1HOSTS.HFAXD(5F) HOSTS.HFAXD(5F)
2
3
4
6 hosts.hfaxd - HylaFAX client access control list
7
9 The ASCII file etc/hosts.hfaxd in the HylaFAX spooling area specifies
10 the hosts and users that are permitted to access services through the
11 hfaxd(8C) process. This file must exist for client access; if it is
12 not present then hfaxd will deny all requests for service. Note also
13 that this file must be readable only by the ``fax'' user; i.e. it
14 should have mode 600 and be owned by ``fax''.
15
16 Usually etc/hosts.hfaxd is managed through use of the faxadduser(8C)
17 and faxdeluser(8C) tools or the ``SITE ADDUSER'' and ``SITE DELUSER''
18 functions through an administrative client. However, some features are
19 not accessible through those tools and etc/hosts.hfaxd will require
20 direct editing to use those features. In particular, the order of
21 entries in etc/hosts.hfaxd may need manipulation as hfaxd uses the
22 first-matched entry (read top-down).
23
24 Each newline-terminated entry is a set of colon (:) separated fields,
25 all but the first of which are optional. Trailing null fields and
26 their separators may be omitted. The most general form is:
27
28 client:uid:passwd:adminwd
29
30 client is a regular expression to be matched against a string
31 ``user@host'' that is formed from the user string passed to hfaxd with
32 the USER command and the official host name or the DARPA Internet
33 address, specified in ``dot notation''. If client does not contain an
34 ``@'' then, for backwards compatibility, it is treated as a host for
35 which any user may have access; i.e. it is automatically converted to
36 the regular expression ``^.*@client$''.
37
38 Comments are introduced with the ``#'' character and extend to the end
39 of the line. Any whitespace immediately preceding a comment is also
40 ignored.
41
42 If client has a leading ``!'', then it is interpreted as a class of
43 hosts and users to which access is to be disallowed. That is, if the
44 pattern matches the client information, then access is denied.
45
46 Note that regular expressions are not anchored. That is, a regular
47 expression may match a substring of the ``user@host'' string. Thus
48 `pb@.*\.cl\.cam\.ac\.uk' matches `cpb@mc.cl.cam.ac.uk.esd.sgi.com'.
49 Use ``^'' to match the start of the string and ``$'' to match the end.
50
51 Fields following client are optional and specify the following:
52
53 uid The numerical user ID to assign to clients that use the entry
54 for access. hfaxd uses the uid to control access to server
55 resources such as jobs and documents (the value is used to
56 set the group ID of files created by a client).
57
58 Multiple clients/users may share the same uid or unique IDs
59 may be created for each client. User IDs may be any number
60 in the range [0..60002] with 60002 used, by convention, for
61 entries that do not have a uid specified.
62
63 passwd The encrypted password. If this field is empty (null) then
64 no password will be demanded when a client logs in; i.e. the
65 USER command does not need to be followed by a PASS command.
66
67 adminwd The encrypted password for this user to gain administrative
68 privileges. If this field is empty (null) then the user is
69 not permitted to have administrative privileges.
70
72 The following is a sample hosts.hfaxd file. Note that the first entry
73 that matches is taken, so more-specific entries should be placed first.
74 ^pb@[^.]*\.cl\.cam\.ac\.uk$:::hFy8zXq2KaG8s
75 # pb on a machine directly in cl.cam.ac.uk can
76 # administer if an admin pw is given
77 127.0.0.1 # anyone on local host uses the default uid
78 192.168.[0-9]+.[0-9]+ # anyone on the LAN uses the default uid
79 ^sam@flake.*sgi\.com$ # Sam on his work machine
80 ^sam@oxford.*Berkeley.*# Sam on any machine starting oxford and containing
81 # Berkeley, e.g. sam@oxfordberkeley.cl.cam.ac.uk
82 ^.*@.*.\.esd\. # anyone in an esd domain
83 !^tom@ # Tom Davis is denied access
84 .*\.sgi\.com$ # but anyone else at sgi is ok
85
87 faxadduser(8C), faxdeluser(8C), sendfax(8C), hfaxd(8C), hylafax-
88 server(5F)
89
90
91
92 January 18, 1996 HOSTS.HFAXD(5F)