[tac_plus] Re: tac_plus problem with acl
john heasley
heas at shrubbery.net
Wed Jul 4 14:42:01 UTC 2007
Wed, Jul 04, 2007 at 09:31:04AM +0200, georg.naggies at r-it.at:
> Hello Andy!
>
> I am sorry that I have to write to you for my small problem with tac_plus,
> but the documentation doesn't seem to fit the software and I can't figure
> it out otherwise
> My problem is that access lists in tac_plus never deny access regardless
> of which hosts are permitted.
>
> My config is:
>
> acl = 1 {
> deny = .*
> }
>
> user = demo {
> login = cleartext "test"
> service = exec {
> "acl" = 1
> priv-lvl = 1
> }
> }
this sends the AV pair acl, rather than setting tac_plus' acl. you want
user = demo {
acl = foo
}
More information about the tac_plus
mailing list