DOMAIN(8) InterNetNews Documentation DOMAIN(8)NAME
domain - nnrpd domain resolver
SYNOPSIS
domain domainname
DESCRIPTION
This program can be used in readers.conf to grant access based on the subdomain part of the remote hostname. In particular, it only
returns success if the remote hostname ends in domainname. (A leading dot on domainname is optional; even without it, the argument must
match on dot-separated boundaries). The "username" returned is whatever initial part of the remote hostname remains after domainname is
removed. It is an error if there is no initial part (that is, if the remote hostname is exactly the specified domainname).
EXAMPLE
The following readers.conf(5) fragment grants access to hosts with internal domain names:
auth internal {
res: "domain .internal"
default-domain: "example.com"
}
access internal {
users: "*@example.com"
newsgroups: example.*
}
Access is granted to the example.* groups for all connections from hosts that resolve to hostnames ending in ".internal"; a connection from
"foo.internal" would match access groups as "foo@example.com".
BUGS
It seems the code does not confirm that the matching part is actually at the end of the remote hostname (e.g., "domain: example.com" would
match the remote host "foo.example.com.org" by ignoring the trailing ".org" part).
Does this resolver actually provide any useful functionality not available by using wildcards in the readers.conf(5) hosts parameter? If
so, the example above should reflect this functionality.
HISTORY
This documentation was written by Jeffrey M. Vinocur <jeff@litech.org>.
$Id: domain.pod 8200 2008-11-30 13:31:30Z iulius $
SEE ALSO nnrpd(8), readers.conf(5)INN 2.5.2 2009-05-21 DOMAIN(8)
Check Out this Related Man Page
netgroup(4) Kernel Interfaces Manual netgroup(4)NAME
netgroup - List of network groups
DESCRIPTION
The netgroup file defines network-wide groups used for permission checking when doing remote mounts, remote logins, and remote shells. For
remote mounts, the information in the netgroup file is used to classify machines; for remote logins and remote shells, it is used to clas-
sify users. Each line of the netgroup file defines a group and has the following format:
groupname member_1 ... member_n
Each member can be either another group name or a combination of the host name, user name, and domain name in the following format:
(hostname, username, domainname)
Any of the three fields can be empty, in which case a wildcard is assumed. For example, to define a group to which everyone belongs, the
following entry could appear in the netgroup file: universal (,,)
Field names that begin with something other than a letter, digit, or underscore (such as ``-'') work in the opposite way. For example:
justmachines (analytica,-,suez) justpeople (-,babbage,suez)
The machine analytica belongs to the group justmachines in the domain suez, but no users belong to it. Similarly, the user babbage belongs
to the group justpeople in the domain suez, but no machines belong to it.
Network groups are part of the NIS database and are accessed through these files:
/etc/yp/domainname/netgroup.dir
/etc/yp/domainname/netgroup.pag
/etc/yp/domainname/netgroup.byuser.dir
/etc/yp/domainname/netgroup.byuser.pag
/etc/yp/domainname/netgroup.byhost.dir
/etc/yp/domainname/netgroup.byhost.pag
These files can be created from /etc/netgroup using makedbm(8).
FILES
/etc/netgroup
/etc/yp/domainname/netgroup.dir
/etc/yp/domainname/netgroup.pag
/etc/yp/domainname/netgroup.byuser.dir
/etc/yp/domainname/netgroup.byuser.pag
/etc/yp/domainname/netgroup.byhost.dir
/etc/yp/domainname/netgroup.byhost.pag
RELATED INFORMATION getnetgrent(3), makedbm(8), ypserv(8) delim off
netgroup(4)