((AllowUsers || AllowGroups) && !(AllowUsers && AllowGroups))

Jim Knoble jmknoble at pobox.com
Sat Feb 15 09:35:26 EST 2003


Circa 2003-02-14 14:28:13 -0500 dixit Dan Astoorian:

: Related question: should it be considered an error to supply both an
: AllowUsers and DenyUsers directive in the same configuration?  If there
: are any AllowUsers directives, (I think) the only way a DenyUsers
: statement could have any effect at all would be if it named the same
: user as an AllowUsers, which would be silly.
: 
: Likewise for AllowGroups and DenyGroups.

Not so for *Groups directives:

  /etc/group:users:*:10:blah,haha,heehee
  /etc/group:badusers:*:8675309:heehee

  AllowGroups users
  DenyGroups badusers

-- 
jim knoble  |  jmknoble at pobox.com  |  http://www.pobox.com/~jmknoble/
(GnuPG fingerprint: 31C4:8AAC:F24E:A70C:4000::BBF4:289F:EAA8:1381:1491)
Stop the War on Freedom ... Start the War on Poverty!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 256 bytes
Desc: not available
Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20030214/daf91698/attachment.bin 


More information about the openssh-unix-dev mailing list