File tree Expand file tree Collapse file tree 1 file changed +14
-2
lines changed
Expand file tree Collapse file tree 1 file changed +14
-2
lines changed Original file line number Diff line number Diff line change @@ -62,6 +62,20 @@ new policy code passes all of our tests.
6262 ` @ ` should be appended at the end. For example, if your user is ` john ` , it
6363 must be written as ` john@ ` in the policy.
6464
65+ ** SSH**
66+
67+ The SSH policy has been reworked to be more consistent with the rest of the
68+ policy. In addition, several inconsistencies between our implementation and
69+ Tailscale's upstream has been closed and this might be a breaking change for
70+ some users. Please refer to the
71+ [ upstream documentation] ( https://tailscale.com/kb/1337/acl-syntax#tailscale-ssh )
72+ for more information on which types are allowed in ` src ` , ` dst ` and ` users ` .
73+
74+ There is one large inconsistency left, we allow ` * ` as a destination as we
75+ currently do not support ` autogroup:self ` , ` autogroup:member ` and
76+ ` autogroup:tagged ` . The support for ` * ` will be removed when we have support for
77+ the autogroups.
78+
6579** Current state**
6680
6781The new policy is passing all tests, both integration and unit tests. This does
@@ -70,8 +84,6 @@ working in v1 and not tested might be broken in v2 (and vice versa).
7084
7185** We do need help testing this code**
7286
73-
74-
7587#### Other breaking changes
7688
7789- Disallow ` server_url ` and ` base_domain ` to be equal
You can’t perform that action at this time.
0 commit comments