SUMMARY: netgroup

From: Ricardo Ruiz (
Date: Thu Feb 16 1995 - 08:42:40 CST

My original questions read:

> I use NIS to manage about 10 SPARC stations running SunOS v4.1.3_U1 and 30
> PCs running UnixWare. I have a group of users that will only have access
> to our PCs. I would like to deny accesss to these users if they try to
> login to any of our SPARC systems.
> My idea was to create a group with these users in netgroup and add the
> line -@group-name to the /etc/passwd file on each SPARC station just
> before the line +::0:0:::. My group entry in netgroup looks like this:
> subgroup1 (,keyer1,), (,keyer2,), (,keyer3,)
> subgroup2 (,keyer4,), (,keyer5,), (,keyer6,)
> group-name subgroup1, subgroup2
> My problem is that this did not work. My host continues to allow users
> from this group to login. Any ideas? Do you have a better solution?

I needed two syntax changes:

1. netgroup definitions are separated by a space not commas.

I fixed this but my -@group-name continue to allow these users in. After
a few days playing around with it, the answer was to make my -@group-name
line in /etc/passwd needed to look more like a user entry. Therefore,

2. I modified my group line in /etc/paswd




Some people recommended to use +@group-name:0:0:::/usr/nosh and type a
message from /usr/nosh or point /usr/nosh to /dev/null. I tried using
/usr/nosh and that would work as well.

Many thanks to:

Joey R Montilla <>
Dirk Somers <>
Yair Gany <>
Jim Murff <>
Mike Rembis 66520 <>
Brian T Wightman <>
Marc Gibian <gibian%typhoon@stars1.HANSCOM.AF.MIL>
Jochen Bern <>
Daniel E Zegarac <>
Pauline van Winsen <>
Juergen Peus <>
Paulo Licio de Geus <>
Paul H Allen <>

                             |^ ^|
| Ricardo J Ruiz E-MAIL: |
| U.S. Census Bureau |
| Systems Support Division FAX: (301) 457-2477 |
| Visit our award-winning home page: |

This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:10:16 CDT