diff options
Diffstat (limited to 'modules/pam_access/access.conf.5')
| -rw-r--r-- | modules/pam_access/access.conf.5 | 31 |
1 files changed, 18 insertions, 13 deletions
diff --git a/modules/pam_access/access.conf.5 b/modules/pam_access/access.conf.5 index 5ef63053..8e7ea4cf 100644 --- a/modules/pam_access/access.conf.5 +++ b/modules/pam_access/access.conf.5 @@ -2,12 +2,12 @@ .\" Title: access.conf .\" Author: [see the "AUTHORS" section] .\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 04/01/2016 +.\" Date: 05/18/2018 .\" Manual: Linux-PAM Manual .\" Source: Linux-PAM Manual .\" Language: English .\" -.TH "ACCESS\&.CONF" "5" "04/01/2016" "Linux-PAM Manual" "Linux\-PAM Manual" +.TH "ACCESS\&.CONF" "5" "05/18/2018" "Linux-PAM Manual" "Linux\-PAM Manual" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -119,15 +119,15 @@ should be allowed to get access via \fItty5\fR, \fItty6\fR\&. .PP -+ : root : crond :0 tty1 tty2 tty3 tty4 tty5 tty6 ++:root:crond :0 tty1 tty2 tty3 tty4 tty5 tty6 .PP User \fIroot\fR should be allowed to get access from hosts which own the IPv4 addresses\&. This does not mean that the connection have to be a IPv4 one, a IPv6 connection from a host with one of this IPv4 addresses does work, too\&. .PP -+ : root : 192\&.168\&.200\&.1 192\&.168\&.200\&.4 192\&.168\&.200\&.9 ++:root:192\&.168\&.200\&.1 192\&.168\&.200\&.4 192\&.168\&.200\&.9 .PP -+ : root : 127\&.0\&.0\&.1 ++:root:127\&.0\&.0\&.1 .PP User \fIroot\fR @@ -140,7 +140,7 @@ is or \fI192\&.168\&.201\&.0/255\&.255\&.255\&.0\fR\&. .PP -+ : root : 192\&.168\&.201\&. ++:root:192\&.168\&.201\&. .PP User \fIroot\fR @@ -150,7 +150,7 @@ and \fIfoo2\&.bar\&.org\fR (uses string matching also)\&. .PP -+ : root : foo1\&.bar\&.org foo2\&.bar\&.org ++:root:foo1\&.bar\&.org foo2\&.bar\&.org .PP User \fIroot\fR @@ -158,13 +158,13 @@ should be able to have access from domain \fIfoo\&.bar\&.org\fR (uses string matching also)\&. .PP -+ : root : \&.foo\&.bar\&.org ++:root:\&.foo\&.bar\&.org .PP User \fIroot\fR should be denied to get access from all other sources\&. .PP -\- : root : ALL +\-:root:ALL .PP User \fIfoo\fR @@ -172,7 +172,7 @@ and members of netgroup \fIadmins\fR should be allowed to get access from all sources\&. This will only work if netgroup service is available\&. .PP -+ : @admins foo : ALL ++:@admins foo:ALL .PP User \fIjohn\fR @@ -180,13 +180,13 @@ and \fIfoo\fR should get access from IPv6 host address\&. .PP -+ : john foo : 2001:db8:0:101::1 ++:john foo:2001:db8:0:101::1 .PP User \fIjohn\fR should get access from IPv6 net/mask\&. .PP -+ : john : 2001:db8:0:101::/64 ++:john:2001:db8:0:101::/64 .PP Disallow console logins to all but the shutdown, sync and all other accounts, which are a member of the wheel group\&. .PP @@ -194,7 +194,12 @@ Disallow console logins to all but the shutdown, sync and all other accounts, wh .PP All other users should be denied to get access from all sources\&. .PP -\- : ALL : ALL +\-:ALL:ALL +.SH "NOTES" +.PP +The default separators of list items in a field are space, \*(Aq,\*(Aq, and tabulator characters\&. Thus conveniently if spaces are put at the beginning and the end of the fields they are ignored\&. However if the list separator is changed with the +\fIlistsep\fR +option, the spaces will become part of the actual item and the line will be most probably ignored\&. For this reason, it is not recommended to put spaces around the \*(Aq:\*(Aq characters\&. .SH "SEE ALSO" .PP \fBpam_access\fR(8), |