Univention Bugzilla – Bug 31360
auth/$service/{user/$user,group/$group} not separated
Last modified: 2018-04-13 13:42:17 CEST
access.conf states, that groups should be placed in brackets to distinguish them from users: > The second field, the users/group field, should be a list of one or more login names, group names, or ALL > (which always matches). To differentiate user entries from group entries, group entries should be written > with brackets, e.g. (group). All templates base/univention-pam/conffiles/etc/security/access-*.conf do this wrong. The functionality should also be moved to a common shared library implementation to reduce code duplication. Documentation: auth/$service/user/$user and auth/$service/group/$group only support positive boolean valued; explicitly setting them to "false" does not explicitly disable the user or group. It should be documented that only "yes", "true", "1", ... are supported, not "no", "false", "0", ... <http://jenkins.knut.univention.de:8080/job/UCS-3.1-2%20Handbook%20UCS/ws/webroot/manual-3.1-1.html#computers:Limiting_authentication_to_selected_users>
This issue has been filed against UCS 3. UCS 3 is out of the normal maintenance and many UCS components have vastly changed in UCS 4. If this issue is still valid, please change the version to a newer UCS version otherwise this issue will be automatically closed in the next weeks.
This issue has been filed against UCS 3.1. UCS 3.1 is out of maintenance and many UCS components have vastly changed in later releases. Thus, this issue is now being closed. If this issue still occurs in newer UCS versions, please use "Clone this bug" or reopen this issue. In this case please provide detailed information on how this issue is affecting you.