diff options
author | Remi Ferrand <remi.ferrand@cc.in2p3.fr> | 2014-03-31 15:18:54 +0200 |
---|---|---|
committer | Russ Allbery <rra@stanford.edu> | 2014-06-16 10:56:13 -0700 |
commit | f92a381dbdaf753a90235a9f1e33b193a752c1c4 (patch) | |
tree | 8a3f52c0c471d2a08baad2811513adbb8a203dc0 /docs | |
parent | b6b2009aa32869a2a988ba458b45b044264cfd78 (diff) |
Add ACL scheme for checking that user belongs to nss group
* Add documentation for *unxgrp* ACL scheme
* Add *unxgrp* in supported ACL scheme in usage message
* Add test suite for acl-unxgrp
Change-Id: I7ed3008953e7751c02d81323e3c08cc9dddb9e49
Reviewed-on: https://gerrit.stanford.edu/1492
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
Diffstat (limited to 'docs')
-rw-r--r-- | docs/remctld.pod | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/docs/remctld.pod b/docs/remctld.pod index 432c8ab..24ebd62 100644 --- a/docs/remctld.pod +++ b/docs/remctld.pod @@ -420,6 +420,12 @@ identity. To deny access, use the C<deny:regex:I<regex>> syntax. This method is supported only if a library for POSIX-compatible regular expressions was found when B<remctld> was built. +=item unxgrp + +This method is used to grant or deny access based on Unix group. +The user name is first sanitized (instances and REALM are removed from principal name), +and then compared to members of B<group>. + =back To see the list of ACL types supported by a particular build of |