+ * Some groff warnings in userv(1) fixed.
* Specification's usage notes section improved.
* --help and --version behaviour made to conform to GNU standards.
* We do ship m4 and flex output now, so say so.
* Specification's usage notes section improved.
* --help and --version behaviour made to conform to GNU standards.
* We do ship m4 and flex output now, so say so.
+ * Some groff warnings in userv(1) fixed.
Debian:
* Priority changed to optional as per override file.
Debian:
* Priority changed to optional as per override file.
.Nm userv
is used to have a task performed under different userid while
maintaining limited trust between caller and callee.
.Nm userv
is used to have a task performed under different userid while
maintaining limited trust between caller and callee.
.Ar service-user
specifies which user account is to perform the task. The user may be
a login name or a numeric uid, or
.Ql -
to indicate that the service user is to be the same as the calling
user.
.Ar service-user
specifies which user account is to perform the task. The user may be
a login name or a numeric uid, or
.Ql -
to indicate that the service user is to be the same as the calling
user.
The service name is interpreted by the userv daemon on behalf of the
service user. This is controlled by configuration files in the
service user's filespace; consult the userv specification for details.
The service name is interpreted by the userv daemon on behalf of the
service user. This is controlled by configuration files in the
service user's filespace; consult the userv specification for details.
Single-letter options may be combined as is usual with Unix programs,
and the value for such an option may appear in the same argument or in
the next.
Single-letter options may be combined as is usual with Unix programs,
and the value for such an option may appear in the same argument or in
the next.
requested, and requesting a service user of
.Ql -
(indicating the calling user).
requested, and requesting a service user of
.Ql -
(indicating the calling user).
If the builtin service being requested requires a
.Ar service-argument
then this must be supplied to the client in the
If the builtin service being requested requires a
.Ar service-argument
then this must be supplied to the client in the
and below for details of the
.Fl -override
options.
and below for details of the
.Fl -override
options.
The actual service name passed will be the
.Ar builtin-service ;
note
The actual service name passed will be the
.Ar builtin-service ;
note
.Nm cat
will be one inherited by the client program from the caller or one
opened by the client program on behalf of the caller.
.Nm cat
will be one inherited by the client program from the caller or one
opened by the client program on behalf of the caller.
The descriptor in the service program that should be connected must be
specified as
.Ar fd ,
The descriptor in the service program that should be connected must be
specified as
.Ar fd ,
.Ql stderr .
The next argument is a filename which will be opened by the client
with the privileges of the calling user.
.Ql stderr .
The next argument is a filename which will be opened by the client
with the privileges of the calling user.
.Ar modifiers
is used to specify whether the file or descriptor is to be read from
or written to. It consists of a series of words separated by commas.
.Ar modifiers
is used to specify whether the file or descriptor is to be read from
or written to. It consists of a series of words separated by commas.
.Ql stderr
for file descriptor 0, 1 or 2 respectively.
.El
.Ql stderr
for file descriptor 0, 1 or 2 respectively.
.El
If no
.Ar modifiers
which imply
If no
.Ar modifiers
which imply
if only
.Ql fd
was specified).
if only
.Ql fd
was specified).
The client will also use
.Dv O_NOCTTY
when opening files specified by the caller, to avoid changing its
controlling terminal.
The client will also use
.Dv O_NOCTTY
when opening files specified by the caller, to avoid changing its
controlling terminal.
By default
.Va stdin ,
.Va stdout
By default
.Va stdin ,
.Va stdout
the client. Diagnostics from the client and daemon will also appear
on
.Va stderr .
the client. Diagnostics from the client and daemon will also appear
on
.Va stderr .
If
.Ql wait
is specified, the client will wait for the pipe to be closed, and only
If
.Ql wait
is specified, the client will wait for the pipe to be closed, and only
at this stage will be considered a system error and cause the client
to exit with status 255, but will not cause disconnection at the
service side since the service has already exited.
at this stage will be considered a system error and cause the client
to exit with status 255, but will not cause disconnection at the
service side since the service has already exited.
If
.Ql close
is specified the client will immediately close the pipe connection by
If
.Ql close
is specified the client will immediately close the pipe connection by
.Er EPIPE )
for a writing descriptor or end of file for a reading one; the
descriptor opened by or passed to the client will also be closed.
.Er EPIPE )
for a writing descriptor or end of file for a reading one; the
descriptor opened by or passed to the client will also be closed.
If
.Ql nowait
is specified then the client will not wait and the
If
.Ql nowait
is specified then the client will not wait and the
.Ql "--signals stdout"
is used) since diagnostics from the service side may arrive after the
client has exited and be confused with expected output.
.Ql "--signals stdout"
is used) since diagnostics from the service side may arrive after the
client has exited and be confused with expected output.
The default is
.Ql wait
for writing file descriptors and
The default is
.Ql wait
for writing file descriptors and
range of numbers and signal indications which can be returned by the
.Fn wait
family of system calls.)
range of numbers and signal indications which can be returned by the
.Fn wait
family of system calls.)
The
.Ar method
may be one of the following:
The
.Ar method
may be one of the following:
and an error message will be printed to
.Va stderr
as usual.
and an error message will be printed to
.Va stderr
as usual.
Problems such as client usage errors, the service not being found or
permission being denied or failure of a system call are system errors.
An error message describing the problem will be printed on the
Problems such as client usage errors, the service not being found or
permission being denied or failure of a system call are system errors.
An error message describing the problem will be printed on the
.It Fl -copyright
Prints the copyright and lack of warranty notice.
.El
.It Fl -copyright
Prints the copyright and lack of warranty notice.
.El
-.Ss Security-overriding options
+.Sh SECURITY-OVERRIDING OPTIONS
There are also some options which are available for debugging and to
allow the system administrator to override a user's policy. These
options are available only if the client is called by root or if the
There are also some options which are available for debugging and to
allow the system administrator to override a user's policy. These
options are available only if the client is called by root or if the
to the service in
.Ev USERV_USER .
Their values will only be used if they correspond to the calling UID.
to the service in
.Ev USERV_USER .
Their values will only be used if they correspond to the calling UID.
.Sh FILES
.Bl -tag -width Pa
.It Pa /var/run/userv/socket
.Sh FILES
.Bl -tag -width Pa
.It Pa /var/run/userv/socket
.%A Ian Jackson
.Re
.Sh COPYRIGHT
.%A Ian Jackson
.Re
.Sh COPYRIGHT
-GNU userv is Copyright (C)1996-2000 Ian Jackson, except that this
+GNU userv is Copyright (C)1996-2001,2003 Ian Jackson, except that this
manpage is Copyright (C)2000 Ben Harris.
manpage is Copyright (C)2000 Ben Harris.
GNU userv is licensed under the terms of the GNU General Public
Licence, version 2 or (at your option) any later version, and it comes
with NO WARRANTY, not even the implied warranty of MERCHANTABILITY or
FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
for details.
GNU userv is licensed under the terms of the GNU General Public
Licence, version 2 or (at your option) any later version, and it comes
with NO WARRANTY, not even the implied warranty of MERCHANTABILITY or
FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
for details.
You should have received a copy of the GNU General Public License
along with userv, if not, write to the Free Software Foundation, 59
Temple Place - Suite 330, Boston, MA 02111-1307, USA.
You should have received a copy of the GNU General Public License
along with userv, if not, write to the Free Software Foundation, 59
Temple Place - Suite 330, Boston, MA 02111-1307, USA.