aboutsummaryrefslogtreecommitdiff
path: root/doc/pies.texi
diff options
context:
space:
mode:
Diffstat (limited to 'doc/pies.texi')
-rw-r--r--doc/pies.texi46
1 files changed, 36 insertions, 10 deletions
diff --git a/doc/pies.texi b/doc/pies.texi
index 8e25e76..ae4a56a 100644
--- a/doc/pies.texi
+++ b/doc/pies.texi
@@ -862,16 +862,6 @@ process instead.
@end table
@end deffn
-@deffn {Config: component} user-acl @{ @dots{} @}
-ACL controlling read-only access to this component.
-@FIXME-pxref{Access to Components}.
-@end deffn
-
-@deffn {Config: component} admin-acl @{ @dots{} @}
-ACL controlling administrative (write) access to this component.
-@FIXME-pxref{Access to Components}.
-@end deffn
-
The following subsections describe the rest of @samp{component}
substatements.
@@ -884,6 +874,7 @@ substatements.
* Output Redirectors::
* Inetd-Style Components::
* Meta1-Style Components::
+* Visibility::
* Component Syntax Summary::
@end menu
@@ -1603,6 +1594,34 @@ This socket file is supposed to be created by the component binary
upon its startup.
@end deffn
+@node Visibility
+@subsection Component Visibility ACLs
+
+ Pies control interface allows certain users to list and modify
+components of a running @command{pies} instance. Two access control
+lists define who can list and modify the particular component.
+
+@deffn {Config: component} list-acl @var{name}
+@deffnx {Config: component} list-acl @{ @dots{} @}
+This list controls who can get listing of this component
+(@FIXME-pxref{component listing}).
+
+In the first form, @var{name} refers to the name of an already defined
+global ACL (@pxref{defacl}).
+
+The second form defines new unnamed ACL. The syntax is described in
+detail in @ref{ACL}.
+@end deffn
+
+@deffn {Config: component} admin-acl @var{name}
+@deffnx {Config: component} admin-acl @{ @dots{} @}
+This list controls who can stop, restart or otherwise modify this
+component (@FIXME-pxref{component management}).
+
+As above, two forms are available: the first one for using an already
+defined named ACL, and the second one, for defining a new ACL in place.
+@end deffn
+
@node Component Syntax Summary
@subsection Component Syntax Summary
This subsection summarizes the @code{component} statements. For each
@@ -1687,14 +1706,20 @@ component @var{tag} @{
# @r{ACL for administrative access to this component.}
# @FIXME-xref{Access to Components}.
+ admin-acl @var{name};
+ # @r{or:}
admin-acl @{ @dots{} @}
# @r{ACL for read-only access to this component.}
# @FIXME-xref{Access to Components}.
+ list-acl @var{name};
+ # @r{or:}
list-acl @{ @dots{} @}
# @r{ACL for this component.}
# @xref{ACL}.
+ acl @var{name};
+ # @r{or:}
acl @{ @dots{} @}
# @r{Override default syslog facility for this component.}
@@ -1925,6 +1950,7 @@ acl @{
component @acronym{ACL} is consulted. As a result, access is
granted only if both lists allow it.
+@anchor{defacl}
A @dfn{named @acronym{ACL}} is an access control list which is
assigned its own name. Named @acronym{ACL}s are defined using
the @samp{defacl} statement:

Return to:

Send suggestions and report system problems to the System administrator.

Generated by cgit.