1
0
mirror of https://git.FreeBSD.org/ports.git synced 2024-11-05 22:43:24 +00:00
freebsd-ports/net/tac_plus4/files/tac_plus.conf.example

77 lines
2.1 KiB
Plaintext
Raw Normal View History

# /usr/local/etc/tac_plus.conf
user=fred {
name = "Fred Flintstone"
login = des mEX027bHtzTlQ
# Remember that authorization is also recursive over groups, in
# the same way that password lookups are recursive. Thus, if you
# place a user in a group, the daemon will look in the group for
# authorization parameters if it cannot find them in the user
# declaration.
member = admin
expires = "May 23 2005"
service = exec {
# When Fred starts an exec, his connection access list is 5
acl = 5
# We require this autocmd to be done at startup
autocmd = "telnet foo"
}
# All commands except telnet 131.108.13.* are denied for Fred
cmd = telnet {
# Fred can run the following telnet command
permit 131\.108\.13\.[0-9]+
deny .*
}
service = ppp protocol = ip {
# Fred can run ip over ppp only if he uses one
# of the following mandatory addresses If he supplies no
# address, the first one here will be mandated
addr=131.108.12.11
addr=131.108.12.12
addr=131.108.12.13
addr=131.108.12.14
# Fred's mandatory input access list number is 101
inacl=101
# We will suggest an output access list of 102, but Fred may
# choose to ignore or override it
optional outacl=102
}
service = slip {
# Fred can run slip. When he does, he will have to use
# these mandatory access lists
inacl=101
outacl=102
}
# set a timeout in the lcp layer of ppp
service = ppp protocol = lcp {
timeout = 10
}
}
user = wilma {
# Wilma has no password of her own, but she's a group member so
# she'll use the group password if there is one. Same for her
# password expiry date
member = admin
}
group = admin {
# group members who don't have their own password will be looked
# up in /etc/passwd
login = file /etc/passwd
# group members who have no expiry date set will use this one
expires = "Jan 1 1998"
}