Use "restrict" key option for buildd access to wanna-build

diff --git a/modules/roles/templates/buildd_master_wb-authorized_keys.erb b/modules/roles/templates/buildd_master_wb-authorized_keys.erb
index 1b17595..ff9eebe 100644 (file)
--- a/modules/roles/templates/buildd_master_wb-authorized_keys.erb
+++ b/modules/roles/templates/buildd_master_wb-authorized_keys.erb
@@ -30,7 +30,7 @@ for m in buildds do
     lines << "## no key for node"
   else
     lines << "command=\"/srv/wanna-build/bin/wanna-build --ssh-wrapper #{m['node'].split('.')[0]}\"," +
-             'no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-user-rc,' +
+             'restrict,' +
              'from="' + m['addr'].join(',') + '" ' +
              m['key']
   end