diff options
author | Tomas Mraz <tm@t8m.info> | 2005-12-21 10:04:09 +0000 |
---|---|---|
committer | Tomas Mraz <tm@t8m.info> | 2005-12-21 10:04:09 +0000 |
commit | e4cbefcdd253ae67503268014ef39e849cb31b7b (patch) | |
tree | b195e2efc56b504be956b6bcb4fe465f69251098 /modules/pam_succeed_if/README | |
parent | b1d9b2322daa439194aaa53037fe27a0ccc0596b (diff) |
Relevant BUGIDs:
Purpose of commit: new feature
Commit summary:
---------------
* modules/pam_succeed_if/pam_succeed_if.c (evaluate_ingroup),
(evaluate_notingroup): Simplified.
(evaluate_innetgr), (evaluate_notinnetgr): New functions.
(evaluate): Added calls to evaluate_(not)innetgr().
* modules/pam_succeed_if/README: Documented netgroup matching.
* NEWS: Mentioned the added netgroup matching support.
Diffstat (limited to 'modules/pam_succeed_if/README')
-rw-r--r-- | modules/pam_succeed_if/README | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/modules/pam_succeed_if/README b/modules/pam_succeed_if/README index fdb278ef..e6e4f2aa 100644 --- a/modules/pam_succeed_if/README +++ b/modules/pam_succeed_if/README @@ -34,10 +34,16 @@ pam_succeed_if: !~ - Wildcard mismatch. ingroup - Group membership check. [*] notingroup - Group non-membership check. [*] + innetgr - Netgroup membership check. [*][+] + notinnetgr - Netgroup non-membership check. [*][+] - * The "ingroup" and "notingroup" operators should only be - used with the USER attribute. + * The "ingroup", "notingroup", "innetgr" and "notinnetgr" + operators should only be used with the USER attribute. + + The "innetgr" and "notinnetgr" operators always match + both remote host and USER against the netgroup. If a remote + host is not set by the application it will be matched + against any host in the netgroup triplet. Examples: Deny authentication to all users except those in the wheel |