samhainrc: support merged usr layout

[mirror/dsa-puppet.git] / modules / portforwarder / templates / authorized_keys.erb

diff --git a/modules/portforwarder/templates/authorized_keys.erb b/modules/portforwarder/templates/authorized_keys.erb
index 063312a..755f344 100644 (file)
--- a/modules/portforwarder/templates/authorized_keys.erb
+++ b/modules/portforwarder/templates/authorized_keys.erb
@@ -30,7 +30,7 @@ config.each_pair do |sourcehost, services|
        ##lines << "# sourcehost is #{sourcehost}"
        services.each do |service|
                ##lines << "# targethost is #{service['target_host']}, my hostname #{hostname}, fqdn is #{fqdn}"
-               next if service['target_host'] != fqdn
+               next if service['target_host'] != @fqdn
                allowed_ports << service['target_port'] if service['target_port']
        end
 
@@ -44,7 +44,7 @@ config.each_pair do |sourcehost, services|
                        lines << "# insufficient config values"
                else
                        command = "/usr/bin/portforwarder-ssh-wrap #{sourcehost} #{local_bind} #{allowed_ports.join(' ')}"
-                       lines << "from=\"#{remote_ip}\",command=\"#{command}\",no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding #{sshkey}"
+                       lines << "from=\"#{remote_ip}\",command=\"#{command}\",restrict #{sshkey}"
                end
        end
 end