diff options
Diffstat (limited to 'doc/pies.texi')
-rw-r--r-- | doc/pies.texi | 46 |
1 files changed, 36 insertions, 10 deletions
diff --git a/doc/pies.texi b/doc/pies.texi index 8e25e76..ae4a56a 100644 --- a/doc/pies.texi +++ b/doc/pies.texi @@ -862,16 +862,6 @@ process instead. @end table @end deffn -@deffn {Config: component} user-acl @{ @dots{} @} -ACL controlling read-only access to this component. -@FIXME-pxref{Access to Components}. -@end deffn - -@deffn {Config: component} admin-acl @{ @dots{} @} -ACL controlling administrative (write) access to this component. -@FIXME-pxref{Access to Components}. -@end deffn - The following subsections describe the rest of @samp{component} substatements. @@ -884,6 +874,7 @@ substatements. * Output Redirectors:: * Inetd-Style Components:: * Meta1-Style Components:: +* Visibility:: * Component Syntax Summary:: @end menu @@ -1603,6 +1594,34 @@ This socket file is supposed to be created by the component binary upon its startup. @end deffn +@node Visibility +@subsection Component Visibility ACLs + + Pies control interface allows certain users to list and modify +components of a running @command{pies} instance. Two access control +lists define who can list and modify the particular component. + +@deffn {Config: component} list-acl @var{name} +@deffnx {Config: component} list-acl @{ @dots{} @} +This list controls who can get listing of this component +(@FIXME-pxref{component listing}). + +In the first form, @var{name} refers to the name of an already defined +global ACL (@pxref{defacl}). + +The second form defines new unnamed ACL. The syntax is described in +detail in @ref{ACL}. +@end deffn + +@deffn {Config: component} admin-acl @var{name} +@deffnx {Config: component} admin-acl @{ @dots{} @} +This list controls who can stop, restart or otherwise modify this +component (@FIXME-pxref{component management}). + +As above, two forms are available: the first one for using an already +defined named ACL, and the second one, for defining a new ACL in place. +@end deffn + @node Component Syntax Summary @subsection Component Syntax Summary This subsection summarizes the @code{component} statements. For each @@ -1687,14 +1706,20 @@ component @var{tag} @{ # @r{ACL for administrative access to this component.} # @FIXME-xref{Access to Components}. + admin-acl @var{name}; + # @r{or:} admin-acl @{ @dots{} @} # @r{ACL for read-only access to this component.} # @FIXME-xref{Access to Components}. + list-acl @var{name}; + # @r{or:} list-acl @{ @dots{} @} # @r{ACL for this component.} # @xref{ACL}. + acl @var{name}; + # @r{or:} acl @{ @dots{} @} # @r{Override default syslog facility for this component.} @@ -1925,6 +1950,7 @@ acl @{ component @acronym{ACL} is consulted. As a result, access is granted only if both lists allow it. +@anchor{defacl} A @dfn{named @acronym{ACL}} is an access control list which is assigned its own name. Named @acronym{ACL}s are defined using the @samp{defacl} statement: |