From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8b3) Gecko/20050827 Fedora/1.1-0.2.8.deerpark.alpha2 Firefox/1.0+ Description of problem: When setting a resctrition for pam_access module, the additional dot for IP adresses is requiered. This dot is useless and the module should not insist on it. This configuration file for ftp access should work /etc/security/access-ftp.conf: -:root:ALL EXCEPT LOCAL host1.bla.com .domain.com 192.168.1.2 -:user1:ALL EXCEPT LOCAL somehost.somwhere.com .someotherdomain.com -:user2:ALL EXCEPT .bla.com Version-Release number of selected component (if applicable): pam-0.80-7 How reproducible: Always Steps to Reproduce: 1. set -:root:ALL EXCEPT 192.168.1.2 2. try to login to FTP server - login failed 3. set -:root:ALL EXCEPT 192.168.1.2. 4. login to ftp is successful Additional info:
Should be now fixed as of pam-0.99.4.0.