1
# Description of its configuration file
3
# (The default config file is "/etc/security/access.conf". This
4
# default can be overridden with a module config argument
5
# 'accessfile=<full-path>'):
7
# Login access control table.
9
# When someone logs in, the table is scanned for the first entry that
10
# matches the (user, host) combination, or, in case of non-networked
11
# logins, the first entry that matches the (user, tty) combination. The
12
# permissions field of that table entry determines whether the login will
13
# be accepted or refused.
15
# Format of the login access control table is three fields separated by a
18
# permission : users : origins
20
# The first field should be a "+" (access granted) or "-" (access denied)
23
# The second field should be a list of one or more login names, group
24
# names, or ALL (always matches). A pattern of the form user@host is
25
# matched when the login name matches the "user" part, and when the
26
# "host" part matches the local machine name.
28
# The third field should be a list of one or more tty names (for
29
# non-networked logins), host names, domain names (begin with "."), host
30
# addresses, internet network numbers (end with "."), ALL (always
31
# matches) or LOCAL (matches any string that does not contain a "."
34
# If you run NIS you can use @netgroupname in host or user patterns; this
35
# even works for @usergroup@@hostgroup patterns. Weird.
37
# The EXCEPT operator makes it possible to write very compact rules.
39
# The group file is searched only when a name does not match that of the
40
# logged-in user. Both the user's primary group is matched, as well as
41
# groups in which users are explicitly listed.
43
# Alexei Nogin <alexei@nogin.dnttm.ru> 1997/06/15
44
############################################################################