Fryderyk Raczyk <[email protected]> wrote:
> Thank you for reply and suggestion. Maybe I don't proper configure your > example, but If I have a policy with members: !%hi-vol-sasl, $*, then a > member from group 'hi-vol-sasl' doesn't match to first entry (!%hi-vol-sasl), > but it always matches to "$*" which means "any SASL username", so final > result is "matched". Second mutually exclusive policy doesn't change > anything. Did you set "!%hi-vol-sasl, $*" as one single clause ? Individual elements within a single membership clause are ANDed together. If you add them as separate classes then they are ORed together. _______________________________________________ Users mailing list [email protected] http://lists.policyd.org/mailman/listinfo/users_lists.policyd.org
