Sorry for the obvious spelling mistake with ConsServ1, but I have been putting the syntax through its paces by testing (successfully) giving different users access to different hosts on the local subnet.
Here is a simplified syntax for testing user groups:
delegated -P1080 SERVER=socks AUTHORIZER=-pam/delegated OWNER="root"
|USERLIST="Users:vphuvan@*" PERMIT="tcprelay:ConsServ1:Users" -vd
It still bombs. What's wrong with the syntax?
----- Original Message -----
From: "Yutaka Sato" <email@example.com>
Cc: "vietnhi phuvan" <firstname.lastname@example.org>
Sent: Friday, September 24, 2010 3:34:20 AM
Subject: Re: [DeleGate-En] Does Delegate support user-based access lists, with those users authenticated by a RADIUS
In message <_A4915@delegate-en.ML_> on 09/24/10(07:20:34)
you Vietnhi Phuvan <email@example.com> wrote:
|I. I am attempting to make user groups work:
|delegated -P1080 SERVER=socks AUTHORIZER=-pam/delegated OWNER="root"
|USERLIST="Users:vphuvan@*" PERMIT="tcprelay:ConServ1:Users" -vd
|vphuvan authenticates nicely according to the 1080 log but I am getting
|a no permission match error. Anything wrong with the syntax above?
- As long as I knonw, there is no parameter with name "USERLIST".
- "ConServ1" in the above PERMIT is not defined in any HOSTLIST.
- "ConsServ1", "ConsServ2" and "ConsServ3" are defined but not used.
-- 9 9 Yutaka Sato, CSDP#005482 <firstname.lastname@example.org>
http://delegate.org/y.sato/ ( ~ ) National Institute of Advanced
Industrial Science and Technology
_< >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
Do the more with the less -- B. Fuller