Hi, Can you use pam_access in this situation: I have a user eg. luser and group luser. I want to disable remote logins to this account (so only su - luser is possible). Then there are few other users (user1, user2) whose secondary group is luser. Now if I add a line -:luser:ALL to /etc/security/access.conf. This also disables access for user1, user2 because their secondary group is luser ... not exactly what I had in mind... So is there a way around this (w/out changind groups !) IMHO pam_limits has a better syntax for this: to match a group use @group. -Jarno -- Jarno Huuskonen - System Administrator | Jarno.Huuskonen@uku.fi University of Kuopio - Computer Centre | Work: +358 17 162822 PO BOX 1627, 70211 Kuopio, Finland | Mobile: +358 40 5388169
