A detail I forgot...
The need is to have members of the groups wheel and users being dropped to
a shell and administer the server while members of only the group users
have a script started forcing them to a few command on the server.
On Tue, Feb 28, 2017 at 10:50 AM, Bernard Fay <bernard.fay@xxxxxxxxx> wrote:
> I try to set up two "Match Group" directives in sshd_config.
>
> I have an LDAP server. All users including admins are part of the LDAP
> group users. The admins users are also part of the LDAP group wheel. For
> example:
>
> [~]groups admin1
> admin1 : users wheel
> [~]groups users
> user1 : users
>
> On a client server to LDAP, I try to configure two "Match Group"
> directives in sshd_config as follows:
>
> Match Group wheel
> some keywords...
>
> Match Group users
> some keywords...
>
>
> The problem is that even if a user is a member of LDAP group wheel, the
> "Match Group wheel" directive is skipped in favor of the "Match Group
> users" directive.
>
> Is it possible to have two "Match Group" directives as I like to do it?
> If yes, what is wrong in my configuration?
>
> Thanks,
>
>
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
