diff options
author | Sergey Poznyakoff <gray@gnu.org.ua> | 2009-10-15 16:21:32 +0300 |
---|---|---|
committer | Sergey Poznyakoff <gray@gnu.org.ua> | 2009-10-15 16:21:32 +0300 |
commit | b713e2208519e7cba1c779cbd9387137eb101e5e (patch) | |
tree | c1245c09d9cffa5d74ec8961ed0ffd820f0bd23e | |
parent | 9dbe6b40d07df41255f0c8fda6895000b7c7e1a6 (diff) | |
download | pies-b713e2208519e7cba1c779cbd9387137eb101e5e.tar.gz pies-b713e2208519e7cba1c779cbd9387137eb101e5e.tar.bz2 |
Various fixes.
* README: Fix typo.
* doc/usr-acl.texi: New file.
* doc/Makefile.am (pies_TEXINFOS): Remove pies.texi,
add usr-acl.texi
(check-config, check-sub-config): Handle @deffnx
* doc/pies.texi: Update.
* src/Makefile.am (AM_CPPFLAGS): Remove superfluous defs,
use ../gnu/configmake.h instead
* src/acl.c (_acl_common_section_parser): Handle tag, depending
on the value of `flag' parameter.
Avoid coredumping on NULL pacl.
(acl_section_parser, defacl_section_parser): Update calls to
_acl_common_section_parser.
* src/pies.c (STATEDIR): Replace with LOCALSTATEDIR.
(GRECS_VALUE_IS_EMPTY): New define (possibly belongs to
grecs more than to pies).
(assert_grecs_value_type)
(return_code_section_parser): Use GRECS_VALUE_IS_EMPTY to check
for empty value.
(_get_array_arg): Bugfix.
(component_keywords, pies_keywords): Add missing docstrings.
* src/progman.c (TYPE_RETR): Rename to TYPE_REDIRECTOR.
All uses updated.
-rw-r--r-- | README-hacking | 2 | ||||
-rw-r--r-- | doc/Makefile.am | 8 | ||||
-rw-r--r-- | doc/pies.texi | 418 | ||||
-rw-r--r-- | doc/usr-acl.texi | 48 | ||||
-rw-r--r-- | src/Makefile.am | 3 | ||||
-rw-r--r-- | src/acl.c | 42 | ||||
-rw-r--r-- | src/pies.c | 43 | ||||
-rw-r--r-- | src/progman.c | 10 |
8 files changed, 411 insertions, 163 deletions
diff --git a/README-hacking b/README-hacking index 9441c46..2f22e74 100644 --- a/README-hacking +++ b/README-hacking @@ -44,13 +44,13 @@ contents: --gnulib-srcdir=$HOME/gnulib Replace `$HOME/gnulib' with the actual directory where the Gnulib sources reside. -If you wish to avoid synchronising translations, add this option: +If you wish to avoid synchronizing translations, add this option: --skip-po. For more information about `bootstrap', run `bootstrap --help'. * Copyright information diff --git a/doc/Makefile.am b/doc/Makefile.am index fec8df3..bb2ff49 100644 --- a/doc/Makefile.am +++ b/doc/Makefile.am @@ -15,14 +15,14 @@ # along with Pies. If not, see <http://www.gnu.org/licenses/>. info_TEXINFOS=pies.texi pies_TEXINFOS=\ fdl.texi\ macros.texi\ - pies.texi\ - rendition.texi + rendition.texi\ + usr-acl.texi EXTRA_DIST = \ check-docs.sh\ gendocs_template\ mastermenu.el\ untabify.el @@ -45,23 +45,23 @@ check-options: $(MAKEINFO) $(AM_MAKEINFOFLAGS) $(MAKEINFOFLAGS) -I $(srcdir) -E - \ $(info_TEXINFOS) check-config: @check-docs.sh 'configuration statements' \ '/pies_keywords\[\] *= *{/,/^}/s/[ \t]*{ *"\([^,"]*\)".*/\1/pg' \ - 's/@deffn {Config} *\([^@,]*\).*/\1/p' \ + 's/@deffnx\{0,1\} {Config} *\([^@,]*\).*/\1/p' \ $(top_srcdir)/src/pies.c -- \ $(MAKEINFO) $(AM_MAKEINFOFLAGS) $(MAKEINFOFLAGS) -I $(srcdir) -E - \ $(info_TEXINFOS) check-sub-config: @sed -n '/pies_keywords\[\] *= *{/,/^}/{p}' ../src/pies.c|tr '\n{' ' \n'|sed -n '/grecs_type_section/s/"\([^"]*\)".*grecs_type_section,[^,]*,[^,]*,[^,]*,[^,]*, *\(.*\) *}.*/\1 \2/p' | \ while read ident kw; do \ check-docs.sh "$$ident configuration statements" \ "/$$kw"'\[\] *= *{/,/^}/s/[ \t]*{ *"\([^,"]*\)".*/\1/pg' \ - "s/@deffn {Config: *$${ident}}"' *\([^@,]*\).*/\1/p' \ + "s/@deffnx\{0,1\} {Config: *$${ident}}"' *\([^@,]*\).*/\1/p' \ $(top_srcdir)/src/pies.c $(top_srcdir)/src/acl.c -- \ $(MAKEINFO) $(AM_MAKEINFOFLAGS) $(MAKEINFOFLAGS) -I $(srcdir) -E - \ $(info_TEXINFOS); \ done check-refs: diff --git a/doc/pies.texi b/doc/pies.texi index e1ca650..e47f6a6 100644 --- a/doc/pies.texi +++ b/doc/pies.texi @@ -87,14 +87,52 @@ documents @command{pies} Version @value{VERSION}. Appendices * Copying This Manual:: The GNU Free Documentation License. * Concept Index:: Index of Concepts. @detailmenu -@end detailmenu + --- The Detailed Node Listing --- + +Pies Configuration File + +* Syntax:: Configuration File Syntax +* Component Statement:: +* Notification:: Mail Notification +* ACL:: Access Control Lists +* include-meta1:: +* Global Configuration:: + +Configuration File Syntax + +* Comments:: +* Statements:: +* Preprocessor:: Using preprocessor to improve the configuration. + +Component Statement + +* Prerequisites:: +* Component Privileges:: +* Resources:: +* Actions Before Startup:: +* Exit Actions:: +* Output Redirectors:: +* Inetd-Style Components:: +* Meta1-Style Components:: +* Component Syntax Summary:: + +Global Configuration + +* Less Useful Statements:: + +Configuration Example +* Simple Pies:: +* Hairy Pies:: +* Inetd Pies:: + +@end detailmenu @end menu @node Intro @chapter Introduction @cindex component The name @command{pies} (pronounced @samp{p-yes}) stands for @@ -197,26 +235,27 @@ reports them on the standard error and exits with a non-zero status. @xopindex{lint, introduced} To test the configuration file without actually starting the server, the @option{--lint} (@option{-t}) command line option is provided. It causes @command{pies} to check its configuration file and exit with status 0 if no errors were detected, and with status 1 otherwise. -@opindex -E, introduced +@cindex @option{-E}, introduced Before parsing, configuration file is preprocessed using @command{m4} (@pxref{Preprocessor}). To see the preprocessed configuration without actually parsing it, use @option{-E} command line option. @xopindex{config-help, introduced} The rest of this section describes the configuration file syntax in detail. You can receive a concise summary of all configuration directives any time by running @command{pies --config-help}. @menu -* Syntax:: Configuration file syntax. +* Syntax:: Configuration File Syntax * Component Statement:: +* Notification:: Mail Notification * ACL:: Access Control Lists * include-meta1:: * Global Configuration:: @end menu @node Syntax @@ -435,27 +474,22 @@ component multiplexor @{ this is not required. @node Preprocessor @subsection Using Preprocessor to Improve the Configuration. @cindex preprocessor @cindex m4 - Before parsing configuration file, @command{pies} preprocesses -it. The built-in preprocessor handles only file inclusion -and @code{#line} statements (@FIXME-pxref{Pragmatic Comments}), while the -rest of traditional preprocessing facilities, such as macro expansion, -is supported via @command{m4}, which is used as an external preprocessor. - - The detailed description of @command{m4} facilities lies far beyond -the scope of this document. You will find a complete user manual in + Before parsing, the configuration file is @dfn{preprocessed} using +external preprocessor @command{m4}. For a complete user manual, refer +to @ifnothtml @ref{Top, GNU M4 manual, GNU M4, m4, GNU M4 macro processor}. @end ifnothtml @ifhtml @uref{http://www.gnu.org/software/m4/manual}. @end ifhtml -For the rest of this subsection we assume the reader is sufficiently +In this subsection we assume the reader is sufficiently acquainted with @command{m4} macro processor. @flindex pp-setup The external preprocessor is invoked with @option{-s} flag, instructing it to include line synchronization information in its output. This information is then used by the parser to display meaningful @@ -484,13 +518,14 @@ component @var{tag} @{ @} @end smallexample The component is identified by its @dfn{tag}, which is given as argument to the @code{component} keyword. -The following statements are allowed within the @code{component} block: +Following are the basic statements which are allowed within the +@code{component} block: @deffn {Config: component} mode @var{mode} Declare the type (style) of the component. Accepted values for @var{mode} are: @table @asis @@ -536,13 +571,20 @@ i.e. @command{pies} will ignore it. @deffn {Config: component} precious @var{bool} @cindex precious components If @var{bool} is @samp{true}, this component is marked as precious. Precious components are never disabled by @command{pies}, even if they respawn too fast. @end deffn - + +@deffn {Config: component} acl @{ ... @} +Set access control list for this component. @xref{ACL}, for a +detailed description of access control lists. +@end deffn + +The following subsections describe the rest of @samp{component} +substatements. @menu * Prerequisites:: * Component Privileges:: * Resources:: * Actions Before Startup:: @@ -721,13 +763,13 @@ This may change in future versions. The default behavior of @command{pies} if an @samp{init-style} component terminates is to restart it. Unless the component terminates with 0 exit code, a corresponding error message is issued to the log file. This behavior can be modified using @code{return-code} statement: -@deffn {Config} return-code +@deffn {Config: component} return-code @smallexample return-code @var{codes} @{ @dots{} @} @end smallexample @end deffn @@ -802,66 +844,19 @@ default. Otherwise, mark the component as disabled. Component dependents are stopped and marked as disabled as well. Once disabled, the components are never restarted, unless their restart is requested by the administrator. @end deffn @deffn {Config: return-code} notify @var{email-string} -Send an email notification to addresses in @var{email-string}. The -latter is a comma-separated list of email addresses, e.g.: - -@smallexample -notify "root@@localhost,postmaster@@localhost"; -@end smallexample - -The message itself is configured by the @code{message} -statement. +Send an email notification to addresses in @var{email-string}. +@xref{Notification}, for a detailed discussion of this feature. @end deffn @deffn {Config: return-code} message @var{string} Supply notification message text to use by @code{notify} statement. -@var{String} must be a valid RFC 822 message text, i.e. it must begin -with message headers, followed by an empty line and actual message -body. - -The following macro-variables are expanded within @var{string}: - -@multitable @columnfractions 0.5 0.5 -@headitem Variable @tab Expansion -@item canonical-program-name @tab @samp{pies} -@item program-name @tab Program name of the @command{pies} binary. -@item package @tab Package name (@samp{Pies}). -@item version @tab Package version (@value{VERSION}). -@item component @tab Name of the terminated component. -@item termination @tab Termination cause (see below). -@item retcode @tab Component exit code (or signal number, if exited -on signal), in decimal. -@end multitable - -The @samp{termination} variable is set so as to facilitate its use -with the @samp{retcode} variable. Namely, its value is @samp{exited -with}, if the component exited and @samp{terminated on signal}, if -the component terminated on a signal. Thus, using - -@smallexample -$@{termination@} $@{retcode@} -@end smallexample - -@noindent -results in a correct English sentence. This message, however, cannot -be properly internationalized. This will be fixed in the future -versions. - -If @code{message} statement is not given, the following default -message is used instead: - -@smallexample -From: <> -X-Agent: $@{canonical-program-name@} ($@{package@} $@{version@}) -Subject: Component $@{component@} $@{termination@} $@{retcode@}. - -@end smallexample +@xref{Notification}, for a detailed discussion of this feature. @end deffn Any number of @code{return-code} statements are allowed, provided that their @var{codes} do not intersect. Such statements can also be used outside of @code{component} block. @@ -873,13 +868,13 @@ all components. Any @code{return-code} statements appearing within a @subsection Output Redirectors @cindex repeater Output redirectors allow to redirect the standard error and/or standard output of a component to a file or @command{syslog} facility. @deffn {Config: component} stderr @var{type} @var{channel} -@deffnx {Config} stdout @var{type} @var{channel} +@deffnx {Config: component} stdout @var{type} @var{channel} Redirect standard error (if @code{stderr}) or standard output (if @code{stdout}) to the given channel. The type of redirection is specified by @var{type} argument: @table @asis @@ -1088,89 +1083,254 @@ component @var{tag} @{ # @r{Notification message text (with headers).} message @var{string}; @} @} @end smallexample +@node Notification +@section Notification +@cindex Notification + + Pies provides a @dfn{notification} mechanism, which can be used to +send email messages when components terminate. The exact contents +of such notifications and the list of their recipients may depend on +the exit code which the component returned. Notification is +configured by supplying @samp{notify} and @samp{message} statements +within a @samp{return-code} block. + +@deffn {Config: return-code} notify @var{email-string} +Send an email notification to addresses from @var{email-string}. The +latter is a comma-separated list of email addresses, e.g.: + +@smallexample +notify "root@@localhost,postmaster@@localhost"; +@end smallexample + +Each address may be optionally enclosed in angular brackets (@samp{<} +and @samp{>}). +@end deffn + +@deffn {Config: return-code} message @var{string} +Supply the email message text to be sent. @var{String} must be a +valid RFC 822 message, i.e. it must begin with message headers, +followed by an empty line and the actual message body. + +The message may contain variable data in the form of +variable references. A @dfn{variable} is an entity that holds +some data describing the event that occurred. Meta-variables +are referenced using the following construct: + +@smallexample +$@{@var{name}@} +@end smallexample + +@noindent +where @var{name} is the name of the variable. Before actually sending +the message, each occurrence of this construct is removed from the +text and replaced by the actual value of the referenced variable. +For example, the variables @samp{component} and @samp{retcode} expand +to the name of the exited component and its exit code, correspondingly. +Supposing that @samp{component} is @samp{ftpd} and @samp{retcode} is +76, the following fragment: + +@smallexample +Subject: $@{component@} exited with code $@{retcode@} +@end smallexample + +@noindent +will become: + +@smallexample +Subject: ftpd exited with code 76 +@end smallexample + +The table below lists all available variables and their expansions: + +@float Table, notification-variables +@caption{Notification Variables} +@multitable @columnfractions 0.5 0.5 +@headitem Variable @tab Expansion +@item canonical-program-name @tab @samp{pies} +@item program-name @tab Program name of the @command{pies} binary. +@item package @tab Package name (@samp{Pies}). +@item version @tab Package version (@value{VERSION}). +@item component @tab Name of the terminated component. +@item termination @tab Termination cause (see below). +@item retcode @tab Component exit code (or signal number, if exited +on signal), in decimal. +@end multitable +@end float + +The @samp{termination} variable is set so as to facilitate its use +with the @samp{retcode} variable. Namely, its value is @samp{exited +with}, if the component exited and @samp{terminated on signal}, if it +terminated on a signal. Thus, using + +@smallexample +$@{termination@} $@{retcode@} +@end smallexample + +@noindent +results in a correct English sentence. This message, however, cannot +be properly internationalized. This will be fixed in the future +versions. + +If @code{message} statement is not given, the following default +message is used instead: + +@smallexample +From: <> +X-Agent: $@{canonical-program-name@} ($@{package@} $@{version@}) +Subject: Component $@{component@} $@{termination@} $@{retcode@}. + +@end smallexample +@end deffn + +@cindex mailer +@cindex @command{sendmail} + Notification messages are sent using external program, called +@dfn{mailer}. By default it is @command{/usr/sbin/sendmail}. You can +change it using the following configuration statement: + +@deffn {Config} mailer-program @var{prog} +Use @var{prog} as a mailer program. The mailer must meet the +following requirements: + +@enumerate 1 +@item It must read the message from its standard input. +@item It must treat the non-optional arguments in its command line as +recipient addresses. +@end enumerate + +For example, the following statement instructs @command{pies} to use +@command{exim} as a mailer: + +@smallexample +mailer-program /usr/sbin/exim; +@end smallexample + +@end deffn + +By default, the mailer program is invoked as follows: + +@smallexample +/usr/sbin/sendmail -oi -t @var{rcpts} +@end smallexample + +@noindent +where @var{rcpts} is a whitespace-separated list of addresses supplied +in the @samp{notify} statement. + +The mailer command may be altered using @samp{mailer-command-line} statement: + +@deffn {Config} mailer-command-line @var{string} +Set mailer command line. Notice, that @var{string} must include the +command name as well. The @samp{mailer-program} statement supplies +the full name of the binary which will be executed, while the first word +from the @samp{mailer-command-line} argument gives the string it +receives as @samp{argv[0]}. + + The example below shows how to use this statement to alter the +envelope sender address: + +@smallexample +mailer-command-line "sendmail -f root@@domain.com -oi -t"; +@end smallexample +@end deffn + @node ACL @section Access Control Lists @cindex @acronym{ACL} @cindex access control lists @dfn{Access control lists}, or @acronym{ACL}s for short, are lists of permissions that control access to @samp{inetd}, @samp{access} and @samp{meta1}-style components. An @acronym{ACL} is defined using @code{acl} block statement: @deffn {Config} acl @smallexample -acl @var{name} @{ +acl @{ @var{definitions} @} @end smallexample @end deffn -The @var{name} parameter specifies a unique name for that -@acronym{ACL}. This name can be used by another configuration -statements to refer to that @acronym{ACL}. - -A part between the curly braces (denoted by @var{definitions} above), -is a list of @dfn{access statements}. There are two types of -such statements: + This statement is allowed both in global context and within a +@samp{component} block. If both are present, the global-level +@acronym{ACL} is consulted first, and if it allows access, the +component @acronym{ACL} is consulted. As a result, access is +granted only if both lists allow it. -@deffn {Config: acl} allow @var{user-group} @var{sub-acl} @var{host-list} -Allow access to resource. -@end deffn + A @dfn{named @acronym{ACL}} is an access control list which is +assigned its own name. Named @acronym{ACL}s are defined using +the @samp{defacl} statement: -@deffn {Config: acl} deny @var{user-group} @var{sub-acl} @var{host-list} -Deny access to resource. +@deffn {Config} defacl @var{name} +@smallexample +defacl @var{name} @{ + @var{definitions} +@} +@end smallexample + + The @var{name} parameter specifies a unique name for that +@acronym{ACL}. Named @acronym{ACL}s are applied only if +referenced from another @acronym{ACL} (either global or a +per-component one, or any named @acronym{ACL}, referenced +from these). @xref{acl-ref, ACL references}, below. @end deffn -All parts of an access statement are optional, but at least one -of them must be present. + In both forms, the part between the curly braces (denoted by +@var{definitions}), is a list of @dfn{access control statements}. +There are two types of such statements: -The @var{user-group} part specifies which users match this entry. -Allowed values are the following: - -@table @code -@kwindex all -@item all -All users. +@deffn {Config: acl} allow [@var{user-group}] @var{sub-acl} @var{host-list} +@deffnx {Config: acl} allow any +Allow access to the component. +@end deffn +@ignore +@deffn {Config: defacl} allow [@var{user-group}] @var{sub-acl} @var{host-list} +@end deffn +@end ignore -@kwindex authenticated -@item authenticated -Only authenticated users. +@deffn {Config: acl} deny [@var{user-group}] @var{sub-acl} @var{host-list} +@deffnx {Config: acl} deny any +Deny access to the component. +@end deffn +@ignore +@deffn {Config: defacl} deny [@var{user-group}] @var{sub-acl} @var{host-list} +@end deffn +@end ignore -@kwindex group -@item group @var{group-list} -Authenticated users which are members of at least one of groups listed in -@var{group-list}. -@end table +All parts of an access statement are optional, but at least one +of them must be present. The @var{user-group} part is reserved for +future use and is described in more detail in @ref{User-Group ACLs}. +@anchor{acl-ref} The @var{sub-acl} part, if present, allows to branch to another @acronym{ACL}. The syntax of this group is: @smallexample acl @var{name} @end smallexample @noindent -where @var{name} is the name of a previously defined @acronym{ACL}. +where @var{name} is the name of @acronym{ACL} defined previously in +@samp{defacl} statement. -Finally, the @var{host-list} group allows to match client addresses. +The @var{host-list} group allows to match client addresses. It consists of a @code{from} keyword followed by a list of @dfn{address specifiers}. Allowed address specifiers are: @table @asis @item @var{addr} Matches if the client @acronym{IP} equals @var{addr}. The latter may be given either as an @acronym{IP} address or as a host name, in which case it will be resolved and the first of its @acronym{IP} addresses will be used. - @item @var{addr}/@var{netlen} Matches if first @var{netlen} bits from the client @acronym{IP} address equal to @var{addr}. The network mask length, @var{netlen} must be an integer number in the range from 0 to 32. The address part, @var{addr}, is as described above. @@ -1182,47 +1342,46 @@ form, e.g. @samp{255.255.255.224}. @item @var{filename} Matches if connection was received from a @acronym{UNIX} socket @var{filename}, which must be given as an absolute file name. @end table +@anchor{acl-any}. +The special form @samp{allow any} means to allow access +unconditionally. Similarly, @samp{deny any}, denies access +unconditionally. Normally, these forms appear as the last +statements in an @acronym{ACL} definition. + To summarize, the syntax of an access statement is: @smallexample -allow|deny [all|authenticated|group @var{group-list}] - [acl @var{name}] [from @var{addr-list}] +allow|deny [acl @var{name}] [from @var{addr-list}] @end smallexample @noindent where square brackets denote optional parts and vertical bar means @samp{one of}. -When an @acronym{ACL} is applied to a particular object, its entries -are tried in turn until one of them matches, or the end of the list is -reached. If a matched entry is found, its command verb, @code{allow} -or @code{deny}, defines the result of @acronym{ACL} match. If the end -of list is reached, the result is @samp{allow}, unless explicitly -specified otherwise. - -@FIXME{Trim that example:} -For example, the following statement defines an @acronym{ACL} named -@samp{common}, that allows access for any user connected via local -@acronym{UNIX} socket @file{/tmp/dicod.sock} or coming from a local -network @samp{192.168.10.0/24}. Any authenticated users are allowed, -provided that they are allowed by another @acronym{ACL} @samp{my-nets} -(which should have been defined before this definition). Users -coming from the network @samp{10.10.0.0/24} are allowed if they -authenticate themselves and are members of groups @samp{pies} or -@samp{users}. Access is denied for anybody else: +When an @acronym{ACL} is checked, its entries are tried in turn until +one of them matches, or the end of the list is reached. If a matched +entry is found, its command verb, @code{allow} or @code{deny}, defines +the result of @acronym{ACL} match. If the end of list is reached, +the result is @samp{allow}, unless explicitly specified otherwise +(using the @pxref{acl-any, ``any'' form}). + +For example, the following @acronym{ACL} allows access for anybody +coming from networks @samp{192.168.10.0/24} and @samp{192.168.100.0/24}, +or any connection that matches the named @acronym{ACL} @samp{my-nets} +(which should have been defined before this definition). Access is +denied for anybody else: @smallexample @group -acl common @{ - allow all from ("/tmp/pies.sock", "192.168.10.0/24"); - allow authenticated acl "my-nets"; - allow group ("pies", "users") from "10.10.0.0/24"; +acl @{ + allow from (192.168.10.0/24, 192.168.100.0/24); + allow acl "my-nets"; deny all; @} @end group @end smallexample @node include-meta1 @@ -1349,24 +1508,25 @@ useless. Do not use them, unless you have a good knowledge of The following three statements define file names of various files needed by @command{pies}. Use them only if the defaults does not suit your needs: @deffn {Config} pidfile @var{file} Write PID of the master @command{pies} process to @var{file}. By -default, master PID is stored in @file{@var{statedir}/pies.pid} -(@FIXME-pxref{statedir}). +default, master PID is stored in @file{@var{localstatedir}/pies.pid}, +where @var{localstatedir} is the @dfn{local state directory}, defined +at compile time (usually, it is @file{/usr/local/var} or @file{/usr/var}). @end deffn @deffn {Config} control-file @var{file} Set file name of the @command{pies} control file. Default is -@file{@var{statedir}/pies.ctl} +@file{@var{localstatedir}/pies.ctl} @end deffn @deffn {Config} stat-file @var{file} Set file name of the statistics output file. Default is -@file{@var{statedir}/pies.stat}. +@file{@var{localstatedir}/pies.stat}. @end deffn Normally, @command{pies} must be run with root privileges. If, however, you found such an implementation for it, that requires another privileges, you may change them using the following three statements: @@ -1510,13 +1670,13 @@ acl @{ log from any "Connect from $@{address@}"; allow from 10.10.10.0/24; allow from 192.168.10.0/27; deny from any; @} -debug "<trace4"; +debug 3; component ftp @{ mode inetd; socket "inet://0.0.0.0:21"; umask 027; program /usr/sbin/ftpd @@ -1749,12 +1909,16 @@ it. The information needed is: @item Run-time configuration (@file{pies.conf} file and the command line options used). @item Detailed description of the bug. @item Conditions under which the bug appears. @end itemize +@node User-Group ACLs +@appendix User-Group ACLs +@include usr-acl.texi + @node Copying This Manual @appendix GNU Free Documentation License @include fdl.texi @node Concept Index @unnumbered Concept Index diff --git a/doc/usr-acl.texi b/doc/usr-acl.texi new file mode 100644 index 0000000..1fd69f5 --- /dev/null +++ b/doc/usr-acl.texi @@ -0,0 +1,48 @@ +@c This is part of the Pies manual. +@c Copyright (C) 2009 Sergey Poznyakoff +@c This file is distributed under GFDL 1.1 or any later version +@c published by the Free Software Foundation. + + This appendix describes the @samp{user-group} extension for +@command{Pies} @acronym{ACL}s. This extension is reserved for +the future use. + +The @var{user-group} @acronym{ACL} statement specifies which +users match this entry. Allowed values are the following: + +@table @code +@kwindex all +@item all +All users. + +@kwindex authenticated +@item authenticated +Only authenticated users. + +@kwindex group +@item group @var{group-list} +Authenticated users which are members of at least one of groups listed in +@var{group-list}. +@end table + +For example, the following statement defines an @acronym{ACL} +which allows access for any user connected via local @acronym{UNIX} +socket @file{/tmp/dicod.sock} or coming from a local network +@samp{192.168.10.0/24}. Any authenticated users are allowed, provided +that they are allowed by another @acronym{ACL} @samp{my-nets} (which +should have been defined before this definition). Users coming from +the network @samp{10.10.0.0/24} are allowed if they authenticate +themselves and are members of groups @samp{pies} or @samp{users}. +Access is denied for anybody else: + +@smallexample +@group +acl @{ + allow all from ("/tmp/pies.sock", "192.168.10.0/24"); + allow authenticated acl "my-nets"; + allow group ("pies", "users") from "10.10.0.0/24"; + deny all; +@} +@end group +@end smallexample + diff --git a/src/Makefile.am b/src/Makefile.am index 970a8b3..78b55c1 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -52,14 +52,13 @@ INCLUDES = \ LDADD = \ ../lib/libpies.a\ ../grecs/src/libgrecs.a\ ../gnu/libgnu.a\ $(MF_PROCTITLE_LIBS) -AM_CPPFLAGS=-DSYSCONFDIR=\"$(sysconfdir)\"\ - -DSTATEDIR=\"$(localstatedir)\"\ +AM_CPPFLAGS=\ -DDEFAULT_PREPROCESSOR="$(DEFAULT_PREPROCESSOR)"\ -DDEFAULT_VERSION_INCLUDE_DIR=\"$(incdir)\"\ -DDEFAULT_INCLUDE_DIR=\"$(pkgdatadir)/include\" AM_YFLAGS=-dvt -pmeta1 AM_LFLAGS=-dvp -Pmeta1 -olex.yy.c @@ -357,36 +357,59 @@ parse_acl_line (grecs_locus_t *locus, int allow, pies_acl_t acl, return 1; } gl_list_add_last (acl->list, entry); return 0; } +#define ACL_TAG_NONE 0 +#define ACL_TAG_IGNORE 1 +#define ACL_TAG_OPTIONAL 2 +#define ACL_TAG_REQUIRED 3 + int _acl_common_section_parser (enum grecs_callback_command cmd, grecs_locus_t *locus, grecs_value_t *value, pies_acl_t *pacl, - int need_tag) + int flag) { pies_acl_t acl; grecs_locus_t defn_loc; const char *tag = NULL; + int has_value = 0; switch (cmd) { case grecs_callback_section_begin: if (value) { if (value->type != GRECS_TYPE_STRING) { grecs_error (locus, 0, _("ACL name must be a string")); return 1; } - tag = value->v.string; + has_value = value->v.string != NULL; + } + if (has_value) + { + switch (flag) + { + case ACL_TAG_NONE: + grecs_error (locus, 0, _("ACL name is not expected")); + return 1; + + case ACL_TAG_IGNORE: + grecs_warning (locus, 0, _("ACL name is ignored")); + break; + + case ACL_TAG_OPTIONAL: + case ACL_TAG_REQUIRED: + tag = value->v.string; + } } - else if (need_tag) + else if (flag == ACL_TAG_REQUIRED) { grecs_error (locus, 0, _("missing ACL name")); return 1; } acl = pies_acl_create (tag, locus); if (tag && pies_acl_install (acl, &defn_loc)) @@ -395,13 +418,14 @@ _acl_common_section_parser (enum grecs_callback_command cmd, _("redefinition of ACL %s"), value->v.string); grecs_error (&defn_loc, 0, _("location of the previous definition")); return 1; } - *pacl = acl; + if (pacl) + *pacl = acl; break; case grecs_callback_section_end: case grecs_callback_set_value: break; } @@ -412,26 +436,28 @@ int acl_section_parser (enum grecs_callback_command cmd, grecs_locus_t *locus, void *varptr, grecs_value_t *value, void *cb_data) { - if (_acl_common_section_parser (cmd, locus, value, varptr, 1) == 0) + int rc = _acl_common_section_parser (cmd, locus, value, varptr, + ACL_TAG_NONE); + if (rc == 0) *(void**)cb_data = *(pies_acl_t*)varptr; - return 0; + return rc; } int defacl_section_parser (enum grecs_callback_command cmd, grecs_locus_t *locus, void *varptr, grecs_value_t *value, void *cb_data) { - _acl_common_section_parser (cmd, locus, value, cb_data, 0); - return 0; + return _acl_common_section_parser (cmd, locus, value, cb_data, + ACL_TAG_REQUIRED); } static int allow_cb (enum grecs_callback_command cmd, grecs_locus_t *locus, void *varptr, @@ -25,15 +25,15 @@ int lint_mode; /* Test configuration syntax and exit */ int log_to_stderr; /* Use stderr for logging */ int log_facility = LOG_USER; char *log_tag; struct pies_privs pies_privs; int foreground; int command; -char *pidfile = STATEDIR "/pies.pid"; -char *ctlfile = STATEDIR "/pies.ctl"; -char *statfile = STATEDIR "/pies.stat"; +char *pidfile = LOCALSTATEDIR "/pies.pid"; +char *ctlfile = LOCALSTATEDIR "/pies.ctl"; +char *statfile = LOCALSTATEDIR "/pies.stat"; mode_t pies_umask = 0; unsigned long shutdown_timeout = 5; pies_acl_t pies_acl; limits_record_t pies_limits; int force_option; char *mailer_program = "/usr/sbin/sendmail"; @@ -59,17 +59,26 @@ stderr_closed_p () return 1; close (fd); return fd <= 2; } +#define GRECS_VALUE_IS_EMPTY(val) \ + (!(val) || ((val)->type == GRECS_TYPE_STRING && !(val)->v.string)) + int assert_grecs_value_type (grecs_locus_t * locus, const grecs_value_t * value, int type) { - if (!value || value->type != type) + if (GRECS_VALUE_IS_EMPTY (value)) + { + grecs_error (locus, 0, _("expected %s"), + grecs_data_type_string (type)); + return 1; + } + if (value->type != type) { grecs_error (locus, 0, _("expected %s, but found %s"), grecs_data_type_string (type), grecs_data_type_string (value->type)); return 1; } @@ -317,13 +326,14 @@ _get_string_arg (grecs_value_t * val, int num, grecs_locus_t * locus) const char * _get_array_arg (grecs_value_t * val, int num, grecs_locus_t * locus) { if (num < val->v.arg.c) { - if (assert_grecs_value_type (locus, val, GRECS_TYPE_STRING) == 0) + if (assert_grecs_value_type (locus, &val->v.arg.v[num], + GRECS_TYPE_STRING) == 0) return val->v.arg.v[num].v.string; } return NULL; } const char * @@ -349,13 +359,13 @@ return_code_section_parser (enum grecs_callback_command cmd, size_t count; struct action *act; switch (cmd) { |