aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--doc/pies.texi88
-rw-r--r--doc/usr-acl.texi2
2 files changed, 44 insertions, 46 deletions
diff --git a/doc/pies.texi b/doc/pies.texi
index 8569ab7..f1654c0 100644
--- a/doc/pies.texi
+++ b/doc/pies.texi
@@ -754,7 +754,7 @@ As of version @value{VERSION} only one @command{remove-file} may be given.
@end deffn
@deffn {Config: component} settle-timeout @var{number}
-Wait @var{number} seconds. This is kind of kludge. Currently it is
+Wait @var{number} of seconds. This is kind of kludge. Currently it is
used for components imported from @file{meta1.conf} file
(@pxref{include-meta1}), where @code{settle-timeout 1} is implied.
This may change in future versions.
@@ -801,7 +801,7 @@ names from the table below:
@item EX_CONFIG @tab 78
@end multitable
-Signal codes can be given either as @samp{SIG+@var{n}}, where @var{n}
+Signal numbers can be given either as @samp{SIG+@var{n}}, where @var{n}
is the signal number, or as signal names from the following list:
@samp{SIGHUP}, @samp{SIGINT}, @samp{SIGQUIT}, @samp{SIGILL},
@samp{SIGTRAP}, @samp{SIGABRT}, @samp{SIGIOT}, @samp{SIGBUS},
@@ -815,13 +815,14 @@ is the signal number, or as signal names from the following list:
If the component exits with an exit code listed in @var{codes}
or is terminated on a signal listed in @var{codes},
-@command{pies} executes actions specified by its substatements.
-They are executed in the order of their appearance below:
+@command{pies} executes actions specified in that @samp{return-code}
+block. The actions are executed in the order of their appearance below:
@deffn {Config: return-code} exec @var{command}
-Execute external command. Prior to execution of @var{command} all
-file descriptors are closed. It inherits the environment from the
-main @command{pies} process with the following additional variables:
+Execute the supplied external command. Prior to execution, all
+file descriptors are closed. The @var{command} inherits the
+environment from the main @command{pies} process with the following
+additional variables:
@table @env
@item PIES_VERSION
@@ -862,10 +863,11 @@ Supply notification message text to use by @code{notify} statement.
Any number of @code{return-code} statements are allowed, provided
that their @var{codes} do not intersect.
- Such statements can also be used outside of @code{component} block.
-In this case, they supply global actions, i.e. actions applicable to
-all components. Any @code{return-code} statements appearing within a
-@code{component} block override the global ones.
+ The @code{return-code} statements can also be used outside of
+@code{component} block. In this case, they supply global actions,
+i.e. actions applicable to all components. Any @code{return-code}
+statements appearing within a @code{component} block override the
+global ones.
@node Output Redirectors
@subsection Output Redirectors
@@ -882,7 +884,7 @@ The type of redirection is specified by @var{type} argument:
@table @asis
@item file
-Redirect to the file. In this case @var{channel} gives the full name of
+Redirect to a file. In this case @var{channel} gives the full name of
the file. For example:
@smallexample
@@ -890,11 +892,11 @@ stderr file /var/log/component/name.err;
@end smallexample
@item syslog
-Redirect to the syslog channel. The syslog priority is given by the
+Redirect to a syslog channel. The syslog priority is given by the
@var{channel} argument. Its allowed values are: @samp{emerg},
@samp{alert}, @samp{crit}, @samp{err}, @samp{warning}, @samp{notice},
@samp{info}, @samp{debug}. The facility is inherited from the
-@code{syslog} statement (@pxref{syslog}), or from @code{facility}
+@code{syslog} statement (@pxref{syslog}), or from the @code{facility}
statement (see below), if given.
Example:
@@ -907,7 +909,7 @@ stderr syslog err;
@deffn {Config: component} facility @var{syslog-facility}
Specify the syslog facility to use in syslog redirectors. Allowed
-values for @var{syslog-facility} are: @samp{user}, @samp{daemon},
+@var{syslog-facility} values are: @samp{user}, @samp{daemon},
@samp{auth}, @samp{authpriv}, @samp{mail}, @samp{cron}, @samp{local0}
through @samp{local7} (all names case-insensitive), or a facility number.
@end deffn
@@ -916,8 +918,7 @@ through @samp{local7} (all names case-insensitive), or a facility number.
@subsection Inetd-Style Components
@cindex inetd-style components
Inetd-style components are declared using @code{mode inetd}
-statement. You must also declare a socket to listen for requests for
-such components:
+statement. You must also declare a socket to listen on.
@anchor{inetd-socket}
@deffn {Config: component} socket @var{url}
@@ -932,8 +933,8 @@ component (@pxref{Actions Before Startup, chdir}).
@item local://@var{file}[;@var{args}]
@itemx file://@var{file}[;@var{args}]
@itemx unix://@var{file}[;@var{args}]
-Listen on the @acronym{UNIX} socket file @var{file}, which may be either
-absolute or relative file name, as described above. Optional
+Listen on the @acronym{UNIX} socket file @var{file}, which is either
+an absolute or relative file name, as described above. Optional
arguments @var{args} control ownership and file mode of @var{file}. They
are a list of assignments, separated by semicolons. The following
values are allowed:
@@ -956,7 +957,7 @@ and @samp{777}).
For example:
@smallexample
-socket unix:/var/run/socket;user=nobody;group=mail;mode=770
+socket "unix:/var/run/socket;user=nobody;group=mail;mode=770";
@end smallexample
@item inet://@var{ip}:@var{port}
@@ -1098,10 +1099,10 @@ send email messages when components terminate. The exact contents
of such notifications and the list of their recipients may depend on
the exit code which the component returned. Notification is
configured by supplying @samp{notify} and @samp{message} statements
-within a @samp{return-code} block.
+in a @samp{return-code} block.
@deffn {Config: return-code} notify @var{email-string}
-Send an email notification to addresses from @var{email-string}. The
+Send email notification to addresses from @var{email-string}. The
latter is a comma-separated list of email addresses, e.g.:
@smallexample
@@ -1190,7 +1191,7 @@ Subject: Component $@{component@} $@{termination@} $@{retcode@}.
@cindex mailer
@cindex @command{sendmail}
- Notification messages are sent using external program, called
+ Notification messages are sent using an external program, called
@dfn{mailer}. By default it is @command{/usr/sbin/sendmail}. You can
change it using the following configuration statement:
@@ -1310,18 +1311,18 @@ future use and is described in more detail in @ref{User-Group ACLs}.
@anchor{acl-ref}
The @var{sub-acl} part, if present, allows to branch to another
-@acronym{ACL}. The syntax of this group is:
+@acronym{ACL}. The syntax of this part is:
@smallexample
acl @var{name}
@end smallexample
@noindent
-where @var{name} is the name of @acronym{ACL} defined previously in
+where @var{name} is the name of an @acronym{ACL} defined previously in
@samp{defacl} statement.
The @var{host-list} group allows to match client addresses.
-It consists of a @code{from} keyword followed by a list of
+It consists of the @code{from} keyword followed by a list of
@dfn{address specifiers}. Allowed address specifiers are:
@table @asis
@@ -1348,11 +1349,11 @@ Matches if connection was received from a @acronym{UNIX} socket
@var{filename}, which must be given as an absolute file name.
@end table
-@anchor{acl-any}.
+@anchor{acl-any}
The special form @samp{allow any} means to allow access
unconditionally. Similarly, @samp{deny any}, denies access
-unconditionally. Normally, these forms appear as the last
-statements in an @acronym{ACL} definition.
+unconditionally. Normally, one of these forms appears as the last
+statement in an @acronym{ACL} definition.
To summarize, the syntax of an access statement is:
@@ -1361,15 +1362,14 @@ allow|deny [acl @var{name}] [from @var{addr-list}]
@end smallexample
@noindent
-where square brackets denote optional parts and vertical bar means
-@samp{one of}.
+where square brackets denote optional parts.
When an @acronym{ACL} is checked, its entries are tried in turn until
one of them matches, or the end of the list is reached. If a matched
entry is found, its command verb, @code{allow} or @code{deny}, defines
-the result of @acronym{ACL} match. If the end of list is reached,
+the result of the @acronym{ACL} check. If the end of the list is reached,
the result is @samp{allow}, unless explicitly specified otherwise
-(using the @pxref{acl-any, ``any'' form}).
+(using the @ref{acl-any, ``any'' form}.)
For example, the following @acronym{ACL} allows access for anybody
coming from networks @samp{192.168.10.0/24} and @samp{192.168.100.0/24},
@@ -1393,9 +1393,8 @@ acl @{
MeTA1 is a mail transfer agent of new generation, designed
to replace Sendmail in the future (@uref{http://www.meta1.org}).
It has a modular structure, each module being an independent
-program, which is responsible for a particular task. The components
-are configured in the MeTA1 configuration file
-@file{/etc/meta1/meta1.conf}.
+responsible for a particular task. The components are configured in
+the MeTA1 configuration file @file{/etc/meta1/meta1.conf}.
@command{Pies} is able to take a list of components directly
from MeTA1 configuration file:
@@ -1431,7 +1430,7 @@ chdir @var{queue-dir}
Here, @var{compname} stands for the name of the component, and
@var{queue-dir} stands for the name of MeTA1 queue directory. The
latter is @file{/var/spool/meta1} by default. It can be changed using
-the following statement
+the following statement:
@deffn {Config} meta1-queue-dir @var{dir}
Set name of MeTA1 queue directory.
@@ -1439,8 +1438,9 @@ Set name of MeTA1 queue directory.
To override any default settings for a MeTA1 component, add a
@code{command} section with the desired settings after including
-@file{meta1.conf}. For example, here is how to redirect program
-diagnostics to @samp{local1.debug} syslog channel:
+@file{meta1.conf}. For example, here is how to redirect the
+standard error of the @samp{smtps} component to @samp{local1.debug}
+syslog channel:
@smallexample
include-meta1 /etc/meta1/meta1.conf
@@ -1466,6 +1466,7 @@ substatements:
@deffn {Config: syslog} tag @var{string}
Prefix syslog messages with this string. By default, the program name
is used.
+@end deffn
@deffn {Config: syslog} facility @var{string}
Set syslog facility to use. Allowed values are: @samp{user},
@@ -1473,7 +1474,6 @@ Set syslog facility to use. Allowed values are: @samp{user},
@samp{local0} through @samp{local7} (case-insensitive), or a facility
number.
@end deffn
-@end deffn
@deffn {Config} umask @var{number}
Set the default umask. The @var{number} must be an octal value not greater
@@ -1514,7 +1514,7 @@ suit your needs:
@deffn {Config} pidfile @var{file}
Write PID of the master @command{pies} process to @var{file}. By
-default, master PID is stored in @file{@var{localstatedir}/pies.pid},
+default the master PID is stored in @file{@var{localstatedir}/pies.pid},
where @var{localstatedir} is the @dfn{local state directory}, defined
at compile time (usually, it is @file{/usr/local/var} or @file{/usr/var}).
@end deffn
@@ -1533,13 +1533,12 @@ Set file name of the statistics output file. Default is
however, you found such an implementation for it, that requires another
privileges, you may change them using the following three statements:
-@command{pies} process.
@deffn {Config} user @var{user-name}
Start @command{pies} with the UID and GID of this user.
@end deffn
@deffn {Config} group @var{group-list}
-Retain supplementary groups, specified in @var{group-list}.
+Retain the supplementary groups, specified in @var{group-list}.
@end deffn
@deffn {Config} allgroups @var{bool}
@@ -1670,7 +1669,6 @@ and restricts access to them to two local subnets:
@smallexample
acl @{
- log from any "Connect from $@{address@}";
allow from 10.10.10.0/24;
allow from 192.168.10.0/27;
deny from any;
@@ -1683,7 +1681,7 @@ component ftp @{
socket "inet://0.0.0.0:21";
umask 027;
program /usr/sbin/ftpd
- command ftpd -l -C;
+ command "ftpd -l -C";
@}
component pop3d @{
diff --git a/doc/usr-acl.texi b/doc/usr-acl.texi
index 1fd69f5..86d70f1 100644
--- a/doc/usr-acl.texi
+++ b/doc/usr-acl.texi
@@ -27,7 +27,7 @@ Authenticated users which are members of at least one of groups listed in
For example, the following statement defines an @acronym{ACL}
which allows access for any user connected via local @acronym{UNIX}
-socket @file{/tmp/dicod.sock} or coming from a local network
+socket @file{/tmp/pies.sock} or coming from a local network
@samp{192.168.10.0/24}. Any authenticated users are allowed, provided
that they are allowed by another @acronym{ACL} @samp{my-nets} (which
should have been defined before this definition). Users coming from

Return to:

Send suggestions and report system problems to the System administrator.