rex@cs.su.oz (Rex Di Bona) (04/30/91)
We are trying to get netgroups to work with our exports file, but without any success. We have set up the netgroup file to include the machines into a small set of groups for convenience, and used these groups in the exports file (or at least this was the theory :-). We also had groups of groups, again for convenience. The groups were only used as entries in the access field of the export entry, which the manual entry states is valid. No matter what options we gave to exportfs it would put the netgroup name in as a machine name. It did not even access the netgroup file (checked via an `ls -luL`). The /etc/vis.conf file has an entry for netgroup, the entry is 'files' which should cause the netgroup file to be used. And another bug: I wrote a program to use the routine 'getnetgrent' which is supposed to walk through the net group entries. This program works fine for entries containing only machine triples, but complains with the library error string 'Syntax Error in Net Group File' when I try to print out a group entry which specifies other netgroup entries. This was independant of the order of the entries. This was tried on a 3230 and a 2030 running both 4.51 and 4.52 Has anybody managed to use the netgroup stuff without using the NIS, or even using the NIS? We don't use NIS, and would like not to for as long as possible. Other suggestions would also be appreciated. As a temporary fix we have very long export files, but this is inconvenient. -------- Rex di Bona (rex@cs.su.oz.au) Penguin Lust is NOT immoral
trevc@tecate.mips.com (Trevor Cotton) (05/01/91)
In article <2365@cluster.cs.su.oz.au>, rex@cs.su.oz (Rex Di Bona) writes: |> We are trying to get netgroups to work with our exports file, but |> without any success. We have set up the netgroup file to include the |> machines into a small set of groups for convenience, and used these |> groups in the exports file (or at least this was the theory :-). We |> also had groups of groups, again for convenience. The groups were only |> used as entries in the access field of the export entry, which the |> manual entry states is valid. |> |> No matter what options we gave to exportfs it would put the netgroup |> name in as a machine name. It did not even access the netgroup file |> (checked via an `ls -luL`). The /etc/vis.conf file has an entry for |> netgroup, the entry is 'files' which should cause the netgroup file to |> be used. |> |> And another bug: I wrote a program to use the routine 'getnetgrent' |> which is supposed to walk through the net group entries. This program |> works fine for entries containing only machine triples, but complains |> with the library error string 'Syntax Error in Net Group File' when I |> try to print out a group entry which specifies other netgroup entries. |> This was independant of the order of the entries. |> |> This was tried on a 3230 and a 2030 running both 4.51 and 4.52 |> |> Has anybody managed to use the netgroup stuff without using the NIS, or |> even using the NIS? We don't use NIS, and would like not to for as long |> as possible. Other suggestions would also be appreciated. As a |> temporary fix we have very long export files, but this is |> inconvenient. |> -------- |> Rex di Bona (rex@cs.su.oz.au) |> Penguin Lust is NOT immoral I use the /etc/netgroup file here. Your problem may well be that you have groups of groups. This is only allowed if you are using NIS. When using the file itself, group entries can only contain (host, user, domain) triplets. ( the manpage for netgroup really only applies to NIS, hence the ORIGIN statement ) The basic rules that apply when using the netgroup file 'as is' are entries can ONLY contain ( host, user, domain ) triplets there is a maximum limit of 4096 characters per line the line continuation character ( \ ) is NOT allowed. -- --trevc--
lgy@phys.washington.edu (Laurence Yaffe) (05/01/91)
trevc@tecate.mips.com (Trevor Cotton) writes: >I use the /etc/netgroup file here. >Your problem may well be that you have groups of groups. This is only >allowed if you are using NIS. When using the file itself, group entries >can only contain (host, user, domain) triplets. >( the manpage for netgroup really only applies to NIS, hence the ORIGIN >statement ) >The basic rules that apply when using the netgroup file 'as is' are >entries can ONLY contain ( host, user, domain ) triplets >there is a maximum limit of 4096 characters per line >the line continuation character ( \ ) is NOT allowed. In addition to the restrictions Trevor mentions, it appears that using NIS-supplied netgroups in "access=" entries in /etc/exports simply doesn't work under 4.52. MIPS' customer support has told me "wait until 5.0 (later this year)". If anyone has a more immediate work-around (which retains using NIS supplied netgroups) I'd like to hear about it. -- -------------------------------------------------------------------------- Laurence G. Yaffe Internet: lgy@newton.phys.washington.edu University of Washington Bitnet: yaffe@uwaphast.bitnet