[tac_plus] Re: How can I deny/permit ?
Nathan Schrenk
nathan at schrenk.org
Fri Jan 30 20:13:53 UTC 2009
On 1/30/09, Alexander Czutka <aczutka at brocade.com> wrote:
>
> Hello,
>
> I´m trying to setup an authorization for a user.
>
> The user should be allowed to do a:
>
> - Show ip
> - show ip route
>
> But he shouldn´t execute the commands, which starts with:
>
> - Show ip ospf
> - Show ip pim
>
> I tried this, but it didn´t work:
>
> cmd = show {
> permit ip
> deny ip ospf
> }
>
> root at ubuntu-fdry:/# tac_plus -C /etc/tac_plus.conf
> Error: expecting '}' but found 'ospf' on line 40
> root at ubuntu-fdry:/#
>
> Is this possible ?
Try putting quotes around the tokens:
cmd = show {
permit ip
deny "ip ospf"
}
Nathan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.shrubbery.net/pipermail/tac_plus/attachments/20090130/7de85ef8/attachment.html
More information about the tac_plus
mailing list