>There should be a way to allow exceptions to the default settings.
>
>Let me illustrate what I mean: Here is my current (workable) situation:
>user = ppp (DEFAULT, because the vast majority use PPP)
>user.ppp = ppp (in case they have previous knowledge and try this)
>user.slip = slip
>user.cslip = cslip
>user.shell = telnet to unix machine
>user.uucp = uucp service
>
>When a user (jdoe) wants a static ip, I have to ask if he needs SLIP, and
>add an full and explicit entry for "jdoe" in the users file. It would be
>nice to set it up so both jdoe.ppp and jdoe.slip would assign his static
>address. (I have some users who would like to log in from home and work,
>but only SLIP is available at work, etc). Such a mechanism would
>facilitate a few other useful additions, as I'll show below.
That's the way I implemented it. "user%service" gets looked for (if I remember
right):
a) user%service
b) user%
c) %service
Item b) allows you to put entries in that will stop a user from using a
special service. For example we have a help login that has no password. We
don't want help%slip or help%ppp to work. So entries like the following are
added:
help% Authentication-Type = Unix-PW Prohibit-Protocol = Framed
A non "user" login gets checked as:
a) user
b) DEFAULT
I also don't hard code the defaults. You can add any %XXX into the users
file and it works fine.
I'll be patching 2.4 Merit in the near future. I'll try and remember to post
the patches.
-- Stuart Lynne <sl@wimsey.com> 604-933-1000 <http://www.wimsey.com> PGP Fingerprint: 28 E2 A0 15 99 62 9A 00 88 EC A3 EE 2D 1C 15 68