From: Ian Jackson Date: Sun, 3 Jun 2012 11:33:41 +0000 (+0100) Subject: manpage improvements X-Git-Tag: debian/2.1.0~1 X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ian/git?p=authbind.git;a=commitdiff_plain;h=32f41fed121ea4fe4e9171c509691e1b16db13f8 manpage improvements --- diff --git a/authbind-helper.8 b/authbind-helper.8 index 835c97f..b9c25e8 100644 --- a/authbind-helper.8 +++ b/authbind-helper.8 @@ -45,17 +45,23 @@ the caller desires that the socket be bound, and the address family (ommitted for IPv4; the fixed string .B 6 for IPv6). -The address and port should be hex strings, +.I addr4-hex +and +.I port-hex +should be hex strings, .I without leading .BR 0x , -of exactly the right length (8 or 32, and 4, digits, respectively), being -a pairs of hex digits for each byte in the address or port number when +of exactly the right length (8 and 4 digits, respectively), being +a pair of hex digits for each byte in the address or port number when expressed in host byte order. For example, the port argument is the result of something like .B sprintf(arg, .B """%04X"", .BR sin.sin_port) . +.I addr6-hex +should be a string of 32 hex digits, being a pair for each byte in +the address, in network byte order. .SH EXIT STATUS .B helper will exit with code 0 on success. diff --git a/authbind.1 b/authbind.1 index 46abb3a..74d44d7 100644 --- a/authbind.1 +++ b/authbind.1 @@ -89,13 +89,22 @@ Secondly, if that test fails to resolve the matter, is tested, in the same manner as above. Here .I addr is as from -.BR inet_ntop . -Since this is not completely predictable for IPv6, -for IPv6 a variant of +.BR inet_ntop , +and +.I port +is the (local) TCP or UDP port number, expressed as an unsigned +integer in the minimal non-zero number of digits. +.PP +Thirdly, for IPv6 only: since the textual representation from +.B inet_ntop +is complicated to predict, a variant of .I addr -is also tested which does not contain any ommitted zeroes or colons. +is also tested which does not use the double colon abbreviation: +each 16-byte chunk expressed in the minimal nonzero number +of hex digits (i.e. with leading zeroes removed), the chunks +being separated by colons as is conventional. .PP -Thirdly, if the question is still unresolved, the file +Fourthly, if the question is still unresolved, the file .BI /etc/authbind/byuid/ uid will be opened and read. If the file does not exist then the binding is not authorised and @@ -130,12 +139,6 @@ will fail with .B ENOENT .RI ( "No such file or directory" ). .PP -In each case above, -.TP -.I port -is the (local) TCP or UDP port number, expressed as an unsigned -integer in the minimal non-zero number of digits, and -.PP If a read error occurs, or the directory .B /etc/authbind cannot be accessed, then not only will @@ -144,10 +147,10 @@ fail, but an error message will be printed to stderr. Unrecognised lines in .BI /etc/authbind/byuid/ uid files are silently ignored (as are lines whose -.I addr4 +.I addr has non-zero bits more than .I length -from the top) or where +from the top) or where some .I min is larger than .IR max . diff --git a/debian/changelog b/debian/changelog index c9fa8bc..6eadfcf 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +authbind (2.1.0~~iwj) unstable; urgency=low + + * Permissions file lines can contain IPv6 mask/length. + * Permissions file lines need only contain one port number. + * Manpage improvements. + + -- Ian Jackson Sun, 03 Jun 2012 12:27:49 +0100 + authbind (2.0.1) unstable; urgency=low Bugfix: