diff options
Diffstat (limited to 'modules/pam_access/access.conf')
| -rw-r--r-- | modules/pam_access/access.conf | 28 |
1 files changed, 14 insertions, 14 deletions
diff --git a/modules/pam_access/access.conf b/modules/pam_access/access.conf index 74c5fbe8..47b6b84c 100644 --- a/modules/pam_access/access.conf +++ b/modules/pam_access/access.conf @@ -18,7 +18,7 @@ # pam_access with X applications that provide PAM_TTY values that are # the display variable like "host:0".] # -# permission : users : origins +# permission:users:origins # # The first field should be a "+" (access granted) or "-" (access denied) # character. @@ -79,44 +79,44 @@ ############################################################################## # # User "root" should be allowed to get access via cron .. tty5 tty6. -#+ : root : cron crond :0 tty1 tty2 tty3 tty4 tty5 tty6 +#+:root:cron crond :0 tty1 tty2 tty3 tty4 tty5 tty6 # # User "root" should be allowed to get access from hosts with ip addresses. -#+ : root : 192.168.200.1 192.168.200.4 192.168.200.9 -#+ : root : 127.0.0.1 +#+:root:192.168.200.1 192.168.200.4 192.168.200.9 +#+:root:127.0.0.1 # # User "root" should get access from network 192.168.201. # This term will be evaluated by string matching. # comment: It might be better to use network/netmask instead. # The same is 192.168.201.0/24 or 192.168.201.0/255.255.255.0 -#+ : root : 192.168.201. +#+:root:192.168.201. # # User "root" should be able to have access from domain. # Uses string matching also. -#+ : root : .foo.bar.org +#+:root:.foo.bar.org # # User "root" should be denied to get access from all other sources. -#- : root : ALL +#-:root:ALL # # User "foo" and members of netgroup "nis_group" should be # allowed to get access from all sources. # This will only work if netgroup service is available. -#+ : @nis_group foo : ALL +#+:@nis_group foo:ALL # # User "john" should get access from ipv4 net/mask -#+ : john : 127.0.0.0/24 +#+:john:127.0.0.0/24 # # User "john" should get access from ipv4 as ipv6 net/mask -#+ : john : ::ffff:127.0.0.0/127 +#+:john:::ffff:127.0.0.0/127 # # User "john" should get access from ipv6 host address -#+ : john : 2001:4ca0:0:101::1 +#+:john:2001:4ca0:0:101::1 # # User "john" should get access from ipv6 host address (same as above) -#+ : john : 2001:4ca0:0:101:0:0:0:1 +#+:john:2001:4ca0:0:101:0:0:0:1 # # User "john" should get access from ipv6 net/mask -#+ : john : 2001:4ca0:0:101::/64 +#+:john:2001:4ca0:0:101::/64 # # All other users should be denied to get access from all sources. -#- : ALL : ALL +#-:ALL:ALL |