8.6. Editing Host Netgroups

Authors: Knut Yrvin and Alex Brasetvik

A "host netgroup" (hence "netgroup") can be compared to a guest list when you are inviting people to a party. You have made the guest list to avoid unwanted guests, for instance crooks. In a computer network, the guests are a bit different. They are "Internet hosts", e.g. printers, thin client servers or workstations. If these hosts are on the guest list, they are welcome to do their task on the network. If they are not, they are automatically kept out by the doorkeeper.

A netgroup thus keeps track of the guests, or "hosts" in "Internet lingo". It can also keep track of other netgroups, and this simplifies administration of, for example, access to the Internet or to a file server. It is much easier to administer groups of hosts than specifying every single host everywhere.

You have to use netgroups correctly to avoid extra administration. For example, it is useless to have a netgroup named "workstation-hosts" with 250 different hosts in it. It is better to use subgroups. The workstations could be grouped into "computerlab01-hosts", "computerlab02-hosts" and "teachers-hosts", and these could be subgroups to another netgroup named "workstation-hosts".

In the future, Skolelinux will probably use netgroups for various other tasks. Today they are used to prevent access of unwanted guests to the file server.

8.6.1. The Netgroup Module

To edit netgroups, you have to use Webmin. The module is named "Edit host netgroups" and is found under the "System"-tab.

On a newly-installed Skolelinux server, the following netgroups are added:

ImportantNaming Conventions
 

Note that all of the netgroup names end with "-hosts". This is to make it easier to distinguish netgroups from other groups whenever necessary. We suggest you use the same naming convention.

8.6.2. Adding Hosts to a Netgroup

In the overview, click on the netgroup you want to change. A new window appears, showing hosts, subgroups and netgroups available to add as subgroups and an area for adding new hosts.

Enter the name on a line of its own for every host you want to add to the netgroup.

If you check the "Verify validity of hosts" box, every hostname will be tested but only valid ones will be added. Note: this may slow down the process.

If you check the "Make sure the hostnames can be used by the file server" box, every hostname will be tested but only those usable to the file server will be added. Note: this may slow down the process.

Click on "Add" to add the entered hosts to the netgroup. You will see the same page, but with the new hosts included in the list.

Click on "Back" when you are finished editing the netgroup. Remember to save your changes.

8.6.3. Saving Changes

Return to the overview when you are finished making your changes. Notice the actions in the action queue. When you are done, enter your LDAP-password and click on "Execute actions". The changes are sent to the catalogue server, and you get a new window showing the replies from the server. For every successful action, the server replies "Success".

You can remove actions you regret or made by mistake. Select the actions you want to remove from the queue and click on "Delete selected actions". Actions depending on those removed will not be executed. If you remove, for example, the action "Add netgroup 'computerlab01-hosts'", then the action "Add host(s) (dhcp123, dhcp124, dhcp125)" will not be executed.

8.6.4. Adding a New Netgroup

Enter the name of the new netgroup in the "Name of group" text field in the "New group"-area and click on "Create group". The name has to be between 9 and 40 characters and contain only alphanumeric characters and hyphens.

The new netgroup is now listed together with the other groups.

8.6.5. Adding a Subgroup

In the overview, click on the group to which you want to add subgroups. If you want to add "computerlab01-hosts" as a subgroup to "workstation-hosts", click on "workstation-hosts".

Select the group you want to add as a subgroup and click on "Add selected groups". The subgroups are now listed as a subgroup.

Remember to save your changes.

8.6.6. Deleting a Netgroup

In the overview, select the netgroups you want to remove and click on "Delete selected groups".

Remember to save your changes.

8.6.7. Removing Hosts from a Netgroup

In the overview, click on the group you want to change. Select the hosts you want to remove and click on "Remove selected hosts".

Remember to save your changes.

8.6.8. Removing a Subgroup

In the overview, click on the group you want to change. Select the subgroups you want to remove and click on "Remove selected subgroups".

Remember to save your changes.