@c This is part of the GNU Pies manual. @c Copyright (C) 2009, 2010, 2013 Sergey Poznyakoff @c This file is distributed under GFDL 1.3 or any later version @c published by the Free Software Foundation. This appendix describes the @samp{user-group} extension for GNU @command{Pies} @acronym{ACL}s. This extension is reserved for the future use. The @var{user-group} @acronym{ACL} statement specifies which users match this entry. Allowed values are the following: @table @code @kwindex all @item all All users. @kwindex authenticated @item authenticated Only authenticated users. @kwindex group @item group @var{group-list} Authenticated users which are members of at least one of groups listed in @var{group-list}. @end table For example, the following statement defines an @acronym{ACL} which allows access for any user connected via local @acronym{UNIX} socket @file{/tmp/pies.sock} or coming from a local network @samp{192.168.10.0/24}. Any authenticated users are allowed, provided that they are allowed by another @acronym{ACL} @samp{my-nets} (which should have been defined before this definition). Users coming from the network @samp{10.10.0.0/24} are allowed if they authenticate themselves and are members of groups @samp{pies} or @samp{users}. Access is denied for anybody else: @smallexample @group acl @{ allow all from ("/tmp/pies.sock", "192.168.10.0/24"); allow authenticated acl "my-nets"; allow group ("pies", "users") from "10.10.0.0/24"; deny all; @} @end group @end smallexample