Penguin
Recent Changes
Blame: hosts_access(3)
EditPageHistoryDiffInfoLikePages
Annotated edit history of hosts_access(3) version 1, including all changes. View license author blame.
Rev Author # Line
1 perry 1 HOSTS_ACCESS
2 !!!HOSTS_ACCESS
3 NAME
4 SYNOPSIS
5 DESCRIPTION
6 DIAGNOSTICS
7 SEE ALSO
8 FILES
9 BUGS
10 AUTHOR
11 ----
12 !!NAME
13
14
15 hosts_access, hosts_ctl, request_init, request_set - access control library
16 !!SYNOPSIS
17
18
19 #include
20 !!DESCRIPTION
21
22
23 The routines described in this document are part of the
24 ''libwrap.a'' library. They implement a rule-based access
25 control language with optional shell commands that are
26 executed when a rule fires.
27
28
29 request_init() initializes a structure with information
30 about a client request. request_set() updates an already
31 initialized request structure. Both functions take a
32 variable-length list of key-value pairs and return their
33 first argument. The argument lists are terminated with a
34 zero key value. All string-valued arguments are copied. The
35 expected keys (and corresponding value types)
36 are:
37
38
39 RQ_FILE (int)
40
41
42 The file descriptor associated with the
43 request.
44
45
46 RQ_CLIENT_NAME (char *)
47
48
49 The client host name.
50
51
52 RQ_CLIENT_ADDR (char *)
53
54
55 A printable representation of the client network
56 address.
57
58
59 RQ_CLIENT_SIN (struct sockaddr_in *)
60
61
62 An internal representation of the client network address and
63 port. The contents of the structure are not
64 copied.
65
66
67 RQ_SERVER_NAME (char *)
68
69
70 The hostname associated with the server endpoint
71 address.
72
73
74 RQ_SERVER_ADDR (char *)
75
76
77 A printable representation of the server endpoint
78 address.
79
80
81 RQ_SERVER_SIN (struct sockaddr_in *)
82
83
84 An internal representation of the server endpoint address
85 and port. The contents of the structure are not
86 copied.
87
88
89 RQ_DAEMON (char *)
90
91
92 The name of the daemon process running on the server
93 host.
94
95
96 RQ_USER (char *)
97
98
99 The name of the user on whose behalf the client host makes
100 the request.
101
102
103 hosts_access() consults the access control tables described
104 in the ''hosts_access(5)'' manual page. When internal
105 endpoint information is available, host names and client
106 user names are looked up on demand, using the request
107 structure as a cache. hosts_access() returns zero if access
108 should be denied.
109
110
111 hosts_ctl() is a wrapper around the request_init() and
112 hosts_access() routines with a perhaps more convenient
113 interface (though it does not pass on enough information to
114 support automated client username lookups). The client host
115 address, client host name and username arguments should
116 contain valid data or STRING_UNKNOWN. hosts_ctl() returns
117 zero if access should be denied.
118
119
120 The ''allow_severity'' and ''deny_severity'' variables
121 determine how accepted and rejected requests may be logged.
122 They must be provided by the caller and may be modified by
123 rules in the access control tables.
124 !!DIAGNOSTICS
125
126
127 Problems are reported via the syslog daemon.
128 !!SEE ALSO
129
130
131 hosts_access(5), format of the access control tables.
132 hosts_options(5), optional extensions to the base
133 language.
134 !!FILES
135
136
137 /etc/hosts.allow, /etc/hosts.deny, access control
138 tables.
139 !!BUGS
140
141
142 hosts_access() uses the strtok() library function. This may
143 interfere with other code that relies on
144 strtok().
145 !!AUTHOR
146
147
148 Wietse Venema (wietse@wzv.win.tue.nl)
149 Department of Mathematics and Computing Science
150 Eindhoven University of Technology
151 Den Dolech 2, P.O. Box 513,
152 5600 MB Eindhoven, The Netherlands
153 ----
This page is a man page (or other imported legacy content). We are unable to automatically determine the license status of this page.