From 81946e2ca36d1805d20ccaebe782b12bb40e3c7e Mon Sep 17 00:00:00 2001
From: Michael Scherer <misc@mageia.org>
Date: Tue, 23 Nov 2010 01:11:12 +0000
Subject: add class for scp and sftp

---
 modules/restrictshell/manifests/init.pp          | 12 ++++++++++++
 modules/restrictshell/templates/membersh-conf.pl |  2 ++
 2 files changed, 14 insertions(+)

(limited to 'modules')

diff --git a/modules/restrictshell/manifests/init.pp b/modules/restrictshell/manifests/init.pp
index 3ce1e0d0..54452026 100644
--- a/modules/restrictshell/manifests/init.pp
+++ b/modules/restrictshell/manifests/init.pp
@@ -77,4 +77,16 @@ class restrictshell {
     class allow_svn {
         allow{ "svn": }
     }
+
+    class allow_scp {
+        allow{ "scp": }
+    }
+
+    class allow_sftp {
+        allow{ "sftp": }
+    }
+    # technically, we could add cvs too
+    # but I doubt we will use it one day
+
+
 }
diff --git a/modules/restrictshell/templates/membersh-conf.pl b/modules/restrictshell/templates/membersh-conf.pl
index 203a2c94..ea7d2957 100755
--- a/modules/restrictshell/templates/membersh-conf.pl
+++ b/modules/restrictshell/templates/membersh-conf.pl
@@ -11,6 +11,8 @@ $bin_rsync = "/usr/bin/rsync";
 $regexp_rsync = "^rsync --server";
 $regexp_dir_rsync = "^/.*";
 
+$bin_sftp = "<%= lib_dir %>/ssh/sftp-server";
+$regexp_sftp = "^(/usr/lib{64,}/ssh/sftp-server|/usr/lib/sftp-server|/usr/libexec/sftp-server|/usr/lib/openssh/sftp-server)";
 
 foreach my $f (glob("/etc/membersh-conf.d/allow_*pl")) {
     do($f)
-- 
cgit v1.2.1