diff -Nurp net-snmp-5.8-orig/configure.d/config_os_functions net-snmp-5.8/configure.d/config_os_functions
--- net-snmp-5.8-orig/configure.d/config_os_functions	2018-10-10 09:45:14.899075003 +0000
+++ net-snmp-5.8/configure.d/config_os_functions	2018-10-10 10:06:55.326988809 +0000
@@ -37,11 +37,12 @@ AC_CHECK_FUNCS([rand   random srand sran
 
 #  Library:
 AC_CHECK_FUNCS([asprintf                                         ] dnl
-               [closedir        fgetc_unlocked  flockfile        ] dnl
-               [fork            funlockfile     getipnodebyname  ] dnl
-               [gettimeofday    if_nametoindex  mkstemp          ] dnl
-               [opendir         readdir         regcomp          ] dnl
-               [setenv          setitimer       setlocale        ] dnl
+               [closedir        endnetgrent     fgetc_unlocked   ] dnl
+               [flockfile       fork            funlockfile      ] dnl
+               [getipnodebyname getnetgrent     gettimeofday     ] dnl
+               [if_nametoindex  mkstemp         opendir          ] dnl
+               [readdir         regcomp         setenv           ] dnl
+               [setitimer       setlocale       setnetgrent      ] dnl
                [setsid          snprintf        strcasestr       ] dnl
                [strdup          strerror        strncasecmp      ] dnl
                [sysconf         times           vsnprintf        ] )
diff -Nurp net-snmp-5.8-orig/man/snmpd.conf.5.def net-snmp-5.8/man/snmpd.conf.5.def
--- net-snmp-5.8-orig/man/snmpd.conf.5.def	2018-10-10 09:45:14.951075479 +0000
+++ net-snmp-5.8/man/snmpd.conf.5.def	2018-10-10 10:10:44.057084311 +0000
@@ -390,7 +390,15 @@ map an SNMPv1 or SNMPv2c community strin
 a particular range of source addresses, or globally (\fI"default"\fR).
 A restricted source can either be a specific hostname (or address), or
 a subnet - represented as IP/MASK (e.g. 10.10.10.0/255.255.255.0), or
-IP/BITS (e.g. 10.10.10.0/24), or the IPv6 equivalents.
+IP/BITS (e.g. 10.10.10.0/24), or the IPv6 equivalents. It is also possible
+to reference a specific \fInetgroup\fR starting with an '@' character (e.g. 
+@adminhosts). The \fInetgroup\fR lookup is running through the NSS (Name
+Services Switch) making it possible to define the group locally or via
+NIS/LDAP.
+.IP
+Note: The hostname DNS lookup and \fInetgroup\fR resolution is done only
+during snmpd start or reload.
+.IP
 A restriction preceded by an exclamation mark (!) denies access from
 that address or subnet, e.g., !10.10.10.0/24 denies requests from
 that sources in that subnet.  Deny restrictions must be before