hosts.equiv.5: Tweak's to Carlos's patch

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-06-17 10:46:06 +02:00 · 2015-06-17 10:46:06 +02:00 · 9e7cff750b
parent 427cee53f0
commit 9e7cff750b
1 changed files with 78 additions and 99 deletions
--- a/man5/hosts.equiv.5
+++ b/man5/hosts.equiv.5
@ -82,111 +82,90 @@ is added to the auth component line in your PAM file for
 the particular service
 .RB "(e.g., " rlogin ).
 .SH EXAMPLE
-Here are some example
+Below are some example
 .I /etc/host.equiv
 or
 .I ~/.rhosts
-files:
-.TP
+files.
+
 Allow any user to login from any host:
-.LP
-.RS 4
-.TP
-+
-.PD
-.RE
-.TP
-Allow any user from host with a matching local account to login:
-.LP
-.RS 4
-.TP
-host
-.PD
-.RE
-.PP
-Note: The use of
-.B +host
-is never a valid syntax, including attempting to specify that any user from the host is allowed.
-.TP
-Allow any user from host to login:
-.LP
-.RS 4
-.TP
-host +
-.PD
-.RE
-.PP
-Note: This is distinct from the previous example since it does not require a matching local account.
-.TP
-Allow user from host to login:
-.LP
-.RS 4
-.TP
-host user
-.PD
-.RE
-.TP
-Allow all users with matching local accounts from host to login except for baduser:
-.LP
-.RS 4
-.PD 0
-.TP
-host -baduser
-.TP
-host
-.PD
-.RE
-.TP
-Deny all users from host:
-.LP
-.RS 4
-.TP
-host
-.PD
-.RE
-.PP
-Note: The use of
-.B -host -user
-is never a valid syntax, including attempting to specify that a particular user from the host is not trusted.
-.TP
-Allow all users with matching local accounts in all hosts in the netgroup:
-.LP
-.RS 4
-.TP
-+@netgroup
-.PD
-.RE
-.TP
-Disallow all users in all hosts in the netgroup:
-.LP
-.RS 4
-.TP
-@netgroup
-.PD
-.RE
-.TP
-Allow all users in netgroup to login from host:
-.LP
-.RS 4
-.TP
-host +@netgroup
-.PD
-.RE
-.TP
-Allow all users with matching local accounts in all hosts in the netgroup except baduser:
-.LP
-.RS 4
-.PD 0
-.TP
-+@netgroup -baduser
-.TP
-+@netgroup
-.PD
-.RE
-.TP
-Note: The deny statements must always preceed the allow statements because the file is processed one line at a time.

+    +

+Allow any user from
+.I host
+with a matching local account to login:
+
+    host
+
+Note: the use of
+.I +host
+is never a valid syntax,
+including attempting to specify that any user from the host is allowed.
+
+Allow any user from
+.I host
+to login:
+
+    host +
+
+Note: this is distinct from the previous example
+since it does not require a matching local account.
+
+Allow
+.I user
+from
+.I host
+to login:
+
+    host user
+
+Allow all users with matching local accounts from
+.I host
+to login except for
+.IR baduser :
+
+    host \-baduser
+    host
+
+Deny all users from
+.IR host :
+
+    \-host
+
+Note: the use of
+.I "\-host\ \-user"
+is never a valid syntax,
+including attempting to specify that a particular user from the host
+is not trusted.
+
+Allow all users with matching local accounts on all hosts in a
+.IR netgroup :
+
+    +@netgroup
+
+Disallow all users on all hosts in a
+.IR netgroup :
+
+    \-@netgroup
+
+Allow all users in a
+.I netgroup
+to log in from
+.IR host :
+
+    host +@netgroup
+
+Allow all users with matching local accounts on all hosts in a
+.I netgroup
+except
+.IR baduser :
+
+    +@netgroup \-baduser
+    +@netgroup
+
+Note: the deny statements must always precede
+because the file is processed one line at a time.
 .SH SEE ALSO
 .BR rhosts (5),
 .BR rlogind (8),