Daniel, Setting up symlinks to the appropriate rules file is not a big deal, so for the time being, I'll do that.
As for rule order, what you stated makes sense, but the tricky part is the order in which a user's other groups are examined. If I'm a member of wheel, employees, authors, and editors (in addition to my primary group), and there are authpf.rules files for each of those groups, which one comes first? As an admin, I would want the rules for wheel. The more I think about it, this feature would almost require that we have a way to tell authpf exactly which group rules files to search for, and in which order. Is this getting more complicated than it's worth? Symlinks sound easier. :-) Chris > No, authpf currently ignores users' groups when picking rulesets to > load. I guess that could be a useful addition. If we can find an > intuitive order. A user can be in several groups, one of > which is his > primary group. What order would you want for ruleset search? > > First try users/$USER/authpf.rules, if not found try > groups/$GROUP/authpf.rules with the user's primary group, > if not found > try the user's other groups, and if not found, use the default > authpf.rules?
