#

getlist ()
{
options=$1
OUT=""

list=`echo $options | sed -e 's/,/ /g'`

for i in `echo $list`
do
    set `echo $i | grep "="` > /dev/null
    if [ $? != 0 ]
    then
        OUT=$OUT$i","
        continue
    fi
    spec=`echo $i | cut -f1 -d=`
    OUT=$OUT$spec"="
    items=`echo $i | cut -f2 -d= | sed -e 's/:/ /g'`
    for j in `echo $items`
    do
        set `ypcat -k netgroup | awk '{print $1}' | grep $j` > /dev/null
        if [ $? = 0 ]
        then
                # It's a netgroup
                subs=`ypcat -k netgroup | grep "^$1 " | tr '(' '\12' | \
                        cut -f1 -d, | sed -e '1d' | tr '\12' ':'`
                OUT="$OUT$subs"
        else
                OUT=$OUT$j":"
        fi
    done
    OUT=`echo $OUT | sed -e 's/:$/,/'`
done
echo $OUT | sed -e 's/,$//'
}

#
# Main
#

if [ $# = 0 ]
then
    echo $USAGE
    exit 1
fi
CMD=share
while [ 1 ]
do
        if [ $1 = -o ]
        then
                argm=`getlist $2`
                CMD="$CMD $1 $argm"
                shift
        else
                CMD="$CMD $1 "
        fi
        if [ $# = 1 ]
        then
                break
        else
                shift
        fi
done

$CMD
exit 0



This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:11:54 CDT