aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--README-hacking75
-rw-r--r--doc/Makefile.am53
-rw-r--r--doc/pies.texi711
-rw-r--r--lib/Makefile.am3
-rw-r--r--lib/nls.c33
-rw-r--r--lib/strtotok.c77
-rw-r--r--src/Makefile.am8
-rw-r--r--src/acl.c627
-rw-r--r--src/acl.h43
-rw-r--r--src/addrfmt.c133
-rw-r--r--src/diag.c131
-rw-r--r--src/meta.c127
-rw-r--r--src/pies.c68
-rw-r--r--src/pp-setup116
-rw-r--r--src/progman.c4
-rw-r--r--src/url.c212
-rw-r--r--src/userprivs.c279
17 files changed, 2479 insertions, 221 deletions
diff --git a/README-hacking b/README-hacking
new file mode 100644
index 0000000..9441c46
--- /dev/null
+++ b/README-hacking
@@ -0,0 +1,75 @@
+These notes intend to help people working on the GIT version of Pies.
+See end of file for copying conditions.
+
+* Requirements
+
+If you have taken the sources from GIT you will need the following
+packages to build Pies. I don't make any extra effort to accommodate
+older versions of these packages, so please make sure that you have the
+latest stable version.
+
+- Automake <http://www.gnu.org/software/automake/>
+- Autoconf <http://www.gnu.org/software/autoconf/>
+- Bison <http://www.gnu.org/software/bison/>
+- Flex <http://flex.sourceforge.net/>
+- Gettext <http://www.gnu.org/software/gettext/>
+- Gnulib <http://www.gnu.org/software/gnulib/>
+- M4 <http://www.gnu.org/software/m4/>
+- Rsync <http://samba.anu.edu.au/rsync/>
+- Texinfo <http://www.gnu.org/software/texinfo>
+
+* Bootstrapping
+
+Obviously, if you are reading these notes, you did manage to check out
+the project from GIT. The next step is to get other files needed to build,
+which are extracted from other source packages:
+
+1. Change to the source tree directory
+
+ cd pies
+
+2. Run
+
+ ./bootstrap
+
+Once done, proceed as described in the file README (section
+INSTALLATION).
+
+Normally you will have to run bootstrap only once. However, if you
+intend to hack on Pies, you might need to run it again later. In
+this case, you will probably want to save some time and bandwidth by
+avoiding downloading the same files again. If so, create in the
+project's root directory the file named `.bootstrap' with the following
+contents:
+
+ --gnulib-srcdir=$HOME/gnulib
+
+Replace `$HOME/gnulib' with the actual directory where the Gnulib
+sources reside.
+
+If you wish to avoid synchronising translations, add this option:
+--skip-po.
+
+For more information about `bootstrap', run `bootstrap --help'.
+
+
+* Copyright information
+
+Copyright (C) 2008, 2009 Sergey Poznyakoff
+
+ Permission is granted to anyone to make or distribute verbatim copies
+ of this document as received, in any medium, provided that the
+ copyright notice and this permission notice are preserved,
+ thus giving the recipient permission to redistribute in turn.
+
+ Permission is granted to distribute modified versions
+ of this document, or of portions of it,
+ under the above conditions, provided also that they
+ carry prominent notices stating who last changed them.
+
+
+Local Variables:
+mode: outline
+paragraph-separate: "[ ]*$"
+version-control: never
+End:
diff --git a/doc/Makefile.am b/doc/Makefile.am
index 502c46e..d7d69d1 100644
--- a/doc/Makefile.am
+++ b/doc/Makefile.am
@@ -37,65 +37,33 @@ check-format:
false; \
fi
-check-pragmas:
- @check-docs.sh pragmas \
- '/} option_cache\[\] = {/,/^}/s/[ \t]*{ *"\(.*\)".*/\1/pg' \
- 's/@deffnx* {pragma option} *\([^@, ]*\) .*/\1/p' \
- $(top_srcdir)/mfd/main.c -- \
- $(MAKEINFO) $(AM_MAKEINFOFLAGS) $(MAKEINFOFLAGS) -I $(srcdir) -E - \
- $(info_TEXINFOS)
-
check-options:
@check-docs.sh options \
'/argp_option options\[\] = /,/^}/s/[ \t]*{ *"\([^,"]*\)".*/\1/pg' \
's/@opindex *\([^@,]*\).*/\1/p' \
- $(top_srcdir)/mfd/main.c -- \
+ $(top_srcdir)/src/pies.c -- \
$(MAKEINFO) $(AM_MAKEINFOFLAGS) $(MAKEINFOFLAGS) -I $(srcdir) -E - \
$(info_TEXINFOS)
check-config:
@check-docs.sh 'configuration statements' \
- '/mf_cfg_param\[\] *= *{/,/^}/s/[ \t]*{ *"\([^,"]*\)".*/\1/pg' \
- 's/@deffn {Pies Conf} *\([^@,]*\).*/\1/p' \
- $(top_srcdir)/mfd/main.c -- \
+ '/pies_keywords\[\] *= *{/,/^}/s/[ \t]*{ *"\([^,"]*\)".*/\1/pg' \
+ 's/@deffn {Config} *\([^@,]*\).*/\1/p' \
+ $(top_srcdir)/src/pies.c -- \
$(MAKEINFO) $(AM_MAKEINFOFLAGS) $(MAKEINFOFLAGS) -I $(srcdir) -E - \
$(info_TEXINFOS)
check-sub-config:
- @list=`sed -n '/mf_cfg_param\[\] *= *{/,/^}/{s/[ \t]*{ *"\([^,"]*\)", *mu_cfg_section *,.*/\1/pg}' $(top_srcdir)/mfd/main.c`; \
- for ident in $$list; do \
+ sed -n '/pies_keywords\[\] *= *{/,/^}/{p}' ../src/pies.c|tr '\n{' ' \n'|sed -n '/grecs_type_section/s/"\([^"]*\)".*grecs_type_section,[^,]*,[^,]*,[^,]*,[^,]*, *\(.*\) *}.*/\1 \2/p' | \
+ while read ident kw; do \
check-docs.sh "$$ident configuration statements" \
- "/$${ident}_section_param"'\[\] *= *{/,/^}/s/[ \t]*{ *"\([^,"]*\)".*/\1/pg' \
- "s/@deffn {$${ident}}"' *\([^@,]*\).*/\1/p' \
- $(top_srcdir)/mfd/main.c -- \
+ "/$$kw"'\[\] *= *{/,/^}/s/[ \t]*{ *"\([^,"]*\)".*/\1/pg' \
+ "s/@deffn {Config: *$${ident}}"' *\([^@,]*\).*/\1/p' \
+ $(top_srcdir)/src/pies.c $(top_srcdir)/src/acl.c -- \
$(MAKEINFO) $(AM_MAKEINFOFLAGS) $(MAKEINFOFLAGS) -I $(srcdir) -E - \
$(info_TEXINFOS); \
done
-check-builtins:
- @check-docs.sh builtins \
- '/MF_DEFUN/{s/[ \t]*MF_DEFUN *(\([a-zA-Z_][a-zA-Z0-9_]*\),.*/\1/p;s/[ \t]*MF_DEFUN_VARARGS\(_NO_PROM\)\? *(\([a-zA-Z_][a-zA-Z0-9_]*\),.*/\2/p;s/[ \t]*MF_DEFUN_CTYPE *(\([a-zA-Z_][a-zA-Z0-9_]*\))/\1/p}'\
- 's/@deftypefnx\{0,1\} {Built-in Function} *[^ ][^ ]* *\([^ ]*\).*/\1/p' \
- $(top_srcdir)/mfd/bi_*.m4 -- \
- $(MAKEINFO) $(AM_MAKEINFOFLAGS) $(MAKEINFOFLAGS) -I $(srcdir) -E - \
- $(info_TEXINFOS)
-
-check-mflib:
- @check-docs.sh "library functions" \
- '/^[ \t]*func[ \t][ \t]*__/b;/^[ \t]*func/s/[ \t]*func[ \t][ \t]*\(.[^ \t(]*\).*/\1/p' \
- 's/@deftypefn {Library Function} *[^ ][^ ]* *\([^ ]*\).*/\1/p' \
- $(top_srcdir)/mflib/*.mf -- \
- $(MAKEINFO) $(AM_MAKEINFOFLAGS) $(MAKEINFOFLAGS) -I $(srcdir) -E - \
- $(info_TEXINFOS)
-
-check-exceptions:
- @check-docs.sh exceptions \
- '/typedef enum mf_exception_code {/,/^};/s/[ \t]*mfe_\(.*\),.*/e_\1/p;/typedef enum mf_status_code {/,/^};/s/[ \t]*mf_\(.*\),.*/\1/p' \
- 's/@cindex \([^,][^,]*\), exception type/\1/p' \
- $(top_srcdir)/mfd/pies.h -- \
- $(MAKEINFO) $(AM_MAKEINFOFLAGS) $(MAKEINFOFLAGS) -I $(srcdir) -E - \
- $(info_TEXINFOS)
-
check-refs:
@for file in $(info_TEXINFOS) $(pies_TEXINFOS); \
do \
@@ -147,9 +115,8 @@ check-unrevised:
rm $@-t; \
fi
-all-check-docs: check-format check-options check-pragmas \
+all-check-docs: check-format check-options \
check-config check-sub-config \
- check-builtins check-mflib check-exceptions \
check-refs check-fixmes check-writeme check-unrevised
check-docs:
diff --git a/doc/pies.texi b/doc/pies.texi
index cc35b5d..22c0f83 100644
--- a/doc/pies.texi
+++ b/doc/pies.texi
@@ -78,27 +78,25 @@ documents @command{pies} Version @value{VERSION}.
@menu
* Intro::
* Pies Configuration File::
-* Component Statement::
-* include-meta1::
-* Global Configuration::
* Pies Debugging::
* Configuration Example::
* Command Line Usage::
* Pies Invocation::
+* Reporting Bugs::
Appendices
* Copying This Manual:: The GNU Free Documentation License.
* Concept Index:: Index of Concepts.
-@c @detailmenu
-@c @end detailmenu
+@detailmenu
+@end detailmenu
@end menu
@node Intro
@chapter Introduction
-@cindex component, pies
+@cindex component
The name @command{pies} (pronounced @samp{p-yes}) stands for
@samp{Program Invocation and Execution Supervisor}. This utility
starts and controls execution of external programs, called
@@ -110,9 +108,9 @@ terminates, @command{pies} restarts it. Its configuration allows to
specify actions other than simple restart, depending on the exit code
of the component.
-@cindex prerequisite, pies
-@cindex dependency, pies
-@cindex dependents, pies
+@cindex prerequisite
+@cindex dependency
+@cindex dependents
@anchor{component prerequisite}
A component @samp{A} may depend on another components, say
@samp{B} and @samp{C}, i.e. require them to be running at the moment of its
@@ -131,7 +129,7 @@ redirected to a file or to an arbitrary @command{syslog} channel.
@anchor{init-style}
@cindex init-style components
- These way of operation applies to so-called @dfn{init-style}
+ This way of operation applies to the @dfn{init-style}
components, called so because of the similarity with the
@command{init} process manager. @command{Pies} is also able to handle
components that receive input on their @samp{stdin} and send reply to
@@ -180,40 +178,304 @@ stopping component dependencies, the same ordering is preserved.
This order is reversed for files included by @code{include-meta1}
statement (@pxref{include-meta1}).
+@node Pies Configuration File
+@chapter Pies Configuration File
+@cindex configuration file
+@flindex pies.conf
+@xopindex{config-file, introduced}
+ @command{Pies} reads its settings and component definitions from the
+@dfn{configuration file} @file{pies.conf}, located in the @dfn{system
+configuration directory} (in most cases @file{/etc} or
+@file{/usr/local/etc}, depending on how the package was compiled).
+An alternative location may be specified using @option{--config-file}
+(@option{-c} command line option.
+
+ If any errors are encountered in the configuration file, the program
+reports them on the standard error and exits with a non-zero status.
+
+@xopindex{lint, introduced}
+ To test the configuration file without actually starting the server, the
+@option{--lint} (@option{-t}) command line option is provided. It causes
+@command{pies} to check its configuration file and exit with status 0
+if no errors were detected, and with status 1 otherwise.
+
+@opindex -E, introduced
+ Before parsing, configuration file is preprocessed using
+@command{m4} (@pxref{Preprocessor}). To see the preprocessed
+configuration without actually parsing it, use @option{-E} command
+line option.
+
+@xopindex{config-help, introduced}
+ The rest of this section describes the configuration file syntax in
+detail. You can receive a concise summary of all configuration
+directives any time by running @command{pies --config-help}.
+
@menu
+* Syntax:: Configuration file syntax.
+* Component Statement::
+* ACL:: Access Control Lists
+* include-meta1::
+* Global Configuration::
@end menu
-@node Pies Configuration File
-@chapter Pies Configuration File
- @command{Pies} reads its configuration from the main Mailutils
-configuration file. @xref{configuration, Mailutils Configuration
-File,, mailutils, GNU Mailutils Manual}, for a description of GNU
-Mailutils configuration system. It is recommended to use
-@code{include @var{directory}} statement (@pxref{Include, Include
-Statement,, mailutils, GNU Mailutils Manual}), and to place
-@command{pies} configuration in file @file{@var{directory}/pies}.
-@xref{MeTA1,,, mailfromd, Mailfromd Manual}, for an example.
+@node Syntax
+@section Configuration File Syntax
+ The configuration file consists of statements and comments.
-The following standard Mailutils configuration statements are understood:
+ There are three classes of lexical tokens: keywords, values, and
+separators. Blanks, tabs, newlines and comments, collectively called
+@dfn{white space} are ignored except as they serve to separate
+tokens. Some white space is required to separate otherwise adjacent
+keywords and values.
-@multitable @columnfractions 0.3 0.6
-@headitem Statement @tab Reference
-@item debug @tab @xref{Debug Statement, Mailutils Debug Statement,,
-mailutils, GNU Mailutils Manual}.
-@item logging @tab @xref{Logging Statement, Mailutils Logging,,
-mailutils, GNU Mailutils Manual}.
-@item include @tab @xref{Include, Include Statements,,
-mailutils, GNU Mailutils Manual}.
-@item mailer @tab @xref{Mailer, Mailer Statement,,
-mailutils, GNU Mailutils Manual}.
-@item acl @tab @xref{ACL Statement, ACL Statement,,
-mailutils, GNU Mailutils Manual}.
+@menu
+* Comments::
+* Statements::
+* Preprocessor:: Using preprocessor to improve the configuration.
+@end menu
+
+@node Comments
+@subsection Comments
+@cindex Comments in a configuration file
+@cindex single-line comments
+ @dfn{Comments} may appear anywhere where white space may appear in the
+configuration file. There are two kinds of comments:
+single-line and multi-line comments. @dfn{Single-line} comments start
+with @samp{#} or @samp{//} and continue to the end of the line:
+
+@smallexample
+# This is a comment
+// This too is a comment
+@end smallexample
+
+@cindex multi-line comments
+ @dfn{Multi-line} or @dfn{C-style} comments start with the two
+characters @samp{/*} (slash, star) and continue until the first
+occurrence of @samp{*/} (star, slash).
+
+ Multi-line comments cannot be nested.
+
+@node Statements
+@subsection Statements
+@cindex statements, configuration file
+@cindex configuration file statements
+@cindex statement, simple
+@cindex simple statements
+ A @dfn{simple statement} consists of a keyword and value
+separated by any amount of whitespace. Simple statement is terminated
+with a semicolon (@samp{;}), unless it contains a @dfn{here-document}
+(see below), in which case semicolon is optional.
+
+ Examples of simple statements:
+
+@smallexample
+pidfile /var/run/pies.pid;
+source-info yes;
+debug 10;
+@end smallexample
+
+ A @dfn{keyword} begins with a letter and may contain letters,
+decimal digits, underscores (@samp{_}) and dashes (@samp{-}).
+Examples of keywords are: @samp{group}, @samp{control-file}.
+
+ A @dfn{value} can be one of the following:
+
+@table @asis
+@item number
+ A number is a sequence of decimal digits.
+
+@item boolean
+@cindex boolean value
+ A boolean value is one of the following: @samp{yes}, @samp{true},
+@samp{t} or @samp{1}, meaning @dfn{true}, and @samp{no},
+@samp{false}, @samp{nil}, @samp{0} meaning @dfn{false}.
+
+@item unquoted string
+@cindex string, unquoted
+ An unquoted string may contain letters, digits, and any of the
+following characters: @samp{_}, @samp{-}, @samp{.}, @samp{/},
+@samp{:}.
+
+@item quoted string
+@cindex quoted string
+@cindex string, quoted
+@cindex escape sequence
+ A quoted string is any sequence of characters enclosed in
+double-quotes (@samp{"}). A backslash appearing within a quoted
+string introduces an @dfn{escape sequence}, which is replaced
+with a single character according to the following rules:
+
+@float Table, backslash-interpretation
+@caption{Backslash escapes}
+@multitable @columnfractions 0.30 .5
+@item Sequence @tab Replaced with
+@item \a @tab Audible bell character (@acronym{ASCII} 7)
+@item \b @tab Backspace character (@acronym{ASCII} 8)
+@item \f @tab Form-feed character (@acronym{ASCII} 12)
+@item \n @tab Newline character (@acronym{ASCII} 10)
+@item \r @tab Carriage return character (@acronym{ASCII} 13)
+@item \t @tab Horizontal tabulation character (@acronym{ASCII} 9)
+@item \\ @tab A single backslash (@samp{\})
+@item \" @tab A double-quote.
@end multitable
+@end float
+
+ In addition, the sequence @samp{\@var{newline}} is removed from
+the string. This allows to split long strings over several
+physical lines, e.g.:
+
+@smallexample
+@group
+"a long string may be\
+ split over several lines"
+@end group
+@end smallexample
+
+ If the character following a backslash is not one of those specified
+above, the backslash is ignored and a warning is issued.
+
+ Two or more adjacent quoted strings are concatenated, which gives
+another way to split long strings over several lines to improve
+readability. The following fragment produces the same result as the
+example above:
+
+@smallexample
+@group
+"a long string may be"
+" split over several lines"
+@end group
+@end smallexample
+
+@anchor{here-document}
+@item Here-document
+@cindex here-document
+ @dfn{Here-document} is a special construct that allows to introduce
+strings of text containing embedded newlines.
+
+ The @code{<<@var{word}} construct instructs the parser to read all
+the following lines up to the line containing only @var{word}, with
+possible trailing blanks. Any lines thus read are concatenated
+together into a single string. For example:
+
+@smallexample
+@group
+<<EOT
+A multiline
+string
+EOT
+@end group
+@end smallexample
+
+ Body of a here-document is interpreted the same way as
+double-quoted string, unless @var{word} is preceded by a backslash
+(e.g. @samp{<<\EOT}) or enclosed in double-quotes, in which case
+the text is read as is, without interpretation of escape sequences.
+
+ If @var{word} is prefixed with @code{-} (a dash), then all leading
+tab characters are stripped from input lines and the line containing
+@var{word}. Furthermore, if @code{-} is followed by a single space,
+all leading whitespace is stripped from them. This allows to indent
+here-documents in a natural fashion. For example:
+
+@smallexample
+@group
+<<- TEXT
+ All leading whitespace will be
+ ignored when reading these lines.
+TEXT
+@end group
+@end smallexample
+
+ It is important that the terminating delimiter be the only token on
+its line. The only exception to this rule is allowed if a
+here-document appears as the last element of a statement. In this
+case a semicolon can be placed on the same line with its terminating
+delimiter, as in:
+
+@smallexample
+help-text <<-EOT
+ A sample help text.
+EOT;
+@end smallexample
+
+@item list
+@cindex list
+ A @dfn{list} is a comma-separated list of values. Lists are
+delimited by parentheses. The following example shows a statement
+whose value is a list of strings:
+
+@smallexample
+dependents (pmult, auth);
+@end smallexample
+
+ In any case where a list is appropriate, a single value is allowed
+without being a member of a list: it is equivalent to a list with a
+single member. This means that, e.g. @samp{dependents auth;} is
+equivalent to @samp{dependents (mime);}.
+
+@end table
+
+@cindex statement, block
+@cindex block statement
+ A @dfn{block statement} introduces a logical group of another
+statements. It consists of a keyword, followed by an optional value,
+and a sequence of statements enclosed in curly braces, as shown in
+the example below:
+
+@smallexample
+@group
+component multiplexor @{
+ command "pmult";
+@}
+@end group
+@end smallexample
+
+ The closing curly brace may be followed by a semicolon, although
+this is not required.
+
+@node Preprocessor
+@subsection Using Preprocessor to Improve the Configuration.
+@cindex preprocessor
+@cindex m4
+ Before parsing configuration file, @command{pies} preprocesses
+it. The built-in preprocessor handles only file inclusion
+and @code{#line} statements (@FIXME-pxref{Pragmatic Comments}), while the
+rest of traditional preprocessing facilities, such as macro expansion,
+is supported via @command{m4}, which is used as an external preprocessor.
+
+ The detailed description of @command{m4} facilities lies far beyond
+the scope of this document. You will find a complete user manual in
+@ifnothtml
+@ref{Top, GNU M4 manual, GNU M4, m4, GNU M4 macro processor}.
+@end ifnothtml
+@ifhtml
+@uref{http://www.gnu.org/software/m4/manual}.
+@end ifhtml
+For the rest of this subsection we assume the reader is sufficiently
+acquainted with @command{m4} macro processor.
+
+@flindex pp-setup
+ The external preprocessor is invoked with @option{-s} flag, instructing
+it to include line synchronization information in its output. This
+information is then used by the parser to display meaningful
+diagnostic. An initial set of macro definitions is supplied by the
+@file{pp-setup} file, located in
+@file{@var{$prefix}/share/pies/@var{version}/include} directory (where
+@var{version} means the version of the package).
+
+The default @file{pp-setup} file renames all @command{m4} built-in
+macro names so they all start with the prefix @samp{m4_}. This
+is similar to GNU m4 @option{--prefix-builtin} options, but has an
+advantage that it works with non-GNU @command{m4} implementations as
+well.
@node Component Statement
-@chapter Component Statement
+@section Component Statement
@kwindex component
+
+@deffn {Config} component
The @code{component} statement defines a new component:
+@end deffn
@smallexample
component @var{tag} @{
@@ -226,7 +488,7 @@ argument to the @code{component} keyword.
The following statements are allowed within the @code{component} block:
-@deffn {Pies Conf} mode @var{mode}
+@deffn {Config: component} mode @var{mode}
Declare the type (style) of the component. Accepted values for
@var{mode} are:
@@ -249,7 +511,7 @@ the default.
@end table
@end deffn
-@deffn {Pies Conf} program @var{name}
+@deffn {Config: component} program @var{name}
Full file name of the component binary. This binary will be executed
(via @command{/bin/sh -c}) each time @command{pies} decides it needs
to start the component.
@@ -257,7 +519,7 @@ to start the component.
To supply command line arguments, use @code{command} statement.
@end deffn
-@deffn {Pies Conf} command @var{string}
+@deffn {Config: component} command @var{string}
Command line for the program. The argument should be just as
arguments normally are, starting with the name of the program. The
latter may be different from the one specified to @code{program}
@@ -265,13 +527,13 @@ statement. Its value will be available to the program as
@code{argv[0]}.
@end deffn
-@deffn {Pies Conf} disable @var{bool}
+@deffn {Config: component} disable @var{bool}
If @var{bool} is @samp{true}, this component is disabled,
i.e. @command{pies} will ignore it.
@end deffn
-@deffn {Pies Conf} precious @var{bool}
-@cindex precious components, pies
+@deffn {Config: component} precious @var{bool}
+@cindex precious components
If @var{bool} is @samp{true}, this component is marked as precious.
Precious components are never disabled by @command{pies}, even if they
respawn too fast.
@@ -291,13 +553,13 @@ respawn too fast.
@end menu
@node Prerequisites
-@section Component Prerequisites
+@subsection Component Prerequisites
@cindex declaring prerequisites
@cindex prerequisites, declaring
Prerequisites (@pxref{component prerequisite}) for a component are
declared using the following statement:
-@deffn {Pies Conf} prerequisites @var{tag-list}
+@deffn {Config: component} prerequisites @var{tag-list}
The argument is either a list of component tags, @emph{defined before
this component}, or one of the following words:
@@ -312,35 +574,35 @@ No prerequisites. This is the default.
If you wish, you can define dependents, instead of prerequisites:
-@deffn {Pies Conf} dependents @var{tag-list}
+@deffn {Config: component} dependents @var{tag-list}
Declare dependents for this component. @var{var-list} is a list of
component tags.
@end deffn
@node Component Privileges
-@section Component Privileges
-@cindex privileges, pies
+@subsection Component Privileges
+@cindex privileges
Following statements control the privileges the component
is executed with.
-@deffn {Pies Conf} user @var{user-name}
+@deffn {Config: component} user @var{user-name}
Start component with the UID and GID of this user.
@end deffn
-@deffn {Pies Conf} group @var{group-list}
+@deffn {Config: component} group @var{group-list}
Retain supplementary groups, specified in @var{group-list}.
@end deffn
-@deffn {Pies Conf} allgroups @var{bool}
+@deffn {Config: component} allgroups @var{bool}
Retain all supplementary groups of which the user (as given with
@command{user} statement) is a member. This is the default for
components specified in @file{meta1.conf} file (@pxref{include-meta1}).
@end deffn
@node Resources
-@section Resources
+@subsection Resources
-@deffn {Pies Conf} limits @var{string}
+@deffn {Config: component} limits @var{string}
Impose limits on system resources, as defined by @var{string}. The
argument consists of @dfn{commands}, optionally separated by any
amount of whitespace. A command is a single command letter followed
@@ -374,12 +636,12 @@ reserved for future use (@samp{number of logins} limit) and is ignored
in version @value{VERSION}.
@end deffn
-@deffn {Pies Conf} umask @var{number}
+@deffn {Config: component} umask @var{number}
Set the umask. The @var{number} must be an octal value not greater
than @samp{777}. The default umask is inherited at startup.
@end deffn
-@deffn {Pies Conf} env @var{args}
+@deffn {Config: component} env @var{args}
Set program environment.
Arguments are a whitespace-delimited list of specifiers. The
@@ -428,16 +690,16 @@ before assignment.
@end deffn
@node Actions Before Startup
-@section Actions Before Startup
+@subsection Actions Before Startup
Several statements are available that specify actions to perform
immediately before starting the component:
-@deffn {Pies Conf} chdir @var{dir}
+@deffn {Config: component} chdir @var{dir}
Change to the directory @var{dir}.
@end deffn
-@deffn {Pies Conf} remove-file @var{file-name}
+@deffn {Config: component} remove-file @var{file-name}
Remove @var{file-name}. This is useful, for example, to remove stale
@acronym{UNIX} sockets or pid-files, which may otherwise prevent the
component from starting normally.
@@ -445,7 +707,7 @@ component from starting normally.
As of version @value{VERSION} only one @command{remove-file} may be given.
@end deffn
-@deffn {Pies Conf} settle-timeout @var{number}
+@deffn {Config: component} settle-timeout @var{number}
Wait @var{number} seconds. This is kind of kludge. Currently it is
used for components imported from @file{meta1.conf} file
(@pxref{include-meta1}), where @code{settle-timeout 1} is implied.
@@ -453,7 +715,7 @@ This may change in future versions.
@end deffn
@node Exit Actions
-@section Exit Actions
+@subsection Exit Actions
@kwindex return-code
The default behavior of @command{pies} if an @samp{init-style}
component terminates is to restart it. Unless the component
@@ -461,11 +723,13 @@ terminates with 0 exit code, a corresponding error message is issued
to the log file. This behavior can be modified using
@code{return-code} statement:
+@deffn {Config} return-code
@smallexample
return-code @var{codes} @{
@dots{}
@}
@end smallexample
+@end deffn
The @var{codes} argument is a list of exit codes or signal names.
Exit codes can be specified either as decimal numbers or as symbolic code
@@ -508,7 +772,7 @@ or is terminated on a signal listed in @var{codes},
@command{pies} executes actions specified by its substatements.
They are executed in the order of their appearance below:
-@deffn {Pies Conf} exec @var{command}
+@deffn {Config: return-code} exec @var{command}
Execute external command. Prior to execution of @var{command} all
file descriptors are closed. It inherits the environment from the
main @command{pies} process with the following additional variables:
@@ -531,7 +795,7 @@ Program exit code.
@end table
@end deffn
-@deffn {Pies Conf} action @samp{disable | restart}
+@deffn {Config: return-code} action @samp{disable | restart}
If @samp{restart} is given, restart the component. This is the
default. Otherwise, mark the component as disabled. Component
dependents are stopped and marked as disabled as well. Once disabled,
@@ -539,7 +803,7 @@ the components are never restarted, unless their restart is requested
by the administrator.
@end deffn
-@deffn {Pies Conf} notify @var{email-string}
+@deffn {Config: return-code} notify @var{email-string}
Send an email notification to addresses in @var{email-string}. The
latter is a comma-separated list of email addresses, e.g.:
@@ -547,13 +811,11 @@ latter is a comma-separated list of email addresses, e.g.:
notify "root@@localhost,postmaster@@localhost";
@end smallexample
-The @code{mailer} statement (@pxref{Mailer, Mailer Statement,,
-mailutils, GNU Mailutils Manual}) configures the mailer used to send
-the message. The message itself is configured by the @code{message}
+The message itself is configured by the @code{message}
statement.
@end deffn
-@deffn {Pies Conf} message @var{string}
+@deffn {Config: return-code} message @var{string}
Supply notification message text to use by @code{notify} statement.
@var{String} must be a valid RFC 822 message text, i.e. it must begin
with message headers, followed by an empty line and actual message
@@ -567,7 +829,6 @@ The following macro-variables are expanded within @var{string}:
@item program-name @tab Program name of the @command{pies} binary.
@item package @tab Package name (@samp{Pies}).
@item version @tab Package version (@value{VERSION}).
-@item mu-version @tab Version of GNU Mailutils.
@item component @tab Name of the terminated component.
@item retcode @tab Component exit code, in decimal.
@end multitable
@@ -592,13 +853,13 @@ all components. Any @code{return-code} statements appearing within a
@code{component} block override the global ones.
@node Output Redirectors
-@section Output Redirectors
+@subsection Output Redirectors
@cindex repeater
Output redirectors allow to redirect the standard error and/or standard
output of a component to a file or @command{syslog} facility.
-@deffn {Pies Conf} stderr @var{type} @var{channel}
-@deffnx {Pies Conf} stdout @var{type} @var{channel}
+@deffn {Config: component} stderr @var{type} @var{channel}
+@deffnx {Config} stdout @var{type} @var{channel}
Redirect standard error (if @code{stderr}) or standard output (if
@code{stdout}) to the given channel.
@@ -618,9 +879,8 @@ Redirect to the syslog channel. The syslog priority is given by the
@var{channel} argument. Its allowed values are: @samp{emerg},
@samp{alert}, @samp{crit}, @samp{err}, @samp{warning}, @samp{notice},
@samp{info}, @samp{debug}. The facility is inherited from the
-@code{logging} statement (@pxref{Logging Statement, Mailutils Logging,,
-mailutils, GNU Mailutils Manual}), or from @code{facility} statement
-(see below), if given.
+@code{syslog} statement (@pxref{syslog}), or from @code{facility}
+statement (see below), if given.
Example:
@@ -630,7 +890,7 @@ stderr syslog err;
@end table
@end deffn
-@deffn {Pies Conf} facility @var{syslog-facility}
+@deffn {Config: component} facility @var{syslog-facility}
Specify the syslog facility to use in syslog redirectors. Allowed
values for @var{syslog-facility} are: @samp{user}, @samp{daemon},
@samp{auth}, @samp{authpriv}, @samp{mail}, @samp{cron}, @samp{local0}
@@ -638,14 +898,14 @@ through @samp{local7} (all names case-insensitive), or a facility number.
@end deffn
@node Inetd-Style Components
-@section Inetd-Style Components
+@subsection Inetd-Style Components
@cindex inetd-style components
Inetd-style components are declared using @code{mode inetd}
statement. You must also declare a socket to listen for requests for
such components:
@anchor{inetd-socket}
-@deffn {Pies Conf} socket @var{url}
+@deffn {Config: component} socket @var{url}
Define a socket to listen on. Allowed values for @var{url} are:
@table @asis
@@ -696,7 +956,7 @@ be added if there is a demand.
@end deffn
@node Meta1-Style Components
-@section Meta1-Style Components
+@subsection Meta1-Style Components
@cindex meta1-style components
Meta1-style components are declared using @code{mode pass}
statement. For such components, you must declare both a socket to
@@ -704,7 +964,7 @@ listen on (@pxref{inetd-socket} and a @acronym{UNIX} socket name to
pass the file descriptor to the component. The latter is defined
using @code{pass-fd-socket} statement:
-@deffn {Pies Conf} pass-fd-socket @var{file-name}
+@deffn {Config: component} pass-fd-socket @var{file-name}
The argument is an absolute or relative file name of the socket file.
In the latter case, the @code{chdir @var{dir}} statement must be used
for this component (@pxref{Actions Before Startup, chdir}), and the
@@ -715,7 +975,7 @@ upon its startup.
@end deffn
@node Component Syntax Summary
-@section Component Syntax Summary
+@subsection Component Syntax Summary
This subsection summarizes the @code{component} summary. For each
statement, a reference to its detailed description is supplied.
@@ -814,13 +1074,147 @@ component @var{tag} @{
@}
@end smallexample
+@node ACL
+@section Access Control Lists
+@cindex @acronym{ACL}
+@cindex access control lists
+@dfn{Access control lists}, or @acronym{ACL}s for short, are lists of
+permissions that control access to @samp{inetd}, @samp{access} and
+@samp{meta1}-style components.
+
+An @acronym{ACL} is defined using @code{acl} block statement:
+
+@deffn {Config} acl
+@smallexample
+acl @var{name} @{
+ @var{definitions}
+@}
+@end smallexample
+@end deffn
+
+The @var{name} parameter specifies a unique name for that
+@acronym{ACL}. This name can be used by another configuration
+statements to refer to that @acronym{ACL}.
+
+A part between the curly braces (denoted by @var{definitions} above),
+is a list of @dfn{access statements}. There are two types of
+such statements:
+
+@deffn {Config: acl} allow @var{user-group} @var{sub-acl} @var{host-list}
+Allow access to resource.
+@end deffn
+
+@deffn {Config: acl} deny @var{user-group} @var{sub-acl} @var{host-list}
+Deny access to resource.
+@end deffn
+
+All parts of an access statement are optional, but at least one
+of them must be present.
+
+The @var{user-group} part specifies which users match this entry.
+Allowed values are the following:
+
+@table @code
+@kwindex all
+@item all
+All users.
+
+@kwindex authenticated
+@item authenticated
+Only authenticated users.
+
+@kwindex group
+@item group @var{group-list}
+Authenticated users which are members of at least one of groups listed in
+@var{group-list}.
+@end table
+
+The @var{sub-acl} part, if present, allows to branch to another
+@acronym{ACL}. The syntax of this group is:
+
+@smallexample
+acl @var{name}
+@end smallexample
+
+@noindent