From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <mike@fly.osdn.org.ua>
X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on sa.int.altlinux.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.3 required=5.0 tests=AWL,BAYES_00,
	DNS_FROM_OPENWHOIS autolearn=no version=3.2.5
Date: Wed, 23 Jun 2010 10:54:38 +0300
From: Michael Shigorin <mike@osdn.org.ua>
To: ALT Linux Sisyphus mailing list <sisyphus@lists.altlinux.org>
Message-ID: <20100623075438.GD14081@osdn.org.ua>
Mail-Followup-To: ALT Linux Sisyphus mailing list <sisyphus@lists.altlinux.org>
References: <AANLkTilb0xyBnOFtcJsn4sJ80qO7IPQXwRfW2tvk2rtS@mail.gmail.com>
	<20100622214400.GA22145@wo.int.altlinux.org>
	<20100622225300.GZ14081@osdn.org.ua>
	<20100622230857.GB18232@wo.int.altlinux.org>
	<AANLkTin5PFyDV5n7DZSqRjrJQeskUbFVPSOcdOJXFRX3@mail.gmail.com>
	<20100622234523.GG18232@wo.int.altlinux.org>
	<20100622214400.GA22145@wo.int.altlinux.org>
	<20100622225300.GZ14081@osdn.org.ua>
	<20100622230857.GB18232@wo.int.altlinux.org>
	<20100623075337.GC14081@osdn.org.ua>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="XF85m9dhOBO43t/C"
Content-Disposition: inline
In-Reply-To: <20100623075337.GC14081@osdn.org.ua>
User-Agent: Mutt/1.4.2.1i
Subject: Re: [sisyphus] I: openssh-server-5.3p1-alt2: disabled
	PasswordAuthentication for "wheel" group members
X-BeenThere: sisyphus@lists.altlinux.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: shigorin@gmail.com,
	ALT Linux Sisyphus discussions <sisyphus@lists.altlinux.org>
List-Id: ALT Linux Sisyphus discussions <sisyphus.lists.altlinux.org>
List-Unsubscribe: <https://lists.altlinux.org/mailman/options/sisyphus>,
	<mailto:sisyphus-request@lists.altlinux.org?subject=unsubscribe>
List-Archive: <http://lists.altlinux.org/pipermail/sisyphus>
List-Post: <mailto:sisyphus@lists.altlinux.org>
List-Help: <mailto:sisyphus-request@lists.altlinux.org?subject=help>
List-Subscribe: <https://lists.altlinux.org/mailman/listinfo/sisyphus>,
	<mailto:sisyphus-request@lists.altlinux.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Jun 2010 07:54:44 -0000
Archived-At: <http://lore.altlinux.org/sisyphus/20100623075438.GD14081@osdn.org.ua/>
List-Archive: <http://lore.altlinux.org/sisyphus/>
List-Post: <mailto:sisyphus@altlinux.ru>


--XF85m9dhOBO43t/C
Content-Type: multipart/mixed; boundary="CE+1k2dSO48ffgeK"
Content-Disposition: inline


--CE+1k2dSO48ffgeK
Content-Type: text/plain; charset=koi8-r
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, Jun 23, 2010 at 10:53:37AM +0300, I wrote:
> =E5=D3=CC=C9 =C2=D9 =C2=D9=CC=C1 =D7=CF=DA=CD=CF=D6=CE=C1 =D3=CB=CF=CC=D8=
-=CE=C9=C2=D5=C4=D8 =CE=C1=C4=A3=D6=CE=C1=D1 =D0=D2=CF=D7=C5=D2=CB=C1, =DE=
=D4=CF =C8=CF=D4=D1 =C2=D9
> =CF=C4=C9=CE =D0=CF=CC=D8=DA=CF=D7=C1=D4=C5=CC=D8 =D7 =C7=D2=D5=D0=D0=C5 =
wheel =C9=CD=C5=C5=D4 =D0=D5=C2=CC=C9=DE=CE=D9=CA =CB=CC=C0=DE =C8=CF=D4=D1=
 =C2=D9 =D7
> =C4=C5=C6=CF=CC=D4=CE=CF=CD =CD=C5=D3=D4=C5... =D0=C5=D2=D7=D9=CD =D0=D2=
=C9=C2=CC=C9=D6=C5=CE=C9=C5=CD =CD=CF=D6=C5=D4 =D0=CF=D3=CC=D5=D6=C9=D4=D8
> =D0=D2=C9=CC=CF=D6=C5=CE=CE=D9=CA =D3=CB=D2=C9=D0=D4, =CE=CF =CF=CE =D4=
=CF=D6=C5 80%, =C1 =CE=C5 100%.

=FA=C1=C2=D9=CC, =C9=D3=D0=D2=C1=D7=CC=D1=C0=D3=D8.

--=20
 ---- WBR, Michael Shigorin <mike@altlinux.ru>
  ------ Linux.Kiev http://www.linux.kiev.ua/

--CE+1k2dSO48ffgeK
Content-Type: application/x-sh
Content-Disposition: attachment; filename="sshd-wheel-test.sh"
Content-Transfer-Encoding: quoted-printable

#!/bin/sh=0A=0Acheck() {=0A	[ -s "$1" ] || return 1=0A	grep -qv '^[ \t]*#' =
-- "$1"=0A}=0A=0AOK=3Dyes=0A#OK=3D=0A=0Agetent group wheel \=0A| cut -f4 -d=
: \=0A| tr ',' '\n' \=0A| while read user; do=0A	home=3D"`getent passwd "$u=
ser" | cut -f6 -d:`"=0A	if check "$home/.ssh/authorized_keys" \=0A	   || ch=
eck "$home/.ssh/authorized_keys2"; then=0A		echo $user will have ssh access=
=0A		#OK=3Dyes=0A	else=0A		echo "WARNING: wheel user $user WILL NOT have SS=
H access!"=0A		OK=3Dno=0A	fi=0Adone=0A
--CE+1k2dSO48ffgeK--

--XF85m9dhOBO43t/C
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFMIb2+bsPDprYMm3IRAnEnAKDQozNUlxh6OeA/q2vvBHABBMlqNACeKqjf
UQhEqBQzga/YY2f9PCxVgAg=
=GuUy
-----END PGP SIGNATURE-----

--XF85m9dhOBO43t/C--