- (stevesk) complete:

- markus@cvs.openbsd.org 2001/01/13 11:56:48 [auth.c sshd.8] support supplementary group in {Allow,Deny}Groups from stevesk@pobox.com
author: Kevin Steves <stevesk@pobox.com> 2001-01-14 19:11:00 +0000
committer: Kevin Steves <stevesk@pobox.com> 2001-01-14 19:11:00 +0000
commit: 7b61cfa1ec06d6ad8026818d1f3c81443cc53b67 (patch)
tree: 4151e5bd799ce445855a59914921a649cc18c302 /sshd.8
parent: 886b06ce67f9fda0121ec4a3875970bc2316e780 (diff)
1 files changed, 6 insertions, 6 deletions
diff --git a/sshd.8 b/sshd.8
index fef26b50b..a513978d9 100644
--- a/sshd.8
+++ b/sshd.8
@@ -34,7 +34,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: sshd.8,v 1.80 2001/01/08 22:29:05 markus Exp $
+.\" $OpenBSD: sshd.8,v 1.81 2001/01/13 18:56:48 markus Exp $
 .Dd September 25, 1999
 .Dt SSHD 8
 .Os
@@ -303,14 +303,14 @@ Default is
 This keyword can be followed by a number of group names, separated
 by spaces.
 If specified, login is allowed only for users whose primary
-group matches one of the patterns.
+group or supplementary group list matches one of the patterns.
 .Ql \&*
 and
 .Ql ?
 can be used as
 wildcards in the patterns.
 Only group names are valid; a numerical group ID isn't recognized.
-By default login is allowed regardless of the primary group.
+By default login is allowed regardless of the group list.
 .Pp
 .It Cm AllowTcpForwarding
 Specifies whether TCP forwarding is permitted.
@@ -354,15 +354,15 @@ The default is
 .It Cm DenyGroups
 This keyword can be followed by a number of group names, separated
 by spaces.
-Users whose primary group matches one of the patterns
+Users whose primary group or supplementary group list matches
-aren't allowed to log in.
+one of the patterns aren't allowed to log in.
 .Ql \&*
 and
 .Ql ?
 can be used as
 wildcards in the patterns.
 Only group names are valid; a numerical group ID isn't recognized.
-By default login is allowed regardless of the primary group.
+By default login is allowed regardless of the group list.
 .Pp
 .It Cm DenyUsers
 This keyword can be followed by a number of user names, separated
author	Kevin Steves <stevesk@pobox.com>	2001-01-14 19:11:00 +0000
committer	Kevin Steves <stevesk@pobox.com>	2001-01-14 19:11:00 +0000
commit	7b61cfa1ec06d6ad8026818d1f3c81443cc53b67 (patch)
tree	4151e5bd799ce445855a59914921a649cc18c302 /sshd.8
parent	886b06ce67f9fda0121ec4a3875970bc2316e780 (diff)

diff --git a/sshd.8 b/sshd.8 index fef26b50b..a513978d9 100644 --- a/sshd.8 +++ b/sshd.8
@@ -34,7 +34,7 @@
34	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF	34	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	35	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36	.\"	36	.\"
37	.\" $OpenBSD: sshd.8,v 1.80 2001/01/08 22:29:05 markus Exp $	37	.\" $OpenBSD: sshd.8,v 1.81 2001/01/13 18:56:48 markus Exp $
38	.Dd September 25, 1999	38	.Dd September 25, 1999
39	.Dt SSHD 8	39	.Dt SSHD 8
40	.Os	40	.Os
@@ -303,14 +303,14 @@ Default is
303	This keyword can be followed by a number of group names, separated	303	This keyword can be followed by a number of group names, separated
304	by spaces.	304	by spaces.
305	If specified, login is allowed only for users whose primary	305	If specified, login is allowed only for users whose primary
306	group matches one of the patterns.	306	group or supplementary group list matches one of the patterns.
307	.Ql \&*	307	.Ql \&*
308	and	308	and
309	.Ql ?	309	.Ql ?
310	can be used as	310	can be used as
311	wildcards in the patterns.	311	wildcards in the patterns.
312	Only group names are valid; a numerical group ID isn't recognized.	312	Only group names are valid; a numerical group ID isn't recognized.
313	By default login is allowed regardless of the primary group.	313	By default login is allowed regardless of the group list.
314	.Pp	314	.Pp
315	.It Cm AllowTcpForwarding	315	.It Cm AllowTcpForwarding
316	Specifies whether TCP forwarding is permitted.	316	Specifies whether TCP forwarding is permitted.
@@ -354,15 +354,15 @@ The default is
354	.It Cm DenyGroups	354	.It Cm DenyGroups
355	This keyword can be followed by a number of group names, separated	355	This keyword can be followed by a number of group names, separated
356	by spaces.	356	by spaces.
357	Users whose primary group matches one of the patterns	357	Users whose primary group or supplementary group list matches
358	aren't allowed to log in.	358	one of the patterns aren't allowed to log in.
359	.Ql \&*	359	.Ql \&*
360	and	360	and
361	.Ql ?	361	.Ql ?
362	can be used as	362	can be used as
363	wildcards in the patterns.	363	wildcards in the patterns.
364	Only group names are valid; a numerical group ID isn't recognized.	364	Only group names are valid; a numerical group ID isn't recognized.
365	By default login is allowed regardless of the primary group.	365	By default login is allowed regardless of the group list.
366	.Pp	366	.Pp
367	.It Cm DenyUsers	367	.It Cm DenyUsers
368	This keyword can be followed by a number of user names, separated	368	This keyword can be followed by a number of user names, separated