aboutsummaryrefslogtreecommitdiffstats
path: root/modules
diff options
context:
space:
mode:
authorDan Fandrich <dan@coneharvesters.com>2016-02-19 00:11:36 +0100
committerDan Fandrich <dan@coneharvesters.com>2016-02-19 00:11:36 +0100
commit094424ee3e603db6275b7c19fca423e865d01a81 (patch)
tree1f498d7844c23d3c303a645de0e4be716fdb2d4f /modules
parent49776a2d13e598d3ed0061b961a54c4d24dd9552 (diff)
downloadpuppet-094424ee3e603db6275b7c19fca423e865d01a81.tar
puppet-094424ee3e603db6275b7c19fca423e865d01a81.tar.gz
puppet-094424ee3e603db6275b7c19fca423e865d01a81.tar.bz2
puppet-094424ee3e603db6275b7c19fca423e865d01a81.tar.xz
puppet-094424ee3e603db6275b7c19fca423e865d01a81.zip
Allow members of mga-sysadmin to log in via ssh
This only works on hosts where users' ssh keys are copied, namely those including openssh::ssh_keys_from_ldap
Diffstat (limited to 'modules')
-rw-r--r--modules/openssh/templates/sshd_config2
1 files changed, 1 insertions, 1 deletions
diff --git a/modules/openssh/templates/sshd_config b/modules/openssh/templates/sshd_config
index ed8c97ef..ba197164 100644
--- a/modules/openssh/templates/sshd_config
+++ b/modules/openssh/templates/sshd_config
@@ -123,6 +123,6 @@ Subsystem sftp <%= path_to_sftp %>/sftp-server
# ForceCommand cvs server
<% if @hostname == 'duvel' then %>
# git command is already forced to "gitolite <username>" in /var/lib/git/.ssh/authorized_keys
-Match User *,!schedbot,!root,!git
+Match User *,!schedbot,!root,!git Group *,!mga-sysadmin
ForceCommand /usr/local/bin/sv_membersh.pl -c "$SSH_ORIGINAL_COMMAND"
<% end %>