path: root/doc/usr-acl.texi
diff options
authorSergey Poznyakoff <gray@gnu.org.ua>2009-10-15 16:21:32 +0300
committerSergey Poznyakoff <gray@gnu.org.ua>2009-10-15 16:21:32 +0300
commitb713e2208519e7cba1c779cbd9387137eb101e5e (patch)
treec1245c09d9cffa5d74ec8961ed0ffd820f0bd23e /doc/usr-acl.texi
parent9dbe6b40d07df41255f0c8fda6895000b7c7e1a6 (diff)
Various fixes.
* README: Fix typo. * doc/usr-acl.texi: New file. * doc/Makefile.am (pies_TEXINFOS): Remove pies.texi, add usr-acl.texi (check-config, check-sub-config): Handle @deffnx * doc/pies.texi: Update. * src/Makefile.am (AM_CPPFLAGS): Remove superfluous defs, use ../gnu/configmake.h instead * src/acl.c (_acl_common_section_parser): Handle tag, depending on the value of `flag' parameter. Avoid coredumping on NULL pacl. (acl_section_parser, defacl_section_parser): Update calls to _acl_common_section_parser. * src/pies.c (STATEDIR): Replace with LOCALSTATEDIR. (GRECS_VALUE_IS_EMPTY): New define (possibly belongs to grecs more than to pies). (assert_grecs_value_type) (return_code_section_parser): Use GRECS_VALUE_IS_EMPTY to check for empty value. (_get_array_arg): Bugfix. (component_keywords, pies_keywords): Add missing docstrings. * src/progman.c (TYPE_RETR): Rename to TYPE_REDIRECTOR. All uses updated.
Diffstat (limited to 'doc/usr-acl.texi')
1 files changed, 48 insertions, 0 deletions
diff --git a/doc/usr-acl.texi b/doc/usr-acl.texi
new file mode 100644
index 0000000..1fd69f5
--- /dev/null
+++ b/doc/usr-acl.texi
@@ -0,0 +1,48 @@
+@c This is part of the Pies manual.
+@c Copyright (C) 2009 Sergey Poznyakoff
+@c This file is distributed under GFDL 1.1 or any later version
+@c published by the Free Software Foundation.
+ This appendix describes the @samp{user-group} extension for
+@command{Pies} @acronym{ACL}s. This extension is reserved for
+the future use.
+The @var{user-group} @acronym{ACL} statement specifies which
+users match this entry. Allowed values are the following:
+@table @code
+@kwindex all
+@item all
+All users.
+@kwindex authenticated
+@item authenticated
+Only authenticated users.
+@kwindex group
+@item group @var{group-list}
+Authenticated users which are members of at least one of groups listed in
+@end table
+For example, the following statement defines an @acronym{ACL}
+which allows access for any user connected via local @acronym{UNIX}
+socket @file{/tmp/dicod.sock} or coming from a local network
+@samp{}. Any authenticated users are allowed, provided
+that they are allowed by another @acronym{ACL} @samp{my-nets} (which
+should have been defined before this definition). Users coming from
+the network @samp{} are allowed if they authenticate
+themselves and are members of groups @samp{pies} or @samp{users}.
+Access is denied for anybody else:
+acl @{
+ allow all from ("/tmp/pies.sock", "");
+ allow authenticated acl "my-nets";
+ allow group ("pies", "users") from "";
+ deny all;
+@end group
+@end smallexample

Return to:

Send suggestions and report system problems to the System administrator.