Tere. > > IMHO this translates to: > > +:group1:ALL > +:group2:172.0.0. > -:ALL:ALL > > Thank You, almost, but network path didn't work, so now I use: +:group1:ALL +:group2:172. 192. -:ALL:ALL Btw, I found some old post about different access.conf patch - http://groups.google.com/group/linux.redhat.pam/browse_frm/thread/7ed3a429d9fb6b6c/f1ee1e4afb48ee26?lnk=st&q=pam_access.so&rnum=7#f1ee1e4afb48ee26 I create this simple patch for *pam_access; so* you can specify a diferent access.conf file for every service (Or the default /etc/security/access.conf, if not specified). For ex: /etc/pam.d/sshd #specify accessfile account required /lib/security/*pam_access.so* accessfile=/etc/security/access.sshd.conf /etc/pam.d/login #default accessfile account required /lib/security/*pam_access.so* This patch isn't anymore available and seems latest pam doesn't include it, so the question is how to use different rules for different daemon? -- Sysadmin _______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
