From 9691ad9acd98b3d054d34476bb5ef1e05657e911 Mon Sep 17 00:00:00 2001
From: Olivier Blin <mageia@blino.org>
Date: Sun, 7 Feb 2016 23:09:44 +0100
Subject: openssh: fix forcing sv_membersh command

The following rule did not work as intended:
Match User !schedbot User !root

This one does (with a leading wildcard):
Match User *,!schedbot,!root

See http://superuser.com/questions/952235/why-arent-my-negative-matches-working
---
 modules/openssh/templates/sshd_config | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'modules/openssh/templates/sshd_config')

diff --git a/modules/openssh/templates/sshd_config b/modules/openssh/templates/sshd_config
index 7c6146fd..1178a3e4 100644
--- a/modules/openssh/templates/sshd_config
+++ b/modules/openssh/templates/sshd_config
@@ -122,6 +122,6 @@ Subsystem	sftp	<%= path_to_sftp %>/sftp-server
 #	AllowTcpForwarding no
 #	ForceCommand cvs server
 <% if @hostname == 'duvel' then %>
-Match User !schedbot User !root
+Match User *,!schedbot,!root
         ForceCommand /usr/local/bin/sv_membersh.pl -c "$SSH_ORIGINAL_COMMAND"
 <% end %>
-- 
cgit v1.2.1