Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages


home | help

       hosts.hfaxd - HylaFAX client access control list

       The  ASCII  file	etc/hosts.hfaxd	in the HylaFAX spooling	area specifies
       the hosts and users that	are permitted to access	services  through  the
       hfaxd(8C)  process.   This  file	must exist for client access; if it is
       not present then	hfaxd will deny	all requests for service.   Note  also
       that  this  file	 must  be  readable only by the	``fax''	user; i.e.  it
       should have mode	600 and	be owned by ``fax''.

       Each newline-terminated entry is	a set of colon (:)  separated  fields,
       all  but	 the  first  of	 which are optional.  Trailing null fields and
       their separators	may be omitted.	 The most general form is:


       client  is  a  regular  expression  to  be  matched  against  a	string
       ``user@host''  that is formed from the user string passed to hfaxd with
       the USER	command	and the	official host name or the DARPA	 Internet  ad-
       dress,  specified  in  ``dot notation''.	 If client does	not contain an
       ``@'' then, for backwards compatibility,	it is treated as  a  host  for
       which  any  user	may have access; i.e. it is automatically converted to
       the regular expression ``^.*@client$''.

       Comments	are introduced with the	``#'' character	and extend to the  end
       of  the	line.	Any whitespace immediately preceding a comment is also

       If client has a leading ``!'', then it is interpreted  as  a  class  of
       hosts  and  users to which access is to be disallowed.  That is,	if the
       pattern matches the client information, then access is denied.

       Note that regular expressions are not anchored.	That is, a regular ex-
       pression	 may  match  a	substring  of  the ``user@host'' string.  Thus
       `pb@.*\.cl\.cam\.ac\.uk'	  matches   `'.
       Use ``^'' to match the start of the string and ``$'' to match the end.

       Fields following	client are optional and	specify	the following:

       uid	 The numerical user ID to assign to clients that use the entry
		 for access.  hfaxd uses the uid to control access  to	server
		 resources  such  as  jobs and documents (the value is used to
		 set the group ID of files created by a	client).

		 Multiple clients/users	may share the same uid or  unique  IDs
		 may  be  created for each client.  User IDs may be any	number
		 in the	range [0..60002] with 60002 used, by  convention,  for
		 entries that do not have a uid	specified.

       passwd	 The  encrypted	 password.  If this field is empty (null) then
		 no password will be demanded when a client logs in; i.e.  the
		 USER command does not need to be followed by a	PASS command.

       adminwd	 The  encrypted	 password for this user	to gain	administrative
		 privileges.  If this field is empty (null) then the  user  is
		 not permitted to have administrative privileges.

       The  following is a sample hosts.hfaxd file.  Note that the first entry
       that matches is taken, so more-specific entries should be placed	first.
				     # pb on a machine directly	in	can
				     # administer if an	admin pw is given		     # anyone on local host uses the default uid
	      ^sam@flake.*sgi\.com$  # Sam on his work machine
	      ^sam@oxford.*Berkeley.*# Sam on any machine starting oxford and containing
				     # Berkeley, e.g.
	      ^.*@.*.\.esd\.	     # anyone in an esd	domain
	      !^tom@		     # Tom Davis is denied access
	      .*\.sgi\.com$	     # but anyone else at sgi is ok

       sendfax(1), hfaxd(8C), hylafax-server(5F)

			       January 18, 1996		       HOSTS.HFAXD(5F)


Want to link to this manual page? Use this URL:

home | help