diff options
| author | Olivier Blin <mageia@blino.org> | 2016-02-07 23:09:44 +0100 |
|---|---|---|
| committer | Olivier Blin <mageia@blino.org> | 2016-02-07 23:09:44 +0100 |
| commit | 9691ad9acd98b3d054d34476bb5ef1e05657e911 (patch) | |
| tree | 22fc323f0e60d8e8c3677caa3d4f6d78628cf307 /modules/openssh | |
| parent | af668c4856fc38bebd0980823c1ecc21b053d9ad (diff) | |
| download | puppet-9691ad9acd98b3d054d34476bb5ef1e05657e911.tar puppet-9691ad9acd98b3d054d34476bb5ef1e05657e911.tar.gz puppet-9691ad9acd98b3d054d34476bb5ef1e05657e911.tar.bz2 puppet-9691ad9acd98b3d054d34476bb5ef1e05657e911.tar.xz puppet-9691ad9acd98b3d054d34476bb5ef1e05657e911.zip | |
openssh: fix forcing sv_membersh command
The following rule did not work as intended:
Match User !schedbot User !root
This one does (with a leading wildcard):
Match User *,!schedbot,!root
See http://superuser.com/questions/952235/why-arent-my-negative-matches-working
Diffstat (limited to 'modules/openssh')
| -rw-r--r-- | modules/openssh/templates/sshd_config | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/modules/openssh/templates/sshd_config b/modules/openssh/templates/sshd_config index 7c6146fd..1178a3e4 100644 --- a/modules/openssh/templates/sshd_config +++ b/modules/openssh/templates/sshd_config @@ -122,6 +122,6 @@ Subsystem sftp <%= path_to_sftp %>/sftp-server # AllowTcpForwarding no # ForceCommand cvs server <% if @hostname == 'duvel' then %> -Match User !schedbot User !root +Match User *,!schedbot,!root ForceCommand /usr/local/bin/sv_membersh.pl -c "$SSH_ORIGINAL_COMMAND" <% end %> |