mask-group
field), and in ACL file (the last
field in each line).
groupname: user1,user2,group1,user3,group2That is, the groupname is followed by a colon followed by a comma-separated list of usernames and/or groupnames in arbitrary order (this list is called a group definition).
A groupname must be defined before it is referenced (and a groupname is not defined inside its own definition). An undefined reference is treated as a username. This guarantees the absence of circular structures in the group hierarchy.
Syntax of Group Definition Part
Group definition part appears not only in the group file, but also
mask-group
field in protection setup file, and
@
and is
followded by an IP number template. In IP template each of the 4 parts
may contain one wildcard character *.
IP address restriction can be on its own when it allows anyone from a matching address:
cern_site: @128.141.*.*However, it can also immediately follow a user or group name in which case these users are only allowed if they connect from a matching address:
ari_at_work: luotonen@128.141.8.187
cern_hackers: (luotonen,timbl)@(128.141.8.187, 128.141.244.101)
wizards: marca, sanders, kevin, dave, montulli, timbl, cailliau, hallam, jak hackers: marca@141.142.*.*, sanders@153.39.*.*, (luotonen, timbl, hallam)@128.141.*.*, cailliau@(128.141.201.162, 128.141.248.119)See also: Password file.
AL 12 December 1993