Contribution to 3.8.1pl1

Fri May 7 16:58:02 EST 2004

Hi,
now with attachment (sorry !)

Hello,

I added the support for netgroups to be used in the
AllowUsers and DenyUsers parameters. This has some
advantages:
* hostnames or ip addresses need not to be written or
  maintained in the sshd_config file, but can be kept
  abstract names what also simplifies a bit largescale
  openssh installations
* sshd_config needs not change and sshd be restarted
  when changing the list of allowed / denied users/hosts
  in the NIS netgroups

Though considered to be dead some time in the future,
NIS still serves it's purpose in many environments.
The netgroups will make their way into LDAP some time
in the future, then i'll probably post another patch.
For now i added the functionality mainly in the match.c
file, adapted man-page files and autoconf to figure
out automatically, if NIS client support is available
on the platform. The attached patch can be applied
changing to the source directory of 3.8.1pl1 and
running
gunzip < /path/to/openssh-3.8.1p1.patch_af.gz | patch -p 1

Hope this will be included into the official distribution.
Everyone is welcome to review the modifications.

Regards,

 Albert

-- 
Albert Fluegel                  science + computing ag
IT Services                     Ingolstaedter Straße 22
phone +49 89 356386 851         80807 Muenchen, Germany
fax   +49 89 356386 737         www.science-computing.de
________________________________at Infineon
tdsc.af at infineon.com            phone +49 89 234 27690
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openssh-3.8.1p1.patch_af.gz
Type: application/x-gzip
Size: 3134 bytes
Desc: not available
Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20040507/a621f0df/attachment.bin 