freebsd-nq/lib/libc/gen/getnetgrent.3
Mark Johnston 714ac00292 Implement an NSS backend for netgroups and add getnetgrent_r(3).
This support appears to have been documented in nsswitch.conf(5) for some
time. The implementation adds two NSS netgroup providers to libc. The
default, compat, provides the behaviour documented in netgroup(5), so this
change does not make any user-visible behaviour changes. A files provider
is also implemented.

innetgr(3) is implemented as an optional NSS method so that providers such
as NIS which are able to implement efficient reverse lookup can do so.
A fallback implementation is used otherwise. getnetgrent_r(3) is added for
convenience and to provide compatibility with glibc and Solaris.

With a small patch to net/nss_ldap, it's possible to specify an ldap
netgroup provider, allowing one to query nisNetgroupTriple entries.

Sponsored by:	EMC / Isilon Storage Division
2016-06-09 01:28:44 +00:00

134 lines
4.0 KiB
Groff

.\" Copyright (c) 1992, 1993
.\" The Regents of the University of California. All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 4. Neither the name of the University nor the names of its contributors
.\" may be used to endorse or promote products derived from this software
.\" without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" @(#)getnetgrent.3 8.1 (Berkeley) 6/4/93
.\" $FreeBSD$
.\"
.Dd June 5, 2016
.Dt GETNETGRENT 3
.Os
.Sh NAME
.Nm getnetgrent ,
.Nm innetgr ,
.Nm setnetgrent ,
.Nm endnetgrent
.Nd netgroup database operations
.Sh LIBRARY
.Lb libc
.Sh SYNOPSIS
.In netdb.h
.Ft int
.Fn getnetgrent "char **host" "char **user" "char **domain"
.Ft int
.Fn getnetgrent_r "char **host" "char **user" "char **domain" "char *buf" "size_t bufsize"
.Ft int
.Fn innetgr "const char *netgroup" "const char *host" "const char *user" "const char *domain"
.Ft void
.Fn setnetgrent "const char *netgroup"
.Ft void
.Fn endnetgrent void
.Sh DESCRIPTION
These functions operate on the netgroup database file
.Pa /etc/netgroup
which is described
in
.Xr netgroup 5 .
The database defines a set of netgroups, each made up of one or more triples:
.Bd -literal -offset indent
(host, user, domain)
.Ed
that defines a combination of host, user and domain.
Any of the three fields may be specified as ``wildcards'' that match any
string.
.Pp
The function
.Fn getnetgrent
sets the three pointer arguments to the strings of the next member of the
current netgroup.
If any of the string pointers are
.Dv NULL
that field is considered a wildcard.
.Pp
The functions
.Fn setnetgrent
and
.Fn endnetgrent
set the current netgroup and terminate the current netgroup respectively.
If
.Fn setnetgrent
is called with a different netgroup than the previous call, an implicit
.Fn endnetgrent
is implied.
The
.Fn setnetgrent
function
also sets the offset to the first member of the netgroup.
.Pp
The function
.Fn innetgr
searches for a match of all fields within the specified group.
If any of the
.Sy host ,
.Sy user ,
or
.Sy domain
arguments are
.Dv NULL
those fields will match any string value in the netgroup member.
.Sh RETURN VALUES
The function
.Fn getnetgrent
returns 0 for ``no more netgroup members'' and 1 otherwise.
The function
.Fn innetgr
returns 1 for a successful match and 0 otherwise.
The functions
.Fn setnetgrent
and
.Fn endnetgrent
have no return value.
.Sh FILES
.Bl -tag -width /etc/netgroup -compact
.It Pa /etc/netgroup
netgroup database file
.El
.Sh COMPATIBILITY
The netgroup members have three string fields to maintain compatibility
with other vendor implementations, however it is not obvious what use the
.Sy domain
string has within
.Bx .
.Sh SEE ALSO
.Xr netgroup 5
.Sh BUGS
The function
.Fn getnetgrent
returns pointers to dynamically allocated data areas that are freed when
the function
.Fn endnetgrent
is called.