1SYSTEM.ROOTDAEMONRC(1)      General Commands Manual     SYSTEM.ROOTDAEMONRC(1)
2
3
4

NOTA BENE

6       Usage of this file is deprecated and will be removed in future versions
7       of ROOT.
8
9       Please contact the ROOT team at  http://root.cern.ch  in  the  unlikely
10       event this change is disruptive for your workflow.
11

NAME

13       system.rootdaemonrc, .rootdaemonrc - access control directives for ROOT
14       daemons
15

LOCATIONS

17       ROOTDAEMORC, $HOME/.rootdaemonrc
18       /etc/root/system.rootdaemonrc, $ROOTSYS/etc/system.rootdaemonrc
19

DESCRIPTION

21       This manual page documents the format of directives  specifying  access
22       control  directives  for ROOT daemons. These directives are read from a
23       text file whose full path is taken from the environment variable  ROOT‐
24       DAEMONRC.  If such a variable in undefined, the daemon looks for a file
25       named .rootdaemonrc in the $HOME directory of  the  user  starting  the
26       daemon;  if  this file does not exists either, the file system.rootdae‐
27       monrc, located under /etc/root or $ROOTSYS/etc, is used.   If  none  of
28       these  file  exists (or is readable), the daemon makes use of a default
29       built-in directive  derived  from  the  configuration  options  of  the
30       installation.
31
32

FORMAT

34       *      lines starting with '#' are comment lines.
35
36       *      hosts  can  specified  either  with their name (e.g. pcepsft43),
37              their FQDN (e.g. pcepsft43.cern.ch) or their  IP  address  (e.g.
38              137.138.99.73).
39
40       *      directives  applying  to  all  host  can  be specified either by
41              'default' or '*'
42
43       *      the '*' character can be used in any field of the name to  indi‐
44              cate a set of machines or domains, e.g. pcepsft*.cern.ch applies
45              to all 'pcepsft' machines in the domain 'cern.ch'. (to  indicate
46              all  'lxplus'  machines you should use 'lxplus*.cern.ch' because
47              internally the generic lxplus machine has a  real  name  of  the
48              form  lxplusnnn.cern.ch;  you can also use 'lxplus' if you don't
49              care about domain name checking).
50
51       *      a whole domain can be indicated by  its  name,  e.g.  'cern.ch',
52              'cnaf.infn.it' or '.ch'
53
54       *      truncated  IP  address  can  also  be  used to indicate a set of
55              machines; they are interpreted as the very first  or  very  last
56              part  of  the address; for example, to select 137.138.99.73, any
57              of these is valid: '137.138.99', '137.138', '137`,  '99.73';  or
58              with  wild  cards:  '137.13*' or '*.99.73`; however, '138.99' is
59              invalid because ambiguous.
60
61       *      the information following the name or IP address  indicates,  in
62              order  of  preference,  the short names or the internal codes of
63              authentication methods accepted for  requests  coming  from  the
64              specified host(s); the ones implemented so far are:
65
66                 Method                           nickname    code
67
68                 UsrPwd                            usrpwd       0
69
70              Methods not specified explicitly are not accepted.
71
72
73       *      Lines  ending with '´ are followed by additional information for
74              the host on the next line; the name of the host  should  not  be
75              repeated.
76
77

EXAMPLES

79       Valid examples:
80
81
82       default none
83              All  requests  are  denied  unless specified by dedicated direc‐
84              tives.
85
86
87       default 0
88              Authentication mechanisms allowed by default are 'usrpwd'  (code
89              0)
90
91
92       137.138. 0
93              Authentication  mechanisms  allowed  from  host  in  the  domain
94              137.138. (cern.ch) are 'usrpwd' (code 0)
95
96
97       lxplus*.cern.ch 0:qwerty:uytre
98              Requests from the lxplus cluster from users 'qwerty' and 'uytre'
99              can authenticate using 'usrpwd'.
100
101
102       pcep*.cern.ch 0:-qwerty
103              Requests  from  the  pcep*.cern.ch  nodes can authenticate using
104              'usrpwd' when accessing the 'rootd' daemon ; user 'qwerty'  can‐
105              not use 'usrpwd'.
106
107
108       For   more   information   on   the   ROOT   system,  please  refer  to
109       http://root.cern.ch/ .
110
111

ORIGINAL AUTHORS

113       The ROOT team (see web page above):
114              Rene Brun and Fons Rademakers
115

117       This library is free software; you can redistribute it and/or modify it
118       under  the  terms of the GNU Lesser General Public License as published
119       by the Free Software Foundation; either version 2.1 of the License,  or
120       (at your option) any later version.
121
122       This  library  is  distributed  in the hope that it will be useful, but
123       WITHOUT ANY  WARRANTY;  without  even  the  implied  warranty  of  MER‐
124       CHANTABILITY  or  FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser
125       General Public License for more details.
126
127       You should have received a  copy  of  the  GNU  Lesser  General  Public
128       License  along  with  this  library; if not, write to the Free Software
129       Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,  MA   02110-1301
130       USA
131

AUTHOR

133       This manual page was written by G. Ganis <g.ganis@cern.ch> .
134
135
136
137ROOT                               Version 4            SYSTEM.ROOTDAEMONRC(1)
Impressum