<div dir="ltr"><br><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Apr 10, 2017 at 4:14 PM, Daniel Schmidt <span dir="ltr"><<a href="mailto:daniel.schmidt@wyo.gov" target="_blank">daniel.schmidt@wyo.gov</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">I've considered added it to do_auth before, but this is the first time anybody expressed interest.<br></div></blockquote><div><br></div><div><br></div><div>We have a requirement to deny any config change for certain group during trading hours</div><div><br></div><div><br></div><div> <br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"></div><div class="gmail_extra"><br><div class="gmail_quote"><div><div class="h5">On Mon, Apr 10, 2017 at 11:43 AM, Asif Iqbal <span dir="ltr"><<a href="mailto:vadud3@gmail.com" target="_blank">vadud3@gmail.com</a>></span> wrote:<br></div></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div class="h5"><span>On Mon, Apr 10, 2017 at 1:38 PM, heasley <<a href="mailto:heas@shrubbery.net" target="_blank">heas@shrubbery.net</a>> wrote:<br>
<br>
> Sat, Apr 08, 2017 at 06:29:46PM -0400, Asif Iqbal:<br>
> > I meant like below per tac_plus.conf man page<br>
> ><br>
> > cmd-match<br>
> > Specify a command argument match.<br>
> ><br>
> > <permission> <regex><br>
> > <permission> <regex><br>
> ><br>
> > In the regex may be some expression that become NUL based on timestamp? I<br>
> > do not have any example.<br>
><br>
> the regex does not match a timestamp; there is in fact no timestamp<br>
> involved at all.<br>
><br>
> You can use do_auth.py or enforce the ToD via PAM.<br>
><br>
<br>
</span>I will take a look if it can provide option to allow/deny certain cmd.<br>
<br>
Thanks<br>
<br>
> [..]<br>
</div></div><span><div><div class="h5"><br>
<br>
<br>
--<br>
Asif Iqbal<br>
PGP Key: 0xE62693C5 KeyServer: <a href="http://pgp.mit.edu" rel="noreferrer" target="_blank">pgp.mit.edu</a><br>
A: Because it messes up the order in which people normally read text.<br>
Q: Why is top-posting such a bad thing?<br></div></div><span class="">
-------------- next part --------------<br>
An HTML attachment was scrubbed...<br>
</span></span>URL: <<a href="http://www.shrubbery.net/pipermail/tac_plus/attachments/20170410/31fb6bb1/attachment.html" rel="noreferrer" target="_blank">http://www.shrubbery.net/pipe<wbr>rmail/tac_plus/attachments/<wbr>20170410/31fb6bb1/attachment.<wbr>html</a>><span class=""><br>
<div class="m_-8674049213673553774HOEnZb"><div class="m_-8674049213673553774h5">______________________________<wbr>_________________<br>
tac_plus mailing list<br>
<a href="mailto:tac_plus@shrubbery.net" target="_blank">tac_plus@shrubbery.net</a><br>
<a href="http://www.shrubbery.net/mailman/listinfo/tac_plus" rel="noreferrer" target="_blank">http://www.shrubbery.net/mailm<wbr>an/listinfo/tac_plus</a><br>
</div></div></span></blockquote></div><br></div>
<br>
<br>E-Mail to and from me, in connection with the transaction <br>of public business, is subject to the Wyoming Public Records <br>Act and may be disclosed to third parties.<br></blockquote></div><br><br clear="all"><div><br></div>-- <br><div class="gmail_signature" data-smartmail="gmail_signature">Asif Iqbal<br>PGP Key: 0xE62693C5 KeyServer: <a href="http://pgp.mit.edu" target="_blank">pgp.mit.edu</a><br>A: Because it messes up the order in which people normally read text.<br>Q: Why is top-posting such a bad thing?<br><br></div>
</div></div>