On 06/17/2015 12:17 PM, Arjun Shankar wrote:
>>> Just a note: I'm hoping for a response from Arjun before I commit this.
>> Hope is not a plan :-)
>
> I see that I got here a little late. This looks good, but I have one
> nitpick:
>
>> +Allow user from host to login:
>> +.LP
>> +.RS 4
>> +.TP
>> +host user
>
> It might make sense to repeat here that such an entry will allow the
> specified user on the remote host to login as *any* user on the local host.
>
> i.e., something like:
>
> -Allow user from host to login:
> +Allow user from host to login as any non-root user:
Good point.
Signed-off-by: Carlos O'Donell <carlos@xxxxxxxxxx>
diff --git a/man5/hosts.equiv.5 b/man5/hosts.equiv.5
index b6ecb94..9ee0e6e 100644
--- a/man5/hosts.equiv.5
+++ b/man5/hosts.equiv.5
@@ -116,7 +116,7 @@ Allow
.I user
from
.I host
-to login:
+to login as any non-root user:
host user
@@ -152,7 +152,8 @@ Disallow all users on all hosts in a
Allow all users in a
.I netgroup
to log in from
-.IR host :
+.IR host
+as any non-root user:
host +@netgroup
---
Cheers,
Carlos.
--
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
