From owner-freebsd-questions Sat Jan 3 20:16:47 1998 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.7/8.8.7) id UAA27338 for questions-outgoing; Sat, 3 Jan 1998 20:16:47 -0800 (PST) (envelope-from owner-freebsd-questions) Received: from max.fys.ruu.nl (max.fys.ruu.nl [131.211.32.73]) by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id UAA27329 for ; Sat, 3 Jan 1998 20:16:39 -0800 (PST) (envelope-from P.Dekkers@gromit.eu.org) Received: from gromit.eu.org (root@psd.7da.nl [195.108.246.100]) by max.fys.ruu.nl (8.8.7/8.8.7/hjm) with ESMTP id MAA25756 for ; Sat, 3 Jan 1998 12:25:25 +0100 (MET) Received: from localhost (localhost [127.0.0.1]) by gromit.eu.org (8.8.7/8.8.7/psd) with SMTP id MAA00269 for ; Sat, 3 Jan 1998 12:19:30 +0100 Date: Sat, 3 Jan 1998 12:19:30 +0100 (MET) From: Paul Dekkers X-Sender: paul@gromit.nev.ml.org Reply-To: Paul Dekkers To: freebsd-questions@freebsd.org Subject: login.access Message-ID: X-Mood: :-) but almost |-| (sleeping) Organization: Me and organized? MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Hi I'm running FreeBSD 2.2.1 and discovered the login.access file in /etc... but I tried the following: -:users:ttyv5 to prevent users from the group 'users' logging in from ttyv5 BUT: they were still able to! If I replaced 'users' with the 'username' it worked well... -:ALL except staff:ALL however this rule worked: everybody was not allowed to login from everywhere BUT users in the staff group... If I replaced this with +:staff:ALL -:ALL:ALL it hadn't work... And doing this I can prevent users from loggin in except the 'staff' but, when I just don't want the group 'students' to log in: -:student:ALL except .localnet doesn't work... and when converting that to a plus '+' rule it doesn't work... Is there something wrong with that file or am I doing something wrong? (maybe just under FreeBSD 2.2.1 and it's a bug which has been fixed now??? (not able to try it)) Paul