From d481e8196cc08ec6761f3a26da16d1e02dbbc712 Mon Sep 17 00:00:00 2001 From: ian Date: Sun, 18 Apr 1999 18:15:12 +0000 Subject: [PATCH] Build arrangements changed some more - check in distritubed files. --- .cvsignore | 9 +- Makefile.in | 46 +- debian/changelog | 6 +- lexer.c | 2589 +++++++++++++++++ lexer.l | 299 ++ overview.ps | 445 +++ spec.html/ch-client.html | 236 ++ spec.html/ch-config.html | 437 +++ spec.html/ch-envir.html | 125 + spec.html/ch-intro.html | 32 + spec.html/ch-ipass.html | 101 + spec.html/ch-notes.html | 150 + spec.html/footnotes.html | 21 + spec.html/index.html | 73 + spec.ps | 5714 ++++++++++++++++++++++++++++++++++++++ spec.sgml | 1385 +++++++++ tokens.h | 263 ++ 17 files changed, 11900 insertions(+), 31 deletions(-) create mode 100644 lexer.c create mode 100644 lexer.l create mode 100644 overview.ps create mode 100644 spec.html/ch-client.html create mode 100644 spec.html/ch-config.html create mode 100644 spec.html/ch-envir.html create mode 100644 spec.html/ch-intro.html create mode 100644 spec.html/ch-ipass.html create mode 100644 spec.html/ch-notes.html create mode 100644 spec.html/footnotes.html create mode 100644 spec.html/index.html create mode 100644 spec.ps create mode 100644 spec.sgml create mode 100644 tokens.h diff --git a/.cvsignore b/.cvsignore index 2a264ce..f7324d1 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1,19 +1,13 @@ daemon client -lexer.l -lexer.c -tokens.h pcsum.h version.h -spec.sgml *.sasp* *.lout* *.li -*.ps -spec.html config.cache config.log @@ -24,6 +18,9 @@ Makefile *.new vd +dist_tmp tilde slash-etc shipcheck + +userv-*.tar.gz diff --git a/Makefile.in b/Makefile.in index c6d66b9..dde68ca 100644 --- a/Makefile.in +++ b/Makefile.in @@ -54,16 +54,9 @@ SOURCES= Makefile.in configure.in acconfig.h \ daemon.h debug.c parser.c lib.c lib.h \ language.i4 lexer.l.m4 tokens.h.m4 -ALSOSHIP= README INSTALL Changelog COPYING \ - system.default system.override \ - spec.sgml.in overview.fig overview.ps \ - buildship install-sh .cvsignore - -GENSHIP_CLEAN= pcsum.h lexer.l lexer.c tokens.h config.h.in spec.sgml $(TARGETS_DOC) +GENSHIP_CLEAN= lexer.l lexer.c tokens.h config.h.in spec.sgml $(TARGETS_DOC) GENSHIP= $(GENSHIP_CLEAN) configure -SHIPTARGETS= $(SOURCES) $(ALSOSHIP) $(GENSHIP) - all: $(TARGETS) docs: $(TARGETS_DOC) @@ -130,11 +123,6 @@ version.h: Makefile tokens.h: language.i4 -pcsum.h - rm -f overview.eps - rm -f spec.lout* spec.text* spec.sgml spec.sgml.new spec.ps?* - rm -rf spec.html?* - rm -f lout.li *.lix *.ldx config.cache rm -f *.o *~ core ./#*# autoconf configure: @@ -142,23 +130,35 @@ autoconf configure: autoconf clean: + find -name '*.orig' -o -name '*~' -o -name '.*~' \ + -o -name '*#' -o -name '.#*' -o -name '*.bak' \ + | xargs -r rm rm -rf $(TARGETS) *.o + rm -f overview.eps + rm -f spec.lout* spec.text* spec.ps?* spec.sgml.new spec.html/*.html + rm -f lout.li *.ld *.lix *.ldx + rm -f userv-*.tar.gz vd/* distclean mostlyclean: clean - rm -f config.status config.log Makefile config.h + rm -f config.status config.log Makefile config.h config.cache pcsum.h maintainer-clean: distclean rm -rf $(GENSHIP_CLEAN) -dist-prep: $(SHIPTARGETS) - -dist: $(SHIPTARGETS) - rm -rf shipcheck - mkdir -p shipcheck/userv-$(VERSION) - cp -a $^ shipcheck/userv-$(VERSION) - cd shipcheck && \ - GZIP=-9v tar zvvcf userv-$(VERSION).tar.gz userv-$(VERSION) - rm -rf shipcheck/userv-$(VERSION) +dist-prep: $(GENSHIP) distclean + +dist_tmp=dist_tmp/userv-$(VERSION) +dist_prune=$ -name CVS -o -name 'dist_tmp*' -o -name slash-etc -o -name vd $ +dist: dist-prep + rm -rf dist_tmp* + mkdir dist_tmp $(dist_tmp) + find $(dist_prune) -prune -o -type d -print | \ + sed -e 's#.*#mkdir -p $(dist_tmp)/&#' | sh + find $(dist_prune) -prune -o -type f -print | \ + sed -e 's#.*#ln & $(dist_tmp)/&#' | sh + cd dist_tmp && tar cf ../$(dist_tmp).tar `basename $(dist_tmp)` + gzip -9 $(dist_tmp).tar + mv $(dist_tmp).tar.gz . linecount: $(SOURCES) wc -l $^ diff --git a/debian/changelog b/debian/changelog index af6e956..77f2097 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,4 +1,4 @@ -userv (0.61.1) unreleased; urgency=low +userv (0.61.2) unreleased; urgency=low * New builtin service `help' lists builtin services. @@ -18,7 +18,9 @@ userv (0.61.1) unreleased; urgency=low * Reran autoconf/autoheader, latest version. * Updated email address to ian@davenant.greenend.org.uk throughout. - -- + * Build arrangements changed ---- + + -- Ian Jackson Sun, 18 Apr 1999 19:14:29 +0100 userv (0.60.3) frozen unstable; urgency=medium diff --git a/lexer.c b/lexer.c new file mode 100644 index 0000000..1a94c7b --- /dev/null +++ b/lexer.c @@ -0,0 +1,2589 @@ +/* A lexical scanner generated by flex */ + +/* Scanner skeleton version: + * $Header$ + */ + +#define FLEX_SCANNER +#define YY_FLEX_MAJOR_VERSION 2 +#define YY_FLEX_MINOR_VERSION 5 + +#include + + +/* cfront 1.2 defines "c_plusplus" instead of "__cplusplus" */ +#ifdef c_plusplus +#ifndef __cplusplus +#define __cplusplus +#endif +#endif + + +#ifdef __cplusplus + +#include +#include + +/* Use prototypes in function declarations. */ +#define YY_USE_PROTOS + +/* The "const" storage-class-modifier is valid. */ +#define YY_USE_CONST + +#else /* ! __cplusplus */ + +#if __STDC__ + +#define YY_USE_PROTOS +#define YY_USE_CONST + +#endif /* __STDC__ */ +#endif /* ! __cplusplus */ + +#ifdef __TURBOC__ + #pragma warn -rch + #pragma warn -use +#include +#include +#define YY_USE_CONST +#define YY_USE_PROTOS +#endif + +#ifdef YY_USE_CONST +#define yyconst const +#else +#define yyconst +#endif + + +#ifdef YY_USE_PROTOS +#define YY_PROTO(proto) proto +#else +#define YY_PROTO(proto) () +#endif + +/* Returned upon end-of-file. */ +#define YY_NULL 0 + +/* Promotes a possibly negative, possibly signed char to an unsigned + * integer for use as an array index. If the signed char is negative, + * we want to instead treat it as an 8-bit unsigned char, hence the + * double cast. + */ +#define YY_SC_TO_UI(c) ((unsigned int) (unsigned char) c) + +/* Enter a start condition. This macro really ought to take a parameter, + * but we do it the disgusting crufty way forced on us by the ()-less + * definition of BEGIN. + */ +#define BEGIN yy_start = 1 + 2 * + +/* Translate the current start state into a value that can be later handed + * to BEGIN to return to the state. The YYSTATE alias is for lex + * compatibility. + */ +#define YY_START ((yy_start - 1) / 2) +#define YYSTATE YY_START + +/* Action number for EOF rule of a given start state. */ +#define YY_STATE_EOF(state) (YY_END_OF_BUFFER + state + 1) + +/* Special action meaning "start processing a new file". */ +#define YY_NEW_FILE yyrestart( yyin ) + +#define YY_END_OF_BUFFER_CHAR 0 + +/* Size of default input buffer. */ +#define YY_BUF_SIZE 16384 + +typedef struct yy_buffer_state *YY_BUFFER_STATE; + +extern int yyleng; +extern FILE *yyin, *yyout; + +#define EOB_ACT_CONTINUE_SCAN 0 +#define EOB_ACT_END_OF_FILE 1 +#define EOB_ACT_LAST_MATCH 2 + +/* The funky do-while in the following #define is used to turn the definition + * int a single C statement (which needs a semi-colon terminator). This + * avoids problems with code like: + * + * if ( condition_holds ) + * yyless( 5 ); + * else + * do_something_else(); + * + * Prior to using the do-while the compiler would get upset at the + * "else" because it interpreted the "if" statement as being all + * done when it reached the ';' after the yyless() call. + */ + +/* Return all but the first 'n' matched characters back to the input stream. */ + +#define yyless(n) \ + do \ + { \ + /* Undo effects of setting up yytext. */ \ + *yy_cp = yy_hold_char; \ + YY_RESTORE_YY_MORE_OFFSET \ + yy_c_buf_p = yy_cp = yy_bp + n - YY_MORE_ADJ; \ + YY_DO_BEFORE_ACTION; /* set up yytext again */ \ + } \ + while ( 0 ) + +#define unput(c) yyunput( c, yytext_ptr ) + +/* The following is because we cannot portably get our hands on size_t + * (without autoconf's help, which isn't available because we want + * flex-generated scanners to compile on their own). + */ +typedef unsigned int yy_size_t; + + +struct yy_buffer_state + { + FILE *yy_input_file; + + char *yy_ch_buf; /* input buffer */ + char *yy_buf_pos; /* current position in input buffer */ + + /* Size of input buffer in bytes, not including room for EOB + * characters. + */ + yy_size_t yy_buf_size; + + /* Number of characters read into yy_ch_buf, not including EOB + * characters. + */ + int yy_n_chars; + + /* Whether we "own" the buffer - i.e., we know we created it, + * and can realloc() it to grow it, and should free() it to + * delete it. + */ + int yy_is_our_buffer; + + /* Whether this is an "interactive" input source; if so, and + * if we're using stdio for input, then we want to use getc() + * instead of fread(), to make sure we stop fetching input after + * each newline. + */ + int yy_is_interactive; + + /* Whether we're considered to be at the beginning of a line. + * If so, '^' rules will be active on the next match, otherwise + * not. + */ + int yy_at_bol; + + /* Whether to try to fill the input buffer when we reach the + * end of it. + */ + int yy_fill_buffer; + + int yy_buffer_status; +#define YY_BUFFER_NEW 0 +#define YY_BUFFER_NORMAL 1 + /* When an EOF's been seen but there's still some text to process + * then we mark the buffer as YY_EOF_PENDING, to indicate that we + * shouldn't try reading from the input source any more. We might + * still have a bunch of tokens to match, though, because of + * possible backing-up. + * + * When we actually see the EOF, we change the status to "new" + * (via yyrestart()), so that the user can continue scanning by + * just pointing yyin at a new input file. + */ +#define YY_BUFFER_EOF_PENDING 2 + }; + +static YY_BUFFER_STATE yy_current_buffer = 0; + +/* We provide macros for accessing buffer states in case in the + * future we want to put the buffer states in a more general + * "scanner state". + */ +#define YY_CURRENT_BUFFER yy_current_buffer + + +/* yy_hold_char holds the character lost when yytext is formed. */ +static char yy_hold_char; + +static int yy_n_chars; /* number of characters read into yy_ch_buf */ + + +int yyleng; + +/* Points to current character in buffer. */ +static char *yy_c_buf_p = (char *) 0; +static int yy_init = 1; /* whether we need to initialize */ +static int yy_start = 0; /* start state number */ + +/* Flag which is used to allow yywrap()'s to do buffer switches + * instead of setting up a fresh yyin. A bit of a hack ... + */ +static int yy_did_buffer_switch_on_eof; + +void yyrestart YY_PROTO(( FILE *input_file )); + +void yy_switch_to_buffer YY_PROTO(( YY_BUFFER_STATE new_buffer )); +void yy_load_buffer_state YY_PROTO(( void )); +YY_BUFFER_STATE yy_create_buffer YY_PROTO(( FILE *file, int size )); +void yy_delete_buffer YY_PROTO(( YY_BUFFER_STATE b )); +void yy_init_buffer YY_PROTO(( YY_BUFFER_STATE b, FILE *file )); +void yy_flush_buffer YY_PROTO(( YY_BUFFER_STATE b )); +#define YY_FLUSH_BUFFER yy_flush_buffer( yy_current_buffer ) + +YY_BUFFER_STATE yy_scan_buffer YY_PROTO(( char *base, yy_size_t size )); +YY_BUFFER_STATE yy_scan_string YY_PROTO(( yyconst char *yy_str )); +YY_BUFFER_STATE yy_scan_bytes YY_PROTO(( yyconst char *bytes, int len )); + +static void *yy_flex_alloc YY_PROTO(( yy_size_t )); +static void *yy_flex_realloc YY_PROTO(( void *, yy_size_t )); +static void yy_flex_free YY_PROTO(( void * )); + +#define yy_new_buffer yy_create_buffer + +#define yy_set_interactive(is_interactive) \ + { \ + if ( ! yy_current_buffer ) \ + yy_current_buffer = yy_create_buffer( yyin, YY_BUF_SIZE ); \ + yy_current_buffer->yy_is_interactive = is_interactive; \ + } + +#define yy_set_bol(at_bol) \ + { \ + if ( ! yy_current_buffer ) \ + yy_current_buffer = yy_create_buffer( yyin, YY_BUF_SIZE ); \ + yy_current_buffer->yy_at_bol = at_bol; \ + } + +#define YY_AT_BOL() (yy_current_buffer->yy_at_bol) + + +#define yywrap() 1 +#define YY_SKIP_YYWRAP +typedef unsigned char YY_CHAR; +FILE *yyin = (FILE *) 0, *yyout = (FILE *) 0; +typedef int yy_state_type; +extern char *yytext; +#define yytext_ptr yytext + +static yy_state_type yy_get_previous_state YY_PROTO(( void )); +static yy_state_type yy_try_NUL_trans YY_PROTO(( yy_state_type current_state )); +static int yy_get_next_buffer YY_PROTO(( void )); +static void yy_fatal_error YY_PROTO(( yyconst char msg[] )); + +/* Done after the current pattern has been matched and before the + * corresponding action - sets up yytext. + */ +#define YY_DO_BEFORE_ACTION \ + yytext_ptr = yy_bp; \ + yyleng = (int) (yy_cp - yy_bp); \ + yy_hold_char = *yy_cp; \ + *yy_cp = '\0'; \ + yy_c_buf_p = yy_cp; + +#define YY_NUM_RULES 103 +#define YY_END_OF_BUFFER 104 +static yyconst short int yy_accept[572] = + { 0, + 0, 0, 104, 102, 96, 97, 89, 101, 99, 86, + 90, 87, 88, 93, 102, 102, 102, 102, 102, 102, + 102, 102, 102, 102, 102, 102, 102, 102, 102, 102, + 102, 102, 102, 102, 102, 102, 91, 102, 96, 97, + 99, 101, 101, 100, 101, 99, 99, 98, 95, 93, + 102, 102, 102, 102, 19, 102, 102, 102, 102, 102, + 102, 102, 102, 102, 102, 37, 102, 102, 102, 102, + 32, 102, 102, 102, 102, 102, 102, 102, 102, 102, + 102, 102, 102, 102, 102, 102, 102, 102, 102, 102, + 102, 102, 102, 102, 102, 102, 100, 101, 101, 101, + + 101, 0, 101, 101, 94, 93, 102, 102, 102, 102, + 102, 102, 102, 102, 102, 102, 102, 102, 102, 102, + 102, 31, 62, 102, 102, 102, 102, 102, 102, 102, + 102, 102, 102, 70, 102, 102, 102, 102, 102, 102, + 102, 102, 102, 102, 102, 102, 102, 102, 102, 102, + 102, 102, 102, 102, 102, 102, 102, 102, 102, 102, + 102, 101, 101, 100, 0, 101, 101, 94, 93, 102, + 102, 102, 66, 102, 102, 63, 67, 102, 102, 102, + 35, 36, 102, 102, 102, 102, 40, 42, 102, 50, + 102, 102, 59, 69, 102, 71, 102, 72, 102, 102, + + 102, 102, 102, 102, 102, 30, 102, 84, 102, 102, + 102, 102, 102, 102, 102, 102, 102, 102, 74, 75, + 102, 61, 102, 101, 101, 0, 0, 0, 101, 94, + 93, 102, 64, 102, 102, 102, 102, 102, 58, 102, + 65, 102, 92, 102, 38, 102, 102, 102, 102, 102, + 102, 102, 102, 102, 102, 102, 102, 41, 102, 102, + 48, 102, 102, 102, 102, 102, 102, 102, 102, 102, + 102, 85, 101, 0, 0, 94, 93, 102, 102, 102, + 102, 102, 68, 102, 102, 102, 102, 102, 102, 69, + 76, 77, 78, 79, 80, 81, 82, 83, 102, 102, + + 102, 102, 60, 102, 102, 102, 1, 102, 102, 102, + 102, 39, 102, 73, 102, 102, 102, 102, 0, 94, + 93, 102, 102, 102, 102, 102, 102, 102, 102, 49, + 102, 21, 26, 102, 102, 102, 10, 102, 102, 102, + 102, 102, 51, 102, 102, 102, 102, 45, 61, 94, + 93, 102, 9, 66, 102, 102, 102, 102, 102, 102, + 102, 102, 102, 102, 102, 102, 47, 102, 102, 102, + 102, 102, 102, 46, 102, 94, 102, 102, 102, 102, + 102, 102, 102, 102, 102, 102, 12, 102, 102, 102, + 102, 102, 102, 44, 11, 102, 102, 102, 102, 102, + + 102, 94, 102, 102, 102, 102, 102, 33, 102, 102, + 102, 102, 102, 102, 102, 102, 102, 102, 102, 102, + 8, 102, 102, 102, 102, 102, 102, 102, 102, 102, + 102, 102, 43, 34, 102, 102, 102, 102, 102, 102, + 102, 102, 102, 102, 102, 102, 102, 102, 20, 102, + 102, 102, 102, 52, 102, 102, 102, 102, 102, 102, + 102, 102, 102, 102, 102, 102, 102, 55, 102, 102, + 102, 102, 102, 53, 102, 102, 102, 102, 102, 102, + 102, 102, 102, 102, 102, 102, 102, 56, 102, 102, + 15, 102, 102, 102, 102, 17, 7, 102, 102, 102, + + 102, 102, 102, 102, 23, 102, 102, 102, 102, 102, + 102, 102, 102, 102, 102, 102, 4, 102, 102, 102, + 22, 102, 102, 102, 102, 102, 13, 102, 102, 102, + 102, 5, 6, 102, 102, 102, 102, 102, 102, 16, + 102, 102, 102, 102, 102, 102, 3, 25, 102, 18, + 102, 102, 102, 27, 102, 54, 102, 24, 14, 57, + 102, 102, 102, 102, 28, 102, 102, 102, 29, 2, + 0 + } ; + +static yyconst int yy_ec[256] = + { 0, + 1, 1, 1, 1, 1, 1, 1, 1, 2, 3, + 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, + 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, + 1, 2, 4, 5, 6, 7, 8, 9, 8, 10, + 11, 8, 8, 8, 12, 8, 8, 13, 14, 15, + 16, 17, 18, 19, 20, 21, 21, 8, 8, 8, + 8, 8, 8, 8, 22, 22, 22, 22, 22, 22, + 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, + 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, + 8, 23, 8, 8, 24, 8, 25, 26, 27, 28, + + 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, + 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, + 49, 50, 8, 51, 8, 8, 1, 1, 1, 1, + 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, + 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, + 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, + 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, + 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, + 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, + 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, + + 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, + 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, + 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, + 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, + 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, + 1, 1, 1, 1, 1 + } ; + +static yyconst int yy_meta[52] = + { 0, + 1, 2, 3, 1, 1, 1, 1, 1, 1, 1, + 1, 1, 4, 4, 4, 4, 4, 4, 4, 4, + 4, 1, 1, 1, 1, 1, 1, 1, 1, 1, + 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, + 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, + 1 + } ; + +static yyconst short int yy_base[582] = + { 0, + 0, 0, 917, 0, 50, 918, 0, 52, 56, 0, + 0, 0, 0, 64, 883, 19, 44, 37, 51, 882, + 25, 36, 64, 885, 34, 67, 62, 867, 887, 866, + 75, 68, 871, 60, 880, 73, 0, 0, 106, 918, + 905, 109, 101, 905, 132, 116, 903, 918, 168, 177, + 867, 87, 860, 24, 0, 87, 874, 876, 858, 88, + 871, 853, 868, 855, 867, 0, 856, 865, 849, 856, + 0, 853, 95, 848, 862, 846, 854, 843, 838, 115, + 848, 854, 98, 849, 843, 130, 114, 841, 839, 835, + 837, 847, 848, 832, 831, 839, 0, 198, 869, 0, + + 126, 134, 245, 265, 283, 292, 843, 827, 829, 835, + 830, 838, 820, 825, 825, 816, 833, 829, 829, 815, + 823, 0, 816, 827, 827, 812, 826, 810, 810, 812, + 808, 808, 820, 0, 808, 800, 799, 132, 808, 804, + 797, 805, 812, 792, 804, 806, 804, 787, 802, 785, + 783, 816, 785, 786, 789, 788, 781, 782, 778, 782, + 775, 301, 318, 918, 348, 384, 393, 411, 420, 782, + 773, 769, 775, 781, 781, 0, 0, 773, 780, 771, + 0, 0, 778, 766, 765, 761, 0, 0, 778, 0, + 762, 758, 0, 773, 765, 0, 775, 0, 766, 132, + + 771, 785, 754, 768, 757, 0, 764, 0, 765, 758, + 746, 747, 755, 758, 744, 743, 745, 754, 770, 0, + 748, 747, 750, 429, 438, 135, 0, 464, 200, 482, + 491, 733, 0, 765, 734, 737, 762, 735, 0, 734, + 0, 732, 727, 725, 0, 739, 739, 730, 500, 734, + 721, 719, 722, 732, 730, 726, 729, 0, 713, 714, + 0, 722, 727, 715, 723, 722, 719, 703, 706, 708, + 708, 0, 139, 0, 508, 526, 535, 717, 714, 710, + 711, 700, 0, 702, 701, 726, 708, 724, 706, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 705, 706, + + 720, 691, 0, 702, 701, 684, 715, 697, 681, 695, + 677, 0, 679, 0, 692, 693, 681, 687, 198, 544, + 553, 688, 688, 669, 702, 668, 683, 674, 123, 698, + 679, 696, 0, 668, 677, 663, 0, 675, 674, 672, + 689, 651, 687, 665, 654, 660, 665, 0, 0, 562, + 682, 681, 0, 0, 134, 659, 664, 661, 644, 649, + 140, 659, 194, 648, 647, 655, 0, 641, 654, 651, + 179, 638, 667, 0, 645, 571, 198, 635, 633, 631, + 630, 635, 629, 659, 625, 627, 0, 635, 637, 627, + 627, 618, 620, 0, 0, 634, 619, 617, 620, 633, + + 621, 0, 620, 606, 611, 614, 623, 0, 639, 606, + 617, 100, 615, 608, 604, 616, 605, 614, 609, 598, + 0, 601, 610, 600, 595, 607, 602, 591, 604, 587, + 589, 598, 0, 0, 596, 125, 592, 590, 597, 577, + 588, 592, 573, 599, 554, 553, 557, 501, 0, 502, + 461, 434, 435, 462, 428, 436, 443, 427, 418, 449, + 390, 383, 350, 350, 354, 367, 351, 378, 360, 345, + 349, 347, 373, 0, 341, 343, 353, 352, 344, 346, + 198, 334, 334, 336, 363, 336, 331, 0, 329, 333, + 0, 316, 321, 316, 325, 0, 0, 314, 316, 316, + + 320, 327, 303, 286, 317, 296, 290, 295, 293, 280, + 277, 247, 249, 246, 232, 242, 0, 230, 227, 227, + 0, 243, 212, 227, 212, 225, 0, 226, 219, 221, + 214, 0, 0, 220, 216, 196, 208, 202, 202, 0, + 203, 198, 205, 202, 198, 206, 0, 0, 196, 0, + 187, 193, 190, 0, 173, 0, 164, 0, 0, 0, + 177, 177, 165, 145, 0, 134, 141, 119, 0, 0, + 918, 592, 596, 600, 604, 608, 612, 616, 620, 138, + 67 + } ; + +static yyconst short int yy_def[582] = + { 0, + 571, 1, 571, 572, 571, 571, 572, 573, 574, 572, + 572, 572, 572, 572, 572, 572, 572, 572, 572, 572, + 572, 572, 572, 572, 572, 572, 572, 572, 572, 572, + 572, 572, 572, 572, 572, 572, 572, 572, 571, 571, + 575, 573, 576, 577, 573, 574, 575, 571, 572, 14, + 572, 572, 572, 572, 572, 572, 572, 572, 572, 572, + 572, 572, 572, 572, 572, 572, 572, 572, 572, 572, + 572, 572, 572, 572, 572, 572, 572, 572, 572, 572, + 572, 572, 572, 572, 572, 572, 572, 572, 572, 572, + 572, 572, 572, 572, 572, 572, 578, 576, 577, 578, + + 578, 579, 577, 573, 572, 14, 572, 572, 572, 572, + 572, 572, 572, 572, 572, 572, 572, 572, 572, 572, + 572, 572, 572, 572, 572, 572, 572, 572, 572, 572, + 572, 572, 572, 572, 572, 572, 572, 572, 572, 572, + 572, 572, 572, 572, 572, 572, 572, 572, 572, 572, + 572, 572, 572, 572, 572, 572, 572, 572, 572, 572, + 572, 578, 576, 571, 579, 103, 104, 572, 14, 572, + 572, 572, 572, 572, 572, 572, 572, 572, 572, 572, + 572, 572, 572, 572, 572, 572, 572, 572, 572, 572, + 572, 572, 572, 572, 572, 572, 572, 572, 572, 572, + + 572, 572, 572, 572, 572, 572, 572, 572, 572, 572, + 572, 572, 572, 572, 572, 572, 572, 572, 572, 572, + 572, 572, 572, 578, 163, 571, 580, 579, 573, 572, + 14, 572, 572, 572, 572, 572, 572, 572, 572, 572, + 572, 572, 572, 572, 572, 572, 572, 572, 572, 572, + 572, 572, 572, 572, 572, 572, 572, 572, 572, 572, + 572, 572, 572, 572, 572, 572, 572, 572, 572, 572, + 572, 572, 576, 581, 228, 572, 14, 572, 572, 572, + 572, 572, 572, 572, 572, 572, 572, 572, 572, 572, + 572, 572, 572, 572, 572, 572, 572, 572, 572, 572, + + 572, 572, 572, 572, 572, 572, 572, 572, 572, 572, + 572, 572, 572, 572, 572, 572, 572, 572, 579, 572, + 14, 572, 572, 572, 572, 572, 572, 572, 572, 572, + 572, 572, 572, 572, 572, 572, 572, 572, 572, 572, + 572, 572, 572, 572, 572, 572, 572, 572, 572, 572, + 572, 572, 572, 572, 572, 572, 572, 572, 572, 572, + 572, 572, 572, 572, 572, 572, 572, 572, 572, 572, + 572, 572, 572, 572, 572, 572, 572, 572, 572, 572, + 572, 572, 572, 572, 572, 572, 572, 572, 572, 572, + 572, 572, 572, 572, 572, 572, 572, 572, 572, 572, + + 572, 572, 572, 572, 572, 572, 572, 572, 572, 572, + 572, 572, 572, 572, 572, 572, 572, 572, 572, 572, + 572, 572, 572, 572, 572, 572, 572, 572, 572, 572, + 572, 572, 572, 572, 572, 572, 572, 572, 572, 572, + 572, 572, 572, 572, 572, 572, 572, 572, 572, 572, + 572, 572, 572, 572, 572, 572, 572, 572, 572, 572, + 572, 572, 572, 572, 572, 572, 572, 572, 572, 572, + 572, 572, 572, 572, 572, 572, 572, 572, 572, 572, + 572, 572, 572, 572, 572, 572, 572, 572, 572, 572, + 572, 572, 572, 572, 572, 572, 572, 572, 572, 572, + + 572, 572, 572, 572, 572, 572, 572, 572, 572, 572, + 572, 572, 572, 572, 572, 572, 572, 572, 572, 572, + 572, 572, 572, 572, 572, 572, 572, 572, 572, 572, + 572, 572, 572, 572, 572, 572, 572, 572, 572, 572, + 572, 572, 572, 572, 572, 572, 572, 572, 572, 572, + 572, 572, 572, 572, 572, 572, 572, 572, 572, 572, + 572, 572, 572, 572, 572, 572, 572, 572, 572, 572, + 0, 571, 571, 571, 571, 571, 571, 571, 571, 571, + 571 + } ; + +static yyconst short int yy_nxt[970] = + { 0, + 4, 5, 6, 7, 8, 9, 10, 4, 11, 12, + 13, 4, 14, 14, 14, 14, 14, 14, 14, 14, + 14, 4, 4, 15, 16, 4, 17, 18, 19, 20, + 21, 22, 23, 4, 24, 25, 26, 27, 28, 29, + 30, 31, 32, 33, 34, 35, 36, 4, 4, 4, + 37, 39, 40, 43, 52, 41, 44, 47, 48, 111, + 67, 57, 69, 53, 70, 58, 68, 112, 54, 59, + 102, 55, 75, 76, 45, 49, 50, 50, 50, 50, + 50, 50, 50, 50, 50, 56, 60, 61, 62, 63, + 79, 77, 64, 71, 72, 78, 87, 95, 65, 85, + + 80, 73, 92, 86, 93, 97, 81, 39, 40, 88, + 43, 41, 89, 44, 96, 108, 90, 47, 48, 113, + 118, 130, 109, 98, 131, 114, 138, 101, 102, 435, + 119, 45, 99, 101, 102, 142, 226, 102, 164, 143, + 150, 274, 436, 97, 103, 103, 103, 103, 103, 103, + 103, 103, 103, 99, 146, 151, 165, 152, 139, 199, + 252, 98, 359, 147, 378, 385, 360, 570, 457, 386, + 148, 569, 149, 458, 200, 568, 253, 567, 379, 104, + 105, 105, 105, 105, 105, 105, 105, 105, 105, 106, + 106, 106, 106, 106, 106, 106, 106, 106, 100, 101, + + 102, 43, 164, 566, 44, 565, 564, 563, 562, 397, + 162, 162, 162, 162, 162, 162, 162, 162, 162, 100, + 165, 388, 45, 398, 403, 501, 389, 561, 560, 390, + 559, 558, 557, 556, 555, 554, 553, 502, 552, 551, + 404, 550, 405, 549, 548, 163, 100, 547, 546, 545, + 544, 543, 542, 541, 540, 539, 538, 166, 166, 166, + 166, 166, 166, 166, 166, 166, 43, 537, 536, 44, + 535, 534, 533, 532, 531, 530, 529, 167, 167, 167, + 167, 167, 167, 167, 167, 167, 167, 45, 528, 167, + 167, 167, 167, 167, 167, 168, 168, 168, 168, 168, + + 168, 168, 168, 168, 169, 169, 169, 169, 169, 169, + 169, 169, 169, 224, 224, 224, 224, 224, 224, 224, + 224, 224, 97, 527, 526, 525, 524, 523, 522, 521, + 225, 225, 225, 225, 225, 225, 225, 225, 225, 225, + 98, 520, 225, 225, 225, 225, 225, 225, 571, 226, + 102, 519, 518, 517, 516, 515, 514, 513, 512, 511, + 227, 227, 227, 227, 227, 227, 227, 227, 227, 571, + 510, 509, 508, 507, 506, 505, 504, 503, 500, 499, + 498, 497, 496, 495, 494, 493, 492, 491, 490, 489, + 488, 487, 486, 485, 484, 228, 42, 42, 42, 42, + + 42, 42, 42, 42, 42, 229, 229, 229, 229, 229, + 229, 229, 229, 229, 229, 483, 482, 229, 229, 229, + 229, 229, 229, 230, 230, 230, 230, 230, 230, 230, + 230, 230, 231, 231, 231, 231, 231, 231, 231, 231, + 231, 43, 43, 43, 43, 43, 43, 43, 43, 43, + 273, 273, 273, 273, 273, 273, 273, 273, 273, 273, + 481, 480, 273, 273, 273, 273, 273, 273, 164, 479, + 478, 477, 476, 475, 474, 473, 275, 275, 275, 275, + 275, 275, 275, 275, 275, 275, 165, 472, 275, 275, + 275, 275, 275, 275, 276, 276, 276, 276, 276, 276, + + 276, 276, 276, 277, 277, 277, 277, 277, 277, 277, + 277, 277, 291, 292, 293, 294, 295, 296, 297, 298, + 319, 319, 319, 319, 319, 319, 319, 319, 319, 319, + 471, 470, 319, 319, 319, 319, 319, 319, 320, 320, + 320, 320, 320, 320, 320, 320, 320, 321, 321, 321, + 321, 321, 321, 321, 321, 321, 350, 350, 350, 350, + 350, 350, 350, 350, 350, 351, 351, 351, 351, 351, + 351, 351, 351, 351, 376, 376, 376, 376, 376, 376, + 376, 376, 376, 402, 402, 402, 402, 402, 402, 402, + 402, 402, 38, 469, 468, 38, 42, 42, 467, 42, + + 46, 46, 46, 46, 47, 47, 47, 47, 43, 43, + 466, 43, 99, 99, 465, 99, 100, 100, 464, 100, + 102, 102, 463, 102, 462, 461, 460, 459, 456, 455, + 454, 453, 452, 451, 450, 449, 448, 447, 446, 445, + 444, 443, 442, 441, 440, 439, 438, 437, 434, 433, + 432, 431, 430, 429, 428, 427, 426, 425, 424, 423, + 422, 421, 420, 419, 418, 417, 416, 415, 414, 413, + 412, 411, 410, 409, 408, 407, 406, 401, 400, 399, + 396, 395, 394, 393, 392, 391, 387, 384, 383, 382, + 381, 380, 377, 49, 375, 374, 373, 372, 371, 354, + + 370, 369, 368, 367, 366, 365, 364, 363, 362, 361, + 358, 357, 356, 355, 354, 353, 352, 349, 348, 347, + 346, 345, 344, 343, 342, 341, 340, 339, 338, 337, + 336, 335, 334, 333, 332, 331, 330, 329, 328, 327, + 326, 325, 324, 323, 322, 318, 317, 316, 315, 314, + 313, 312, 311, 310, 309, 308, 307, 306, 305, 304, + 303, 302, 301, 300, 299, 290, 289, 288, 287, 286, + 285, 284, 283, 282, 281, 280, 279, 278, 272, 271, + 270, 269, 268, 267, 266, 265, 264, 263, 262, 261, + 260, 259, 258, 257, 241, 256, 255, 254, 251, 250, + + 249, 248, 247, 246, 245, 244, 243, 242, 241, 240, + 239, 238, 237, 236, 235, 234, 233, 232, 223, 222, + 221, 220, 219, 218, 217, 216, 215, 214, 213, 212, + 211, 210, 209, 208, 207, 206, 205, 204, 203, 202, + 201, 198, 197, 196, 195, 194, 193, 192, 191, 190, + 189, 188, 187, 186, 185, 184, 183, 182, 181, 180, + 179, 178, 177, 176, 175, 174, 173, 172, 171, 170, + 100, 161, 160, 159, 158, 157, 156, 155, 154, 153, + 145, 144, 141, 140, 137, 136, 135, 134, 133, 132, + 129, 128, 127, 126, 125, 124, 123, 122, 121, 120, + + 117, 116, 115, 110, 107, 48, 100, 48, 94, 91, + 84, 83, 82, 74, 66, 51, 571, 3, 571, 571, + 571, 571, 571, 571, 571, 571, 571, 571, 571, 571, + 571, 571, 571, 571, 571, 571, 571, 571, 571, 571, + 571, 571, 571, 571, 571, 571, 571, 571, 571, 571, + 571, 571, 571, 571, 571, 571, 571, 571, 571, 571, + 571, 571, 571, 571, 571, 571, 571, 571, 571 + } ; + +static yyconst short int yy_chk[970] = + { 0, + 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, + 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, + 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, + 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, + 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, + 1, 5, 5, 8, 16, 5, 8, 9, 9, 54, + 21, 18, 22, 16, 22, 18, 21, 54, 17, 18, + 581, 17, 25, 25, 8, 14, 14, 14, 14, 14, + 14, 14, 14, 14, 14, 17, 19, 19, 19, 19, + 27, 26, 19, 23, 23, 26, 32, 36, 19, 31, + + 27, 23, 34, 31, 34, 43, 27, 39, 39, 32, + 42, 39, 32, 42, 36, 52, 32, 46, 46, 56, + 60, 73, 52, 43, 73, 56, 80, 101, 101, 412, + 60, 42, 45, 45, 45, 83, 226, 226, 102, 83, + 87, 580, 412, 273, 45, 45, 45, 45, 45, 45, + 45, 45, 45, 45, 86, 87, 102, 87, 80, 138, + 200, 273, 329, 86, 355, 361, 329, 568, 436, 361, + 86, 567, 86, 436, 138, 566, 200, 564, 355, 45, + 49, 49, 49, 49, 49, 49, 49, 49, 49, 50, + 50, 50, 50, 50, 50, 50, 50, 50, 98, 98, + + 98, 229, 319, 563, 229, 562, 561, 557, 555, 371, + 98, 98, 98, 98, 98, 98, 98, 98, 98, 98, + 319, 363, 229, 371, 377, 481, 363, 553, 552, 363, + 551, 549, 546, 545, 544, 543, 542, 481, 541, 539, + 377, 538, 377, 537, 536, 98, 103, 535, 534, 531, + 530, 529, 528, 526, 525, 524, 523, 103, 103, 103, + 103, 103, 103, 103, 103, 103, 104, 522, 520, 104, + 519, 518, 516, 515, 514, 513, 512, 104, 104, 104, + 104, 104, 104, 104, 104, 104, 104, 104, 511, 104, + 104, 104, 104, 104, 104, 105, 105, 105, 105, 105, + + 105, 105, 105, 105, 106, 106, 106, 106, 106, 106, + 106, 106, 106, 162, 162, 162, 162, 162, 162, 162, + 162, 162, 163, 510, 509, 508, 507, 506, 505, 504, + 163, 163, 163, 163, 163, 163, 163, 163, 163, 163, + 163, 503, 163, 163, 163, 163, 163, 163, 165, 165, + 165, 502, 501, 500, 499, 498, 495, 494, 493, 492, + 165, 165, 165, 165, 165, 165, 165, 165, 165, 165, + 490, 489, 487, 486, 485, 484, 483, 482, 480, 479, + 478, 477, 476, 475, 473, 472, 471, 470, 469, 468, + 467, 466, 465, 464, 463, 165, 166, 166, 166, 166, + + 166, 166, 166, 166, 166, 167, 167, 167, 167, 167, + 167, 167, 167, 167, 167, 462, 461, 167, 167, 167, + 167, 167, 167, 168, 168, 168, 168, 168, 168, 168, + 168, 168, 169, 169, 169, 169, 169, 169, 169, 169, + 169, 224, 224, 224, 224, 224, 224, 224, 224, 224, + 225, 225, 225, 225, 225, 225, 225, 225, 225, 225, + 460, 459, 225, 225, 225, 225, 225, 225, 228, 458, + 457, 456, 455, 454, 453, 452, 228, 228, 228, 228, + 228, 228, 228, 228, 228, 228, 228, 451, 228, 228, + 228, 228, 228, 228, 230, 230, 230, 230, 230, 230, + + 230, 230, 230, 231, 231, 231, 231, 231, 231, 231, + 231, 231, 249, 249, 249, 249, 249, 249, 249, 249, + 275, 275, 275, 275, 275, 275, 275, 275, 275, 275, + 450, 448, 275, 275, 275, 275, 275, 275, 276, 276, + 276, 276, 276, 276, 276, 276, 276, 277, 277, 277, + 277, 277, 277, 277, 277, 277, 320, 320, 320, 320, + 320, 320, 320, 320, 320, 321, 321, 321, 321, 321, + 321, 321, 321, 321, 350, 350, 350, 350, 350, 350, + 350, 350, 350, 376, 376, 376, 376, 376, 376, 376, + 376, 376, 572, 447, 446, 572, 573, 573, 445, 573, + + 574, 574, 574, 574, 575, 575, 575, 575, 576, 576, + 444, 576, 577, 577, 443, 577, 578, 578, 442, 578, + 579, 579, 441, 579, 440, 439, 438, 437, 435, 432, + 431, 430, 429, 428, 427, 426, 425, 424, 423, 422, + 420, 419, 418, 417, 416, 415, 414, 413, 411, 410, + 409, 407, 406, 405, 404, 403, 401, 400, 399, 398, + 397, 396, 393, 392, 391, 390, 389, 388, 386, 385, + 384, 383, 382, 381, 380, 379, 378, 375, 373, 372, + 370, 369, 368, 366, 365, 364, 362, 360, 359, 358, + 357, 356, 352, 351, 347, 346, 345, 344, 343, 342, + + 341, 340, 339, 338, 336, 335, 334, 332, 331, 330, + 328, 327, 326, 325, 324, 323, 322, 318, 317, 316, + 315, 313, 311, 310, 309, 308, 307, 306, 305, 304, + 302, 301, 300, 299, 289, 288, 287, 286, 285, 284, + 282, 281, 280, 279, 278, 271, 270, 269, 268, 267, + 266, 265, 264, 263, 262, 260, 259, 257, 256, 255, + 254, 253, 252, 251, 250, 248, 247, 246, 244, 243, + 242, 240, 238, 237, 236, 235, 234, 232, 223, 222, + 221, 219, 218, 217, 216, 215, 214, 213, 212, 211, + 210, 209, 207, 205, 204, 203, 202, 201, 199, 197, + + 195, 194, 192, 191, 189, 186, 185, 184, 183, 180, + 179, 178, 175, 174, 173, 172, 171, 170, 161, 160, + 159, 158, 157, 156, 155, 154, 153, 152, 151, 150, + 149, 148, 147, 146, 145, 144, 143, 142, 141, 140, + 139, 137, 136, 135, 133, 132, 131, 130, 129, 128, + 127, 126, 125, 124, 123, 121, 120, 119, 118, 117, + 116, 115, 114, 113, 112, 111, 110, 109, 108, 107, + 99, 96, 95, 94, 93, 92, 91, 90, 89, 88, + 85, 84, 82, 81, 79, 78, 77, 76, 75, 74, + 72, 70, 69, 68, 67, 65, 64, 63, 62, 61, + + 59, 58, 57, 53, 51, 47, 44, 41, 35, 33, + 30, 29, 28, 24, 20, 15, 3, 571, 571, 571, + 571, 571, 571, 571, 571, 571, 571, 571, 571, 571, + 571, 571, 571, 571, 571, 571, 571, 571, 571, 571, + 571, 571, 571, 571, 571, 571, 571, 571, 571, 571, + 571, 571, 571, 571, 571, 571, 571, 571, 571, 571, + 571, 571, 571, 571, 571, 571, 571, 571, 571 + } ; + +static yy_state_type yy_last_accepting_state; +static char *yy_last_accepting_cpos; + +/* The intent behind this definition is that it'll catch + * any uses of REJECT which flex missed. + */ +#define REJECT reject_used_but_not_detected +#define yymore() yymore_used_but_not_detected +#define YY_MORE_ADJ 0 +#define YY_RESTORE_YY_MORE_OFFSET +char *yytext; +#line 1 "lexer.l" +#define INITIAL 0 +/* + * Copyright (C)1996-1997,1999 Ian Jackson + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with userv; if not, write to the Free Software + * Foundation, 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + */ +#line 20 "lexer.l" + + + + + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "config.h" +#include "common.h" +#include "daemon.h" +#include "lib.h" +#include "tokens.h" + +#define HYPHEN '-' + +typedef int directive_fnt(int dtoken); +static directive_fnt df_reject, df_execute, df_executefrompath; +static directive_fnt df_executefromdirectory, df_executebuiltin; +static directive_fnt df_errorstostderr, df_errorstosyslog, df_errorstofile; +static directive_fnt dfg_fdwant, dfg_setflag; +static directive_fnt df_reset, df_cd, df_userrcfile, df_include; +static directive_fnt df_includelookup, df_includedirectory; +static directive_fnt df_message, df_error, df_quit, df_eof; +static directive_fnt df_if, df_catchquit, df_errorspush; +static directive_fnt dfi_includeuserrcfile, dfi_includeclientconfig; +/* directive functions return: + * 0 for success having scanned up to and including end of line but not beyond, + * or tokv_error or tokv_quit. + * They expect to parse the whitespace before their parameters (if any). + */ + +typedef int parmcondition_fnt(int ctoken, char *const *parmvalues, int *rtrue); +static parmcondition_fnt pcf_glob, pcf_range, pcf_grep; +/* all conditional functions return tokv_error for failure or 0 for success + * at parsing and testing, in which case *rtrue is set to 0 or 1. + * On success they have scanned up to and including the condition's + * terminating newline; the pcf_... functions expect to parse the whitespace + * between the parameter name and the condition's arguments. + * Otherwise they return tokv_error. + * The parameter-based conditionals take a list of parameter values + * as obtained from the parameter functions and pa_parameter, + * and do _not_ free it. + */ + +typedef int parameter_fnt(int ptoken, char ***rvalues); +static parameter_fnt pf_service; +static parameter_fnt pf_callinguser, pf_serviceuser; +static parameter_fnt pf_callinggroup, pf_servicegroup; +static parameter_fnt pf_callingusershell, pf_serviceusershell; +/* Parameter functions return tokv_error or 0 for success at parsing + * and determining the value, in which case *rvalues is made to be + * a mallocd null-terminated array of pointers to mallocd strings. + * freeparm can be used to free such an array. + */ + +typedef int builtinserviceparse_fnt(char ***rnewargs); +static builtinserviceparse_fnt bispa_none, bispa_parameter; +/* These parse the arguments to a builtin service, including the + * newline at the end of the line. *rnewargs will initially be + * null, indicating that no arguments are to be set; the function + * may store a mallocd array of mallocd strings in it, + * containing the arguments it wishes to have set (null-pointer + * terminated). + */ + +static int yylex(void); +/* Returns a token (which may be an eof or error exception) */ + +static directive_fnt *lr_dir; +static parmcondition_fnt *lr_parmcond; +static builtinserviceparse_fnt *lr_bispa; +static builtinserviceexec_fnt *lr_bisexec; +static parameter_fnt *lr_parameter; +static int lr_loglevel, lr_logfacility, lr_min, lr_max, *lr_flag; +static int lr_flagval, lr_controlend; +static int lr_fdwant_readwrite; /* -1=never, 0=opt, 1=always */ + +/* Forward declarations of things used in lexer and parser */ + +struct parser_state { + int lineno, reportlineno, notedreferer, isinternal; + const char *filename; + struct stat filestab; + YY_BUFFER_STATE ybuf; + struct parser_state *upstate; +}; + +static struct parser_state *cstate; + +struct error_handling { + int handling; /* One of the error handling modes tokt_ehandlemode */ + int logfacility, loglevel; + int filekeep; /* File is in use by higher-level errors-push, leave it open */ + FILE *file; + char *filename; +}; + +static struct error_handling eh = { tokv_word_errorstostderr, 0,0,0,0,0 }; + +static int dequote(char *inplace); + +#define YY_NO_UNPUT + + +/* Macros after this point can all be overridden by user definitions in + * section 1. + */ + +#ifndef YY_SKIP_YYWRAP +#ifdef __cplusplus +extern "C" int yywrap YY_PROTO(( void )); +#else +extern int yywrap YY_PROTO(( void )); +#endif +#endif + +#ifndef YY_NO_UNPUT +static void yyunput YY_PROTO(( int c, char *buf_ptr )); +#endif + +#ifndef yytext_ptr +static void yy_flex_strncpy YY_PROTO(( char *, yyconst char *, int )); +#endif + +#ifdef YY_NEED_STRLEN +static int yy_flex_strlen YY_PROTO(( yyconst char * )); +#endif + +#ifndef YY_NO_INPUT +#ifdef __cplusplus +static int yyinput YY_PROTO(( void )); +#else +static int input YY_PROTO(( void )); +#endif +#endif + +#if YY_STACK_USED +static int yy_start_stack_ptr = 0; +static int yy_start_stack_depth = 0; +static int *yy_start_stack = 0; +#ifndef YY_NO_PUSH_STATE +static void yy_push_state YY_PROTO(( int new_state )); +#endif +#ifndef YY_NO_POP_STATE +static void yy_pop_state YY_PROTO(( void )); +#endif +#ifndef YY_NO_TOP_STATE +static int yy_top_state YY_PROTO(( void )); +#endif + +#else +#define YY_NO_PUSH_STATE 1 +#define YY_NO_POP_STATE 1 +#define YY_NO_TOP_STATE 1 +#endif + +#ifdef YY_MALLOC_DECL +YY_MALLOC_DECL +#else +#if __STDC__ +#ifndef __cplusplus +#include +#endif +#else +/* Just try to get by without declaring the routines. This will fail + * miserably on non-ANSI systems for which sizeof(size_t) != sizeof(int) + * or sizeof(void*) != sizeof(int). + */ +#endif +#endif + +/* Amount of stuff to slurp up with each read. */ +#ifndef YY_READ_BUF_SIZE +#define YY_READ_BUF_SIZE 8192 +#endif + +/* Copy whatever the last rule matched to the standard output. */ + +#ifndef ECHO +/* This used to be an fputs(), but since the string might contain NUL's, + * we now use fwrite(). + */ +#define ECHO (void) fwrite( yytext, yyleng, 1, yyout ) +#endif + +/* Gets input and stuffs it into "buf". number of characters read, or YY_NULL, + * is returned in "result". + */ +#ifndef YY_INPUT +#define YY_INPUT(buf,result,max_size) \ + if ( yy_current_buffer->yy_is_interactive ) \ + { \ + int c = '*', n; \ + for ( n = 0; n < max_size && \ + (c = getc( yyin )) != EOF && c != '\n'; ++n ) \ + buf[n] = (char) c; \ + if ( c == '\n' ) \ + buf[n++] = (char) c; \ + if ( c == EOF && ferror( yyin ) ) \ + YY_FATAL_ERROR( "input in flex scanner failed" ); \ + result = n; \ + } \ + else if ( ((result = fread( buf, 1, max_size, yyin )) == 0) \ + && ferror( yyin ) ) \ + YY_FATAL_ERROR( "input in flex scanner failed" ); +#endif + +/* No semi-colon after return; correct usage is to write "yyterminate();" - + * we don't want an extra ';' after the "return" because that will cause + * some compilers to complain about unreachable statements. + */ +#ifndef yyterminate +#define yyterminate() return YY_NULL +#endif + +/* Number of entries by which start-condition stack grows. */ +#ifndef YY_START_STACK_INCR +#define YY_START_STACK_INCR 25 +#endif + +/* Report a fatal error. */ +#ifndef YY_FATAL_ERROR +#define YY_FATAL_ERROR(msg) yy_fatal_error( msg ) +#endif + +/* Default declaration of generated scanner - a define so the user can + * easily add parameters. + */ +#ifndef YY_DECL +#define YY_DECL int yylex YY_PROTO(( void )) +#endif + +/* Code executed at the beginning of each rule, after yytext and yyleng + * have been set up. + */ +#ifndef YY_USER_ACTION +#define YY_USER_ACTION +#endif + +/* Code executed at the end of each rule. */ +#ifndef YY_BREAK +#define YY_BREAK break; +#endif + +#define YY_RULE_SETUP \ + YY_USER_ACTION + +YY_DECL + { + register yy_state_type yy_current_state; + register char *yy_cp, *yy_bp; + register int yy_act; + +#line 142 "lexer.l" + + + + if ( yy_init ) + { + yy_init = 0; + +#ifdef YY_USER_INIT + YY_USER_INIT; +#endif + + if ( ! yy_start ) + yy_start = 1; /* first start state */ + + if ( ! yyin ) + yyin = stdin; + + if ( ! yyout ) + yyout = stdout; + + if ( ! yy_current_buffer ) + yy_current_buffer = + yy_create_buffer( yyin, YY_BUF_SIZE ); + + yy_load_buffer_state(); + } + + while ( 1 ) /* loops until end-of-file is reached */ + { + yy_cp = yy_c_buf_p; + + /* Support of yytext. */ + *yy_cp = yy_hold_char; + + /* yy_bp points to the position in yy_ch_buf of the start of + * the current run. + */ + yy_bp = yy_cp; + + yy_current_state = yy_start; +yy_match: + do + { + register YY_CHAR yy_c = yy_ec[YY_SC_TO_UI(*yy_cp)]; + if ( yy_accept[yy_current_state] ) + { + yy_last_accepting_state = yy_current_state; + yy_last_accepting_cpos = yy_cp; + } + while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state ) + { + yy_current_state = (int) yy_def[yy_current_state]; + if ( yy_current_state >= 572 ) + yy_c = yy_meta[(unsigned int) yy_c]; + } + yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c]; + ++yy_cp; + } + while ( yy_base[yy_current_state] != 918 ); + +yy_find_action: + yy_act = yy_accept[yy_current_state]; + if ( yy_act == 0 ) + { /* have to back up */ + yy_cp = yy_last_accepting_cpos; + yy_current_state = yy_last_accepting_state; + yy_act = yy_accept[yy_current_state]; + } + + YY_DO_BEFORE_ACTION; + + +do_action: /* This label is used only to access EOF actions. */ + + + switch ( yy_act ) + { /* beginning of action switch */ + case 0: /* must back up */ + /* undo the effects of YY_DO_BEFORE_ACTION */ + *yy_cp = yy_hold_char; + yy_cp = yy_last_accepting_cpos; + yy_current_state = yy_last_accepting_state; + goto yy_find_action; + +case 1: +YY_RULE_SETUP +#line 144 "lexer.l" +{ lr_dir= df_reject; return tokv_word_reject; } + YY_BREAK +case 2: +YY_RULE_SETUP +#line 145 "lexer.l" +{ lr_dir= df_executefromdirectory; return tokv_word_executefromdirectory; } + YY_BREAK +case 3: +YY_RULE_SETUP +#line 146 "lexer.l" +{ lr_dir= df_executefrompath; return tokv_word_executefrompath; } + YY_BREAK +case 4: +YY_RULE_SETUP +#line 147 "lexer.l" +{ lr_dir= df_executebuiltin; return tokv_word_executebuiltin; } + YY_BREAK +case 5: +YY_RULE_SETUP +#line 148 "lexer.l" +{ lr_dir= df_errorstostderr; return tokv_word_errorstostderr; } + YY_BREAK +case 6: +YY_RULE_SETUP +#line 149 "lexer.l" +{ lr_dir= df_errorstosyslog; return tokv_word_errorstosyslog; } + YY_BREAK +case 7: +YY_RULE_SETUP +#line 150 "lexer.l" +{ lr_dir= df_errorstofile; return tokv_word_errorstofile; } + YY_BREAK +case 8: +YY_RULE_SETUP +#line 151 "lexer.l" +{ lr_dir= dfg_fdwant; lr_fdwant_readwrite=1; return tokv_word_requirefd; } + YY_BREAK +case 9: +YY_RULE_SETUP +#line 152 "lexer.l" +{ lr_dir= dfg_fdwant; lr_fdwant_readwrite=0; return tokv_word_allowfd; } + YY_BREAK +case 10: +YY_RULE_SETUP +#line 153 "lexer.l" +{ lr_dir= dfg_fdwant; lr_fdwant_readwrite=0; return tokv_word_nullfd; } + YY_BREAK +case 11: +YY_RULE_SETUP +#line 154 "lexer.l" +{ lr_dir= dfg_fdwant; lr_fdwant_readwrite=-1; return tokv_word_rejectfd; } + YY_BREAK +case 12: +YY_RULE_SETUP +#line 155 "lexer.l" +{ lr_dir= dfg_fdwant; lr_fdwant_readwrite=-1; return tokv_word_ignorefd; } + YY_BREAK +case 13: +YY_RULE_SETUP +#line 156 "lexer.l" +{ lr_dir= dfg_setflag; lr_flag= &setenvironment; lr_flagval= 1; return tokv_word_setenvironment; } + YY_BREAK +case 14: +YY_RULE_SETUP +#line 157 "lexer.l" +{ lr_dir= dfg_setflag; lr_flag= &setenvironment; lr_flagval= 0; return tokv_word_nosetenvironment; } + YY_BREAK +case 15: +YY_RULE_SETUP +#line 158 "lexer.l" +{ lr_dir= dfg_setflag; lr_flag= &suppressargs; lr_flagval= 1; return tokv_word_suppressargs; } + YY_BREAK +case 16: +YY_RULE_SETUP +#line 159 "lexer.l" +{ lr_dir= dfg_setflag; lr_flag= &suppressargs; lr_flagval= 0; return tokv_word_nosuppressargs; } + YY_BREAK +case 17: +YY_RULE_SETUP +#line 160 "lexer.l" +{ lr_dir= dfg_setflag; lr_flag= &disconnecthup; lr_flagval= 1; return tokv_word_disconnecthup; } + YY_BREAK +case 18: +YY_RULE_SETUP +#line 161 "lexer.l" +{ lr_dir= dfg_setflag; lr_flag= &disconnecthup; lr_flagval= 0; return tokv_word_nodisconnecthup; } + YY_BREAK +case 19: +YY_RULE_SETUP +#line 162 "lexer.l" +{ lr_dir= df_cd; return tokv_word_cd; } + YY_BREAK +case 20: +YY_RULE_SETUP +#line 163 "lexer.l" +{ lr_dir= df_userrcfile; return tokv_word_userrcfile; } + YY_BREAK +case 21: +YY_RULE_SETUP +#line 164 "lexer.l" +{ lr_dir= df_include; return tokv_word_include; } + YY_BREAK +case 22: +YY_RULE_SETUP +#line 165 "lexer.l" +{ lr_dir= df_include; return tokv_word_includeifexist; } + YY_BREAK +case 23: +YY_RULE_SETUP +#line 166 "lexer.l" +{ lr_dir= df_includelookup; return tokv_word_includelookup; } + YY_BREAK +case 24: +YY_RULE_SETUP +#line 167 "lexer.l" +{ lr_dir= df_includelookup; return tokv_word_includelookupall; } + YY_BREAK +case 25: +YY_RULE_SETUP +#line 168 "lexer.l" +{ lr_dir= df_includedirectory; return tokv_word_includedirectory; } + YY_BREAK +case 26: +YY_RULE_SETUP +#line 169 "lexer.l" +{ lr_dir= df_message; return tokv_word_message; } + YY_BREAK +case 27: +YY_RULE_SETUP +#line 170 "lexer.l" +{ lr_dir= df_include; return tokv_word_includesysconfig; } + YY_BREAK +case 28: +YY_RULE_SETUP +#line 171 "lexer.l" +{ lr_dir= dfi_includeuserrcfile; return tokv_word_includeuserrcfile; } + YY_BREAK +case 29: +YY_RULE_SETUP +#line 172 "lexer.l" +{ lr_dir= dfi_includeclientconfig; return tokv_word_includeclientconfig; } + YY_BREAK +case 30: +YY_RULE_SETUP +#line 173 "lexer.l" +{ lr_dir= df_quit; return tokv_word_quit; } + YY_BREAK +case 31: +YY_RULE_SETUP +#line 174 "lexer.l" +{ lr_dir= df_eof; return tokv_word_eof; } + YY_BREAK +case 32: +YY_RULE_SETUP +#line 175 "lexer.l" +{ lr_dir= df_if; return tokv_word_if; } + YY_BREAK +case 33: +YY_RULE_SETUP +#line 176 "lexer.l" +{ lr_dir= df_catchquit; return tokv_word_catchquit; } + YY_BREAK +case 34: +YY_RULE_SETUP +#line 177 "lexer.l" +{ lr_dir= df_errorspush; return tokv_word_errorspush; } + YY_BREAK +case 35: +YY_RULE_SETUP +#line 178 "lexer.l" +{ lr_controlend= tokv_word_if; return tokv_word_elif; } + YY_BREAK +case 36: +YY_RULE_SETUP +#line 179 "lexer.l" +{ lr_controlend= tokv_word_if; return tokv_word_else; } + YY_BREAK +case 37: +YY_RULE_SETUP +#line 180 "lexer.l" +{ lr_controlend= tokv_word_if; return tokv_word_fi; } + YY_BREAK +case 38: +YY_RULE_SETUP +#line 181 "lexer.l" +{ lr_controlend= tokv_word_catchquit; return tokv_word_hctac; } + YY_BREAK +case 39: +YY_RULE_SETUP +#line 182 "lexer.l" +{ lr_controlend= tokv_word_errorspush; return tokv_word_srorre; } + YY_BREAK +case 40: +YY_RULE_SETUP +#line 183 "lexer.l" +{ lr_parmcond= pcf_glob; return tokv_word_glob; } + YY_BREAK +case 41: +YY_RULE_SETUP +#line 184 "lexer.l" +{ lr_parmcond= pcf_range; return tokv_word_range; } + YY_BREAK +case 42: +YY_RULE_SETUP +#line 185 "lexer.l" +{ lr_parmcond= pcf_grep; return tokv_word_grep; } + YY_BREAK +case 43: +YY_RULE_SETUP +#line 186 "lexer.l" +{ lr_bispa= bispa_none; lr_bisexec= bisexec_environment; return tokv_word_environment; } + YY_BREAK +case 44: +YY_RULE_SETUP +#line 187 "lexer.l" +{ lr_bispa= bispa_parameter; lr_bisexec= bisexec_parameter; return tokv_word_parameter; } + YY_BREAK +case 45: +YY_RULE_SETUP +#line 188 "lexer.l" +{ lr_bispa= bispa_none; lr_bisexec= bisexec_version; return tokv_word_version; } + YY_BREAK +case 46: +YY_RULE_SETUP +#line 189 "lexer.l" +{ lr_bispa= bispa_none; lr_bisexec= bisexec_toplevel; return tokv_word_toplevel; } + YY_BREAK +case 47: +YY_RULE_SETUP +#line 190 "lexer.l" +{ lr_bispa= bispa_none; lr_bisexec= bisexec_override; return tokv_word_override; } + YY_BREAK +case 48: +YY_RULE_SETUP +#line 191 "lexer.l" +{ lr_bispa= bispa_none; lr_bisexec= bisexec_reset; lr_dir= df_reset; return tokv_word_reset; } + YY_BREAK +case 49: +YY_RULE_SETUP +#line 192 "lexer.l" +{ lr_bispa= bispa_none; lr_bisexec= bisexec_execute; lr_dir= df_execute; return tokv_word_execute; } + YY_BREAK +case 50: +YY_RULE_SETUP +#line 193 "lexer.l" +{ lr_bispa= bispa_none; lr_bisexec= bisexec_help; return tokv_word_help; } + YY_BREAK +case 51: +YY_RULE_SETUP +#line 194 "lexer.l" +{ lr_parameter= pf_service; return tokv_word_service; } + YY_BREAK +case 52: +YY_RULE_SETUP +#line 195 "lexer.l" +{ lr_parameter= pf_callinguser; return tokv_word_callinguser; } + YY_BREAK +case 53: +YY_RULE_SETUP +#line 196 "lexer.l" +{ lr_parameter= pf_callinggroup; return tokv_word_callinggroup; } + YY_BREAK +case 54: +YY_RULE_SETUP +#line 197 "lexer.l" +{ lr_parameter= pf_callingusershell; return tokv_word_callingusershell; } + YY_BREAK +case 55: +YY_RULE_SETUP +#line 198 "lexer.l" +{ lr_parameter= pf_serviceuser; return tokv_word_serviceuser; } + YY_BREAK +case 56: +YY_RULE_SETUP +#line 199 "lexer.l" +{ lr_parameter= pf_servicegroup; return tokv_word_servicegroup; } + YY_BREAK +case 57: +YY_RULE_SETUP +#line 200 "lexer.l" +{ lr_parameter= pf_serviceusershell; return tokv_word_serviceusershell; } + YY_BREAK +case 58: +YY_RULE_SETUP +#line 201 "lexer.l" +{ lr_loglevel= LOG_DEBUG; return tokv_syslog_debug; } + YY_BREAK +case 59: +YY_RULE_SETUP +#line 202 "lexer.l" +{ lr_loglevel= LOG_INFO; return tokv_syslog_info; } + YY_BREAK +case 60: +YY_RULE_SETUP +#line 203 "lexer.l" +{ lr_loglevel= LOG_NOTICE; return tokv_syslog_notice; } + YY_BREAK +case 61: +YY_RULE_SETUP +#line 204 "lexer.l" +{ lr_loglevel= LOG_WARNING; return tokv_syslog_warning; } + YY_BREAK +case 62: +YY_RULE_SETUP +#line 205 "lexer.l" +{ lr_loglevel= LOG_ERR; return tokv_syslog_err; } + YY_BREAK +case 63: +YY_RULE_SETUP +#line 206 "lexer.l" +{ lr_loglevel= LOG_CRIT; return tokv_syslog_crit; } + YY_BREAK +case 64: +YY_RULE_SETUP +#line 207 "lexer.l" +{ lr_loglevel= LOG_ALERT; return tokv_syslog_alert; } + YY_BREAK +case 65: +YY_RULE_SETUP +#line 208 "lexer.l" +{ lr_loglevel= LOG_EMERG; return tokv_syslog_emerg; } + YY_BREAK +case 66: +YY_RULE_SETUP +#line 209 "lexer.l" +{ lr_logfacility= LOG_AUTHPRIV; return tokv_syslog_authpriv; } + YY_BREAK +case 67: +YY_RULE_SETUP +#line 210 "lexer.l" +{ lr_logfacility= LOG_CRON; return tokv_syslog_cron; } + YY_BREAK +case 68: +YY_RULE_SETUP +#line 211 "lexer.l" +{ lr_logfacility= LOG_DAEMON; return tokv_syslog_daemon; } + YY_BREAK +case 69: +YY_RULE_SETUP +#line 212 "lexer.l" +{ lr_logfacility= LOG_KERN; return tokv_syslog_kern; } + YY_BREAK +case 70: +YY_RULE_SETUP +#line 213 "lexer.l" +{ lr_logfacility= LOG_LPR; return tokv_syslog_lpr; } + YY_BREAK +case 71: +YY_RULE_SETUP +#line 214 "lexer.l" +{ lr_logfacility= LOG_MAIL; return tokv_syslog_mail; } + YY_BREAK +case 72: +YY_RULE_SETUP +#line 215 "lexer.l" +{ lr_logfacility= LOG_NEWS; return tokv_syslog_news; } + YY_BREAK +case 73: +YY_RULE_SETUP +#line 216 "lexer.l" +{ lr_logfacility= LOG_SYSLOG; return tokv_syslog_syslog; } + YY_BREAK +case 74: +YY_RULE_SETUP +#line 217 "lexer.l" +{ lr_logfacility= LOG_USER; return tokv_syslog_user; } + YY_BREAK +case 75: +YY_RULE_SETUP +#line 218 "lexer.l" +{ lr_logfacility= LOG_UUCP; return tokv_syslog_uucp; } + YY_BREAK +case 76: +YY_RULE_SETUP +#line 219 "lexer.l" +{ lr_logfacility= LOG_LOCAL0; return tokv_syslog_local0; } + YY_BREAK +case 77: +YY_RULE_SETUP +#line 220 "lexer.l" +{ lr_logfacility= LOG_LOCAL1; return tokv_syslog_local1; } + YY_BREAK +case 78: +YY_RULE_SETUP +#line 221 "lexer.l" +{ lr_logfacility= LOG_LOCAL2; return tokv_syslog_local2; } + YY_BREAK +case 79: +YY_RULE_SETUP +#line 222 "lexer.l" +{ lr_logfacility= LOG_LOCAL3; return tokv_syslog_local3; } + YY_BREAK +case 80: +YY_RULE_SETUP +#line 223 "lexer.l" +{ lr_logfacility= LOG_LOCAL4; return tokv_syslog_local4; } + YY_BREAK +case 81: +YY_RULE_SETUP +#line 224 "lexer.l" +{ lr_logfacility= LOG_LOCAL5; return tokv_syslog_local5; } + YY_BREAK +case 82: +YY_RULE_SETUP +#line 225 "lexer.l" +{ lr_logfacility= LOG_LOCAL6; return tokv_syslog_local6; } + YY_BREAK +case 83: +YY_RULE_SETUP +#line 226 "lexer.l" +{ lr_logfacility= LOG_LOCAL7; return tokv_syslog_local7; } + YY_BREAK +case 84: +YY_RULE_SETUP +#line 227 "lexer.l" +{ return tokv_word_read; } + YY_BREAK +case 85: +YY_RULE_SETUP +#line 228 "lexer.l" +{ return tokv_word_write; } + YY_BREAK +case 86: +YY_RULE_SETUP +#line 229 "lexer.l" +{ return tokv_dollar; } + YY_BREAK +case 87: +YY_RULE_SETUP +#line 230 "lexer.l" +{ return tokv_openparen; } + YY_BREAK +case 88: +YY_RULE_SETUP +#line 231 "lexer.l" +{ return tokv_closeparen; } + YY_BREAK +case 89: +YY_RULE_SETUP +#line 232 "lexer.l" +{ return tokv_not; } + YY_BREAK +case 90: +YY_RULE_SETUP +#line 233 "lexer.l" +{ return tokv_and; } + YY_BREAK +case 91: +YY_RULE_SETUP +#line 234 "lexer.l" +{ return tokv_or; } + YY_BREAK +case 92: +YY_RULE_SETUP +#line 235 "lexer.l" +{ lr_dir= df_error; lr_loglevel= LOG_ERR; return tokv_word_error; } + YY_BREAK +case 93: +YY_RULE_SETUP +#line 239 "lexer.l" +{ + char *ep; + lr_min=lr_max= (int)strtoul(yytext,&ep,10); + assert(!*ep); + return tokv_ordinal; + } + YY_BREAK +case 94: +YY_RULE_SETUP +#line 245 "lexer.l" +{ + char *ep; + lr_min= (int)strtoul(yytext,&ep,10); + assert(*ep == HYPHEN); + assert(*++ep); + lr_max= (int)strtoul(ep,&ep,10); + assert(!*ep); + if (lr_max < lr_min) { + parseerrprint("fd range has min > max"); + return tokv_error; + } + return tokv_fdrange; + } + YY_BREAK +case 95: +YY_RULE_SETUP +#line 258 "lexer.l" +{ + char *ep; + lr_min= (int)strtoul(yytext,&ep,10); + assert(*ep == HYPHEN); + assert(!*++ep); + lr_max=-1; + return tokv_fdstoend; + } + YY_BREAK +case 96: +YY_RULE_SETUP +#line 266 "lexer.l" +return tokv_lwsp; + YY_BREAK +case 97: +YY_RULE_SETUP +#line 267 "lexer.l" +cstate->lineno++; return tokv_newline; + YY_BREAK +case 98: +YY_RULE_SETUP +#line 268 "lexer.l" +cstate->lineno++; return tokv_newline; + YY_BREAK +case 99: +YY_RULE_SETUP +#line 269 "lexer.l" +{ + parseerrprint("missing newline at eof after comment"); + return tokv_error; + } + YY_BREAK +case 100: +YY_RULE_SETUP +#line 273 "lexer.l" +{ + return dequote(yytext); + } + YY_BREAK +case 101: +YY_RULE_SETUP +#line 276 "lexer.l" +{ + parseerrprint("misquoted or unterminated string"); + return tokv_error; + } + YY_BREAK +case 102: +YY_RULE_SETUP +#line 280 "lexer.l" +return tokv_barestring; + YY_BREAK +case YY_STATE_EOF(INITIAL): +#line 281 "lexer.l" +return tokv_eof; + YY_BREAK +case 103: +YY_RULE_SETUP +#line 284 "lexer.l" +ECHO; + YY_BREAK + + case YY_END_OF_BUFFER: + { + /* Amount of text matched not including the EOB char. */ + int yy_amount_of_matched_text = (int) (yy_cp - yytext_ptr) - 1; + + /* Undo the effects of YY_DO_BEFORE_ACTION. */ + *yy_cp = yy_hold_char; + YY_RESTORE_YY_MORE_OFFSET + + if ( yy_current_buffer->yy_buffer_status == YY_BUFFER_NEW ) + { + /* We're scanning a new file or input source. It's + * possible that this happened because the user + * just pointed yyin at a new source and called + * yylex(). If so, then we have to assure + * consistency between yy_current_buffer and our + * globals. Here is the right place to do so, because + * this is the first action (other than possibly a + * back-up) that will match for the new input source. + */ + yy_n_chars = yy_current_buffer->yy_n_chars; + yy_current_buffer->yy_input_file = yyin; + yy_current_buffer->yy_buffer_status = YY_BUFFER_NORMAL; + } + + /* Note that here we test for yy_c_buf_p "<=" to the position + * of the first EOB in the buffer, since yy_c_buf_p will + * already have been incremented past the NUL character + * (since all states make transitions on EOB to the + * end-of-buffer state). Contrast this with the test + * in input(). + */ + if ( yy_c_buf_p <= &yy_current_buffer->yy_ch_buf[yy_n_chars] ) + { /* This was really a NUL. */ + yy_state_type yy_next_state; + + yy_c_buf_p = yytext_ptr + yy_amount_of_matched_text; + + yy_current_state = yy_get_previous_state(); + + /* Okay, we're now positioned to make the NUL + * transition. We couldn't have + * yy_get_previous_state() go ahead and do it + * for us because it doesn't know how to deal + * with the possibility of jamming (and we don't + * want to build jamming into it because then it + * will run more slowly). + */ + + yy_next_state = yy_try_NUL_trans( yy_current_state ); + + yy_bp = yytext_ptr + YY_MORE_ADJ; + + if ( yy_next_state ) + { + /* Consume the NUL. */ + yy_cp = ++yy_c_buf_p; + yy_current_state = yy_next_state; + goto yy_match; + } + + else + { + yy_cp = yy_c_buf_p; + goto yy_find_action; + } + } + + else switch ( yy_get_next_buffer() ) + { + case EOB_ACT_END_OF_FILE: + { + yy_did_buffer_switch_on_eof = 0; + + if ( yywrap() ) + { + /* Note: because we've taken care in + * yy_get_next_buffer() to have set up + * yytext, we can now set up + * yy_c_buf_p so that if some total + * hoser (like flex itself) wants to + * call the scanner after we return the + * YY_NULL, it'll still work - another + * YY_NULL will get returned. + */ + yy_c_buf_p = yytext_ptr + YY_MORE_ADJ; + + yy_act = YY_STATE_EOF(YY_START); + goto do_action; + } + + else + { + if ( ! yy_did_buffer_switch_on_eof ) + YY_NEW_FILE; + } + break; + } + + case EOB_ACT_CONTINUE_SCAN: + yy_c_buf_p = + yytext_ptr + yy_amount_of_matched_text; + + yy_current_state = yy_get_previous_state(); + + yy_cp = yy_c_buf_p; + yy_bp = yytext_ptr + YY_MORE_ADJ; + goto yy_match; + + case EOB_ACT_LAST_MATCH: + yy_c_buf_p = + &yy_current_buffer->yy_ch_buf[yy_n_chars]; + + yy_current_state = yy_get_previous_state(); + + yy_cp = yy_c_buf_p; + yy_bp = yytext_ptr + YY_MORE_ADJ; + goto yy_find_action; + } + break; + } + + default: + YY_FATAL_ERROR( + "fatal flex scanner internal error--no action found" ); + } /* end of action switch */ + } /* end of scanning one token */ + } /* end of yylex */ + + +/* yy_get_next_buffer - try to read in a new buffer + * + * Returns a code representing an action: + * EOB_ACT_LAST_MATCH - + * EOB_ACT_CONTINUE_SCAN - continue scanning from current position + * EOB_ACT_END_OF_FILE - end of file + */ + +static int yy_get_next_buffer() + { + register char *dest = yy_current_buffer->yy_ch_buf; + register char *source = yytext_ptr; + register int number_to_move, i; + int ret_val; + + if ( yy_c_buf_p > &yy_current_buffer->yy_ch_buf[yy_n_chars + 1] ) + YY_FATAL_ERROR( + "fatal flex scanner internal error--end of buffer missed" ); + + if ( yy_current_buffer->yy_fill_buffer == 0 ) + { /* Don't try to fill the buffer, so this is an EOF. */ + if ( yy_c_buf_p - yytext_ptr - YY_MORE_ADJ == 1 ) + { + /* We matched a single character, the EOB, so + * treat this as a final EOF. + */ + return EOB_ACT_END_OF_FILE; + } + + else + { + /* We matched some text prior to the EOB, first + * process it. + */ + return EOB_ACT_LAST_MATCH; + } + } + + /* Try to read more data. */ + + /* First move last chars to start of buffer. */ + number_to_move = (int) (yy_c_buf_p - yytext_ptr) - 1; + + for ( i = 0; i < number_to_move; ++i ) + *(dest++) = *(source++); + + if ( yy_current_buffer->yy_buffer_status == YY_BUFFER_EOF_PENDING ) + /* don't do the read, it's not guaranteed to return an EOF, + * just force an EOF + */ + yy_current_buffer->yy_n_chars = yy_n_chars = 0; + + else + { + int num_to_read = + yy_current_buffer->yy_buf_size - number_to_move - 1; + + while ( num_to_read <= 0 ) + { /* Not enough room in the buffer - grow it. */ +#ifdef YY_USES_REJECT + YY_FATAL_ERROR( +"input buffer overflow, can't enlarge buffer because scanner uses REJECT" ); +#else + + /* just a shorter name for the current buffer */ + YY_BUFFER_STATE b = yy_current_buffer; + + int yy_c_buf_p_offset = + (int) (yy_c_buf_p - b->yy_ch_buf); + + if ( b->yy_is_our_buffer ) + { + int new_size = b->yy_buf_size * 2; + + if ( new_size <= 0 ) + b->yy_buf_size += b->yy_buf_size / 8; + else + b->yy_buf_size *= 2; + + b->yy_ch_buf = (char *) + /* Include room in for 2 EOB chars. */ + yy_flex_realloc( (void *) b->yy_ch_buf, + b->yy_buf_size + 2 ); + } + else + /* Can't grow it, we don't own it. */ + b->yy_ch_buf = 0; + + if ( ! b->yy_ch_buf ) + YY_FATAL_ERROR( + "fatal error - scanner input buffer overflow" ); + + yy_c_buf_p = &b->yy_ch_buf[yy_c_buf_p_offset]; + + num_to_read = yy_current_buffer->yy_buf_size - + number_to_move - 1; +#endif + } + + if ( num_to_read > YY_READ_BUF_SIZE ) + num_to_read = YY_READ_BUF_SIZE; + + /* Read in more data. */ + YY_INPUT( (&yy_current_buffer->yy_ch_buf[number_to_move]), + yy_n_chars, num_to_read ); + + yy_current_buffer->yy_n_chars = yy_n_chars; + } + + if ( yy_n_chars == 0 ) + { + if ( number_to_move == YY_MORE_ADJ ) + { + ret_val = EOB_ACT_END_OF_FILE; + yyrestart( yyin ); + } + + else + { + ret_val = EOB_ACT_LAST_MATCH; + yy_current_buffer->yy_buffer_status = + YY_BUFFER_EOF_PENDING; + } + } + + else + ret_val = EOB_ACT_CONTINUE_SCAN; + + yy_n_chars += number_to_move; + yy_current_buffer->yy_ch_buf[yy_n_chars] = YY_END_OF_BUFFER_CHAR; + yy_current_buffer->yy_ch_buf[yy_n_chars + 1] = YY_END_OF_BUFFER_CHAR; + + yytext_ptr = &yy_current_buffer->yy_ch_buf[0]; + + return ret_val; + } + + +/* yy_get_previous_state - get the state just before the EOB char was reached */ + +static yy_state_type yy_get_previous_state() + { + register yy_state_type yy_current_state; + register char *yy_cp; + + yy_current_state = yy_start; + + for ( yy_cp = yytext_ptr + YY_MORE_ADJ; yy_cp < yy_c_buf_p; ++yy_cp ) + { + register YY_CHAR yy_c = (*yy_cp ? yy_ec[YY_SC_TO_UI(*yy_cp)] : 1); + if ( yy_accept[yy_current_state] ) + { + yy_last_accepting_state = yy_current_state; + yy_last_accepting_cpos = yy_cp; + } + while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state ) + { + yy_current_state = (int) yy_def[yy_current_state]; + if ( yy_current_state >= 572 ) + yy_c = yy_meta[(unsigned int) yy_c]; + } + yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c]; + } + + return yy_current_state; + } + + +/* yy_try_NUL_trans - try to make a transition on the NUL character + * + * synopsis + * next_state = yy_try_NUL_trans( current_state ); + */ + +#ifdef YY_USE_PROTOS +static yy_state_type yy_try_NUL_trans( yy_state_type yy_current_state ) +#else +static yy_state_type yy_try_NUL_trans( yy_current_state ) +yy_state_type yy_current_state; +#endif + { + register int yy_is_jam; + register char *yy_cp = yy_c_buf_p; + + register YY_CHAR yy_c = 1; + if ( yy_accept[yy_current_state] ) + { + yy_last_accepting_state = yy_current_state; + yy_last_accepting_cpos = yy_cp; + } + while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state ) + { + yy_current_state = (int) yy_def[yy_current_state]; + if ( yy_current_state >= 572 ) + yy_c = yy_meta[(unsigned int) yy_c]; + } + yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c]; + yy_is_jam = (yy_current_state == 571); + + return yy_is_jam ? 0 : yy_current_state; + } + + +#ifndef YY_NO_UNPUT +#ifdef YY_USE_PROTOS +static void yyunput( int c, register char *yy_bp ) +#else +static void yyunput( c, yy_bp ) +int c; +register char *yy_bp; +#endif + { + register char *yy_cp = yy_c_buf_p; + + /* undo effects of setting up yytext */ + *yy_cp = yy_hold_char; + + if ( yy_cp < yy_current_buffer->yy_ch_buf + 2 ) + { /* need to shift things up to make room */ + /* +2 for EOB chars. */ + register int number_to_move = yy_n_chars + 2; + register char *dest = &yy_current_buffer->yy_ch_buf[ + yy_current_buffer->yy_buf_size + 2]; + register char *source = + &yy_current_buffer->yy_ch_buf[number_to_move]; + + while ( source > yy_current_buffer->yy_ch_buf ) + *--dest = *--source; + + yy_cp += (int) (dest - source); + yy_bp += (int) (dest - source); + yy_current_buffer->yy_n_chars = + yy_n_chars = yy_current_buffer->yy_buf_size; + + if ( yy_cp < yy_current_buffer->yy_ch_buf + 2 ) + YY_FATAL_ERROR( "flex scanner push-back overflow" ); + } + + *--yy_cp = (char) c; + + + yytext_ptr = yy_bp; + yy_hold_char = *yy_cp; + yy_c_buf_p = yy_cp; + } +#endif /* ifndef YY_NO_UNPUT */ + + +#ifdef __cplusplus +static int yyinput() +#else +static int input() +#endif + { + int c; + + *yy_c_buf_p = yy_hold_char; + + if ( *yy_c_buf_p == YY_END_OF_BUFFER_CHAR ) + { + /* yy_c_buf_p now points to the character we want to return. + * If this occurs *before* the EOB characters, then it's a + * valid NUL; if not, then we've hit the end of the buffer. + */ + if ( yy_c_buf_p < &yy_current_buffer->yy_ch_buf[yy_n_chars] ) + /* This was really a NUL. */ + *yy_c_buf_p = '\0'; + + else + { /* need more input */ + int offset = yy_c_buf_p - yytext_ptr; + ++yy_c_buf_p; + + switch ( yy_get_next_buffer() ) + { + case EOB_ACT_LAST_MATCH: + /* This happens because yy_g_n_b() + * sees that we've accumulated a + * token and flags that we need to + * try matching the token before + * proceeding. But for input(), + * there's no matching to consider. + * So convert the EOB_ACT_LAST_MATCH + * to EOB_ACT_END_OF_FILE. + */ + + /* Reset buffer status. */ + yyrestart( yyin ); + + /* fall through */ + + case EOB_ACT_END_OF_FILE: + { + if ( yywrap() ) + return EOF; + + if ( ! yy_did_buffer_switch_on_eof ) + YY_NEW_FILE; +#ifdef __cplusplus + return yyinput(); +#else + return input(); +#endif + } + + case EOB_ACT_CONTINUE_SCAN: + yy_c_buf_p = yytext_ptr + offset; + break; + } + } + } + + c = *(unsigned char *) yy_c_buf_p; /* cast for 8-bit char's */ + *yy_c_buf_p = '\0'; /* preserve yytext */ + yy_hold_char = *++yy_c_buf_p; + + + return c; + } + + +#ifdef YY_USE_PROTOS +void yyrestart( FILE *input_file ) +#else +void yyrestart( input_file ) +FILE *input_file; +#endif + { + if ( ! yy_current_buffer ) + yy_current_buffer = yy_create_buffer( yyin, YY_BUF_SIZE ); + + yy_init_buffer( yy_current_buffer, input_file ); + yy_load_buffer_state(); + } + + +#ifdef YY_USE_PROTOS +void yy_switch_to_buffer( YY_BUFFER_STATE new_buffer ) +#else +void yy_switch_to_buffer( new_buffer ) +YY_BUFFER_STATE new_buffer; +#endif + { + if ( yy_current_buffer == new_buffer ) + return; + + if ( yy_current_buffer ) + { + /* Flush out information for old buffer. */ + *yy_c_buf_p = yy_hold_char; + yy_current_buffer->yy_buf_pos = yy_c_buf_p; + yy_current_buffer->yy_n_chars = yy_n_chars; + } + + yy_current_buffer = new_buffer; + yy_load_buffer_state(); + + /* We don't actually know whether we did this switch during + * EOF (yywrap()) processing, but the only time this flag + * is looked at is after yywrap() is called, so it's safe + * to go ahead and always set it. + */ + yy_did_buffer_switch_on_eof = 1; + } + + +#ifdef YY_USE_PROTOS +void yy_load_buffer_state( void ) +#else +void yy_load_buffer_state() +#endif + { + yy_n_chars = yy_current_buffer->yy_n_chars; + yytext_ptr = yy_c_buf_p = yy_current_buffer->yy_buf_pos; + yyin = yy_current_buffer->yy_input_file; + yy_hold_char = *yy_c_buf_p; + } + + +#ifdef YY_USE_PROTOS +YY_BUFFER_STATE yy_create_buffer( FILE *file, int size ) +#else +YY_BUFFER_STATE yy_create_buffer( file, size ) +FILE *file; +int size; +#endif + { + YY_BUFFER_STATE b; + + b = (YY_BUFFER_STATE) yy_flex_alloc( sizeof( struct yy_buffer_state ) ); + if ( ! b ) + YY_FATAL_ERROR( "out of dynamic memory in yy_create_buffer()" ); + + b->yy_buf_size = size; + + /* yy_ch_buf has to be 2 characters longer than the size given because + * we need to put in 2 end-of-buffer characters. + */ + b->yy_ch_buf = (char *) yy_flex_alloc( b->yy_buf_size + 2 ); + if ( ! b->yy_ch_buf ) + YY_FATAL_ERROR( "out of dynamic memory in yy_create_buffer()" ); + + b->yy_is_our_buffer = 1; + + yy_init_buffer( b, file ); + + return b; + } + + +#ifdef YY_USE_PROTOS +void yy_delete_buffer( YY_BUFFER_STATE b ) +#else +void yy_delete_buffer( b ) +YY_BUFFER_STATE b; +#endif + { + if ( ! b ) + return; + + if ( b == yy_current_buffer ) + yy_current_buffer = (YY_BUFFER_STATE) 0; + + if ( b->yy_is_our_buffer ) + yy_flex_free( (void *) b->yy_ch_buf ); + + yy_flex_free( (void *) b ); + } + + +#ifndef YY_ALWAYS_INTERACTIVE +#ifndef YY_NEVER_INTERACTIVE +extern int isatty YY_PROTO(( int )); +#endif +#endif + +#ifdef YY_USE_PROTOS +void yy_init_buffer( YY_BUFFER_STATE b, FILE *file ) +#else +void yy_init_buffer( b, file ) +YY_BUFFER_STATE b; +FILE *file; +#endif + + + { + yy_flush_buffer( b ); + + b->yy_input_file = file; + b->yy_fill_buffer = 1; + +#if YY_ALWAYS_INTERACTIVE + b->yy_is_interactive = 1; +#else +#if YY_NEVER_INTERACTIVE + b->yy_is_interactive = 0; +#else + b->yy_is_interactive = file ? (isatty( fileno(file) ) > 0) : 0; +#endif +#endif + } + + +#ifdef YY_USE_PROTOS +void yy_flush_buffer( YY_BUFFER_STATE b ) +#else +void yy_flush_buffer( b ) +YY_BUFFER_STATE b; +#endif + + { + if ( ! b ) + return; + + b->yy_n_chars = 0; + + /* We always need two end-of-buffer characters. The first causes + * a transition to the end-of-buffer state. The second causes + * a jam in that state. + */ + b->yy_ch_buf[0] = YY_END_OF_BUFFER_CHAR; + b->yy_ch_buf[1] = YY_END_OF_BUFFER_CHAR; + + b->yy_buf_pos = &b->yy_ch_buf[0]; + + b->yy_at_bol = 1; + b->yy_buffer_status = YY_BUFFER_NEW; + + if ( b == yy_current_buffer ) + yy_load_buffer_state(); + } + + +#ifndef YY_NO_SCAN_BUFFER +#ifdef YY_USE_PROTOS +YY_BUFFER_STATE yy_scan_buffer( char *base, yy_size_t size ) +#else +YY_BUFFER_STATE yy_scan_buffer( base, size ) +char *base; +yy_size_t size; +#endif + { + YY_BUFFER_STATE b; + + if ( size < 2 || + base[size-2] != YY_END_OF_BUFFER_CHAR || + base[size-1] != YY_END_OF_BUFFER_CHAR ) + /* They forgot to leave room for the EOB's. */ + return 0; + + b = (YY_BUFFER_STATE) yy_flex_alloc( sizeof( struct yy_buffer_state ) ); + if ( ! b ) + YY_FATAL_ERROR( "out of dynamic memory in yy_scan_buffer()" ); + + b->yy_buf_size = size - 2; /* "- 2" to take care of EOB's */ + b->yy_buf_pos = b->yy_ch_buf = base; + b->yy_is_our_buffer = 0; + b->yy_input_file = 0; + b->yy_n_chars = b->yy_buf_size; + b->yy_is_interactive = 0; + b->yy_at_bol = 1; + b->yy_fill_buffer = 0; + b->yy_buffer_status = YY_BUFFER_NEW; + + yy_switch_to_buffer( b ); + + return b; + } +#endif + + +#ifndef YY_NO_SCAN_STRING +#ifdef YY_USE_PROTOS +YY_BUFFER_STATE yy_scan_string( yyconst char *yy_str ) +#else +YY_BUFFER_STATE yy_scan_string( yy_str ) +yyconst char *yy_str; +#endif + { + int len; + for ( len = 0; yy_str[len]; ++len ) + ; + + return yy_scan_bytes( yy_str, len ); + } +#endif + + +#ifndef YY_NO_SCAN_BYTES +#ifdef YY_USE_PROTOS +YY_BUFFER_STATE yy_scan_bytes( yyconst char *bytes, int len ) +#else +YY_BUFFER_STATE yy_scan_bytes( bytes, len ) +yyconst char *bytes; +int len; +#endif + { + YY_BUFFER_STATE b; + char *buf; + yy_size_t n; + int i; + + /* Get memory for full buffer, including space for trailing EOB's. */ + n = len + 2; + buf = (char *) yy_flex_alloc( n ); + if ( ! buf ) + YY_FATAL_ERROR( "out of dynamic memory in yy_scan_bytes()" ); + + for ( i = 0; i < len; ++i ) + buf[i] = bytes[i]; + + buf[len] = buf[len+1] = YY_END_OF_BUFFER_CHAR; + + b = yy_scan_buffer( buf, n ); + if ( ! b ) + YY_FATAL_ERROR( "bad buffer in yy_scan_bytes()" ); + + /* It's okay to grow etc. this buffer, and we should throw it + * away when we're done. + */ + b->yy_is_our_buffer = 1; + + return b; + } +#endif + + +#ifndef YY_NO_PUSH_STATE +#ifdef YY_USE_PROTOS +static void yy_push_state( int new_state ) +#else +static void yy_push_state( new_state ) +int new_state; +#endif + { + if ( yy_start_stack_ptr >= yy_start_stack_depth ) + { + yy_size_t new_size; + + yy_start_stack_depth += YY_START_STACK_INCR; + new_size = yy_start_stack_depth * sizeof( int ); + + if ( ! yy_start_stack ) + yy_start_stack = (int *) yy_flex_alloc( new_size ); + + else + yy_start_stack = (int *) yy_flex_realloc( + (void *) yy_start_stack, new_size ); + + if ( ! yy_start_stack ) + YY_FATAL_ERROR( + "out of memory expanding start-condition stack" ); + } + + yy_start_stack[yy_start_stack_ptr++] = YY_START; + + BEGIN(new_state); + } +#endif + + +#ifndef YY_NO_POP_STATE +static void yy_pop_state() + { + if ( --yy_start_stack_ptr < 0 ) + YY_FATAL_ERROR( "start-condition stack underflow" ); + + BEGIN(yy_start_stack[yy_start_stack_ptr]); + } +#endif + + +#ifndef YY_NO_TOP_STATE +static int yy_top_state() + { + return yy_start_stack[yy_start_stack_ptr - 1]; + } +#endif + +#ifndef YY_EXIT_FAILURE +#define YY_EXIT_FAILURE 2 +#endif + +#ifdef YY_USE_PROTOS +static void yy_fatal_error( yyconst char msg[] ) +#else +static void yy_fatal_error( msg ) +char msg[]; +#endif + { + (void) fprintf( stderr, "%s\n", msg ); + exit( YY_EXIT_FAILURE ); + } + + + +/* Redefine yyless() so it works in section 3 code. */ + +#undef yyless +#define yyless(n) \ + do \ + { \ + /* Undo effects of setting up yytext. */ \ + yytext[yyleng] = yy_hold_char; \ + yy_c_buf_p = yytext + n; \ + yy_hold_char = *yy_c_buf_p; \ + *yy_c_buf_p = '\0'; \ + yyleng = n; \ + } \ + while ( 0 ) + + +/* Internal utility routines. */ + +#ifndef yytext_ptr +#ifdef YY_USE_PROTOS +static void yy_flex_strncpy( char *s1, yyconst char *s2, int n ) +#else +static void yy_flex_strncpy( s1, s2, n ) +char *s1; +yyconst char *s2; +int n; +#endif + { + register int i; + for ( i = 0; i < n; ++i ) + s1[i] = s2[i]; + } +#endif + +#ifdef YY_NEED_STRLEN +#ifdef YY_USE_PROTOS +static int yy_flex_strlen( yyconst char *s ) +#else +static int yy_flex_strlen( s ) +yyconst char *s; +#endif + { + register int n; + for ( n = 0; s[n]; ++n ) + ; + + return n; + } +#endif + + +#ifdef YY_USE_PROTOS +static void *yy_flex_alloc( yy_size_t size ) +#else +static void *yy_flex_alloc( size ) +yy_size_t size; +#endif + { + return (void *) malloc( size ); + } + +#ifdef YY_USE_PROTOS +static void *yy_flex_realloc( void *ptr, yy_size_t size ) +#else +static void *yy_flex_realloc( ptr, size ) +void *ptr; +yy_size_t size; +#endif + { + /* The cast to (char *) in the following accommodates both + * implementations that use char* generic pointers, and those + * that use void* generic pointers. It works with the latter + * because both ANSI C and C++ allow castless assignment from + * any pointer type to void*, and deal with argument conversions + * as though doing an assignment. + */ + return (void *) realloc( (char *) ptr, size ); + } + +#ifdef YY_USE_PROTOS +static void yy_flex_free( void *ptr ) +#else +static void yy_flex_free( ptr ) +void *ptr; +#endif + { + free( ptr ); + } + +#if YY_MAIN +int main() + { + yylex(); + return 0; + } +#endif +#line 284 "lexer.l" + + +const char *const builtinservicehelpstrings[]= { + "environment", + "parameter ", + "version", + "toplevel", + "override", + "reset", + "execute", + "help", + 0 +}; + +#include "parser.c" + diff --git a/lexer.l b/lexer.l new file mode 100644 index 0000000..6af0345 --- /dev/null +++ b/lexer.l @@ -0,0 +1,299 @@ +/* + * Copyright (C)1996-1997,1999 Ian Jackson + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with userv; if not, write to the Free Software + * Foundation, 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + */ + +%{ + + + + + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "config.h" +#include "common.h" +#include "daemon.h" +#include "lib.h" +#include "tokens.h" + +#define HYPHEN '-' + +typedef int directive_fnt(int dtoken); +static directive_fnt df_reject, df_execute, df_executefrompath; +static directive_fnt df_executefromdirectory, df_executebuiltin; +static directive_fnt df_errorstostderr, df_errorstosyslog, df_errorstofile; +static directive_fnt dfg_fdwant, dfg_setflag; +static directive_fnt df_reset, df_cd, df_userrcfile, df_include; +static directive_fnt df_includelookup, df_includedirectory; +static directive_fnt df_message, df_error, df_quit, df_eof; +static directive_fnt df_if, df_catchquit, df_errorspush; +static directive_fnt dfi_includeuserrcfile, dfi_includeclientconfig; +/* directive functions return: + * 0 for success having scanned up to and including end of line but not beyond, + * or tokv_error or tokv_quit. + * They expect to parse the whitespace before their parameters (if any). + */ + +typedef int parmcondition_fnt(int ctoken, char *const *parmvalues, int *rtrue); +static parmcondition_fnt pcf_glob, pcf_range, pcf_grep; +/* all conditional functions return tokv_error for failure or 0 for success + * at parsing and testing, in which case *rtrue is set to 0 or 1. + * On success they have scanned up to and including the condition's + * terminating newline; the pcf_... functions expect to parse the whitespace + * between the parameter name and the condition's arguments. + * Otherwise they return tokv_error. + * The parameter-based conditionals take a list of parameter values + * as obtained from the parameter functions and pa_parameter, + * and do _not_ free it. + */ + +typedef int parameter_fnt(int ptoken, char ***rvalues); +static parameter_fnt pf_service; +static parameter_fnt pf_callinguser, pf_serviceuser; +static parameter_fnt pf_callinggroup, pf_servicegroup; +static parameter_fnt pf_callingusershell, pf_serviceusershell; +/* Parameter functions return tokv_error or 0 for success at parsing + * and determining the value, in which case *rvalues is made to be + * a mallocd null-terminated array of pointers to mallocd strings. + * freeparm can be used to free such an array. + */ + +typedef int builtinserviceparse_fnt(char ***rnewargs); +static builtinserviceparse_fnt bispa_none, bispa_parameter; +/* These parse the arguments to a builtin service, including the + * newline at the end of the line. *rnewargs will initially be + * null, indicating that no arguments are to be set; the function + * may store a mallocd array of mallocd strings in it, + * containing the arguments it wishes to have set (null-pointer + * terminated). + */ + +static int yylex(void); +/* Returns a token (which may be an eof or error exception) */ + +static directive_fnt *lr_dir; +static parmcondition_fnt *lr_parmcond; +static builtinserviceparse_fnt *lr_bispa; +static builtinserviceexec_fnt *lr_bisexec; +static parameter_fnt *lr_parameter; +static int lr_loglevel, lr_logfacility, lr_min, lr_max, *lr_flag; +static int lr_flagval, lr_controlend; +static int lr_fdwant_readwrite; /* -1=never, 0=opt, 1=always */ + +/* Forward declarations of things used in lexer and parser */ + +struct parser_state { + int lineno, reportlineno, notedreferer, isinternal; + const char *filename; + struct stat filestab; + YY_BUFFER_STATE ybuf; + struct parser_state *upstate; +}; + +static struct parser_state *cstate; + +struct error_handling { + int handling; /* One of the error handling modes tokt_ehandlemode */ + int logfacility, loglevel; + int filekeep; /* File is in use by higher-level errors-push, leave it open */ + FILE *file; + char *filename; +}; + +static struct error_handling eh = { tokv_word_errorstostderr, 0,0,0,0,0 }; + +static int dequote(char *inplace); + +#define YY_NO_UNPUT + +%} + +%option noyywrap + +%% + +reject { lr_dir= df_reject; return tokv_word_reject; } +execute-from-directory { lr_dir= df_executefromdirectory; return tokv_word_executefromdirectory; } +execute-from-path { lr_dir= df_executefrompath; return tokv_word_executefrompath; } +execute-builtin { lr_dir= df_executebuiltin; return tokv_word_executebuiltin; } +errors-to-stderr { lr_dir= df_errorstostderr; return tokv_word_errorstostderr; } +errors-to-syslog { lr_dir= df_errorstosyslog; return tokv_word_errorstosyslog; } +errors-to-file { lr_dir= df_errorstofile; return tokv_word_errorstofile; } +require-fd { lr_dir= dfg_fdwant; lr_fdwant_readwrite=1; return tokv_word_requirefd; } +allow-fd { lr_dir= dfg_fdwant; lr_fdwant_readwrite=0; return tokv_word_allowfd; } +null-fd { lr_dir= dfg_fdwant; lr_fdwant_readwrite=0; return tokv_word_nullfd; } +reject-fd { lr_dir= dfg_fdwant; lr_fdwant_readwrite=-1; return tokv_word_rejectfd; } +ignore-fd { lr_dir= dfg_fdwant; lr_fdwant_readwrite=-1; return tokv_word_ignorefd; } +set-environment { lr_dir= dfg_setflag; lr_flag= &setenvironment; lr_flagval= 1; return tokv_word_setenvironment; } +no-set-environment { lr_dir= dfg_setflag; lr_flag= &setenvironment; lr_flagval= 0; return tokv_word_nosetenvironment; } +suppress-args { lr_dir= dfg_setflag; lr_flag= &suppressargs; lr_flagval= 1; return tokv_word_suppressargs; } +no-suppress-args { lr_dir= dfg_setflag; lr_flag= &suppressargs; lr_flagval= 0; return tokv_word_nosuppressargs; } +disconnect-hup { lr_dir= dfg_setflag; lr_flag= &disconnecthup; lr_flagval= 1; return tokv_word_disconnecthup; } +no-disconnect-hup { lr_dir= dfg_setflag; lr_flag= &disconnecthup; lr_flagval= 0; return tokv_word_nodisconnecthup; } +cd { lr_dir= df_cd; return tokv_word_cd; } +user-rcfile { lr_dir= df_userrcfile; return tokv_word_userrcfile; } +include { lr_dir= df_include; return tokv_word_include; } +include-ifexist { lr_dir= df_include; return tokv_word_includeifexist; } +include-lookup { lr_dir= df_includelookup; return tokv_word_includelookup; } +include-lookup-all { lr_dir= df_includelookup; return tokv_word_includelookupall; } +include-directory { lr_dir= df_includedirectory; return tokv_word_includedirectory; } +message { lr_dir= df_message; return tokv_word_message; } +_include-sysconfig { lr_dir= df_include; return tokv_word_includesysconfig; } +_include-user-rcfile { lr_dir= dfi_includeuserrcfile; return tokv_word_includeuserrcfile; } +_include-client-config { lr_dir= dfi_includeclientconfig; return tokv_word_includeclientconfig; } +quit { lr_dir= df_quit; return tokv_word_quit; } +eof { lr_dir= df_eof; return tokv_word_eof; } +if { lr_dir= df_if; return tokv_word_if; } +catch-quit { lr_dir= df_catchquit; return tokv_word_catchquit; } +errors-push { lr_dir= df_errorspush; return tokv_word_errorspush; } +elif { lr_controlend= tokv_word_if; return tokv_word_elif; } +else { lr_controlend= tokv_word_if; return tokv_word_else; } +fi { lr_controlend= tokv_word_if; return tokv_word_fi; } +hctac { lr_controlend= tokv_word_catchquit; return tokv_word_hctac; } +srorre { lr_controlend= tokv_word_errorspush; return tokv_word_srorre; } +glob { lr_parmcond= pcf_glob; return tokv_word_glob; } +range { lr_parmcond= pcf_range; return tokv_word_range; } +grep { lr_parmcond= pcf_grep; return tokv_word_grep; } +environment { lr_bispa= bispa_none; lr_bisexec= bisexec_environment; return tokv_word_environment; } +parameter { lr_bispa= bispa_parameter; lr_bisexec= bisexec_parameter; return tokv_word_parameter; } +version { lr_bispa= bispa_none; lr_bisexec= bisexec_version; return tokv_word_version; } +toplevel { lr_bispa= bispa_none; lr_bisexec= bisexec_toplevel; return tokv_word_toplevel; } +override { lr_bispa= bispa_none; lr_bisexec= bisexec_override; return tokv_word_override; } +reset { lr_bispa= bispa_none; lr_bisexec= bisexec_reset; lr_dir= df_reset; return tokv_word_reset; } +execute { lr_bispa= bispa_none; lr_bisexec= bisexec_execute; lr_dir= df_execute; return tokv_word_execute; } +help { lr_bispa= bispa_none; lr_bisexec= bisexec_help; return tokv_word_help; } +service { lr_parameter= pf_service; return tokv_word_service; } +calling-user { lr_parameter= pf_callinguser; return tokv_word_callinguser; } +calling-group { lr_parameter= pf_callinggroup; return tokv_word_callinggroup; } +calling-user-shell { lr_parameter= pf_callingusershell; return tokv_word_callingusershell; } +service-user { lr_parameter= pf_serviceuser; return tokv_word_serviceuser; } +service-group { lr_parameter= pf_servicegroup; return tokv_word_servicegroup; } +service-user-shell { lr_parameter= pf_serviceusershell; return tokv_word_serviceusershell; } +debug { lr_loglevel= LOG_DEBUG; return tokv_syslog_debug; } +info { lr_loglevel= LOG_INFO; return tokv_syslog_info; } +notice { lr_loglevel= LOG_NOTICE; return tokv_syslog_notice; } +warn(ing)? { lr_loglevel= LOG_WARNING; return tokv_syslog_warning; } +err { lr_loglevel= LOG_ERR; return tokv_syslog_err; } +crit { lr_loglevel= LOG_CRIT; return tokv_syslog_crit; } +alert { lr_loglevel= LOG_ALERT; return tokv_syslog_alert; } +emerg|panic { lr_loglevel= LOG_EMERG; return tokv_syslog_emerg; } +auth(priv)?|security { lr_logfacility= LOG_AUTHPRIV; return tokv_syslog_authpriv; } +cron { lr_logfacility= LOG_CRON; return tokv_syslog_cron; } +daemon { lr_logfacility= LOG_DAEMON; return tokv_syslog_daemon; } +kern(el)? { lr_logfacility= LOG_KERN; return tokv_syslog_kern; } +lpr { lr_logfacility= LOG_LPR; return tokv_syslog_lpr; } +mail { lr_logfacility= LOG_MAIL; return tokv_syslog_mail; } +news { lr_logfacility= LOG_NEWS; return tokv_syslog_news; } +syslog { lr_logfacility= LOG_SYSLOG; return tokv_syslog_syslog; } +user { lr_logfacility= LOG_USER; return tokv_syslog_user; } +uucp { lr_logfacility= LOG_UUCP; return tokv_syslog_uucp; } +local0 { lr_logfacility= LOG_LOCAL0; return tokv_syslog_local0; } +local1 { lr_logfacility= LOG_LOCAL1; return tokv_syslog_local1; } +local2 { lr_logfacility= LOG_LOCAL2; return tokv_syslog_local2; } +local3 { lr_logfacility= LOG_LOCAL3; return tokv_syslog_local3; } +local4 { lr_logfacility= LOG_LOCAL4; return tokv_syslog_local4; } +local5 { lr_logfacility= LOG_LOCAL5; return tokv_syslog_local5; } +local6 { lr_logfacility= LOG_LOCAL6; return tokv_syslog_local6; } +local7 { lr_logfacility= LOG_LOCAL7; return tokv_syslog_local7; } +read { return tokv_word_read; } +write { return tokv_word_write; } +\$ { return tokv_dollar; } +$ { return tokv_openparen; } +$ { return tokv_closeparen; } +\! { return tokv_not; } +\& { return tokv_and; } +\| { return tokv_or; } +error { lr_dir= df_error; lr_loglevel= LOG_ERR; return tokv_word_error; } + + + +[0-9]{1,8} { + char *ep; + lr_min=lr_max= (int)strtoul(yytext,&ep,10); + assert(!*ep); + return tokv_ordinal; + } +[0-9]{1,8}-[0-9]{1,8} { + char *ep; + lr_min= (int)strtoul(yytext,&ep,10); + assert(*ep == HYPHEN); + assert(*++ep); + lr_max= (int)strtoul(ep,&ep,10); + assert(!*ep); + if (lr_max < lr_min) { + parseerrprint("fd range has min > max"); + return tokv_error; + } + return tokv_fdrange; + } +[0-9]{1,8}- { + char *ep; + lr_min= (int)strtoul(yytext,&ep,10); + assert(*ep == HYPHEN); + assert(!*++ep); + lr_max=-1; + return tokv_fdstoend; + } +[\ \t]+ return tokv_lwsp; +[\ \t]*\n cstate->lineno++; return tokv_newline; +[\ \t]*\#[^\n]*\n cstate->lineno++; return tokv_newline; +[\ \t]*\#[^\n]* { + parseerrprint("missing newline at eof after comment"); + return tokv_error; + } +\"([^\\\"\n]|\\[a-z]|\\[0-9]{3}|\\x[0-9A-Fa-f]{2}|\\[[:punct:]]|\\[ \t]*\n)*\" { + return dequote(yytext); + } +\".* { + parseerrprint("misquoted or unterminated string"); + return tokv_error; + } +[^\ \t\n]+ return tokv_barestring; +<> return tokv_eof; + + +%% + +const char *const builtinservicehelpstrings[]= { + "environment", + "parameter ", + "version", + "toplevel", + "override", + "reset", + "execute", + "help", + 0 +}; + +#include "parser.c" + diff --git a/overview.ps b/overview.ps new file mode 100644 index 0000000..4785146 --- /dev/null +++ b/overview.ps @@ -0,0 +1,445 @@ +%!PS-Adobe-2.0 +%%Title: overview.fig +%%Creator: fig2dev Version 3.2 Patchlevel 0-beta3 +%%CreationDate: Sun Apr 18 18:52:55 1999 +%%For: ian@anarres (Ian Jackson) +%%Orientation: Landscape +%%BoundingBox: 121 174 474 667 +%%Pages: 1 +%%BeginSetup +%%IncludeFeature: *PageSize A4 +%%EndSetup +%%Magnification: 1.0000 +%%EndComments +/$F2psDict 200 dict def +$F2psDict begin +$F2psDict /mtrx matrix put +/col-1 {0 setgray} bind def +/col0 {0.000 0.000 0.000 srgb} bind def +/col1 {0.000 0.000 1.000 srgb} bind def +/col2 {0.000 1.000 0.000 srgb} bind def +/col3 {0.000 1.000 1.000 srgb} bind def +/col4 {1.000 0.000 0.000 srgb} bind def +/col5 {1.000 0.000 1.000 srgb} bind def +/col6 {1.000 1.000 0.000 srgb} bind def +/col7 {1.000 1.000 1.000 srgb} bind def +/col8 {0.000 0.000 0.560 srgb} bind def +/col9 {0.000 0.000 0.690 srgb} bind def +/col10 {0.000 0.000 0.820 srgb} bind def +/col11 {0.530 0.810 1.000 srgb} bind def +/col12 {0.000 0.560 0.000 srgb} bind def +/col13 {0.000 0.690 0.000 srgb} bind def +/col14 {0.000 0.820 0.000 srgb} bind def +/col15 {0.000 0.560 0.560 srgb} bind def +/col16 {0.000 0.690 0.690 srgb} bind def +/col17 {0.000 0.820 0.820 srgb} bind def +/col18 {0.560 0.000 0.000 srgb} bind def +/col19 {0.690 0.000 0.000 srgb} bind def +/col20 {0.820 0.000 0.000 srgb} bind def +/col21 {0.560 0.000 0.560 srgb} bind def +/col22 {0.690 0.000 0.690 srgb} bind def +/col23 {0.820 0.000 0.820 srgb} bind def +/col24 {0.500 0.190 0.000 srgb} bind def +/col25 {0.630 0.250 0.000 srgb} bind def +/col26 {0.750 0.380 0.000 srgb} bind def +/col27 {1.000 0.500 0.500 srgb} bind def +/col28 {1.000 0.630 0.630 srgb} bind def +/col29 {1.000 0.750 0.750 srgb} bind def +/col30 {1.000 0.880 0.880 srgb} bind def +/col31 {1.000 0.840 0.000 srgb} bind def + +end +save +68.0 130.5 translate + 90 rotate +1 -1 scale + +/cp {closepath} bind def +/ef {eofill} bind def +/gr {grestore} bind def +/gs {gsave} bind def +/sa {save} bind def +/rs {restore} bind def +/l {lineto} bind def +/m {moveto} bind def +/rm {rmoveto} bind def +/n {newpath} bind def +/s {stroke} bind def +/sh {show} bind def +/slc {setlinecap} bind def +/slj {setlinejoin} bind def +/slw {setlinewidth} bind def +/srgb {setrgbcolor} bind def +/rot {rotate} bind def +/sc {scale} bind def +/sd {setdash} bind def +/ff {findfont} bind def +/sf {setfont} bind def +/scf {scalefont} bind def +/sw {stringwidth} bind def +/tr {translate} bind def +/tnt {dup dup currentrgbcolor + 4 -2 roll dup 1 exch sub 3 -1 roll mul add + 4 -2 roll dup 1 exch sub 3 -1 roll mul add + 4 -2 roll dup 1 exch sub 3 -1 roll mul add srgb} + bind def +/shd {dup dup currentrgbcolor 4 -2 roll mul 4 -2 roll mul + 4 -2 roll mul srgb} bind def +/$F2psBegin {$F2psDict begin /$F2psEnteredState save def} def +/$F2psEnd {$F2psEnteredState restore end} def +%%EndProlog + +$F2psBegin +10 setmiterlimit +n -1000 7762 m -1000 -1000 l 9946 -1000 l 9946 7762 l cp clip + 0.06000 0.06000 sc +%%Page: 1 1 +% Polyline +7.500 slw + [15 45] 45 sd +gs clippath +3405 2328 m 3375 2448 l 3345 2328 l 3345 2490 l 3405 2490 l cp +clip +n 3375 1875 m 3375 2475 l gs col-1 s gr gr + [] 0 sd +% arrowhead +n 3405 2328 m 3375 2448 l 3345 2328 l col-1 s +% Polyline + [15 45] 45 sd +gs clippath +5928 2970 m 6048 2999 l 5928 3030 l 6090 3030 l 6090 2970 l cp +4306 3029 m 4185 2999 l 4306 2969 l 4144 2969 l 4144 3029 l cp +clip +n 4159 2999 m 6075 3000 l gs col-1 s gr gr + [] 0 sd +% arrowhead +n 4306 3029 m 4185 2999 l 4306 2969 l col-1 s +% arrowhead +n 5928 2970 m 6048 2999 l 5928 3030 l col-1 s +% Polyline + [15 45] 45 sd +gs clippath +3405 4203 m 3375 4323 l 3345 4203 l 3345 4365 l 3405 4365 l cp +clip +n 3375 3525 m 3375 4350 l gs col-1 s gr gr + [] 0 sd +% arrowhead +n 3405 4203 m 3375 4323 l 3345 4203 l col-1 s +% Polyline +n 2700 4425 m 4125 4425 l 4125 5025 l 2700 5025 l cp gs col0 s gr +% Polyline +n 2700 4575 m 4125 4575 l 4125 5175 l 2700 5175 l cp gs col0 s gr +% Polyline + [15 45] 45 sd +gs clippath +6930 5628 m 6900 5748 l 6870 5628 l 6870 5790 l 6930 5790 l cp +clip +n 6900 3525 m 6900 5775 l gs col-1 s gr gr + [] 0 sd +% arrowhead +n 6930 5628 m 6900 5748 l 6870 5628 l col-1 s +% Polyline +n 2700 2533 m 4125 2533 l 4125 3465 l 2700 3465 l cp gs col-1 s gr +% Polyline +n 2700 900 m 4125 900 l 4125 1834 l 2700 1834 l cp gs col-1 s gr +% Polyline +n 6176 2533 m 7650 2533 l 7650 3465 l 6176 3465 l cp gs col-1 s gr +% Polyline +n 6176 5815 m 7650 5815 l 7650 6749 l 6176 6749 l cp gs col-1 s gr +% Polyline + [60] 0 sd +n 825 5250 m 826 5250 l 830 5250 l 836 5250 l 846 5249 l 859 5249 l + 877 5248 l 900 5248 l 927 5247 l 959 5246 l 995 5245 l + 1035 5244 l 1078 5242 l 1124 5241 l 1172 5240 l 1221 5239 l + 1271 5238 l 1322 5237 l 1371 5236 l 1420 5235 l 1468 5235 l + 1514 5235 l 1559 5235 l 1601 5235 l 1641 5236 l 1680 5236 l + 1716 5238 l 1751 5239 l 1784 5241 l 1815 5244 l 1845 5247 l + 1875 5250 l 1908 5254 l 1940 5259 l 1972 5265 l 2001 5271 l + 2030 5278 l 2057 5285 l 2083 5293 l 2108 5301 l 2131 5310 l + 2153 5319 l 2175 5329 l 2196 5339 l 2217 5349 l 2238 5359 l + 2260 5369 l 2282 5379 l 2304 5389 l 2329 5399 l 2354 5408 l + 2382 5418 l 2412 5426 l 2444 5435 l 2479 5443 l 2517 5450 l + 2558 5457 l 2602 5463 l 2649 5469 l 2700 5475 l 2734 5478 l + 2769 5482 l 2805 5485 l 2843 5488 l 2881 5490 l 2921 5493 l + 2961 5496 l 3002 5498 l 3045 5501 l 3087 5504 l 3131 5506 l + 3175 5508 l 3220 5511 l 3265 5513 l 3311 5515 l 3358 5517 l + 3405 5520 l 3452 5522 l 3500 5524 l 3548 5526 l 3596 5528 l + 3645 5530 l 3693 5532 l 3743 5534 l 3792 5536 l 3842 5538 l + 3892 5539 l 3942 5541 l 3993 5542 l 4043 5544 l 4095 5545 l + 4146 5546 l 4198 5548 l 4250 5549 l 4302 5550 l 4355 5550 l + 4408 5551 l 4462 5551 l 4517 5552 l 4572 5552 l 4628 5552 l + 4684 5551 l 4742 5551 l 4800 5550 l 4848 5549 l 4897 5548 l + 4947 5547 l 4998 5546 l 5049 5545 l 5102 5543 l 5155 5541 l + 5210 5540 l 5265 5538 l 5321 5536 l 5379 5533 l 5437 5531 l + 5496 5529 l 5556 5526 l 5617 5523 l 5679 5521 l 5741 5518 l + 5804 5515 l 5868 5512 l 5932 5509 l 5997 5506 l 6062 5502 l + 6127 5499 l 6193 5496 l 6258 5492 l 6324 5489 l 6390 5486 l + 6456 5482 l 6522 5479 l 6587 5475 l 6652 5472 l 6716 5468 l + 6780 5465 l 6844 5461 l 6906 5458 l 6968 5455 l 7029 5451 l + 7089 5448 l 7148 5445 l 7206 5441 l 7263 5438 l 7318 5435 l + 7373 5432 l 7426 5429 l 7477 5426 l 7527 5423 l 7576 5420 l + 7623 5417 l 7669 5414 l 7713 5411 l 7756 5408 l 7797 5406 l + 7837 5403 l 7875 5400 l 7940 5395 l 8001 5390 l 8059 5385 l + 8113 5379 l 8164 5374 l 8214 5368 l 8261 5362 l 8307 5355 l + 8352 5349 l 8396 5342 l 8438 5335 l 8480 5327 l 8520 5320 l + 8560 5312 l 8598 5305 l 8634 5298 l 8668 5291 l 8699 5284 l + 8728 5278 l 8755 5272 l 8777 5267 l 8797 5262 l 8813 5259 l + 8826 5256 l 8836 5253 l 8842 5252 l 8847 5251 l 8849 5250 l + 8850 5250 l gs col-1 s gr [] 0 sd +% Polyline + [60] 0 sd +n 4650 6750 m 4650 6749 l 4650 6746 l 4650 6740 l 4650 6731 l 4649 6718 l + 4649 6701 l 4649 6680 l 4648 6653 l 4647 6621 l 4646 6584 l + 4646 6542 l 4644 6496 l 4643 6445 l 4642 6390 l 4641 6331 l + 4639 6270 l 4637 6206 l 4636 6140 l 4634 6072 l 4632 6005 l + 4630 5937 l 4628 5869 l 4626 5802 l 4623 5737 l 4621 5673 l + 4619 5611 l 4616 5552 l 4613 5494 l 4611 5440 l 4608 5387 l + 4605 5338 l 4602 5291 l 4599 5246 l 4595 5204 l 4592 5165 l + 4588 5127 l 4584 5091 l 4580 5057 l 4575 5025 l 4568 4981 l + 4561 4938 l 4553 4898 l 4546 4860 l 4539 4823 l 4532 4788 l + 4525 4754 l 4518 4722 l 4512 4690 l 4506 4660 l 4500 4630 l + 4494 4601 l 4488 4573 l 4481 4546 l 4475 4519 l 4467 4492 l + 4459 4465 l 4450 4439 l 4440 4413 l 4429 4388 l 4417 4362 l + 4402 4337 l 4386 4313 l 4369 4289 l 4349 4265 l 4326 4243 l + 4302 4221 l 4275 4200 l 4252 4185 l 4228 4170 l 4202 4157 l + 4175 4144 l 4146 4132 l 4115 4121 l 4083 4110 l 4049 4100 l + 4014 4091 l 3977 4083 l 3939 4075 l 3900 4067 l 3860 4060 l + 3820 4053 l 3778 4047 l 3736 4041 l 3694 4035 l 3652 4029 l + 3609 4023 l 3567 4018 l 3524 4012 l 3482 4006 l 3441 4000 l + 3401 3994 l 3361 3988 l 3322 3981 l 3284 3975 l 3248 3967 l + 3212 3960 l 3178 3952 l 3145 3944 l 3114 3936 l 3083 3927 l + 3054 3918 l 3027 3909 l 3000 3900 l 2965 3887 l 2932 3874 l + 2900 3861 l 2870 3848 l 2841 3836 l 2813 3824 l 2786 3812 l + 2760 3801 l 2735 3790 l 2710 3780 l 2686 3769 l 2663 3758 l + 2640 3748 l 2618 3737 l 2596 3725 l 2574 3713 l 2553 3700 l + 2533 3687 l 2513 3672 l 2494 3656 l 2476 3638 l 2458 3619 l + 2442 3598 l 2426 3576 l 2412 3551 l 2400 3525 l 2391 3502 l + 2384 3478 l 2377 3452 l 2371 3424 l 2366 3396 l 2362 3365 l + 2359 3333 l 2357 3300 l 2355 3266 l 2353 3230 l 2353 3193 l + 2352 3156 l 2352 3117 l 2353 3079 l 2353 3039 l 2354 3000 l + 2356 2961 l 2357 2921 l 2359 2883 l 2360 2844 l 2362 2807 l + 2364 2770 l 2367 2734 l 2369 2700 l 2372 2667 l 2375 2635 l + 2378 2604 l 2381 2576 l 2385 2548 l 2390 2522 l 2394 2498 l + 2400 2475 l 2408 2449 l 2416 2424 l 2424 2401 l 2433 2380 l + 2441 2361 l 2449 2342 l 2456 2325 l 2462 2309 l 2468 2295 l + 2474 2280 l 2480 2267 l 2486 2254 l 2493 2242 l 2500 2230 l + 2508 2218 l 2518 2207 l 2529 2195 l 2543 2184 l 2559 2173 l + 2579 2162 l 2601 2150 l 2628 2140 l 2658 2129 l 2692 2119 l + 2731 2109 l 2775 2100 l 2803 2095 l 2833 2090 l 2864 2086 l + 2897 2082 l 2932 2078 l 2967 2074 l 3005 2071 l 3043 2068 l + 3083 2065 l 3124 2062 l 3166 2060 l 3209 2058 l 3252 2055 l + 3297 2053 l 3343 2052 l 3389 2050 l 3436 2048 l 3484 2047 l + 3532 2045 l 3580 2044 l 3629 2043 l 3679 2041 l 3728 2040 l + 3778 2039 l 3828 2038 l 3878 2037 l 3929 2036 l 3979 2035 l + 4030 2034 l 4080 2033 l 4131 2032 l 4182 2032 l 4232 2031 l + 4283 2030 l 4334 2029 l 4385 2028 l 4436 2028 l 4487 2027 l + 4538 2027 l 4590 2026 l 4642 2026 l 4694 2025 l 4747 2025 l + 4800 2025 l 4848 2025 l 4896 2025 l 4945 2026 l 4994 2026 l + 5045 2026 l 5096 2027 l 5148 2028 l 5201 2028 l 5255 2029 l + 5310 2030 l 5366 2031 l 5423 2032 l 5480 2033 l 5538 2034 l + 5597 2035 l 5657 2036 l 5717 2037 l 5778 2039 l 5840 2040 l + 5901 2041 l 5963 2043 l 6026 2044 l 6088 2045 l 6151 2047 l + 6213 2048 l 6276 2050 l 6338 2051 l 6400 2053 l 6461 2055 l + 6522 2056 l 6582 2058 l 6641 2060 l 6700 2061 l 6758 2063 l + 6815 2065 l 6870 2067 l 6925 2069 l 6978 2071 l 7030 2073 l + 7081 2075 l 7130 2077 l 7177 2079 l 7223 2082 l 7268 2084 l + 7311 2086 l 7352 2089 l 7391 2092 l 7429 2094 l 7465 2097 l + 7500 2100 l 7562 2106 l 7618 2112 l 7668 2119 l 7713 2127 l + 7752 2135 l 7787 2143 l 7817 2152 l 7843 2160 l 7866 2170 l + 7885 2179 l 7903 2189 l 7918 2199 l 7932 2209 l 7946 2219 l + 7959 2229 l 7973 2239 l 7987 2249 l 8002 2258 l 8018 2268 l + 8036 2277 l 8056 2285 l 8077 2294 l 8100 2302 l 8124 2310 l + 8149 2318 l 8175 2325 l 8201 2332 l 8228 2339 l 8255 2346 l + 8283 2353 l 8313 2360 l 8345 2368 l 8378 2375 l 8412 2383 l + 8449 2391 l 8486 2399 l 8525 2407 l 8564 2416 l 8603 2424 l + 8641 2432 l 8677 2439 l 8711 2446 l 8742 2453 l 8770 2459 l + 8793 2463 l 8812 2467 l 8827 2470 l 8838 2472 l 8845 2474 l + 8848 2475 l 8850 2475 l gs col-1 s gr [] 0 sd +% Polyline + [15 45] 45 sd +gs clippath +2479 4691 m 2598 4724 l 2477 4751 l 2639 4755 l 2641 4695 l cp +clip +n 2625 4725 m 2590 4724 l 2569 4724 l 2542 4724 l 2511 4723 l 2477 4722 l + 2441 4721 l 2404 4720 l 2368 4719 l 2332 4717 l 2298 4715 l + 2266 4714 l 2236 4712 l 2208 4710 l 2182 4707 l 2157 4705 l + 2134 4702 l 2112 4699 l 2091 4695 l 2070 4692 l 2050 4688 l + 2028 4683 l 2006 4677 l 1985 4672 l 1962 4665 l 1940 4659 l + 1917 4652 l 1893 4644 l 1869 4637 l 1845 4629 l 1820 4621 l + 1795 4612 l 1769 4604 l 1744 4596 l 1718 4588 l 1692 4581 l + 1667 4573 l 1641 4566 l 1616 4560 l 1590 4553 l 1565 4548 l + 1539 4542 l 1513 4538 l 1490 4534 l 1466 4530 l 1442 4527 l + 1416 4524 l 1390 4521 l 1361 4519 l 1330 4517 l 1298 4515 l + 1263 4513 l 1225 4511 l 1185 4509 l 1143 4508 l 1099 4506 l + 1053 4505 l 1007 4504 l 962 4503 l 919 4502 l 879 4502 l + 843 4501 l 812 4501 l 788 4500 l 771 4500 l gs col-1 s gr gr + [] 0 sd +% arrowhead +n 2479 4691 m 2598 4724 l 2477 4751 l col-1 s +% Polyline + [15 45] 45 sd +gs clippath +4345 4687 m 4226 4651 l 4348 4627 l 4186 4619 l 4184 4679 l cp +clip +n 4200 4650 m 4242 4652 l 4266 4653 l 4295 4654 l 4326 4656 l 4359 4658 l + 4392 4661 l 4423 4664 l 4453 4667 l 4481 4671 l 4506 4675 l + 4529 4679 l 4551 4685 l 4571 4690 l 4590 4697 l 4608 4704 l + 4625 4713 l 4641 4721 l 4656 4730 l 4671 4740 l 4686 4751 l + 4702 4763 l 4717 4776 l 4733 4791 l 4748 4807 l 4763 4825 l + 4778 4843 l 4793 4863 l 4808 4885 l 4822 4907 l 4835 4931 l + 4848 4955 l 4861 4981 l 4873 5007 l 4884 5034 l 4895 5061 l + 4906 5090 l 4915 5119 l 4925 5150 l 4932 5175 l 4939 5201 l + 4947 5228 l 4954 5256 l 4961 5285 l 4968 5315 l 4975 5346 l + 4982 5378 l 4990 5411 l 4997 5444 l 5005 5478 l 5013 5513 l + 5021 5548 l 5028 5582 l 5037 5617 l 5045 5651 l 5053 5685 l + 5061 5718 l 5070 5750 l 5078 5781 l 5087 5811 l 5095 5840 l + 5104 5868 l 5113 5894 l 5122 5920 l 5131 5943 l 5140 5966 l + 5150 5988 l 5162 6011 l 5174 6033 l 5187 6055 l 5200 6075 l + 5215 6094 l 5230 6112 l 5245 6129 l 5262 6145 l 5279 6160 l + 5297 6174 l 5315 6187 l 5334 6199 l 5353 6210 l 5372 6220 l + 5391 6229 l 5411 6237 l 5430 6244 l 5450 6250 l 5469 6256 l + 5488 6261 l 5507 6265 l 5525 6269 l 5544 6272 l 5563 6275 l + 5583 6278 l 5604 6281 l 5625 6283 l 5647 6285 l 5671 6287 l + 5696 6289 l 5722 6291 l 5751 6292 l 5782 6293 l 5814 6295 l + 5848 6296 l 5884 6297 l 5919 6297 l 5953 6298 l 5985 6299 l + 6013 6299 l 6036 6300 l 6054 6300 l gs col-1 s gr gr + [] 0 sd +% arrowhead +n 4345 4687 m 4226 4651 l 4348 4627 l col-1 s +% Polyline + [15 45] 45 sd +gs clippath +5928 6420 m 6048 6450 l 5928 6480 l 6090 6480 l 6090 6420 l cp +clip +n 4200 4800 m 4203 4800 l 4211 4800 l 4223 4801 l 4242 4802 l 4266 4803 l + 4295 4804 l 4326 4806 l 4359 4808 l 4392 4811 l 4423 4814 l + 4453 4817 l 4481 4821 l 4506 4825 l 4529 4829 l 4551 4835 l + 4571 4840 l 4590 4847 l 4608 4854 l 4625 4863 l 4641 4871 l + 4656 4880 l 4671 4890 l 4686 4901 l 4702 4913 l 4717 4926 l + 4733 4941 l 4748 4957 l 4763 4975 l 4778 4993 l 4793 5013 l + 4808 5035 l 4822 5057 l 4835 5081 l 4848 5105 l 4861 5131 l + 4873 5157 l 4884 5184 l 4895 5211 l 4906 5240 l 4915 5269 l + 4925 5300 l 4932 5325 l 4939 5351 l 4947 5378 l 4954 5406 l + 4961 5435 l 4968 5465 l 4975 5496 l 4982 5528 l 4990 5561 l + 4997 5594 l 5005 5628 l 5013 5663 l 5021 5698 l 5028 5732 l + 5037 5767 l 5045 5801 l 5053 5835 l 5061 5868 l 5070 5900 l + 5078 5931 l 5087 5961 l 5095 5990 l 5104 6018 l 5113 6044 l + 5122 6070 l 5131 6093 l 5140 6116 l 5150 6138 l 5162 6161 l + 5174 6183 l 5187 6205 l 5200 6225 l 5215 6244 l 5230 6262 l + 5245 6279 l 5262 6295 l 5279 6310 l 5297 6324 l 5315 6337 l + 5334 6349 l 5353 6360 l 5372 6370 l 5391 6379 l 5411 6387 l + 5430 6394 l 5450 6400 l 5469 6406 l 5488 6411 l 5507 6415 l + 5525 6419 l 5544 6422 l 5563 6425 l 5583 6428 l 5604 6431 l + 5625 6433 l 5647 6435 l 5671 6437 l 5696 6439 l 5722 6441 l + 5751 6442 l 5782 6443 l 5814 6445 l 5848 6446 l 5884 6447 l + 5919 6447 l 5953 6448 l 5985 6449 l 6013 6449 l 6036 6450 l + 6075 6450 l gs col-1 s gr gr + [] 0 sd +% arrowhead +n 5928 6420 m 6048 6450 l 5928 6480 l col-1 s +% Polyline + [15 45] 45 sd +gs clippath +897 4380 m 777 4350 l 897 4320 l 735 4320 l 735 4380 l cp +clip +n 2625 4575 m 2622 4575 l 2617 4575 l 2606 4575 l 2590 4574 l 2569 4574 l + 2542 4574 l 2511 4573 l 2477 4572 l 2441 4571 l 2404 4570 l + 2368 4569 l 2332 4567 l 2298 4565 l 2266 4564 l 2236 4562 l + 2208 4560 l 2182 4557 l 2157 4555 l 2134 4552 l 2112 4549 l + 2091 4545 l 2070 4542 l 2050 4538 l 2028 4533 l 2006 4527 l + 1985 4522 l 1962 4515 l 1940 4509 l 1917 4502 l 1893 4494 l + 1869 4487 l 1845 4479 l 1820 4471 l 1795 4462 l 1769 4454 l + 1744 4446 l 1718 4438 l 1692 4431 l 1667 4423 l 1641 4416 l + 1616 4410 l 1590 4403 l 1565 4398 l 1539 4392 l 1513 4388 l + 1490 4384 l 1466 4380 l 1442 4377 l 1416 4374 l 1390 4371 l + 1361 4369 l 1330 4367 l 1298 4365 l 1263 4363 l 1225 4361 l + 1185 4359 l 1143 4358 l 1099 4356 l 1053 4355 l 1007 4354 l + 962 4353 l 919 4352 l 879 4352 l 843 4351 l 812 4351 l + 788 4350 l 750 4350 l gs col-1 s gr gr + [] 0 sd +% arrowhead +n 897 4380 m 777 4350 l 897 4320 l col-1 s +/Times-Italic ff 240.00 scf sf +3460 2300 m +gs 1 -1 sc (fork/exec) col-1 sh gr +/Times-Italic ff 240.00 scf sf +3460 3825 m +gs 1 -1 sc (fork/exec) col-1 sh gr +/Courier ff 285.00 scf sf +3075 4800 m +gs 1 -1 sc (cat) col-1 sh gr +/Courier ff 285.00 scf sf +3075 4950 m +gs 1 -1 sc (cat) col-1 sh gr +/Helvetica ff 225.00 scf sf +1425 5175 m +gs 1 -1 sc (trusted) col-1 sh gr +/Helvetica ff 285.00 scf sf +1275 6525 m +gs 1 -1 sc (unrelated processes) col-1 sh gr +/Helvetica ff 225.00 scf sf +1050 5475 m +gs 1 -1 sc (untrusted) col-1 sh gr +/Helvetica ff 225.00 scf sf +975 5775 m +gs 1 -1 sc (invoking user's security boundary) col-1 sh gr +/Helvetica ff 285.00 scf sf +7800 4725 m +gs 1 -1 sc (TCB) col-1 sh gr +/Helvetica ff 285.00 scf sf +7800 6000 m +gs 1 -1 sc (service) col-1 sh gr +/Helvetica ff 285.00 scf sf +7875 6225 m +gs 1 -1 sc (user) col-1 sh gr +/Helvetica ff 225.00 scf sf +7950 2175 m +gs 1 -1 sc (untrusted) col-1 sh gr +/Helvetica ff 285.00 scf sf +5475 1500 m +gs 1 -1 sc (invoking user) col-1 sh gr +/Times-Italic ff 240.00 scf sf +4875 4875 m +gs 1 -1 sc (pipes $set up by) col-1 sh gr +/Times-Italic ff 240.00 scf sf +5025 5100 m +gs 1 -1 sc (client+daemon$) col-1 sh gr +/Times-Italic ff 240.00 scf sf +5925 3758 m +gs 1 -1 sc (fork/exec) col-1 sh gr +/Times-Roman ff 300.00 scf sf +6422 3058 m +gs 1 -1 sc (Daemon) col-1 sh gr +/Times-Roman ff 300.00 scf sf +6422 6516 m +gs 1 -1 sc (program) col-1 sh gr +/Times-Roman ff 300.00 scf sf +6422 6282 m +gs 1 -1 sc (Service) col-1 sh gr +/Times-Roman ff 300.00 scf sf +2993 3058 m +gs 1 -1 sc (Client) col-1 sh gr +/Times-Roman ff 300.00 scf sf +3000 1425 m +gs 1 -1 sc (Caller) col-1 sh gr +/Helvetica ff 225.00 scf sf +7050 2325 m +gs 1 -1 sc (trusted) col-1 sh gr +/Times-Italic ff 240.00 scf sf +4800 2942 m +gs 1 -1 sc (socket) col-1 sh gr +/Times-Italic ff 240.00 scf sf +750 4275 m +gs 1 -1 sc (or passed from caller) col-1 sh gr +/Times-Italic ff 240.00 scf sf +825 3825 m +gs 1 -1 sc (fds) col-1 sh gr +/Times-Italic ff 240.00 scf sf +825 4050 m +gs 1 -1 sc (opened by client) col-1 sh gr +/Helvetica ff 225.00 scf sf +5700 1950 m +gs 1 -1 sc (service user's security boundary) col-1 sh gr +$F2psEnd +rs +showpage diff --git a/spec.html/ch-client.html b/spec.html/ch-client.html new file mode 100644 index 0000000..2d4a345 --- /dev/null +++ b/spec.html/ch-client.html @@ -0,0 +1,236 @@ + +User service daemon and client specification - Client program usage + + + +

+User service daemon and client specification - chapter 2
+Client program usage + +

userv options [--] service-user service-name [argument ...]
+userv options -B|--builtin [--] builtin-service [info-argument ...]

+ +service-user specifies which user is to provide the service. +The user may be a login name or a numeric uid, or - to indicate +that the service user is to be the same as the calling user.

+ +The service name is interpreted by the userv[1] +daemon on behalf of the service user. It will often be the name of a +program. +

+2.1 Options +

+ +Single-letter options may be combined as is usual with Unix programs, +and the value for such an option may appear in the same argument or in +the next. + +

-B

--builtin

Requests that a builtin service be provided. This is equivalent to +using the --override option to specify a string consisting of +execute-builtin followed by the builtin-service +requested, and requesting a service user of - (indicating the +calling user).

+ +If the builtin service being requested requires a +service-argument then this must be supplied to the client in the +same argument as the builtin-service. See Directives for changing execution settings, subsection 4.2.4 for details of the builtin services available, +and Security-overriding options, section 2.2 for details of the --override +options.

+ +The actual service name passed will be the builtin-service; note +that this actual service name (as opposed to the override data) and +the info-arguments supplied will be ignored by most builtin +services; the override mechanism and execute-builtin will be +used to ensure that the right builtin service is called with the right +service-arguments. +

-ffd[modifiers]=filename

--file fd[modifiers]=filename

Requests that data be copied in and out of the service using pipes. +For each file or descriptor this will be done by creating a pipe, one +end of which is passed to the service program and the other end of +which is passed to a copy of cat invoked by the client; the +other file descriptor passed to cat will be one inherited by +the client program from the caller or one opened by the client program +on behalf of the caller.

+ +The descriptor in the service program that should be connected must be +specified as fd, either as a decimal number or as one of the +strings stdin, stdout or stderr. The next argument is +a filename which will be opened by the client with the privileges of +the calling user. +

+modifiers is used to specify whether the file or descriptor is +to be read from or written to. It consists of a series of words +separated by commas. A comma may separate the modifiers from +the fd and is required if fd is not numeric. +

+The modifier words are: +

read: O_RDONLY: Allow reading and not writing. May not be used with +write or things that imply it. +
write: O_WRONLY: Allow writing and not reading. Doesn't truncate or +create without truncate or create. write or things +that imply it may not be used with read. +
overwrite: Equivalent to write,create,truncate. +
create
creat: O_CREAT: Creates the file if necessary. Implies write. +
exclusive
excl: O_EXCL: Fails if the file already exists. Implies write and +create. May not be used with truncate. +
truncate
trunc: O_TRUNC: Truncate any existing file. Implies write. +May not be used with exclusive. +
append: O_APPEND: All writes will append to the file. Implies write +(but not create). +
sync: O_SYNC: Do writes synchronously. Implies write. +
wait
nowait
close: These modifiers control the behaviour of the client, with respect to +the pipes carrying data to and from the service, when the service +terminates. See below. +
fd: The filename is not a filename but a numeric file descriptor. +One or both of read and write must be specified, and no +other words are allowed. The filename may also be stdin, +stdout or stderr for file descriptor 0, 1 or 2 respectively. +

+ +If no modifiers which imply read or write are used it +is as if write had been specified, except that if the +filedescriptor 0 of the service is being opened (either specified +numerically or with stdin) it is as if overwrite had been +specified (or write if only fd was specified).

+ +The client will also use O_NOCTTY when opening files specified by +the caller, to avoid changing its controlling terminal.

+ +By default stdin, stdout and stderr of the service will be connected +to the corresponding descriptors on the client. Diagnostics from +the client and daemon will also appear on stderr.

+ +If wait is specified, the client will wait for the pipe to be +closed, and only exit after this has happened. This means that either +the receiving end of the pipe connection was closed while data was +still available at the sending end, or that the end of file was +reached on the reading file descriptor. Errors encountered reading or +writing in the client at this stage will be considered a system error +and cause the client to exit with status 255, but will not cause +disconnection at the service side since the service has already +exited.

+ +If close is specified the client will immediately close the pipe +connection by killing the relevant copy of cat. If the service +uses the descriptor it will get SIGPIPE (or EPIPE) for a +writing descriptor or end of file for a reading one; the descriptor +opened by or passed to the client will also be closed.

+ +If nowait is specified then the client will not wait and the +connection will remain open after the client terminates. Data may +continue to be passed between the inheritors of the relevant +descriptor on the service side and the corresponding file or +descriptor on the client side until either side closes their +descriptor. This should not usually be specified for stderr (or +stdout if --signals stdout is used) since diagnostics from +the service side may arrive after the client has exited and be +confused with expected output.

+ +The default is wait for writing file descriptors and close +for reading ones. +

-wfd=action

--fdwaitfd=action

Sets the action on termination of the service for the specified file +descriptor; action must be wait, nowait or close +as described above. The file descriptor must be specified as open +when this option is encountered; this option is overridden by any +later --file or --fdwait option - even by a +--file which does not specify an action on termination (in this +case the default will be used, as described above). +

-Dname=value

--defvar name=value

Set a user-defined variable name to value. These +user-defined variables are made available in the configuration +language as the parameters u-name and are passed to the +service in environment variables USERV_U_name. name +may contain only alphanumerics and underscores, and must start with a +letter. If several definitions are given for the same name then +only the last is effective. +

-t seconds

--timeout seconds

Time out the service if it takes longer than seconds seconds (a +positive integer, in decimal). Timeout will produce a diagnostic on +stderr and an exit status of 255. If seconds is zero then no +timeout will be implemented (this is the default). +

-S method

--signals method

Affects the handling of the exit status when the service terminates +due to a signal. (The client will always finish by calling +_exit, so that only numbers from 0 to 255 can be returned and +not the full range of numbers and signal indications which can be +returned by the wait family of system calls.)

+ +The method may be one of the following: +

status: The client's exit status will be status. This will not be +distinguishable from the service really having exited with code +status. This method is the default, with a status of 254. +
number
number-nocore: The client's exit status will be the number of the signal which caused +the termination of the service. If number is used rather than +number-nocore then 128 will be added if the service dumped core. +number is very like the exit code mangling done by the Bourne +shell. +
highbit: The client's exit status will be the number of the signal with +128 added. If the service exits normally with an exit code of greater +than 127 then 127 will be returned. +
stdout: The service's numeric wait status as two decimal numbers (high byte +first) and a textual description of its meaning will be printed to the +client's standard output. It will be preceded by a newline and +followed by an extra newline, and the numbers are separated from each +other and from the textual description by single spaces. The exit +status of the client will be zero, unless a system error occurs in +which case no exit status and description will be printed to stdout, +and an error message will be printed to stderr as usual.

+ +

+Problems such as client usage errors, the service not being found or +permission being denied or failure of a system call are system errors. +An error message describing the problem will be printed on the +client's stderr, and the client's exit status will be 255. If the +client dies due to a signal this should be treated as a serious system +error. +

-H

--hidecwd

Prevents the calling process's current directory name from being +passed to the service; the null string will be passed instead. +

-P

--sigpipe

If the service program is terminated due to a SIGPIPE the exit +status of the client will be zero, even if it would have been +something else according to the exit status method specified. This +option has no effect on the code and description printed if the exit +status method stdout is in use. +

-h

--help

--copyright

-h or --help prints the client's usage message; +--copyright prints the copyright and lack of warranty notice. +

+ +

+2.2 Security-overriding options +

+ +There are also some options which are available for debugging and to +allow the system administrator to override a user's policy. These +options are available only if the client is called by root or if the +calling user is the same as the service user. + +

--override configuration-data
--override-file filename: Do not read the usual configuration files. Instead, the client sends +configuration-data (followed by a newline) or the contents of +filename (which is opened in the context of the client) to the +daemon and the daemon uses that data instead. The +configuration-data must all be in one argument. It will have a +single newline appended so that a single directive can easily be +given, but if more than one directive is required it will have to +contain one or more real newlines. +
--spoof-user user: Pretend to the service that it is being called by user (which +may be a username or a uid). This will also affect the group and +supplementary groups supplied to the service; they will be the +standard group and supplementary groups for user. The +--spoof-user option will not affect which user is chosen if +the service user is specified as just -; in this case the service +user will be the real calling user. +

+ + +

+User service daemon and client specification +- userv is Copyright 1996-1999 Ian Jackson. +
+Contents; abstract; next; back. +
+

0.61.1
+Ian Jackson ian@davenant.greenend.org.uk

+ diff --git a/spec.html/ch-config.html b/spec.html/ch-config.html new file mode 100644 index 0000000..0612106 --- /dev/null +++ b/spec.html/ch-config.html @@ -0,0 +1,437 @@ + +User service daemon and client specification - Service-side configuration + + +

+User service daemon and client specification - chapter 4
+Service-side configuration +

+ +Which services may be run by whom and under what conditions is +controlled by configuration files.

+ +The daemon will read these files in order. Certain directives in the +files modify the daemon's execution settings for invoking the service, +for example allowing certain file descriptors to be specified by the +client or specifying which program to execute to provide the service.

+ +The last instance of each such setting will take effect. The +directives which specify which program to execute will not stop the +configuration file from being read; they will be remembered and will +only take effect if they are not overridden by a later directive.

+ +The daemon will first read /etc/userv/system.default. Then, by +default (this behaviour may be modified), it will read a per-user file +~/.userv/rc, if it exists and the service user's shell is in +/etc/shells. Finally it will read +/etc/userv/system.override.

+ +When it has read all of these files it will act according to the +currently values of of the execution settings. +

+4.1 Configuration file syntax +

+ +The configuration file is a series of directives, usually one per +line. The portion of a line following a hash character # is +taken as a comment and ignored. Each directive consists of a series +of tokens separated by linear whitespace (spaces and tabs); tokens may +be words consisting of non-space characters, or, where a string is +required, a string in double quotes. Double-quoted strings may +contain the following backslash escapes: + +

\n: newline
\t: tab
\r: carriage return
\OOO: character whose octal code is OOO
\xXX: character whose hex code is XX
\punctuation: literal punctuation character (eg \\, \")
\newline (ie, backslash at end of line): string continues on next line

+ +Relative pathnames in directives are relative to the service program's +current directory (usually the service user's home directory). +Pathnames starting with the two characters ~/ are taken to be +relative to the service user's home directory. +

+4.2 Configuration file directives +

+4.2.1 Immediate directives +

+ +The following directives take effect immediately: + +

cd pathname

Change directory in the service program. cd is cumulative. It +is an error if the directory cannot be changed to.

+ +cd should not be used between execute-from-directory and +the invocation of the service program, as the test for the +availability of the service program would be done with the old current +directory and the actual execution with the new (probably causing an +error). +

eof

Stop reading the configuration file in question, as if end of file had +been reached. Any control constructs (if, catch-quit or +errors-push) which were started in that file will be considered +finished. Parsing will continue in the file which caused the file +containing the eof to be read. +

quit

Stop reading configuration files and act immediately on the current +settings. The behaviour of quit is subject to the +catch-quit control construct. +

include filename

include-ifexist filename

Read the configuration file filename, and then return to this +file and continue parsing it with the next directive. It is an error +if the file cannot be opened and read, unless include-ifexist +is used and the file does not exist, in which case the directive is +silently ignored. +

include-lookup parameter directory

include-lookup-all parameter directory

Read the configuration file in directory whose name is the value +of parameter (see the description of if, Control structure directives, subsection 4.2.3). If parameter has several values they will +be tried in order; with include-lookup this search will stop +when one is found, but with include-lookup-all the search will +continue and any files appropriate to other values will be read too.

+ +If none of the parameter's values had a corresponding file then the +file :default will be read, if it exists. If parameter's +list of values was empty then the file :none will be tried first +and read if it exists, otherwise :default will be tried.

+ +It is not an error for any of the files (including :default) not +to exist, but it is an error if a file exists and cannot be read or if +the directory cannot be accessed. +

+A translation will be applied to values before they are used to +construct a filename, so that the lookup cannot access dotfiles or +files in other directories: values starting with full stops will have +a colon prepended (making :.), colons will be doubled, and each +slash will be replaced with a colon followed by a hyphen :-. A +parameter value which is the empty string will be replaced with +:empty (note that this is different from a parameter not having +any values). +

include-directory directory

Read configuration from all files in directory directory which +are plain files whose names consist only of alphanumerics and hyphens +and start with an alphanumeric. They will be read in lexical order. +It is an error for the directory not to exist or for it or any of the +files found not to be read successfully, or for anything with an +appropriate name not to be a plain file or a symbolic link to a plain +file. +

error text ...

Causes an error whose message includes the descriptive string +text. text may consist of several tokens with intervening +whitespace. The whitespace will be included in the message as found +in the configuration file: all the characters until the end of the +line will be included verbatim, unless they are part of a +double-quoted string, in which case the usual meaning of the string +(i.e., after backslash escape processing) will be used. Comments and +linear whitespace at the end of the line (or just before the comment) +will still be ignored. +

message text ...

Causes a message including the descriptive string text to be +delivered as if it were an error message, but does not actually cause +an error.

+ +

+4.2.2 Directives with delayed effect +

+ +The following directives have no immediate effect, but are remembered +and have an effect on later processing of the configuration files. + +

user-rcfile filename: Specifies that the file filename should be read instead of the +user's ~/.userv/rc. This does not happen immediately; +instead, the setting is remembered and used after the +system.default configuration file has been read. This +directive has no effect in a user's configuration file or in the +system.override file, as the user's configuration file has +already been found and read by then and will not be re-read. +
errors-to-stderr: Causes error messages to be delivered to the client's stderr. +
errors-to-file filename: Error messages will be written to filename, which will be opened +in the context of and with the privileges of the service user. +
errors-to-syslog [facility [level]]: Error messages will be delivered using syslog. The default +facility is user; the default level is error.

+ +

+4.2.3 Control structure directives +

+ +The following directives are used to create control structures. If +the end of the file is encountered before the end of any control +structure which was started inside it then that control structure is +considered finished. This is not an error. + +

if condition

elif condition

else

fi

Lines following if are interpreted only if the condition is +true. Many conditions are properties of parameter values. Most +parameters have a single string as a value; however, some may yield +zero or several strings, in which case the condition is true if it is +true of any of the strings individually. Parameters are described +below.

+ +The conditions are: + +

glob parameter glob-pattern ...

The value of the parameter whose name is given matches one of the glob +patterns (anchored at both ends; backslashes can be used to escape +metacharacters). +

range parameter min max

The value of the parameter is a nonnegative integer and lies within +the range specified. min or max may be $ to indicate +no lower or upper limit, respectively. +

grep parameter filename

The filename refers to a file one of whose lines is the value of +the parameter (leading or trailing whitespace on each line and empty +lines in the file are ignored). It is an error for the file not to be +opened and read. +

! condition

The condition is not true. +

Conjunctions: & and |

( condition
+& condition
+& condition
+...
+)

+is true if all the listed conditions are true; where | is used it +is true if any of them is true. Newlines must be used to separate one +condition from the next, as shown, and the parentheses are mandatory. +These conjunctions do not do lazy evaluation.

+ +The parameters are: + +

service: The service name specified when the client was called. +
calling-user: Two strings: the login name of the calling user (determined as for +USERV_USER, above) and the calling uid (represented in +decimal). +
calling-group: Several strings: the primary and supplementary group names and gids +(in decimal) of the calling process. All the group names come first, +and then the gids. If the first supplementary group is the same as +the primary group then it is elided. +
calling-user-shell: The calling user's shell, as listed in the password entry for the +calling login name (as determined for USERV_USER, above). +
service-user: Two strings: the name of the service user (as specified to the client) +and their uid (represented in decimal). +
service-group: Several strings: the primary and supplementary group names and gids +(in decimal) of the service user. +
service-user-shell: The service user's shell, as listed in their password entry. +
u-name: The value of the user-defined variable name passed by the caller +using the --defvar command-line option to the client. If the +variable was not defined then this parameter is an empty list of +strings; in this case any condition which tests it will be false, and +include-lookup on it will read the :none file, or +:default if :none is not found. +

+ +

errors-push filename

srorre

Stacks the error handling behaviour currently in effect. Any changes +to error handling will take effect only between errors-push and +srorre. +

catch-quit

hctac

Any use of quit inside catch-quit will merely cause the +parsing to continue at hctac instead. Any control constructs +started since the catch-quit will be considered finished if a +quit is found.

+ +If an error occurs inside catch-quit the execution settings +will be reset (as if by the reset directive) and parsing will +likewise continue at hctac.

+ +If a lexical or syntax error is detected in the same configuration +file as the catch-quit, while looking for the hctac +after an error or quit, that new error will not be caught. +

+ +

+4.2.4 Directives for changing execution settings +

+ +The following directives modify the execution settings; the server +will remember the fact that the directive was encountered and act on +it only after all the configuration has been parsed. The last +directive which modifies any particuar setting will take effect. + +

reject

Reject the request. execute, execute-from-directory and +execute-from-path will change this setting. +

execute program [argument ...]

Execute the program program, with the arguments as specified, +followed by any arguments given to the client if +no-suppress-args is in effect. It is an error for the +execution to fail when it is attempted (after all the configuration +has been parsed). If program does not contain a slash it will +be searched for on the service user's path. +

execute-from-directory pathname [argument ...]

Take all the characters after the last slash of the service name +specified when the client was called, and execute that program in the +directory named by pathname as if it had been specified for +execute. The part of the service name used may contain only +alphanumerics and hyphens and must start with an alphanumeric (and it +must be non-empty), otherwise it is an error.

+ +This directive is ignored if the relevant program does not exist in +the directory specified; in this case the program to execute is left +at its previous setting (or unset, if it was not set before).

+ +It is an error for the test for the existence of the program to fail +other than with a `no such file or directory' indication. It is also +an error for the execution to fail if and when it is attempted (after +all the configuration has been parsed). +

execute-from-path

service is interpreted as a program on the default PATH +(or as a pathname of an executable, if it contains a /). This +directive is very dangerous, and is only provided to make the +--override options effective. It should not normally be used. +It is an error for the execution to fail when it is attempted (after +all the configuration has been parsed). +

execute-builtin service-name service-arguments

Executes the builtin service service-name. These builtin +services display information about the server and/or the request, and +ignore any arguments passed from the service side except possibly to +print them as part of their output. They write their results to their +standard output (i.e., wherever file descriptor 1 is directed). The +builtin services are: + +

execute: Displays the execution settings, defined variables, +arguments, etc. with which the builtin service was invoked. +
environment: Displays the environment variable settings with which the builtin +service was invoked. +
parameter parameter: Displays the values of the service configuration language parameter +specified. +
version: Displays the version string and compilation details of the uservd +server program. +
reset: Displays the default reset configuration (evaluated when reset +is found in a configuration file, or when an error is caught by +catch-quit). +
toplevel: Displays the top-level default configuration (the configuration data, +evaluated by the server, which calls all the other configuration +files). +
override: Displays the top-level override configuration (the configuration data, +evaluated by the server, which causes all the other configuration data +to be parsed). +
help: Displays a list of the understood builtin service names and arguments.

+ + +In the future other builtin services may be defined which do more than +just print information. +

set-environment

no-set-environment

Runs /etc/environment to set the service user's environment. +This adds the overhead of invoking a shell, but doesn't cause any +shell (de)mangling of the service's arguments. This is achieved by +invoking +

.../program arg arg arg ...

+as +

/bin/sh -c '. /etc/environment; exec "$@"' - .../program arg arg arg ...

+no-set-environment cancels the effect of +set-environment. +

no-suppress-args

suppress-args

Include any arguments given to the client as arguments to the program +invoked as a result of an execute, +execute-from-directory or execute-from-path directive. +suppress-args undoes the effect of no-suppress-args. +

require-fd fd-range read|write

Insist that the filedescriptor(s) be opened for reading resp. writing. +It is an error if any descriptor marked as required when the service +is about to be invoked (after the configuration has been parsed) was +not specified when the client was invoked. Each file descriptor has a +separate setting, and the last one of require-fd, +allow-fd, ignore-fd, null-fd or reject-fd +which affected a particular file descriptor will take effect.

+ +fd-range may be a single number, two numbers separated by a +hyphen, or one number followed by a hyphen (indicating all descriptors +from that number onwards). It may also be one of the words +stdin, stdout or stderr. Open-ended file descriptor +rangers are allowed only with reject-fd and ignore-fd, +as otherwise the service program would find itself with a very large +number of file descriptors open.

+ +When the configuration has been parsed, and before the service is +about to be executed, stderr (fd 2) must be required or allowed +(require-fd or allow-fd) for writing; this is so that +the error message printed by the server's child process if it cannot +exec the service program is not lost. +

allow-fd fd-range [read|write]

Allow the descriptor(s) to be opened for reading resp. writing, or +either if neither read nor write is specified. If a +particular descriptor not specified by the client then it will be open +onto /dev/null (for reading, writing, or both, depending on +whether read, write or neither was specified). +

null-fd fd-range [read|write]

Specify that the descriptor(s) be opened onto /dev/null for +reading resp. writing, or both if neither read nor write +is specified. Any specification of these file descriptors by the +client will be silently ignored; the client will see its ends of the +descriptors being closed immediately. +

reject-fd fd-range

Do not allow the descriptor(s) to be specified by the client. It is +an error if any descriptor(s) marked for rejection are specified when +the service is about to be invoked (after the configuration has been +parsed). +

ignore-fd fd-range

Silently ignore any specification by the client of those +descriptor(s). The pipes corresponding to these descriptors will be +closed just before the service is invoked. +

disconnect-hup

no-disconnect-hup

Causes the service's process group to get a SIGHUP if the +client disconnects before the main service process terminates. +no-disconnect-hup cancels disconnect-hup.

+ +If one of the reading descriptors specified when the client is called +gets a read error, or if the service is disconnected for some other +reason, then the SIGHUP will be delivered before the +writing end(s) of the service's reading pipe(s) are closed, so that +the client can distinguish disconnection from reading EOF on a pipe. +

reset

Resets the execution settings to the default. This is equivalent to: +

cd ~/
+reject
+no-set-environment
+suppress-args
+allow-fd 0 read
+allow-fd 1-2 write
+reject-fd 3-
+disconnect-hup

+ + +If no execute, execute-from-path, +execute-from-directory or builtin is interpreted before +all the files are read then the request is rejected. + +

+4.3 Errors in the configuration file +

+ +If a syntax error or other problem occurs when processing a +configuration file then a diagnostic will be issued, to wherever the +error messages are currently being sent (see the errors- family +of directives, above).

+ +The error will cause processing of the configuration files to cease at +that point, unless the error was inside a catch-quit construct. +In this case the settings controlling the program's execution will be +reset to the defaults as if a reset directive had been issued, +and parsing continues after hctac. + +

+4.4 Defaults +

+ +The default configuration processing is as if the daemon were parsing +an overall configuration file whose contents were as follows: + +

reset
+user-rcfile ~/.userv/rc
+errors-to-stderr
+include /etc/userv/system.default
+if grep service-user-shell /etc/shells
+   errors-push
+     catch-quit
+       include-ifexist file specified by most recent user-rcfile directive
+     hctac
+   srorre
+fi
+include /etc/userv/system.override
+quit

+ +If one of the --override options to the client is used then it +will instead be as if the daemon were parsing an overall configuration +as follows: + +

reset
+errors-to-stderr
+include file containing configuration data sent by client
+quit

+ +

+User service daemon and client specification +- userv is Copyright 1996-1999 Ian Jackson. +
+Contents; abstract; next; back. +
+

0.61.1
+Ian Jackson ian@davenant.greenend.org.uk

+ diff --git a/spec.html/ch-envir.html b/spec.html/ch-envir.html new file mode 100644 index 0000000..4c5e595 --- /dev/null +++ b/spec.html/ch-envir.html @@ -0,0 +1,125 @@ + +User service daemon and client specification - Execution environment of the service program + + +

+User service daemon and client specification - chapter 3
+Execution environment of the service program +

+ +The daemon which is handling the service user side of things will read +configuration files to decide what to do. If it decides to allow the +service to be provided it will fork a subprocess to execute the +service.

+ +The service will have no controlling terminal, but it will be a +process group leader.

+ +If the client is killed or times out or a file or descriptor being +read or written by the client process gets an error then the service +will be disconnected from the client. The client will return an exit +status of 255 and some the service's pipes may be closed at the other +end. The service will become a child of init. The service may +well not notice the disconnection, though writing to a pipe after this +may produce a SIGPIPE and the facility exists to have a +SIGHUP sent to the service on disconnection. +

+3.1 File descriptors +

+ +The service program's standard filedescriptors, and possibly other +file descriptors, will be connected to pipes or to +/dev/null. The userv client/daemon pair will arrange +that data is copied between the files or file descriptors specified to +to the client by the caller and these these pipes.

+ +Pipes which may be written to will be closed if a write error occurs +on the corresponding client-side file or descriptor, which may result +in a SIGPIPE in the service program; pipes open for reading +will get EOF if the client-side file descriptor gets EOF +or an error.

+ +If the service closes one of its reading file descriptors the writing +end of the corresponding pipe will generate a SIGPIPE when +attempts are made by the client/daemon pair to write to it. This will +not be considered an error; rather, the relevant pipe will be +discarded and the corresponding file or file descriptor held by the +client will be closed.

+ +Likewise, if one of the file descriptors held by the client for +writing by the service is a pipe whose other end is closed by the +caller then the client/daemon pair will see an error when trying to +copy data provided by the service. This too will not be considered an +error; rather, the pipe correspondong to that descriptor will be +closed and any further writes will cause the service to get a +SIGPIPE.

+ +Note that not all write errors or broken pipes on file descriptors may +be visible to the service, since buffered data may be discarded by the +operating system and there will be a finite interval between the error +happening and the service being disconnected from the client or the +next write causing a SIGPIPE.

+ +Read errors on file descriptors (and disconnection) will only be +visible to the service and distinguishable from normal end of file if +disconnect-hup is in effect.

+ +Read and write errors (other than broken pipes, as described above) +will always be visible to the caller; they are system errors, and will +therefore cause the client to print an error message to stderr and +return with an exit status of 255.

+ +If the main service program process exits while it still has running +children any file descriptors held by those children can remain open, +depending on the use of wait, nowait or close for the +relevant file descriptor in the client's arguments. By default +writing filedescriptors remain open and the client will wait for them +to be closed at the service end, and reading file descriptors are +closed immediately. These leftover child processes will not get a any +SIGHUP even if a read or write error occurs or the client +disconnects before then. +

+3.2 Environment +

+ +The service will have some information in environment variables: +

USERV_USER: The login name of the calling user. If the LOGNAME variable is +set (or, if that is unset, if the USER variable is set) in the +environment passed to the client by the caller then the password entry +for that login name will be looked up; if that password entry's uid is +the same as that of the calling process then that login name will be +used, otherwise (or if neither LOGNAME nor USER is set) +the calling process's uid will be looked up to determine their login +name (and if this lookup fails then the service will not be invoked). +
USERV_UID: The uid of the calling process. +
USERV_GID: The gid and supplementary group list of the calling process: first the +group in gid and then those in the supplementary group list, in +decimal, separated by spaces. +
USERV_GROUP: The group names of the calling process, listed in the same way as the +ids are in USERV_GID. If no name can be found for any of the +calling process's group(s) then the service will not be invoked. +
USERV_CWD: The client's current working directory name (this directory may not be +accessible to the service). If it could not be determined or the +--hidecwd flag was used then this variable will be set to an +empty string (this is not considered an error). +
USERV_SERVICE: The service name requested by the caller. +
USERV_U_name: The value supplied to the client by the caller using -Dname. +

+ + +HOME, PATH, SHELL, LOGNAME and USER +will be set appropriately (according to the details of the service +user). + +

+User service daemon and client specification +- userv is Copyright 1996-1999 Ian Jackson. +
+Contents; abstract; next; back. +
+

0.61.1
+Ian Jackson ian@davenant.greenend.org.uk

+ diff --git a/spec.html/ch-intro.html b/spec.html/ch-intro.html new file mode 100644 index 0000000..c752a66 --- /dev/null +++ b/spec.html/ch-intro.html @@ -0,0 +1,32 @@ + +User service daemon and client specification - Introduction + + +

+User service daemon and client specification - chapter 1
+Introduction +

+There is a daemon which invokes user service programs (henceforth +`services') in response to requests by callers of a companion client +program (henceforth the `client') and according to rules set forth in +system-wide and user-specific configuration files. The companion +client program is setuid root, and negotiates with the daemon through +an AF_UNIX socket and associated objects in a system-wide +private directory set aside for the purpose. The user who wishes the +service to be performed and calls the client is called the `calling +user'; the process which calls the client is called the `calling +process'. +

+The daemon and the client are responsible for ensuring that +information is safely carried across the security boundary between the +two users, and that the processes on either side cannot interact with +each other in any unexpected ways. +

+User service daemon and client specification +- userv is Copyright 1996-1999 Ian Jackson. +
+Contents; abstract; next. +
+

0.61.1
+Ian Jackson ian@davenant.greenend.org.uk

+ diff --git a/spec.html/ch-ipass.html b/spec.html/ch-ipass.html new file mode 100644 index 0000000..118b3d5 --- /dev/null +++ b/spec.html/ch-ipass.html @@ -0,0 +1,101 @@ + +User service daemon and client specification - Information passed through the client/daemon combination + + +

+User service daemon and client specification - chapter 5
+Information passed through the client/daemon combination +

+ +The information described below is the only information which passes +between the caller and the service. + +

The service name supplied by the caller is available in the +configuration language for deciding whether and which service program +to invoke, in the service parameter, and is used by the +execute-from-directory and execute-from-path +configuration directives. It is usually used to select which service +program to invoke. It is also passed to the service program in the +USERV_SERVICE environment variable. +
File descriptors specified by the client and allowed according to the +configuration language will be connected. Each file descriptor is +opened for reading or writing. Communication is via pipes, one end of +each pipe being open on the appropriate file descriptor in the service +program (when it is invoked) and the other end being held by the +client process, which will read and write files it opens on behalf of +its caller or file descriptors it is passed by its caller.
+ +Data may be passed into the service through reading pipes and out of +it through writing pipes. These pipes can remain open only until the +service and client have terminated, or can be made to stay open after +the client has terminated and (if the service program forks) the main +service process has exited; the behaviour is controlled by options +passed to the client by its caller.
+ +The caller can arrange that a writing pipe be connected to a pipe or +similar object and cause attempts to write to that descriptor by the +service to generate a SIGPIPE (or EPIPE if +SIGPIPE is caught or ignored) in the service.
+ +Likewise, the service can close filedescriptors specified for reading, +which will cause the corresponding filedescriptors passed by the +caller to be closed, so that if these are pipes processes which write +to them will receive SIGPIPE or EPIPE. +
If no-suppress-args is set then arguments passed to the client +by its caller will be passed on, verbatim, to the service. +
Fatal signals and system call failures experienced by the client will +result in the disconnection of the service from the client and +possibly some of the communication file descriptors described above; +if disconnect-hup is set then the service will also be sent a +SIGHUP. +
The value of the LOGNAME (or USER) environment variable +as passed to the client will be used as the login name of the calling +user if the uid of the calling process matches the uid corresponding +to that login name. Otherwise the calling uid's password entry will +be used to determine the calling user's login name.
+ +This login name and the calling uid are available in the configuration +language in the calling-user parameter and are passed to the +service program in environment variables USERV_USER and +USERV_UID.
+ +The shell corresponding to that login name (according to the password +entry) is available as in the configuration language's +calling-user-shell parameter.
+ +If no relevant password entry can be found then no service will be +invoked. +
The numeric values and textual names for calling gid and supplementary +group list are available in the configuration language in the +calling-group parameter and are passed to the service in +environment variables.
+ +If no name can be found for a numeric group to which the calling +process belongs then no service will be invoked. +
The name of the current working directory in which the client was +invoked is passed, if available and not hidden using --hidecwd, +to the service program in the USERV_CWD variable. This grants no +special access to that directory unless it is a subdirectory of a +directory which is executable (searchable) but not readable by the +service user. +
Settings specified by the caller using the --defvar +name=value option to the client are available in the +configuration language as the corresponding u-name +parameters and are passed to the service program in environment +variables USERV_U_name. +
If the calling user is root or the same as the service user then +options may be given to the client which bypass the usual security +features; in this case other information may pass between the caller +and the service. +

+ +

+User service daemon and client specification +- userv is Copyright 1996-1999 Ian Jackson. +
+Contents; abstract; next; back. +
+

0.61.1
+Ian Jackson ian@davenant.greenend.org.uk

+ diff --git a/spec.html/ch-notes.html b/spec.html/ch-notes.html new file mode 100644 index 0000000..26aa208 --- /dev/null +++ b/spec.html/ch-notes.html @@ -0,0 +1,150 @@ + +User service daemon and client specification - Applications and notes on use + + +

+User service daemon and client specification - chapter 6
+Applications and notes on use +

+6.1 Standard services and directory management +

+ +In later versions of this specification standard service names and +interfaces for common services such as mail delivery and WWW CGI +scripts will be specified.

+ +userv-using applications and system services which hide +userv behind wrapper scripts may need to store information in +the user's filespace to preserve the correct placement of the security +perimiters. Such applications should usually do so in a directory +(created by them) ~/.userv/.servdata/service, where +service is the service name or application in question.

+ +The use of a dot-directory inside ~/.userv will hopefully avoid +the user becoming confused by finding parts of a semi-privileged +application's internal state in their filespace, and or discourage +them from fiddling with and thus corrupting it. (Note that such +applications should of course not rely for their global integrity on +the integrity of the data on the user's side of the security +boundary.) +

+6.2 Reducing the number of absolutely privileged subsystems +

+ +Currently most Unix systems have many components which need to run as +root, even though most of their activity does not strictly require +it. This gives rise to a large and complex body of code which must be +trusted with the security of the system.

+ +Using userv many of these subsystems no longer need any unusual +privilege.

+ +cron and at, lpr and the system's mail transfer +agent (sendmail, smail, exim or the like) all +fall into this category. +

+6.3 Do not give away excessive privilege to `userv`-using facilities +

+ +There is a danger that people reimplementing the facilities I mention +above using userv will discard much of the security benefit by +using a naive implementation technique. This will become clearer with +an example:

+ +Consider the lpr program. In current systems this needs to +have an absolutely privileged component in order to support delayed +printing without copying: when the user queues a file to be printed +the filename is stored in the print queue, rather than a copy of it, +and the printer daemon accesses the file directly when it is ready to +print the job. In order that the user can print files which are not +world-readable the daemon is given root privilege so that it can open +the file in the context of the user, rather than its own.

+ +A simple-minded approach to converting this scheme to use userv +might involve giving the printer daemon (the lp user) the +ability to read the file by allowing them to run cat (or a +special-purpose file-reading program) as any user. The lpr +program would use a userv service to store the filename in the +printer daemon's queues, and the daemon would read the file later when +it felt like it.

+ +However, this would allow the printer daemon to read any file on the +system, whether or not someone had asked for it to be printed. Since +many files will contain passwords and other security-critical +information this is nearly as bad as giving the daemon root access in +the first place. Any security holes in the print server which allow a +user to execute commands as the lp user will give the user the +ability to read any file on the system.

+ +Instead, it is necessary to keep a record of which files the daemon +has been asked to print outside the control of the print daemon. +This record could be kept by a new root-privileged component, but this +is not necessary: the record of which files a user has asked to be +printed can be kept under the control of the user in question. The +submission program lpr will make a record in an area under the +user's control before communicating with the print server, and the +print server would be given the ability to run a special file-reading +program which would only allow files to be read which were listed in +the user's file of things they'd asked to print.

+ +Now security holes in most of the printing system do not critically +affect the security of the entire system: they only allow the attacker +to read and interfere with print jobs. Bugs in the programs run by the +print server to read users' files (and to remove entries from the list +of files when it has done with them) will still be serious, but this +program can be quite simple.

+ +Similar considerations apply to many userv-based versions of +facilities which currently run as root.

+ +It is debatable whether the user-controlled state should be kept in +the user's filespace (in dotfiles, say) or kept in a separate area set +aside for the purpose; however, using the user's home directory (and +probably creating a separate subdirectory of it as a dotfile to +contain many subsystems' state) has fewer implications for the rest of +the system and makes it entirely clear where the security boundaries +lie. +

+6.4 `userv` is not a replacement for `really` and `sudo` +

+ +userv is not intended as a general-purpose system +administration tool with which system administrators can execute +privileged programs when they need to. It is unsuitable for this +purpose precisely because it enforces a strong separation between the +calling and the called program, which is undesirable in this context.

+ +Its facilities for restricting activities to running certain programs +may at first glance seem to provide similar functionality to +sudo[2]. However, the +separation mentioned above is a problem here too, particular for +interaction - it can be hard for a userv service program to +interact with its real caller or the user in question. +

+6.5 Don't give access to general-purpose utilities +

+ +Do not specify general purpose programs like mv or cat +in execute- directives without careful thought about their +arguments, and certainly not if no-suppress-args is specified. +If you do so it will give the caller much more privilige than you +probably intend.

+ +It is a shame that I have to say this here, but inexperienced +administrators have made similar mistakes with programs like +sudo. +

+User service daemon and client specification +- userv is Copyright 1996-1999 Ian Jackson. +
+Contents; abstract; back. +
+

0.61.1
+Ian Jackson ian@davenant.greenend.org.uk

+ diff --git a/spec.html/footnotes.html b/spec.html/footnotes.html new file mode 100644 index 0000000..b9d7a34 --- /dev/null +++ b/spec.html/footnotes.html @@ -0,0 +1,21 @@ + +User service daemon and client specification - footnotes + + +

User service daemon and client specification - footnotes

1

+userv is +short for `user services', and is pronounced `you-serve'.

2

+sudo is a program which allows users to +execute certain programs as root, according to configuration files +specified by the system administrator.

+User service daemon and client specification +- userv is Copyright 1996-1999 Ian Jackson. +
+Contents; abstract. +
+

0.61.1
+Ian Jackson ian@davenant.greenend.org.uk

+ diff --git a/spec.html/index.html b/spec.html/index.html new file mode 100644 index 0000000..76b76cf --- /dev/null +++ b/spec.html/index.html @@ -0,0 +1,73 @@ + +User service daemon and client specification + + +

User service daemon and client specification

+ +

+0.1 Abstract +

+ +This is a specification for a Unix system facility to allow one +program to invoke another when only limited trust exists +between them. + +

+0.2 Table of contents +

1 Introduction +
2 Client program usage + +
- 2.1 Options +
- 2.2 Security-overriding options +
+
3 Execution environment of the service program +
- 3.1 File descriptors +
- 3.2 Environment +
+
4 Service-side configuration +
- 4.1 Configuration file syntax +
- 4.2 Configuration file directives +
- 4.3 Errors in the configuration file +
- 4.4 Defaults +
+
5 Information passed through the client/daemon combination +
6 Applications and notes on use +
- 6.1 Standard services and directory management +
- 6.2 Reducing the number of absolutely privileged subsystems +
- 6.3 Do not give away excessive privilege to userv-using facilities +
- 6.4 userv is not a replacement for really and sudo +
- 6.5 Don't give access to general-purpose utilities +
+

0.3 Copyright

+ +userv is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version.

+ +This program is distributed in the hope that it will be useful, but +without any warranty; without even the implied warranty of +merchantability or fitness for a particular purpose. See +the GNU General Public License for more details.

+ +You should have received a copy of the GNU General Public License +along with userv; if not, write to the Free Software +Foundation, 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. +

+User service daemon and client specification +- userv is Copyright 1996-1999 Ian Jackson. +
+Contents; abstract. +
+

0.61.1
+Ian Jackson ian@davenant.greenend.org.uk

+ diff --git a/spec.ps b/spec.ps new file mode 100644 index 0000000..a560db8 --- /dev/null +++ b/spec.ps @@ -0,0 +1,5714 @@ +%!PS-Adobe-3.0 +%%Creator: Basser Lout Version 3.10 (November 1996) +%%CreationDate: Sun Apr 18 19:09:46 1999 +%%DocumentData: Binary +%%DocumentNeededResources: (atend) +%%DocumentMedia: Plain 595 842 0 white () +%%DocumentSuppliedResources: (atend) +%%Pages: (atend) +%%BoundingBox: 0 0 595 842 +%%EndComments + +%%BeginProlog +%%BeginResource: procset LoutStartUp +/m { 3 1 roll moveto show } bind def +/s { exch currentpoint exch pop moveto show } bind def +/k { exch neg 0 rmoveto show } bind def +/ul { gsave setlinewidth dup 3 1 roll + moveto lineto stroke grestore } bind def +/in { 1440 mul } def +/cm { 567 mul } def +/pt { 20 mul } def +/em { 120 mul } def +/sp { louts mul } def +/vs { loutv mul } def +/ft { loutf mul } def +/dg { } def + +/LoutGraphic { + /louts exch def + /loutv exch def + /loutf exch def + /ymark exch def + /xmark exch def + /ysize exch def + /xsize exch def +} def + +/LoutGr2 { gsave translate LoutGraphic gsave } def + +/LoutFont +{ findfont exch scalefont setfont +} bind def + +/LoutRecode { + { findfont dup length dict begin + {1 index /FID ne {def} {pop pop} ifelse} forall + /Encoding exch def + currentdict end definefont pop + } + stopped pop +} bind def + +/BeginEPSF { + /LoutEPSFState save def + /dict_count countdictstack def + /op_count count 1 sub def + userdict begin + /showpage { } def + 0 setgray 0 setlinecap + 1 setlinewidth 0 setlinejoin + 10 setmiterlimit [] 0 setdash newpath + /languagelevel where + { pop languagelevel + 1 ne + { false setstrokeadjust false setoverprint + } if + } if +} bind def + +/EndEPSF { + count op_count sub { pop } repeat + countdictstack dict_count sub { end } repeat + LoutEPSFState restore +} bind def +%%EndResource + +%%BeginResource encoding vec2 +/vec2 [ +/.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef +/.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef +/.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef +/.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef +/space /exclam /quotedbl /numbersign /dollar /percent /ampersand /quoteright +/parenleft /parenright /asterisk /plus /comma /hyphen /period /slash +/zero /one /two /three /four /five /six /seven +/eight /nine /colon /semicolon /less /equal /greater /question +/at /A /B /C /D /E /F /G +/H /I /J /K /L /M /N /O +/P /Q /R /S /T /U /V /W +/X /Y /Z /bracketleft /backslash /bracketright /asciicircum /underscore +/quoteleft /a /b /c /d /e /f /g +/h /i /j /k /l /m /n /o +/p /q /r /s /t /u /v /w +/x /y /z /braceleft /bar /braceright /asciitilde /.notdef +/quotesinglbase /quotedblbase /ellipsis /OE /oe /quotedblleft /quotedblright /fi +/fl /endash /emdash /bullet /dagger /daggerdbl /florin /fraction +/dotlessi /grave /acute /circumflex /tilde /macron /breve /dotaccent +/dieresis /.notdef /ring /cedilla /.notdef /hungarumlaut /ogonek /caron +/space /exclamdown /cent /sterling /currency /yen /brokenbar /section +/dieresis /copyright /ordfeminine /guillemotleft /logicalnot /hyphen /registered /macron +/degree /plusminus /twosuperior /threesuperior /acute /mu /paragraph /periodcentered +/cedilla /onesuperior /ordmasculine /guillemotright /onequarter /onehalf /threequarters /questiondown +/Agrave /Aacute /Acircumflex /Atilde /Adieresis /Aring /AE /Ccedilla +/Egrave /Eacute /Ecircumflex /Edieresis /Igrave /Iacute /Icircumflex /Idieresis +/Eth /Ntilde /Ograve /Oacute /Ocircumflex /Otilde /Odieresis /multiply +/Oslash /Ugrave /Uacute /Ucircumflex /Udieresis /Yacute /Thorn /germandbls +/agrave /aacute /acircumflex /atilde /adieresis /aring /ae /ccedilla +/egrave /eacute /ecircumflex /edieresis /igrave /iacute /icircumflex /idieresis +/eth /ntilde /ograve /oacute /ocircumflex /otilde /odieresis /divide +/oslash /ugrave /uacute /ucircumflex /udieresis /yacute /thorn /ydieresis +] def +%%EndResource + +%%BeginResource: procset LoutMarginNotes +% @PrependGraphic file /usr/lib/lout/include/dl.lpg + +% path for @FullWidthRule symbol +/LoutRule +{ 0 0 moveto xsize 0 lineto +} def + +% path for @Box symbol +/LoutBox +{ 0 0 moveto xsize 0 lineto + xsize ysize lineto 0 ysize lineto + closepath +} def + +% path for @CurveBox symbol +/LoutCurveBox +{ xmark 0 moveto + xsize xmark sub xmark xmark 270 360 arc + xsize xmark sub ysize xmark sub xmark 0 90 arc + xmark ysize xmark sub xmark 90 180 arc + xmark xmark xmark 180 270 arc + closepath +} def + +% path for @ShadowBox symbol +/LoutShadowBox +{ xmark 2 mul 0 moveto xsize 0 lineto + xsize ysize xmark 2 mul sub lineto + xsize xmark sub ysize xmark 2 mul sub lineto + xsize xmark sub xmark lineto + xmark 2 mul xmark lineto + closepath +} def + +% set up dictionary containing margin note data: parity LoutMargSet - +/LoutMargSet +{ /LoutMargDict 12 dict def + LoutMargDict begin + /parity exch def + /matr matrix currentmatrix def + /rightx xsize def + /lefty ysize def % highest allowable point for top of next left note + /righty ysize def % highest allowable point for top of next right note + /max { 2 copy gt { pop } { exch pop } ifelse } def + /min { 2 copy lt { pop } { exch pop } ifelse } def + end +} def + +%translate coordinate system for marginal notes: type LoutMargShift - +% where type 0 is left margin, 1 is right margin, 2 is outer, 3 is inner +/LoutMargShift +{ LoutMargDict begin + + % y coordinate of top of note, in margin coords, before vertical adjust + 0 ysize transform matr itransform exch pop + + % decide whether left or right margin based on type and parity + exch [ 0 1 parity 1 parity sub ] exch get 0 eq + { + % left margin: adjust top of note downwards if overlaps previous note + lefty min + + % bottom of note is new lefty position and also translate position + ysize sub dup /lefty exch def + + % want right edge of note at coordinate zero + xsize neg exch + } + { + % right margin: adjust top of note downwards if overlaps previous note + righty min + + % bottom of note is new righty position and also translate position + ysize sub dup /righty exch def + + % want left edge of note at coordinate rightx + rightx exch + } ifelse + + % stack now contains coord of bottom left corner in margin coordinates + matr setmatrix translate + end +} def + +% create LoutPageDict with left, right, foot, top for @Place symbol users +/LoutPageSet +{ + /LoutPageDict 5 dict def + LoutPageDict begin + /matr matrix currentmatrix def + /left 0 def + /right xsize def + /foot 0 def + /top ysize def + end + +} def + +%%EndResource + +%%EndProlog + +%%BeginSetup +%%IncludeResource: font Times-Roman +/Times-Romanfnt82 vec2 /Times-Roman LoutRecode +/fnt82 { /Times-Romanfnt82 LoutFont } def +%%IncludeResource: font Times-Bold +/Times-Boldfnt84 vec2 /Times-Bold LoutRecode +/fnt84 { /Times-Boldfnt84 LoutFont } def +%%IncludeResource: font Courier-Bold +/Courier-Boldfnt31 vec2 /Courier-Bold LoutRecode +/fnt31 { /Courier-Boldfnt31 LoutFont } def +%%IncludeResource: font Times-Italic +/Times-Italicfnt83 vec2 /Times-Italic LoutRecode +/fnt83 { /Times-Italicfnt83 LoutFont } def +%%EndSetup + +%%Page: 1 1 +%%BeginPageSetup +%%PageResources: font Times-Roman +%%+ font Times-Bold +%%+ font Courier-Bold +%%+ font Times-Italic +/pgsave save def +0.0500 dup scale 10 setlinewidth +%%EndPageSetup + +gsave +0 0 translate +240 fnt82 0.0 0.0 0.0 setrgbcolor 11900 16840 0 16840 240 240 60 LoutGraphic +gsave +LoutPageSet +grestore +gsave +0 16840 translate +0.0000 rotate + +grestore + +grestore +gsave +0 16840 translate +0.0000 rotate +gsave +1417 -15423 translate +240 fnt82 0.0 0.0 0.0 setrgbcolor 9066 14006 0 14006 240 240 60 LoutGraphic +gsave +1 LoutMargSet +grestore +240 fnt84 8959 13842(1)m 340 fnt84 1359 12943(User)m 2118(ser)s 3(vice)k +3190(daemon)s 4421(and)s 5047(client)s 5922(speci\207cation)s 200 fnt82 +2792 12427(Ian)m 3093(Jackson)s gsave +3770 12472 translate +0.6953 1.0000 scale +200 fnt31 1031 -43()m +grestore +240 fnt82 +4245 11924(0.61.1)m 9066 609 0 609 240 240 60 0 10664 LoutGr2 +newpath 0 ysize 0.3 ft sub moveto +xsize 0 rlineto +0 0.1 ft rlineto +xsize neg 0 rlineto +closepath fill +grestore +320 fnt84 0 5(0.1.)m 628(Abstract)s +grestore +0 10202(This)m +476(is)s 686(a)s 852(speci\207cation)s 2117(for)s 2455(a)s +2621(Unix)s 3155(system)s 3879(f)s 2(acility)k 4606(to)s +4845(allo)s 6(w)k 5424(one)s 5826(program)s 6696(to)s +6935(in)s 9(v)k 4(ok)k 2(e)k 7628(another)s +8405(when)s 0 9962(only)m 480(limited)s 1214(trust)s 1698(e)s 3(xists)k +2290(between)s 3144(them.)s 9066 610 0 610 240 240 60 0 8998 LoutGr2 +newpath 0 ysize 0.3 ft sub moveto +xsize 0 rlineto +0 0.1 ft rlineto +xsize neg 0 rlineto +closepath fill +grestore +320 fnt84 0 6(0.2.)m 628(Contents)s + +grestore +240 fnt84 0 8586(1.)m 1200(Intr)s 4(oduction)k 8953(3)s +0 8229(2.)m 1200(Client)s 1883(pr)s 4(ogram)k 2839(usage)s +8952(4)s 240 fnt82 0 7990(2.1.)m 1200(Options)s 8952(4)s +0 7753(2.2.)m 1200(Security-o)s 3(v)k 3(erriding)k 3118(options)s +8958(7)s 240 fnt84 0 7408(3.)m 1200(Execution)s 2279(en)s 9(vir)k 4(onment)k +3627(of)s 3899(the)s 4273(ser)s 2(vice)k 5030(pr)s 4(ogram)k +8952(8)s 240 fnt82 0 7169(3.1.)m 1200(File)s 1627(descriptors)s +8959(8)s 0 6932(3.2.)m 1200(En)s 9(vironment)k 8955(9)s +240 fnt84 0 6587(4.)m 1200(Ser)s 2(vice-side)k 2474(con\207guration)s +8831(10)s 240 fnt82 0 6348(4.1.)m 1200(Con\207guration)s 2587(\207le)s +2948(syntax)s 8831(10)s 0 6111(4.2.)m 1200(Con\207guration)s 2587(\207le)s +2948(directi)s 6(v)k 3(es)k 8831(10)s 0 5873(4.3.)m +1200(Errors)s 1847(in)s 2090(the)s 2438(con\207guration)s 3771(\207le)s +8833(16)s 0 5636(4.4.)m 1200(Def)s 2(aults)k 8838(17)s +240 fnt84 0 5291(5.)m 1200(Inf)s 6(ormation)k 2498(passed)s +3231(thr)s 4(ough)k 4106(the)s 4480(client/daemon)s 5969(combination)s +8832(18)s 0 4934(6.)m 1200(A)s 6(pplications)k 2536(and)s +2977(notes)s 3562(on)s 3871(use)s 8831(20)s 240 fnt82 +0 4695(6.1.)m 1200(Standard)s 2108(services)s 2928(and)s 3332(directory)s +4248(management)s 8831(20)s 0 4457(6.2.)m 1200(Reducing)s 2171(the)s +2519(number)s 3310(of)s 3581(absolutely)s 4618(pri)s 6(vile)k 3(ged)k +5636(subsystems)s 8831(20)s 0 4219(6.3.)m 1200(Do)s 1546(not)s +1912(gi)s 6(v)k 3(e)k 2371(a)s 3(w)k 2(ay)k +2925(e)s 3(xcessi)k 6(v)k 3(e)k 3885(pri)s 6(vile)k 3(ge)k +4781(to)s gsave +5020 4273 translate +0.6953 1.0000 scale +240 fnt31 0 -52(userv)m +grestore +5520(-using)s 6171(f)s 2(acilities)k +8831(20)s 0 3981(6.4.)m gsave +1200 4035 translate +0.6953 1.0000 scale +240 fnt31 0 -52(userv)m +grestore +1760(is)s +1970(not)s 2336(a)s 2502(replacement)s 3729(for)s gsave +4067 4035 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(really)m +grestore +4727(and)s gsave +5131 4035 translate +0.6953 1.0000 scale +240 fnt31 0 -52(sudo)m +grestore +8851(21)s +0 3742(6.5.)m 1200(Don')s 4(t)k 1814(gi)s 6(v)k 3(e)k +2273(access)s 2934(to)s 3173(general-purpose)s 4769(utilities)s 8851(21)s +9066 670 0 670 240 240 60 0 2491 LoutGr2 +newpath 0 ysize 0.3 ft sub moveto +xsize 0 rlineto +0 0.1 ft rlineto +xsize neg 0 rlineto +closepath fill +grestore +320 fnt84 0 66(0.3.)m 628(Copyright)s 2109(Notice)s +grestore +gsave +0 2381 translate +0.6953 1.0000 scale +240 fnt31 +0 -460(userv)m +grestore +560 2327(is)m 770(Cop)s 2(yright)k 1799(1996-1999)s +2889(Ian)s 3251(Jackson.)s gsave +0 1768 translate +0.6953 1.0000 scale +240 fnt31 0 -52(userv)m +grestore +544 1714(is)m +737(free)s 1146(softw)s 2(are;)k 2062(you)s 2460(can)s +2832(redistrib)s 4(ute)k 3955(it)s 4130(and/or)s 4784(modify)s +5512(it)s 5688(under)s 6276(the)s 6607(terms)s 7172(of)s +7426(the)s 7757(GNU)s 8315(General)s 0 1474(Public)m 659(License)s +1453(as)s 1698(published)s 2682(by)s 2971(the)s 3314(Free)s +3789(Softw)s 2(are)k 4699(F)s 3(oundation;)k 5894(either)s +6492(v)s 3(ersion)k 7245(2)s 7414(of)s 7680(the)s +8023(License,)s 8867(or)s 0 1234($at)m 311(your)s 810(option$)s +1550(an)s 3(y)k 1947(later)s 2430(v)s 3(ersion.)k +0 826(This)m 476(program)s 1346(is)s 1556(distrib)s 4(uted)k +2632(in)s 2875(the)s 3223(hope)s 3745(that)s 4163(it)s +4355(will)s 4781(be)s 5063(useful,)s 5754(b)s 4(ut)k +240 fnt83 6116 828(without)m 6898(any)s 7300(warr)s 3(anty)k +240 fnt82 8171 826(;)m 8283(without)s 0 52(User)m 511(service)s +1243(daemon)s 2058(and)s 2462(client)s 3052(speci\207cation)s 8491(0.61.1)s + +grestore + +grestore + +pgsave restore +showpage + +%%Page: 2 2 +%%BeginPageSetup +%%PageResources: font Times-Roman +%%+ font Times-Bold +%%+ font Times-Italic +%%+ font Courier-Bold +/pgsave save def +0.0500 dup scale 10 setlinewidth +%%EndPageSetup +gsave +0 0 translate +240 fnt82 0.0 0.0 0.0 setrgbcolor 11900 16840 0 16840 240 240 60 LoutGraphic +gsave +LoutPageSet +grestore +gsave +0 16840 translate +0.0000 rotate + +grestore + +grestore +gsave +0 16840 translate +0.0000 rotate +gsave +1417 -15423 translate +240 fnt82 0.0 0.0 0.0 setrgbcolor 9066 14006 0 14006 240 240 60 LoutGraphic +gsave +0 LoutMargSet +grestore +240 fnt84 0 13842(2)m 240 fnt82 0 13252(e)m 6(v)k 3(en)k +500(the)s 848(implied)s 1636(w)s 2(arranty)k 2537(of)s +240 fnt83 2808 13254(mer)m 8(c)k 3(hantability)k 240 fnt82 +4367 13252(or)m 240 fnt83 4626 13254(\207tness)m 5279(for)s 5623(a)s +5798(particular)s 6833(purpose)s 240 fnt82 7598 13252(.)m 7702(See)s +8103(the)s 8451(GNU)s 0 13012(General)m 811(Public)s 1475(License)s +2274(for)s 2612(more)s 3159(details.)s 0 12604(Y)m 26(ou)k +442(should)s 1139(ha)s 4(v)k 3(e)k 1640(re)s +1821(cei)s 6(v)k 3(ed)k 2494(a)s 2660(cop)s 2(y)k +3178(of)s 3449(the)s 3797(GNU)s 4372(Gen)s 4768(er)s +4953(al)s 5180(Pub)s 5546(lic)s 5837(Li)s 6043(cense)s +6630(along)s 7215(with)s gsave +7697 12658 translate +0.6953 1.0000 scale +240 fnt31 0 -52(userv)m +grestore +8197(;)s +8309(if)s 8526(not,)s 0 12363(write)m 546(to)s 785(the)s +1133(Free)s 1613(Soft)s 2011(w)s 2(are)k 2529(F)s 3(oun)k +3016(da)s 3242(tion,)s 3721(59)s 4012(T)s 16(em)k +4434(ple)s 4782(Place)s 5355(-)s 5483(Suite)s 6030(330,)s +6497(Boston,)s 7283(MA)s 7726(02111-1307,)s 0 12123(USA.)m 0 52(0.61.1)m +4809(User)s 5320(service)s 6052(daemon)s 6867(and)s 7271(client)s +7861(speci\207cation)s +grestore + +grestore + +pgsave restore +showpage + +%%Page: 3 3 +%%BeginPageSetup +%%PageResources: font Times-Roman +%%+ font Times-Bold +%%+ font Courier-Bold +/pgsave save def +0.0500 dup scale 10 setlinewidth +%%EndPageSetup +gsave +0 0 translate +240 fnt82 0.0 0.0 0.0 setrgbcolor 11900 16840 0 16840 240 240 60 LoutGraphic +gsave +LoutPageSet +grestore +gsave +0 16840 translate +0.0000 rotate + +grestore + +grestore +gsave +0 16840 translate +0.0000 rotate +gsave +1417 -15423 translate +240 fnt82 0.0 0.0 0.0 setrgbcolor 9066 14006 0 14006 240 240 60 LoutGraphic +gsave +1 LoutMargSet +grestore +240 fnt84 8953 13842(3)m gsave +0 12792 translate +240 fnt82 9066 622 0 622 240 240 60 LoutGraphic +gsave +newpath 0 ysize 0.3 ft sub moveto +xsize 0 rlineto +0 0.2 ft rlineto +xsize neg 0 rlineto +closepath fill +grestore +340 fnt84 0 4(1.)m 412(Intr)s 6(oduction)k + +grestore +240 fnt82 0 12330(There)m 613(is)s 823(a)s 989(daemon)s +1804(which)s 2446(in)s 9(v)k 4(ok)k 2(es)k +3227(user)s 3685(service)s 4417(programs)s 5371($henceforth)s 6529(`services'$)s +7584(in)s 7827(response)s 8720(to)s 0 12090(requests)m 822(by)s +1104(callers)s 1765(of)s 2024(a)s 2178(companion)s 3287(client)s +3865(program)s 4723($henceforth)s 5869(the)s 6205(`client'$)s 7009(and)s +7401(according)s 8385(to)s 8611(rules)s 0 11850(set)m 325(forth)s +846(in)s 1089(system-wide)s 2353(and)s 2757(user)s 4(-speci\207c)k +4013(con\207guration)s 5346(\207les.)s 5848(The)s 6276(companion)s 7397(client)s +7987(program)s 0 11610(is)m 210(setuid)s 839(root,)s 1331(and)s +1735(ne)s 3(gotiates)k 2752(with)s 3234(the)s 3582(daemon)s +4397(through)s 5199(an)s gsave +5482 11664 translate +0.6953 1.0000 scale +240 fnt31 0 -52(AF_UNIX)m +grestore +6242(sock)s 2(et)k +6911(and)s 7315(associated)s 8355(objects)s 0 11370(in)m 243(a)s +409(system-wide)s 1673(pri)s 6(v)k 6(ate)k 2380(directory)s +3296(set)s 3621(aside)s 4168(for)s 4506(the)s 4854(purpose.)s +5716(The)s 6144(user)s 6602(who)s 7068(wishes)s 7770(the)s +8118(service)s 8850(to)s 0 11130(be)m 282(performed)s 1335(and)s +1739(calls)s 2227(the)s 2575(client)s 3165(is)s 3375(called)s +4003(the)s 4351(`calling)s 5133(user';)s 5722(the)s 6070(process)s +6838(which)s 7480(calls)s 7968(the)s 8316(client)s 8906(is)s +0 10890(called)m 628(the)s 976(`calling)s 1758(process'.)s 0 10482(The)m +428(daemon)s 1243(and)s 1647(the)s 1995(client)s 2585(are)s +2932(responsible)s 4077(for)s 4415(ensuring)s 5292(that)s 5710(information)s +6895(is)s 7105(safely)s 7729(carried)s 8449(across)s 0 10242(the)m +338(security)s 1138(boundary)s 2087(between)s 2931(the)s 3269(tw)s 2(o)k +3669(users,)s 4257(and)s 4650(that)s 5058(the)s 5396(processes)s +6353(on)s 6640(either)s 7233(side)s 7664(cannot)s 8351(interact)s +0 10002(with)m 482(each)s 977(other)s 1528(in)s 1771(an)s 3(y)k +2168(une)s 3(xpected)k 3313(w)s 2(ays.)k 0 52(User)m +511(service)s 1243(daemon)s 2058(and)s 2462(client)s 3052(speci\207cation)s +8491(0.61.1)s +grestore + +grestore + +pgsave restore +showpage + +%%Page: 4 4 +%%BeginPageSetup +%%PageResources: font Times-Roman +%%+ font Times-Bold +%%+ font Courier-Bold +%%+ font Times-Italic +/pgsave save def +0.0500 dup scale 10 setlinewidth +%%EndPageSetup +gsave +0 0 translate +240 fnt82 0.0 0.0 0.0 setrgbcolor 11900 16840 0 16840 240 240 60 LoutGraphic +gsave +LoutPageSet +grestore +gsave +0 16840 translate +0.0000 rotate + +grestore + +grestore +gsave +0 16840 translate +0.0000 rotate +gsave +1417 -15423 translate +240 fnt82 0.0 0.0 0.0 setrgbcolor 9066 14006 0 14006 240 240 60 LoutGraphic +gsave +0 LoutMargSet +grestore +240 fnt84 0 13842(4)m gsave +0 12729 translate +240 fnt82 9066 688 0 688 240 240 60 LoutGraphic +gsave +newpath 0 ysize 0.3 ft sub moveto +xsize 0 rlineto +0 0.2 ft rlineto +xsize neg 0 rlineto +closepath fill +grestore +340 fnt84 0 70(2.)m 412(Client)s +1382(pr)s 6(ogram)k 2737(usage)s +grestore +gsave +480 12321 translate +0.6953 1.0000 scale +240 fnt31 0 -52(userv)m +gsave +864 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(options)m +grestore +2003([\211\211])s gsave +2723 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(service\211user)m + +grestore +gsave +4591 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(service\211name)m +grestore +6594([)s gsave +6738 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(ar)m 8(gument)k + +grestore +8181(\202])s 0 -305(userv)m gsave +864 -253 translate +1.4219 1.0000 scale +240 fnt83 0 -52(options)m +grestore +2003(\211B|\211\211builtin)s +3875([\211\211])s gsave +4595 -253 translate +1.4219 1.0000 scale +240 fnt83 0 -52(b)m 4(uiltin\211service)k +grestore +6742([)s +gsave +6886 -253 translate +1.4219 1.0000 scale +240 fnt83 0 -52(info\211ar)m 8(gument)k +grestore +9029(\202])s +grestore +240 fnt83 +0 11448(service-user)m 240 fnt82 1232 11446(speci\207es)m 2106(which)s 2748(user)s +3206(is)s 3416(to)s 3655(pro)s 3(vide)k 4439(the)s +4787(service.)s 5567(The)s 5995(user)s 6453(may)s 6919(be)s +7201(a)s 7367(login)s 7916(name)s 8490(or)s 8749(a)s +0 11206(numeric)m 836(uid,)s 1249(or)s gsave +1508 11260 translate +0.6953 1.0000 scale +240 fnt31 0 -52(\211)m + +grestore +1668(to)s 1907(indicate)s 2719(that)s 3137(the)s 3485(service)s +4217(user)s 4675(is)s 4885(to)s 5124(be)s 5406(the)s +5754(same)s 6301(as)s 6551(the)s 6899(calling)s 7602(user)s 13(.)k +0 10798(The)m 428(service)s 1160(name)s 1734(is)s 1944(interpreted)s +3036(by)s 3330(the)s 3678(userv)s 153 fnt82 4191 10887(1)m +240 fnt82 4311 10798(daemon)m 5126(on)s 5423(behalf)s 6092(of)s +6363(the)s 6711(service)s 7443(user)s 13(.)k 7932(It)s +8137(will)s 8563(often)s 0 10558(be)m 282(the)s 630(name)s +1204(of)s 1475(a)s 1641(program.)s 9066 670 0 670 240 240 60 0 9534 LoutGr2 +newpath 0 ysize 0.3 ft sub moveto +xsize 0 rlineto +0 0.1 ft rlineto +xsize neg 0 rlineto +closepath fill +grestore +320 fnt84 0 66(2.1.)m +628(Options)s +grestore +0 9072(Single-letter)m 1233(options)s 1983(may)s 2442(be)s +2718(combined)s 3714(as)s 3957(is)s 4161(usual)s 4714(with)s +5190(Unix)s 5718(programs,)s 6721(and)s 7119(the)s 7461(v)s 6(alue)k +8022(for)s 8354(such)s 8843(an)s 0 8832(option)m 669(may)s +1135(appear)s 1832(in)s 2075(the)s 2423(same)s 2970(ar)s 4(gument)k +3929(or)s 4188(in)s 4431(the)s 4779(ne)s 3(xt.)k +gsave +120 8478 translate +0.6953 1.0000 scale +240 fnt31 0 -52(\211B)m +grestore +gsave +120 8238 translate +0.6953 1.0000 scale +240 fnt31 0 -52(\211\211builtin)m +grestore +480 7944(Requests)m +1387(that)s 1797(a)s 1955(b)s 4(uiltin)k 2624(service)s +3347(be)s 3621(pro)s 3(vided.)k 4565(This)s 5033(is)s +5235(equi)s 6(v)k 6(alent)k 6270(to)s 6501(using)s +7065(the)s gsave +7405 7998 translate +0.6953 1.0000 scale +240 fnt31 0 -52(\211\211override)m +grestore +8457(option)s 480 7703(to)m +719(specify)s 1463(a)s 1629(string)s 2226(consisting)s 3249(of)s +gsave +3520 7757 translate +0.6953 1.0000 scale +240 fnt31 0 -52(execute\211builtin)m +grestore +5081(follo)s 6(wed)k 5983(by)s +6277(the)s 240 fnt83 6625 7705(b)m 4(uiltin-service)k 240 fnt82 +8053 7703(requested,)m 480 7463(and)m 884(requesting)s 1933(a)s 2099(service)s +2831(user)s 3289(of)s gsave +3560 7517 translate +0.6953 1.0000 scale +240 fnt31 0 -52(\211)m +grestore +3720($indicating)s +4808(the)s 5156(calling)s 5859(user$.)s 480 7055(If)m 701(the)s +1039(b)s 4(uiltin)k 1707(ser)s 1985(vice)s 2429(be)s +2651(ing)s 3000(re)s 3181(quest)s 3686(ed)s 3961(re)s +4142(quires)s 4767(a)s 240 fnt83 4924 7057(service-)m 5667(ar)s 8(gument)k +240 fnt82 6631 7055(then)m 7090(this)s 7477(must)s 7992(be)s +8264(sup)s 8590(plied)s 480 6814(to)m 712(the)s 1052(client)s +1635(in)s 1870(the)s 2211(same)s 2750(ar)s 2935(gu)s +3170(ment)s 3700(as)s 3943(the)s 240 fnt83 4283 6816(b)m 4(uiltin-)k +4970(service)s 240 fnt82 5639 6814(.)m 5736(See)s 6129(`Di)s +6441(rec)s 6725(ti)s 6(v)k 3(es)k 7211(for)s +7541(chang)s 8106(ing)s 8457(e)s 3(x)k 8675(e)s +8777(cu)s 8998(-)s 480 6574(tion)m 909(set)s 1174(tings',)s +1825(page)s 2333(14)s 2627(for)s 2965(de)s 3187(tails)s +3635(of)s 3906(the)s 4254(b)s 4(uiltin)k 4931(ser)s +5209(vices)s 5751(a)s 4(v)k 6(ail)k 6200(able,)s +6705(and)s 7109(`Security-)s 8052(o)s 3(v)k 3(erriding)k +480 6334(op)m 713(tions',)s 1364(page)s 1872(7)s 2040(for)s +2378(de)s 2600(tails)s 3048(of)s 3319(the)s gsave +3667 6388 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(\211\211override)m +grestore +4728(op)s 4961(tions.)s 480 5926(The)m 897(actual)s +1511(service)s 2232(name)s 2794(passed)s 3479(will)s 3894(be)s +4164(the)s 240 fnt83 4501 5928(b)m 4(uiltin-service)k 240 fnt82 +5869 5926(;)m 5970(note)s 6427(that)s 6833(this)s 7218(actual)s +7832(service)s 8552(name)s 480 5686($as)m 809(opposed)s 1666(to)s +1905(the)s 2253(o)s 3(v)k 3(erride)k 3099(data$)s +3625(and)s 4029(the)s 240 fnt83 4377 5688(info-ar)m 8(gument)k +240 fnt82 5742 5686(s)m 5886(supplied)s 6755(will)s 7181(be)s +7463(ignored)s 8252(by)s 8546(most)s 480 5446(b)m 4(uiltin)k +1149(services;)s 2022(the)s 2361(o)s 3(v)k 3(erride)k +3199(mechanism)s 4339(and)s gsave +4735 5500 translate +0.6953 1.0000 scale +240 fnt31 0 -52(execute\211builtin)m +grestore +6287(will)s +6705(be)s 6978(used)s 7467(to)s 7697(ensure)s 8369(that)s +8778(the)s 480 5206(right)m 991(b)s 4(uiltin)k 1668(service)s +2400(is)s 2610(called)s 3238(with)s 3720(the)s 4068(right)s +240 fnt83 4579 5208(service-ar)m 8(gument)k 240 fnt82 6248 5206(s.)m +gsave +120 4866 translate +0.6953 1.0000 scale +240 fnt31 0 -52(\211f)m gsave +288 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(fd)m +grestore +561([)s +gsave +705 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(modi\207er)m 2(s)k +grestore +1961(]=)s gsave +2249 0 translate +1.4219 1.0000 scale +240 fnt83 +0 -52(\207lename)m +grestore + +grestore +gsave +120 4626 translate +0.6953 1.0000 scale +240 fnt31 0 -52(\211\211file)m gsave +1008 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(fd)m + +grestore +1281([)s gsave +1425 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(modi\207er)m 2(s)k +grestore +2681(]=)s +gsave +2969 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(\207lename)m +grestore + +grestore +480 4332(Requests)m 1384(that)s 1791(data)s +2238(be)s 2509(copied)s 3194(in)s 3426(and)s 3819(out)s +4174(of)s 4434(the)s 4771(service)s 5492(using)s 6053(pipes.)s +6651(F)s 3(or)k 7029(each)s 7513(\207le)s 7863(or)s +8111(descriptor)s 480 4092(this)m 858(will)s 1266(be)s 1530(done)s +2033(by)s 2309(creating)s 3113(a)s 3261(pipe,)s 3761(one)s +4145(end)s 4531(of)s 4784(which)s 5407(is)s 5599(passed)s +6277(to)s 6498(the)s 6827(service)s 7541(program)s 8393(and)s +8778(the)s 480 3852(other)m 1028(end)s 1429(of)s 1697(which)s +2336(is)s 2543(passed)s 3236(to)s 3472(a)s 3635(cop)s 2(y)k +4149(of)s gsave +4417 3906 translate +0.6953 1.0000 scale +240 fnt31 0 -52(cat)m +grestore +4774(in)s 9(v)k 4(ok)k 2(ed)k +5586(by)s 5877(the)s 6222(client;)s 6861(the)s 7206(other)s +7754(\207le)s 8111(descriptor)s 480 3612(passed)m 1176(to)s gsave +1415 3666 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(cat)m +grestore +1775(will)s 2201(be)s 2483(one)s 2885(inherited)s +3792(by)s 4086(the)s 4434(client)s 5024(program)s 5894(from)s +6418(the)s 6766(caller)s 7355(or)s 7614(one)s 8016(opened)s +8766(by)s 480 3372(the)m 828(client)s 1418(program)s 2288(on)s +2585(behalf)s 3254(of)s 3525(the)s 3873(caller)s 13(.)k +480 2964(The)m 890(descriptor)s 1886(in)s 2110(the)s 2439(service)s +3152(program)s 4004(that)s 4403(should)s 5081(be)s 5344(connected)s +6353(must)s 6860(be)s 7123(speci\207ed)s 8012(as)s 240 fnt83 +8243 2966(fd)m 240 fnt82 8435 2964(,)m 8523(either)s 480 2724(as)m +728(a)s 891(decimal)s 1699(number)s 2487(or)s 2743(as)s +2990(one)s 3389(of)s 3657(the)s 4002(strings)s gsave +4688 2778 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(stdin)m +grestore +5188(,)s gsave +5292 2778 translate +0.6953 1.0000 scale +240 fnt31 0 -52(stdout)m +grestore +5949(or)s +gsave +6205 2778 translate +0.6953 1.0000 scale +240 fnt31 0 -52(stderr)m +grestore +6805(.)s 6906(The)s 7331(ne)s 3(xt)k +7797(ar)s 4(gument)k 8753(is)s 8960(a)s 480 2484(\207lename)m +1359(which)s 2001(will)s 2427(be)s 2709(opened)s 3459(by)s +3753(the)s 4101(client)s 4691(with)s 5173(the)s 5521(pri)s 6(vile)k 3(ges)k +6505(of)s 6776(the)s 7124(calling)s 7827(user)s 13(.)k +240 fnt83 480 2078(modi\207er)m 2(s)k 240 fnt82 1424 2076(is)m +1634(used)s 2131(to)s 2370(specify)s 3114(whether)s 3944(the)s +4292(\207le)s 4653(or)s 4912(descriptor)s 5927(is)s 6137(to)s +6376(be)s 6658(read)s 7127(from)s 7651(or)s 7910(written)s +8643(to.)s 480 1835(It)m 682(consists)s 1487(of)s 1755(a)s +1918(series)s 2508(of)s 2776(w)s 2(ords)k 3407(separated)s +4364(by)s 4655(commas.)s 5552(A)s 5779(comma)s 6540(may)s +7003(separate)s 7838(the)s 240 fnt83 8182 1837(modi\207er)m 2(s)k +240 fnt82 480 1594(from)m 1004(the)s 240 fnt83 1352 1596(fd)m +240 fnt82 1604 1594(and)m 2008(is)s 2218(required)s 3072(if)s +240 fnt83 3289 1596(fd)m 240 fnt82 3541 1594(is)m 3751(not)s +4117(numeric.)s 1134 0 0 0 240 240 60 0 948 LoutGr2 +0 0 moveto xsize 0 lineto stroke +grestore + +grestore +122 fnt82 0 753(1)m gsave +58 726 translate +0.6953 1.0000 scale +192 fnt31 0 -42(userv)m + +grestore +192 fnt82 505 683(is)m 673(short)s 1103(for)s 1373(`user)s +1802(services',)s 2566(and)s 2890(is)s 3058(pronounced)s 4010(`you-serv)s 2(e'.)k +240 fnt82 0 52(0.61.1)m 4809(User)s 5320(service)s 6052(daemon)s +6867(and)s 7271(client)s 7861(speci\207cation)s +grestore + +grestore + +pgsave restore +showpage + +%%Page: 5 5 +%%BeginPageSetup +%%PageResources: font Times-Roman +%%+ font Times-Bold +%%+ font Courier-Bold +%%+ font Times-Italic +/pgsave save def +0.0500 dup scale 10 setlinewidth +%%EndPageSetup +gsave +0 0 translate +240 fnt82 0.0 0.0 0.0 setrgbcolor 11900 16840 0 16840 240 240 60 LoutGraphic +gsave +LoutPageSet +grestore +gsave +0 16840 translate +0.0000 rotate + +grestore + +grestore +gsave +0 16840 translate +0.0000 rotate +gsave +1417 -15423 translate +240 fnt82 0.0 0.0 0.0 setrgbcolor 9066 14006 0 14006 240 240 60 LoutGraphic +gsave +1 LoutMargSet +grestore +240 fnt84 8953 13844(5)m 240 fnt82 480 13254(The)m 908(modi\207er)s +1778(w)s 2(ords)k 2412(are:)s gsave +600 13068 translate +0.6953 1.0000 scale +240 fnt31 0 -52(read)m + +grestore +gsave +960 12828 translate +0.6953 1.0000 scale +240 fnt31 0 -52(O_RDONLY)m +grestore +1761 12774(:)m 1867(Allo)s 6(w)k +2513(reading)s 3283(and)s 3687(not)s 4053(writing.)s 4847(May)s +5340(not)s 5706(be)s 5988(used)s 6485(with)s gsave +6967 12828 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(write)m +grestore +7527(or)s 7786(things)s 8422(that)s 960 12534(imply)m +1572(it.)s gsave +600 12348 translate +0.6953 1.0000 scale +240 fnt31 0 -52(write)m +grestore +gsave +960 12108 translate +0.6953 1.0000 scale +240 fnt31 0 -52(O_WRONLY)m + +grestore +1761 12054(:)m 1867(Allo)s 6(w)k 2513(writing)s 3256(and)s +3660(not)s 4026(reading.)s 240 fnt83 4847 12056(Doesn')m 7(t)k +5661(truncate)s 6511(or)s 6789(cr)s 8(eate)k 240 fnt82 +7431 12054(without)m gsave +8222 12108 translate +0.6953 1.0000 scale +240 fnt31 0 -52(truncate)m +grestore +960 11814(or)m gsave +1219 11868 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(create)m +grestore +1819(.)s gsave +1923 11868 translate +0.6953 1.0000 scale +240 fnt31 0 -52(write)m +grestore +2483(or)s +2742(things)s 3378(that)s 3796(imply)s 4408(it)s 4600(may)s +5066(not)s 5432(be)s 5714(used)s 6211(with)s gsave +6693 11868 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(read)m +grestore +7093(.)s gsave +600 11628 translate +0.6953 1.0000 scale +240 fnt31 0 -52(overwrite)m +grestore +960 11334(Equi)m 6(v)k 6(alent)k +2044(to)s gsave +2283 11388 translate +0.6953 1.0000 scale +240 fnt31 0 -52(write,create,truncate)m +grestore +4385(.)s gsave +600 11148 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(create)m +grestore +gsave +600 10908 translate +0.6953 1.0000 scale +240 fnt31 0 -52(creat)m +grestore +gsave +960 10668 translate +0.6953 1.0000 scale +240 fnt31 0 -52(O_CREAT)m + +grestore +1660 10614(:)m 1766(Creates)s 2533(the)s 2881(\207le)s 3242(if)s +3459(necessary)s 15(.)k 4477(Implies)s gsave +5244 10668 translate +0.6953 1.0000 scale +240 fnt31 0 -52(write)m + +grestore +5744(.)s gsave +600 10428 translate +0.6953 1.0000 scale +240 fnt31 0 -52(exclusive)m +grestore +gsave +600 10188 translate +0.6953 1.0000 scale +240 fnt31 0 -52(excl)m + +grestore +gsave +960 9948 translate +0.6953 1.0000 scale +240 fnt31 0 -52(O_EXCL)m +grestore +1560 9894(:)m 1666(F)s 3(ails)k +2178(if)s 2395(the)s 2743(\207le)s 3104(already)s 3861(e)s 3(xists.)k +4506(Implies)s gsave +5273 9948 translate +0.6953 1.0000 scale +240 fnt31 0 -52(write)m +grestore +5833(and)s gsave +6237 9948 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(create)m +grestore +6837(.)s 6941(May)s 7434(not)s 7800(be)s +8082(used)s 8579(with)s gsave +960 9708 translate +0.6953 1.0000 scale +240 fnt31 0 -52(truncate)m +grestore +1761 9654(.)m +gsave +600 9468 translate +0.6953 1.0000 scale +240 fnt31 0 -52(truncate)m +grestore +gsave +600 9228 translate +0.6953 1.0000 scale +240 fnt31 0 -52(trunc)m +grestore +gsave +960 8988 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(O_TRUNC)m +grestore +1660 8934(:)m 1766(T)s 8(runcate)k 2663(an)s 3(y)k +3060(e)s 3(xisting)k 3867(\207le.)s 4276(Implies)s gsave +5043 8988 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(write)m +grestore +5543(.)s 5647(May)s 6140(not)s 6506(be)s +6788(used)s 7285(with)s gsave +7767 8988 translate +0.6953 1.0000 scale +240 fnt31 0 -52(exclusive)m +grestore +8668(.)s +gsave +600 8748 translate +0.6953 1.0000 scale +240 fnt31 0 -52(append)m +grestore +gsave +960 8508 translate +0.6953 1.0000 scale +240 fnt31 0 -52(O_APPEND)m +grestore +1761 8454(:)m +1867(All)s 2227(writes)s 2861(will)s 3287(append)s 4037(to)s +4276(the)s 4624(\207le.)s 5033(Implies)s gsave +5800 8508 translate +0.6953 1.0000 scale +240 fnt31 0 -52(write)m + +grestore +6360($b)s 4(ut)k 6801(not)s gsave +7167 8508 translate +0.6953 1.0000 scale +240 fnt31 0 -52(create)m + +grestore +7767($.)s gsave +600 8268 translate +0.6953 1.0000 scale +240 fnt31 0 -52(sync)m +grestore +gsave +960 8028 translate +0.6953 1.0000 scale +240 fnt31 0 -52(O_SYNC)m + +grestore +1560 7974(:)m 1666(Do)s 2012(writes)s 2646(synchronously)s 15(.)k +4132(Implies)s gsave +4899 8028 translate +0.6953 1.0000 scale +240 fnt31 0 -52(write)m +grestore +5399(.)s gsave +600 7788 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(wait)m +grestore +gsave +600 7548 translate +0.6953 1.0000 scale +240 fnt31 0 -52(nowait)m +grestore +gsave +600 7308 translate +0.6953 1.0000 scale +240 fnt31 0 -52(close)m + +grestore +960 7014(These)m 1587(modi\207ers)s 2541(control)s 3273(the)s 3621(beha)s 4(viour)k +4634(of)s 4905(the)s 5253(client,)s 5890(with)s 6372(respect)s +7108(to)s 7347(the)s 7695(pipes)s 8251(carrying)s 960 6774(data)m +1418(to)s 1657(and)s 2061(from)s 2585(the)s 2933(service,)s +3716(when)s 4292(the)s 4640(service)s 5372(terminates.)s 6470(See)s +6871(belo)s 6(w)k 15(.)k gsave +600 6588 translate +0.6953 1.0000 scale +240 fnt31 0 -52(fd)m + +grestore +960 6294(The)m 240 fnt83 1388 6296(\207lename)m 240 fnt82 2252 6294(is)m +2462(not)s 2828(a)s 2994(\207lename)s 3873(b)s 4(ut)k +4235(a)s 4401(numeric)s 5237(\207le)s 5598(descriptor)s 13(.)k +6644(One)s 7099(or)s 7358(both)s 7841(of)s gsave +8112 6348 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(read)m +grestore +8572(and)s gsave +960 6107 translate +0.6953 1.0000 scale +240 fnt31 0 -52(write)m +grestore +1520 6053(must)m +2045(be)s 2327(speci\207ed,)s 3284(and)s 3688(no)s 3981(other)s +4532(w)s 2(ords)k 5166(are)s 5513(allo)s 6(wed.)k +6368(The)s 240 fnt83 6796 6055(\207lename)m 240 fnt82 7660 6053(may)m +8126(also)s 8564(be)s gsave +960 5867 translate +0.6953 1.0000 scale +240 fnt31 0 -52(stdin)m +grestore +1460 5813(,)m +gsave +1567 5867 translate +0.6953 1.0000 scale +240 fnt31 0 -52(stdout)m +grestore +2227(or)s gsave +2486 5867 translate +0.6953 1.0000 scale +240 fnt31 0 -52(stderr)m + +grestore +3146(for)s 3484(\207le)s 3845(descriptor)s 4860(0,)s 5087(1)s +5242(or)s 5501(2)s 5675(respecti)s 6(v)k 3(ely)k 15(.)k +480 5251(If)m 701(no)s 240 fnt83 984 5253(modi\207er)m 2(s)k +240 fnt82 1918 5251(which)m 2550(imply)s gsave +3152 5305 translate +0.6953 1.0000 scale +240 fnt31 0 -52(read)m + +grestore +3602(or)s gsave +3851 5305 translate +0.6953 1.0000 scale +240 fnt31 0 -52(write)m +grestore +4401(are)s 4738(used)s +5226(it)s 5408(is)s 5608(as)s 5848(if)s gsave +6055 5305 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(write)m +grestore +6605(had)s 6999(been)s 7498(speci\207ed,)s 8445(e)s 3(xcept)k +480 5011(that)m 898(if)s 1115(the)s 1463(\207ledescriptor)s 2783(0)s +2958(of)s 3229(the)s 3577(service)s 4309(is)s 4519(being)s +5104(opened)s 5854($either)s 6536(speci\207ed)s 7444(numerically)s 8639(or)s +480 4771(with)m gsave +962 4825 translate +0.6953 1.0000 scale +240 fnt31 0 -52(stdin)m +grestore +1462($)s 1590(it)s +1782(is)s 1992(as)s 2242(if)s gsave +2459 4825 translate +0.6953 1.0000 scale +240 fnt31 0 -52(overwrite)m + +grestore +3420(had)s 3824(been)s 4333(speci\207ed)s 5241($or)s gsave +5579 4825 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(write)m +grestore +6139(if)s 6356(only)s gsave +6836 4825 translate +0.6953 1.0000 scale +240 fnt31 0 -52(fd)m + +grestore +7096(w)s 2(as)k 7517(speci\207ed$.)s 480 4363(The)m 892(client)s +1465(will)s 1874(also)s 2296(use)s gsave +2654 4417 translate +0.6953 1.0000 scale +240 fnt31 0 -52(O_NOCTTY)m + +grestore +3498(when)s 4057(opening)s 4866(\207les)s 5298(speci\207ed)s 6189(by)s +6466(the)s 6798(caller)s 9(,)k 7408(to)s 7630(a)s 4(v)k 4(oid)k +8195(changing)s 480 4123(its)m 756(controlling)s 1858(terminal.)s 480 3715(By)m +810(de)s 1032(f)s 2(ault)k 1523(stdin,)s 2091(std)s +2368(out)s 2729(and)s 3129(stderr)s 3728(of)s 3995(the)s +4338(ser)s 4616(vice)s 5066(will)s 5488(be)s 5766(con)s +6109(nect)s 6507(ed)s 6786(to)s 7021(the)s 7365(cor)s +7670(re)s 7851(spond)s 8422(ing)s 8776(de)s 8998(-)s +480 3475(scrip)m 937(tors)s 1346(on)s 1643(the)s 1991(client.)s +2625(Di)s 2858(ag)s 3077(nos)s 3401(tics)s 3783(from)s +4307(the)s 4655(client)s 5245(and)s 5649(dae)s 5977(mon)s +6460(will)s 6886(also)s 7324(ap)s 7543(pear)s 8014(on)s +8311(stderr)s 13(.)k 480 3067(If)m gsave +710 3121 translate +0.6953 1.0000 scale +240 fnt31 0 -52(wait)m + +grestore +1170(is)s 1380(speci\207ed,)s 2337(the)s 2685(client)s 3275(will)s +3701(w)s 2(ait)k 4170(for)s 4508(the)s 4856(pipe)s +5324(to)s 5563(be)s 5845(closed,)s 6563(and)s 6967(only)s +7447(e)s 3(xit)k 7862(after)s 8358(this)s 480 2827(has)m +850(happened.)s 1872(This)s 2348(means)s 3010(that)s 3428(either)s +4031(the)s 4379(recei)s 6(ving)k 5315(end)s 5719(of)s +5990(the)s 6338(pipe)s 6806(connection)s 7913(w)s 2(as)k +8334(closed)s 480 2587(while)m 1067(data)s 1525(w)s 2(as)k +1946(still)s 2358(a)s 4(v)k 6(ailable)k 3266(at)s +3498(the)s 3846(sending)s 4644(end,)s 5097(or)s 5356(that)s +5774(the)s 6122(end)s 6526(of)s 6797(\207le)s 7158(w)s 2(as)k +7579(reached)s 8380(on)s 8677(the)s 480 2347(reading)m 1250(\207le)s +1611(descriptor)s 13(.)k 2657(Errors)s 3304(encountered)s 4531(reading)s +5301(or)s 5560(writing)s 6303(in)s 6546(the)s 6894(client)s +7484(at)s 7716(this)s 8112(stage)s 8659(will)s 480 2106(be)m +762(considered)s 1855(a)s 2021(system)s 2744(error)s 3266(and)s +3670(cause)s 4256(the)s 4603(client)s 5193(to)s 5431(e)s 3(xit)k +5845(with)s 6327(status)s 6921(255,)s 7387(b)s 4(ut)k +7749(will)s 8174(not)s 8539(cause)s 480 1866(disconnection)m 1866(at)s +2098(the)s 2446(service)s 3178(side)s 3619(since)s 4166(the)s +4514(service)s 5246(has)s 5616(already)s 6373(e)s 3(xited.)k +480 1458(If)m gsave +710 1512 translate +0.6953 1.0000 scale +240 fnt31 0 -52(close)m +grestore +1270(is)s 1480(speci\207ed)s +2388(the)s 2736(client)s 3326(will)s 3752(immediately)s 5000(close)s +5547(the)s 5895(pipe)s 6363(connection)s 7470(by)s 7764(killing)s +8441(the)s 480 1218(rele)m 6(v)k 6(ant)k 1297(cop)s 2(y)k +1815(of)s gsave +2086 1272 translate +0.6953 1.0000 scale +240 fnt31 0 -52(cat)m +grestore +2386(.)s 2490(If)s +2720(the)s 3068(service)s 3800(uses)s 4263(the)s 4611(descriptor)s +5626(it)s 5818(will)s 6244(get)s gsave +6596 1272 translate +0.6953 1.0000 scale +240 fnt31 0 -52(SIGPIPE)m + +grestore +7356($or)s gsave +7694 1272 translate +0.6953 1.0000 scale +240 fnt31 0 -52(EPIPE)m +grestore +8194($)s 8322(for)s +8660(a)s 480 978(writing)m 1218(descriptor)s 2228(or)s 2482(end)s +2881(of)s 3147(\207le)s 3502(for)s 3835(a)s 3996(reading)s +4761(one;)s 5214(the)s 5557(descriptor)s 6566(opened)s 7311(by)s +7600(or)s 7854(passed)s 8545(to)s 8778(the)s 480 738(client)m +1070(will)s 1496(also)s 1934(be)s 2216(closed.)s 0 52(User)m +511(service)s 1243(daemon)s 2058(and)s 2462(client)s 3052(speci\207cation)s +8491(0.61.1)s +grestore + +grestore + +pgsave restore +showpage + +%%Page: 6 6 +%%BeginPageSetup +%%PageResources: font Times-Roman +%%+ font Times-Bold +%%+ font Courier-Bold +%%+ font Times-Italic +/pgsave save def +0.0500 dup scale 10 setlinewidth +%%EndPageSetup +gsave +0 0 translate +240 fnt82 0.0 0.0 0.0 setrgbcolor 11900 16840 0 16840 240 240 60 LoutGraphic +gsave +LoutPageSet +grestore +gsave +0 16840 translate +0.0000 rotate + +grestore + +grestore +gsave +0 16840 translate +0.0000 rotate +gsave +1417 -15423 translate +240 fnt82 0.0 0.0 0.0 setrgbcolor 9066 14006 0 14006 240 240 60 LoutGraphic +gsave +0 LoutMargSet +grestore +240 fnt84 0 13842(6)m 240 fnt82 480 13251(If)m gsave +707 13305 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(nowait)m +grestore +1364(is)s 1570(speci\207ed)s 2475(then)s 2941(the)s +3285(client)s 3872(will)s 4294(not)s 4657(w)s 2(ait)k +5123(and)s 5523(the)s 5868(connection)s 6972(will)s 7394(remain)s +8111(open)s 8630(after)s 480 13011(the)m 824(client)s 1409(terminates.)s +2502(Data)s 3008(may)s 3469(continue)s 4344(to)s 4578(be)s +4856(passed)s 5547(between)s 6396(the)s 6739(inheritors)s 7700(of)s +7966(the)s 8309(rele)s 6(v)k 6(ant)k 480 12771(descriptor)m +1484(on)s 1770(the)s 2107(service)s 2828(side)s 3258(and)s +3651(the)s 3988(corresponding)s 5399(\207le)s 5749(or)s 5997(descriptor)s +7001(on)s 7287(the)s 7624(client)s 8203(side)s 8633(until)s +480 12531(either)m 1071(side)s 1499(closes)s 2121(their)s 2606(descriptor)s 13(.)k +3639(This)s 4102(should)s 4786(not)s 5140(usually)s 5872(be)s +6141(speci\207ed)s 7036(for)s 7362(stderr)s 7952($or)s 8277(stdout)s +8909(if)s gsave +480 12345 translate +0.6953 1.0000 scale +240 fnt31 0 -52(\211\211signals)m 1440(stdout)s +grestore +2141 12291(is)m +2350(used$)s 2916(since)s 3462(diagnostics)s 4588(from)s 5111(the)s +5457(service)s 6188(side)s 6628(may)s 7093(arri)s 6(v)k 3(e)k +7695(after)s 8190(the)s 8536(client)s 480 12051(has)m 850(e)s 3(xited)k +1489(and)s 1893(be)s 2175(confused)s 3097(with)s 3579(e)s 3(xpected)k +4484(output.)s 480 11643(The)m 908(def)s 2(ault)k 1629(is)s +gsave +1839 11697 translate +0.6953 1.0000 scale +240 fnt31 0 -52(wait)m +grestore +2299(for)s 2637(writing)s 3380(\207le)s +3741(descriptors)s 4840(and)s gsave +5244 11697 translate +0.6953 1.0000 scale +240 fnt31 0 -52(close)m +grestore +5804(for)s +6142(reading)s 6912(ones.)s gsave +120 11303 translate +0.6953 1.0000 scale +240 fnt31 0 -52(\211w)m gsave +288 0 translate +1.4219 1.0000 scale +240 fnt83 +0 -52(fd)m +grestore +561(=)s gsave +705 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(action)m +grestore + +grestore +gsave +120 11063 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(\211\211fdwait)m gsave +1152 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(fd)m +grestore +1425(=)s gsave +1569 0 translate +1.4219 1.0000 scale +240 fnt83 +0 -52(action)m +grestore + +grestore +480 10769(Sets)m 924(the)s 1267(action)s 1903(on)s +2194(termination)s 3347(of)s 3613(the)s 3956(service)s 4682(for)s +5015(the)s 5358(speci\207ed)s 6261(\207le)s 6616(descriptor;)s 240 fnt83 +7678 10771(action)m 240 fnt82 8325 10769(must)m 8844(be)s gsave +480 10583 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(wait)m +grestore +880 10529(,)m gsave +981 10583 translate +0.6953 1.0000 scale +240 fnt31 0 -52(nowait)m +grestore +1634(or)s +gsave +1886 10583 translate +0.6953 1.0000 scale +240 fnt31 0 -52(close)m +grestore +2439(as)s 2682(described)s 3650(abo)s 3(v)k 3(e.)k +4313(The)s 4734(\207le)s 5088(descriptor)s 6096(must)s 6615(be)s +6890(speci\207ed)s 7791(as)s 8034(open)s 8550(when)s 480 10289(this)m +876(option)s 1545(is)s 1755(encountered;)s 3036(this)s 3432(option)s +4101(is)s 4311(o)s 3(v)k 3(erridden)k 5398(by)s +5692(an)s 3(y)k 6089(later)s gsave +6572 10343 translate +0.6953 1.0000 scale +240 fnt31 0 -52(\211\211file)m + +grestore +7232(or)s gsave +7491 10343 translate +0.6953 1.0000 scale +240 fnt31 0 -52(\211\211fdwait)m +grestore +8352(option)s 480 10049(-)m +608(e)s 6(v)k 3(en)k 1108(by)s 1402(a)s +gsave +1568 10103 translate +0.6953 1.0000 scale +240 fnt31 0 -52(\211\211file)m +grestore +2228(which)s 2870(does)s 3360(not)s +3726(specify)s 4470(an)s 4753(action)s 5394(on)s 5691(termination)s +6849($in)s 7171(this)s 7567(case)s 8034(the)s 8382(def)s 2(ault)k +480 9809(will)m 906(be)s 1188(used,)s 1734(as)s 1984(described)s +2958(abo)s 3(v)k 3(e$.)k gsave +120 9479 translate +0.6953 1.0000 scale +240 fnt31 0 -52(\211D)m +gsave +288 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(name)m +grestore +1016(=)s gsave +1160 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(value)m + +grestore + +grestore +gsave +120 9239 translate +0.6953 1.0000 scale +240 fnt31 0 -52(\211\211defvar)m gsave +1296 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(name)m +grestore +2024(=)s +gsave +2168 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(value)m +grestore + +grestore +480 8945(Set)m 845(a)s 1011(user)s 4(-)k +1473(de\207ned)s 2236(v)s 6(ari)k 2595(able)s 240 fnt83 +3049 8947(name)m 240 fnt82 3621 8945(to)m 240 fnt83 3860 8947(val)m +4152(ue)s 240 fnt82 4371 8945(.)m 4475(These)s 5102(user)s 4(-)k +5564(de\207ned)s 6327(v)s 6(ari)k 6686(ables)s 7228(are)s +7575(made)s 8149(a)s 4(v)k 6(ail)k 8598(able)s +480 8705(in)m 723(the)s 1071(con)s 1414(\207g)s 1660(u)s +1775(ra)s 1960(tion)s 2389(lan)s 2678(guage)s 3306(as)s +3556(the)s 3904(pa)s 4130(ram)s 4501(e)s 4603(ters)s +gsave +4998 8759 translate +0.6953 1.0000 scale +240 fnt31 0 -52(u\211)m gsave +288 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(name)m +grestore + +grestore +5764(and)s +6168(are)s 6515(passed)s 7211(to)s 7450(the)s 7798(ser)s +8076(vice)s 8530(in)s 8773(en)s 8996(-)s 480 8465(vi)m +660(ron)s 976(ment)s 1508(v)s 6(ari)k 1867(ables)s +gsave +2402 8519 translate +0.6953 1.0000 scale +240 fnt31 0 -52(USERV_U_)m gsave +1152 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(name)m +grestore + +grestore +3709(.)s +240 fnt83 3806 8467(name)m 240 fnt82 4371 8465(may)m 4831(con)s +5174(tain)s 5582(only)s 6055(al)s 6222(phanu)s 6803(mer)s +7174(ics)s 7483(and)s 7880(un)s 8117(der)s 8422(scores,)s +480 8225(and)m 884(must)s 1409(start)s 1879(with)s 2360(a)s +2526(let)s 2764(ter)s 13(.)k 3106(If)s 3335(se)s 6(v)k +3643(er)s 3828(al)s 4055(de\207)s 4406(ni)s 4586(tions)s +5102(are)s 5449(gi)s 6(v)k 5744(en)s 6026(for)s +6364(the)s 6712(same)s 240 fnt83 7258 8227(name)m 240 fnt82 +7830 8225(then)m 8299(only)s 8778(the)s 480 7985(last)m 871(is)s +1081(ef)s 1278(fec)s 1562(ti)s 6(v)k 3(e.)k +gsave +120 7694 translate +0.6953 1.0000 scale +240 fnt31 0 -52(\211t)m gsave +432 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(seconds)m +grestore + +grestore +gsave +120 7454 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(\211\211timeout)m gsave +1440 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(seconds)m +grestore + +grestore +480 7160(T)m 8(ime)k +1029(out)s 1392(the)s 1736(service)s 2465(if)s 2678(it)s +2867(tak)s 2(es)k 3403(longer)s 4071(than)s 240 fnt83 +4536 7162(seconds)m 240 fnt82 5346 7160(seconds)m 6151($a)s 6393(positi)s 6(v)k 3(e)k +7193(inte)s 3(ger)k 9(,)k 7948(in)s 8187(decimal$.)s +480 6919(T)m 8(imeout)k 1331(will)s 1746(produce)s 2562(a)s +2717(diagnostic)s 3742(on)s 4028(stderr)s 4620(and)s 5013(an)s +5284(e)s 3(xit)k 5688(status)s 6272(of)s 6532(255.)s +6985(If)s 240 fnt83 7204 6921(seconds)m 240 fnt82 8006 6919(is)m +8205(zero)s 8657(then)s 480 6679(no)m 773(timeout)s 1563(will)s +1989(be)s 2271(implemented)s 3577($this)s 4052(is)s 4262(the)s +4610(def)s 2(ault$.)k gsave +120 6339 translate +0.6953 1.0000 scale +240 fnt31 0 -52(\211S)m +grestore +240 fnt83 +380 6287(method)m gsave +120 6099 translate +0.6953 1.0000 scale +240 fnt31 0 -52(\211\211signals)m +grestore +1081 6047(method)m 240 fnt82 +480 5805(Af)m 6(fects)k 1212(the)s 1544(handling)s 2420(of)s +2675(the)s 3008(e)s 3(xit)k 3407(status)s 3987(when)s +4547(the)s 4879(service)s 5596(terminates)s 6625(due)s 7012(to)s +7235(a)s 7386(signal.)s 8045($The)s 8536(client)s 480 5564(will)m +906(al)s 2(w)k 2(ays)k 1617(\207nish)s 2206(by)s +2500(calling)s gsave +3203 5618 translate +0.6953 1.0000 scale +240 fnt31 0 -52(_exit)m +grestore +3703(,)s 3810(so)s +4076(that)s 4494(only)s 4974(numbers)s 5849(from)s 6373(0)s +6548(to)s 6787(255)s 7193(can)s 7582(be)s 7864(returned)s +8718(and)s 480 5324(not)m 830(the)s 1162(full)s 1532(range)s +2102(of)s 2357(numbers)s 3216(and)s 3603(signal)s 4213(indications)s +5297(which)s 5922(can)s 6295(be)s 6561(returned)s 7398(by)s +7676(the)s gsave +8008 5378 translate +0.6953 1.0000 scale +240 fnt31 0 -52(wait)m +grestore +8451(f)s 2(amily)k +480 5084(of)m 751(system)s 1475(calls.$)s 480 4676(The)m 240 fnt83 +908 4678(method)m 240 fnt82 1679 4676(may)m 2145(be)s 2427(one)s +2829(of)s 3100(the)s 3448(follo)s 6(wing:)k 240 fnt83 +600 4438(status)m 240 fnt82 960 4196(The)m 1386(client')s 13(s)k +2123(e)s 3(xit)k 2536(status)s 3128(will)s 3552(be)s +240 fnt83 3831 4198(status)m 240 fnt82 4384 4196(.)m 4486(This)s +4959(will)s 5383(not)s 5746(be)s 6026(distinguishable)s 7527(from)s +8049(the)s 8394(service)s 960 3955(really)m 1557(ha)s 4(ving)k +2258(e)s 3(xited)k 2897(with)s 3379(code)s 240 fnt83 +3887 3957(status)m 240 fnt82 4440 3955(.)m 4544(This)s 5020(method)s +5796(is)s 6006(the)s 6354(def)s 2(ault,)k 7122(with)s +7604(a)s 240 fnt83 7770 3957(status)m 240 fnt82 8383 3955(of)m +8654(254.)s gsave +600 3769 translate +0.6953 1.0000 scale +240 fnt31 0 -52(number)m +grestore +gsave +600 3529 translate +0.6953 1.0000 scale +240 fnt31 0 -52(number\211nocore)m + +grestore +960 3235(The)m 1388(client')s 13(s)k 2128(e)s 3(xit)k +2543(status)s 3138(will)s 3564(be)s 3846(the)s 4194(number)s +4985(of)s 5256(the)s 5604(signal)s 6230(which)s 6872(caused)s +7581(the)s 7929(termination)s 960 2995(of)m 1231(the)s 1579(service.)s +2359(If)s gsave +2589 3049 translate +0.6953 1.0000 scale +240 fnt31 0 -52(number)m +grestore +3249(is)s 3459(used)s +3956(rather)s 4572(than)s gsave +5041 3049 translate +0.6953 1.0000 scale +240 fnt31 0 -52(number\211nocore)m +grestore +6402(then)s +6871(128)s 7278(will)s 7704(be)s 7986(added)s 960 2755(if)m +1177(the)s 1525(service)s 2257(dumped)s 3087(core.)s gsave +3602 2809 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(number)m +grestore +4262(is)s 4472(v)s 3(ery)k 4948(lik)s 2(e)k +5360(the)s 5708(e)s 3(xit)k 6123(code)s 6631(mangling)s +7588(done)s 8110(by)s 8404(the)s 960 2515(Bourne)m 1721(shell.)s +gsave +600 2329 translate +0.6953 1.0000 scale +240 fnt31 0 -52(highbit)m +grestore +960 2035(The)m 1388(client')s 13(s)k +2128(e)s 3(xit)k 2543(status)s 3138(will)s 3564(be)s +3846(the)s 4194(number)s 4985(of)s 5256(the)s 5604(signal)s +6230(with)s 6712(128)s 7119(added.)s 7795(If)s 8025(the)s +8373(service)s 960 1795(e)m 3(xits)k 1459(normally)s 2376(with)s +2858(an)s 3141(e)s 3(xit)k 3556(code)s 4064(of)s +4335(greater)s 5057(than)s 5526(127)s 5934(then)s 6403(127)s +6811(will)s 7237(be)s 7519(returned.)s gsave +600 1609 translate +0.6953 1.0000 scale +240 fnt31 0 -52(stdout)m + +grestore +960 1315(The)m 1375(service')s 13(s)k 2247(numeric)s 3069(w)s 2(ait)k +3524(status)s 4105(as)s 4341(tw)s 2(o)k 4737(decimal)s +5534(numbers)s 6395($high)s 6943(byte)s 7397(\207rst$)s 7882(and)s +8272(a)s 8424(te)s 3(xtual)k 960 1075(description)m 2079(of)s +2350(its)s 2626(meaning)s 3503(will)s 3929(be)s 4211(printed)s +4946(to)s 5185(the)s 5533(client')s 13(s)k 6273(standard)s +7141(output.)s 7857(It)s 8062(will)s 8488(be)s 960 835(preceded)m +1865(by)s 2142(a)s 2292(ne)s 6(wline)k 3082(and)s +3470(follo)s 6(wed)k 4355(by)s 4633(an)s 4899(e)s 3(xtra)k +5417(ne)s 6(wline,)k 6258(and)s 6646(the)s 6977(numbers)s +7836(are)s 8166(separated)s 0 52(0.61.1)m 4809(User)s 5320(service)s +6052(daemon)s 6867(and)s 7271(client)s 7861(speci\207cation)s +grestore + +grestore + +pgsave restore +showpage + +%%Page: 7 7 +%%BeginPageSetup +%%PageResources: font Times-Roman +%%+ font Times-Bold +%%+ font Courier-Bold +%%+ font Times-Italic +/pgsave save def +0.0500 dup scale 10 setlinewidth +%%EndPageSetup +gsave +0 0 translate +240 fnt82 0.0 0.0 0.0 setrgbcolor 11900 16840 0 16840 240 240 60 LoutGraphic +gsave +LoutPageSet +grestore +gsave +0 16840 translate +0.0000 rotate + +grestore + +grestore +gsave +0 16840 translate +0.0000 rotate +gsave +1417 -15423 translate +240 fnt82 0.0 0.0 0.0 setrgbcolor 9066 14006 0 14006 240 240 60 LoutGraphic +gsave +1 LoutMargSet +grestore +240 fnt84 8951 13844(7)m 240 fnt82 960 13256(from)m 1484(each)s +1979(other)s 2530(and)s 2934(from)s 3458(the)s 3806(te)s 3(xtual)k +4508(description)s 5627(by)s 5921(single)s 6548(spaces.)s 7276(The)s +7704(e)s 3(xit)k 8119(status)s 8714(of)s 960 13016(the)m +1308(client)s 1898(will)s 2324(be)s 2606(zero,)s 3124(unless)s +3773(a)s 3939(system)s 4663(error)s 5186(occurs)s 5861(in)s +6104(which)s 6746(case)s 7213(no)s 7506(e)s 3(xit)k +7921(status)s 8516(and)s 960 12776(description)m 2079(will)s 2505(be)s +2787(printed)s 3522(to)s 3761(stdout,)s 4453(and)s 4857(an)s +5140(error)s 5663(message)s 6529(will)s 6955(be)s 7237(printed)s +7972(to)s 8211(stderr)s 960 12536(as)m 1210(usual.)s 480 12024(Problems)m +1420(such)s 1902(as)s 2137(client)s 2713(usage)s 3299(errors,)s +3948(the)s 4281(service)s 4999(not)s 5351(being)s 5921(found)s +6524(or)s 6768(permission)s 7860(being)s 8430(denied)s 480 11784(or)m +739(f)s 2(ailure)k 1415(of)s 1686(a)s 1852(system)s +2576(call)s 2975(are)s 3322(system)s 4046(errors.)s 4706(An)s +5056(error)s 5579(message)s 6445(describing)s 7494(the)s 7842(problem)s +8699(will)s 480 11543(be)m 758(printed)s 1489(on)s 1782(the)s +2125(client')s 13(s)k 2861(stderr)s 9(,)k 3498(and)s +3898(the)s 4241(client')s 13(s)k 4977(e)s 3(xit)k +5388(status)s 5978(will)s 6400(be)s 6678(255.)s 7138(If)s +7363(the)s 7707(client)s 8293(dies)s 8724(due)s 480 11303(to)m +719(a)s 885(signal)s 1511(this)s 1907(should)s 2604(be)s +2886(treated)s 3593(as)s 3843(a)s 4009(serious)s 4737(system)s +5461(error)s 13(.)k gsave +120 10963 translate +0.6953 1.0000 scale +240 fnt31 0 -52(\211H)m +grestore +gsave +120 10723 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(\211\211hidecwd)m +grestore +480 10429(Pre)m 6(v)k 3(ents)k 1345(the)s +1693(calling)s 2396(process')s 13(s)k 3323(current)s 4059(directory)s +4975(name)s 5549(from)s 6073(being)s 6658(passed)s 7354(to)s +7593(the)s 7941(service;)s 8729(the)s 480 10189(null)m 907(string)s +1504(will)s 1930(be)s 2212(passed)s 2908(instead.)s gsave +120 9849 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(\211P)m +grestore +gsave +120 9609 translate +0.6953 1.0000 scale +240 fnt31 0 -52(\211\211sigpipe)m +grestore +480 9315(If)m 700(the)s +1038(service)s 1760(program)s 2620(is)s 2820(terminated)s 3888(due)s +4280(to)s 4509(a)s gsave +4665 9369 translate +0.6953 1.0000 scale +240 fnt31 0 -52(SIGPIPE)m +grestore +5415(the)s +5753(e)s 3(xit)k 6157(status)s 6742(of)s 7003(the)s +7341(client)s 7921(will)s 8337(be)s 8608(zero,)s 480 9075(e)m 6(v)k 3(en)k +967(if)s 1170(it)s 1349(w)s 2(ould)k 1990(ha)s 4(v)k 3(e)k +2477(been)s 2973(something)s 4009(else)s 4423(according)s 5405(to)s +5630(the)s 5965(e)s 3(xit)k 6366(status)s 6948(method)s +7710(speci\207ed.)s 8650(This)s 480 8835(option)m 1149(has)s 1519(no)s +1812(ef)s 6(fect)k 2408(on)s 2705(the)s 3053(code)s +3561(and)s 3965(description)s 5084(printed)s 5819(if)s 6036(the)s +6384(e)s 3(xit)k 6799(status)s 7394(method)s gsave +8170 8889 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(stdout)m +grestore +8830(is)s 480 8595(in)m 723(use.)s gsave +120 8305 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(\211h)m +grestore +gsave +120 8065 translate +0.6953 1.0000 scale +240 fnt31 0 -52(\211\211help)m +grestore +gsave +120 7825 translate +0.6953 1.0000 scale +240 fnt31 0 -52(\211\211copyright)m + +grestore +gsave +480 7585 translate +0.6953 1.0000 scale +240 fnt31 0 -52(\211h)m +grestore +740 7531(or)m gsave +999 7585 translate +0.6953 1.0000 scale +240 fnt31 0 -52(\211\211help)m + +grestore +1659(prints)s 2254(the)s 2602(client')s 13(s)k 3342(usage)s +3943(message;)s gsave +4865 7585 translate +0.6953 1.0000 scale +240 fnt31 0 -52(\211\211copyright)m +grestore +6026(prints)s 6621(the)s +6969(cop)s 2(yright)k 7944(and)s 8348(lack)s 8807(of)s +480 7291(w)m 2(arranty)k 1381(notice.)s 9066 670 0 670 240 240 60 0 6161 LoutGr2 +newpath 0 ysize 0.3 ft sub moveto +xsize 0 rlineto +0 0.1 ft rlineto +xsize neg 0 rlineto +closepath fill +grestore +320 fnt84 0 66(2.2.)m +628(Security-o)s 3(v)k 3(erriding)k 3373(options)s +grestore +0 5699(There)m +613(are)s 960(also)s 1398(some)s 1959(options)s 2715(which)s +3357(are)s 3704(a)s 4(v)k 6(ailable)k 4612(for)s +4950(deb)s 4(ugging)k 6011(and)s 6415(to)s 6654(allo)s 6(w)k +7233(the)s 7581(system)s 0 5459(administrator)m 1333(to)s 1572(o)s 3(v)k 3(erride)k +2418(a)s 2584(user')s 13(s)k 3192(polic)s 3(y)k 15(.)k +3876(These)s 4503(options)s 5259(are)s 5606(a)s 4(v)k 6(ailable)k +6514(only)s 6994(if)s 7211(the)s 7559(client)s 8149(is)s +8359(called)s 0 5219(by)m 294(root)s 739(or)s 998(if)s +1215(the)s 1563(calling)s 2266(user)s 2724(is)s 2934(the)s +3282(same)s 3829(as)s 4079(the)s 4427(service)s 5159(user)s 13(.)k +gsave +120 4865 translate +0.6953 1.0000 scale +240 fnt31 0 -52(\211\211override)m gsave +1584 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(con\207gur)m 3(ation-data)k + +grestore + +grestore +gsave +120 4625 translate +0.6953 1.0000 scale +240 fnt31 0 -52(\211\211override\211file)m gsave +2304 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(\207lename)m +grestore + +grestore +480 4331(Do)m +826(not)s 1192(read)s 1661(the)s 2009(usual)s 2569(con\207guration)s +3902(\207les.)s 4404(Instead,)s 5201(the)s 5549(client)s 6139(sends)s +240 fnt83 6722 4333(con\207gur)m 3(ation-data)k 240 fnt82 480 4090($follo)m 6(wed)k +1461(by)s 1755(a)s 1921(ne)s 6(wline$)k 2800(or)s +3059(the)s 3407(contents)s 4255(of)s 240 fnt83 4526 4092(\207lename)m +240 fnt82 5390 4090($which)m 6111(is)s 6321(opened)s 7071(in)s +7314(the)s 7662(conte)s 3(xt)k 8423(of)s 8694(the)s +480 3849(client$)m 1138(to)s 1377(the)s 1725(daemon)s 2540(and)s +2944(the)s 3292(daemon)s 4107(uses)s 4570(that)s 4988(data)s +5446(instead.)s 6227(The)s 240 fnt83 6655 3851(con\207gur)m 3(ation-data)k +240 fnt82 8503 3849(must)m 480 3609(all)m 772(be)s 1052(in)s +1293(one)s 1693(ar)s 4(gument.)k 2694(It)s 2897(will)s +3321(ha)s 4(v)k 3(e)k 3820(a)s 3984(single)s +4609(ne)s 6(wline)k 5414(appended)s 6388(so)s 6652(that)s +7068(a)s 7232(single)s 7857(directi)s 6(v)k 3(e)k +8737(can)s 480 3369(easily)m 1083(be)s 1357(gi)s 6(v)k 3(en,)k +1979(b)s 4(ut)k 2333(if)s 2542(more)s 3080(than)s +3541(one)s 3935(directi)s 6(v)k 3(e)k 4809(is)s +5011(required)s 5857(it)s 6040(will)s 6458(ha)s 4(v)k 3(e)k +6951(to)s 7182(contain)s 7935(one)s 8329(or)s 8579(more)s +480 3129(real)m 892(ne)s 6(wlines.)k gsave +120 2838 translate +0.6953 1.0000 scale +240 fnt31 0 -52(\211\211spoof\211user)m +gsave +1872 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(user)m +grestore + +grestore +480 2544(Pretend)m 1268(to)s 1507(the)s +1855(service)s 2587(that)s 3005(it)s 3197(is)s 3407(being)s +3992(called)s 4620(by)s 240 fnt83 4914 2546(user)m 240 fnt82 +5391 2544($which)m 6112(may)s 6578(be)s 6860(a)s 7026(username)s +7998(or)s 8257(a)s 8423(uid$.)s 480 2304(This)m 956(will)s +1382(also)s 1820(af)s 6(fect)k 2416(the)s 2764(group)s +3376(and)s 3780(supplementary)s 5242(groups)s 5945(supplied)s 6814(to)s +7053(the)s 7401(service;)s 8189(the)s 3(y)k 8652(will)s +480 2064(be)m 759(the)s 1103(standard)s 1968(group)s 2576(and)s +2977(supplementary)s 4435(groups)s 5135(for)s 240 fnt83 5469 2066(user)m +240 fnt82 5886 2064(.)m 5987(The)s gsave +6411 2118 translate +0.6953 1.0000 scale +240 fnt31 0 -52(\211\211spoof\211user)m + +grestore +7669(option)s 8334(will)s 240 fnt83 8756 2066(not)m 240 fnt82 +480 1824(af)m 6(fect)k 1076(which)s 1718(user)s 2176(is)s +2386(chosen)s 3108(if)s 3325(the)s 3673(service)s 4405(user)s +4863(is)s 5073(speci\207ed)s 5981(as)s 6231(just)s gsave +6636 1878 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(\211)m +grestore +6736(;)s 6848(in)s 7091(this)s 7487(case)s +7954(the)s 8302(service)s 480 1584(user)m 938(will)s 1364(be)s +1646(the)s 1994(real)s 2406(calling)s 3109(user)s 13(.)k +0 52(User)m 511(service)s 1243(daemon)s 2058(and)s 2462(client)s +3052(speci\207cation)s 8491(0.61.1)s +grestore + +grestore + +pgsave restore +showpage + +%%Page: 8 8 +%%BeginPageSetup +%%PageResources: font Times-Roman +%%+ font Times-Bold +%%+ font Courier-Bold +/pgsave save def +0.0500 dup scale 10 setlinewidth +%%EndPageSetup +gsave +0 0 translate +240 fnt82 0.0 0.0 0.0 setrgbcolor 11900 16840 0 16840 240 240 60 LoutGraphic +gsave +LoutPageSet +grestore +gsave +0 16840 translate +0.0000 rotate + +grestore + +grestore +gsave +0 16840 translate +0.0000 rotate +gsave +1417 -15423 translate +240 fnt82 0.0 0.0 0.0 setrgbcolor 9066 14006 0 14006 240 240 60 LoutGraphic +gsave +0 LoutMargSet +grestore +240 fnt84 0 13842(8)m gsave +0 12726 translate +240 fnt82 9066 688 0 688 240 240 60 LoutGraphic +gsave +newpath 0 ysize 0.3 ft sub moveto +xsize 0 rlineto +0 0.2 ft rlineto +xsize neg 0 rlineto +closepath fill +grestore +340 fnt84 0 70(3.)m 412(Execution)s +1943(en)s 13(vir)k 6(onment)k 3856(of)s 4243(the)s +4774(ser)s 3(vice)k 5846(pr)s 6(ogram)k +grestore +240 fnt82 +0 12264(The)m 428(daemon)s 1243(which)s 1885(is)s 2095(handling)s +2986(the)s 3334(service)s 4066(user)s 4524(side)s 4965(of)s +5236(things)s 5872(will)s 6298(read)s 6767(con\207guration)s 8100(\207les)s +8549(to)s 0 12024(decide)m 680(what)s 1205(to)s 1444(do.)s +1788(If)s 2018(it)s 2210(decides)s 2978(to)s 3217(allo)s 6(w)k +3796(the)s 4144(service)s 4876(to)s 5115(be)s 5397(pro)s 3(vided)k +6303(it)s 6495(will)s 6921(fork)s 7380(a)s 7546(subprocess)s +8647(to)s 0 11784(e)m 3(x)k 3(ecute)k 780(the)s +1128(service.)s 0 11376(The)m 428(service)s 1160(will)s 1586(ha)s 4(v)k 3(e)k +2087(no)s 2380(controlling)s 3482(terminal,)s 4384(b)s 4(ut)k +4746(it)s 4938(will)s 5364(be)s 5646(a)s 5812(process)s +6580(group)s 7192(leader)s 13(.)k 0 10968(If)m 223(the)s +563(client)s 1146(is)s 1348(killed)s 1942(or)s 2194(times)s +2754(out)s 3112(or)s 3364(a)s 3522(\207le)s 3875(or)s +4127(descriptor)s 5134(being)s 5711(read)s 6173(or)s 6424(written)s +7149(by)s 7436(the)s 7776(client)s 8358(process)s 0 10728(gets)m +436(an)s 719(error)s 1242(then)s 1711(the)s 2059(service)s +2791(will)s 3217(be)s 3499(disconnected)s 4806(from)s 5330(the)s +5678(client.)s 6312(The)s 6740(client)s 7330(will)s 7756(return)s +8383(an)s 0 10487(e)m 3(xit)k 415(status)s 1010(of)s +1281(255)s 1687(and)s 2091(some)s 2652(the)s 3000(service')s 13(s)k +3886(pipes)s 4442(may)s 4908(be)s 5190(closed)s 5859(at)s +6091(the)s 6439(other)s 6990(end.)s 7440(The)s 7868(service)s +8600(will)s 0 10247(become)m 800(a)s 966(child)s 1502(of)s +gsave +1773 10301 translate +0.6953 1.0000 scale +240 fnt31 0 -52(init)m +grestore +2173(.)s 2277(The)s 2705(service)s +3437(may)s 3903(well)s 4369(not)s 4735(notice)s 5375(the)s +5723(disconnection,)s 7159(though)s 7882(writing)s 8625(to)s 8864(a)s +0 10007(pipe)m 468(after)s 964(this)s 1360(may)s 1826(produce)s +2653(a)s gsave +2819 10061 translate +0.6953 1.0000 scale +240 fnt31 0 -52(SIGPIPE)m +grestore +3579(and)s 3983(the)s +4331(f)s 2(acility)k 5058(e)s 3(xists)k 5650(to)s +5889(ha)s 4(v)k 3(e)k 6390(a)s gsave +6556 10061 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(SIGHUP)m +grestore +7216(sent)s 7661(to)s 7900(the)s 8248(service)s +0 9767(on)m 297(disconnection.)s 9066 670 0 670 240 240 60 0 8743 LoutGr2 +newpath 0 ysize 0.3 ft sub moveto +xsize 0 rlineto +0 0.1 ft rlineto +xsize neg 0 rlineto +closepath fill +grestore +320 fnt84 0 66(3.1.)m 628(File)s +1216(descriptors)s +grestore +0 8281(The)m 428(service)s 1160(program')s 13(s)k +2180(standard)s 3048(\207ledescriptors,)s 4508(and)s 4912(possibly)s 5764(other)s +6315(\207le)s 6676(descriptors,)s 7831(will)s 8257(be)s 0 8041(connected)m +1028(to)s 1266(pipes)s 1821(or)s 2080(to)s gsave +2318 8095 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(/dev/null)m +grestore +3219(.)s 3322(The)s gsave +3750 8095 translate +0.6953 1.0000 scale +240 fnt31 0 -52(userv)m + +grestore +4309(client/daemon)s 5719(pair)s 6150(will)s 6575(arrange)s 7346(that)s +7764(data)s 8221(is)s 8430(copied)s 0 7801(between)m 854(the)s +1202(\207les)s 1651(or)s 1910(\207le)s 2271(descriptors)s 3370(speci\207ed)s +4278(to)s 4517(to)s 4756(the)s 5104(client)s 5694(by)s +5988(the)s 6336(caller)s 6925(and)s 7329(these)s 7876(these)s +8423(pipes.)s 0 7393(Pipes)m 569(which)s 1211(may)s 1677(be)s +1959(written)s 2692(to)s 2931(will)s 3357(be)s 3639(closed)s +4308(if)s 4525(a)s 4691(write)s 5237(error)s 5760(occurs)s +6435(on)s 6732(the)s 7080(corresponding)s 0 7153(client-side)m 1043(\207le)s +1396(or)s 1647(descriptor)s 9(,)k 2692(which)s 3326(may)s +3784(result)s 4366(in)s 4601(a)s gsave +4760 7207 translate +0.6953 1.0000 scale +240 fnt31 0 -52(SIGPIPE)m + +grestore +5512(in)s 5747(the)s 6087(service)s 6811(program;)s 7725(pipes)s +8273(open)s 8788(for)s 0 6913(reading)m 770(will)s 1196(get)s +gsave +1548 6967 translate +0.6953 1.0000 scale +240 fnt31 0 -52(EOF)m +grestore +1908(if)s 2125(the)s 2473(client-side)s +3523(\207le)s 3884(descriptor)s 4899(gets)s gsave +5335 6967 translate +0.6953 1.0000 scale +240 fnt31 0 -52(EOF)m + +grestore +5695(or)s 5954(an)s 6237(error)s 13(.)k 0 6505(If)m +230(the)s 578(service)s 1310(closes)s 1945(one)s 2347(of)s +2618(its)s 2894(reading)s 3663(\207le)s 4024(descriptors)s 5123(the)s +5471(writing)s 6214(end)s 6618(of)s 6889(the)s 7237(corresponding)s +8658(pipe)s 0 6265(will)m 421(generate)s 1280(a)s gsave +1441 6319 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(SIGPIPE)m +grestore +2195(when)s 2766(attempts)s 3620(are)s 3962(made)s +4530(by)s 4819(the)s 5161(client/daemon)s 6567(pair)s 6992(to)s +7226(write)s 7766(to)s 8000(it.)s 8230(This)s 8700(will)s +0 6025(not)m 366(be)s 648(considered)s 1742(an)s 2025(error;)s +2600(rather)s 9(,)k 3254(the)s 3602(rele)s 6(v)k 6(ant)k +4419(pipe)s 4887(will)s 5313(be)s 5595(discarded)s 6569(and)s +6973(the)s 7321(corresponding)s 8743(\207le)s 0 5785(or)m 259(\207le)s +620(descriptor)s 1635(held)s 2105(by)s 2399(the)s 2747(client)s +3337(will)s 3763(be)s 4045(closed.)s 0 5377(Lik)m 2(e)k 6(wise,)k +975(if)s 1192(one)s 1594(of)s 1865(the)s 2213(\207le)s +2574(descriptors)s 3673(held)s 4143(by)s 4437(the)s 4785(client)s +5375(for)s 5713(writing)s 6456(by)s 6750(the)s 7098(service)s +7830(is)s 8040(a)s 8206(pipe)s 0 5137(whose)m 665(other)s +1213(end)s 1613(is)s 1820(closed)s 2485(by)s 2776(the)s +3120(caller)s 3706(then)s 4171(the)s 4516(client/daemon)s 5923(pair)s +6351(will)s 6773(see)s 7131(an)s 7410(error)s 7930(when)s +8502(trying)s 0 4897(to)m 239(cop)s 2(y)k 757(data)s +1215(pro)s 3(vided)k 2121(by)s 2415(the)s 2763(service.)s +3543(This)s 4019(too)s 4378(will)s 4804(not)s 5170(be)s +5452(considered)s 6546(an)s 6829(error;)s 7404(rather)s 9(,)k +8058(the)s 8406(pipe)s 0 4657(correspondong)m 1476(to)s 1715(that)s +2133(descriptor)s 3148(will)s 3574(be)s 3856(closed)s 4525(and)s +4929(an)s 3(y)k 5326(further)s 6035(writes)s 6669(will)s +7095(cause)s 7682(the)s 8030(service)s 8762(to)s 0 4417(get)m +352(a)s gsave +518 4471 translate +0.6953 1.0000 scale +240 fnt31 0 -52(SIGPIPE)m +grestore +1218(.)s 0 4009(Note)m +521(that)s 939(not)s 1305(all)s 1598(write)s 2144(errors)s +2751(or)s 3010(brok)s 2(en)k 3730(pipes)s 4286(on)s +4583(\207le)s 4944(descriptors)s 6043(may)s 6509(be)s 6791(visible)s +7484(to)s 7723(the)s 8071(service,)s 0 3769(since)m 547(b)s 4(uf)k 6(fered)k +1404(data)s 1862(may)s 2328(be)s 2610(discarded)s 3584(by)s +3878(the)s 4226(operating)s 5182(system)s 5906(and)s 6310(there)s +6843(will)s 7269(be)s 7551(a)s 7717(\207nite)s 8264(interv)s 6(al)k +0 3529(between)m 847(the)s 1188(error)s 1703(happening)s 2747(and)s +3144(the)s 3484(service)s 4209(being)s 4787(disconnected)s 6086(from)s +6603(the)s 6944(client)s 7526(or)s 7778(the)s 8119(ne)s 3(xt)k +8580(write)s 0 3289(causing)m 784(a)s gsave +950 3343 translate +0.6953 1.0000 scale +240 fnt31 0 -52(SIGPIPE)m + +grestore +1650(.)s 0 2881(Read)m 550(errors)s 1157(on)s 1454(\207le)s +1815(descriptors)s 2914($and)s 3397(disconnection$)s 4854(will)s 5280(only)s +5760(be)s 6042(visible)s 6735(to)s 6974(the)s 7322(service)s +8054(and)s 0 2641(distinguishable)m 1504(from)s 2028(normal)s 2760(end)s +3164(of)s 3435(\207le)s 3796(if)s gsave +4013 2695 translate +0.6953 1.0000 scale +240 fnt31 0 -52(disconnect\211hup)m + +grestore +5474(is)s 5684(in)s 5927(ef)s 6(fect.)k 0 2233(Read)m +549(and)s 951(write)s 1495(errors)s 2100($other)s 2728(than)s +3196(brok)s 2(en)k 3914(pipes,)s 4524(as)s 4772(described)s +5744(abo)s 3(v)k 3(e$)k 6437(will)s 6861(al)s 2(w)k 2(ays)k +7570(be)s 7850(visible)s 8541(to)s 8778(the)s 0 1993(caller;)m +627(the)s 3(y)k 1075(are)s 1408(system)s 2117(errors,)s +2766(and)s 3155(will)s 3566(therefore)s 4469(cause)s 5041(the)s +5375(client)s 5950(to)s 6174(print)s 6671(an)s 6939(error)s +7448(message)s 8299(to)s 8523(stderr)s 0 1752(and)m 404(return)s +1031(with)s 1513(an)s 1796(e)s 3(xit)k 2211(status)s +2806(of)s 3077(255.)s 0 1344(If)m 230(the)s 578(main)s +1113(service)s 1845(program)s 2715(process)s 3483(e)s 3(xits)k +3982(while)s 4569(it)s 4761(still)s 5173(has)s 5543(running)s +6341(children)s 7181(an)s 3(y)k 7578(\207le)s 7939(descriptors)s +0 1104(held)m 470(by)s 764(those)s 1325(children)s 2165(can)s +2554(remain)s 3274(open,)s 3847(depending)s 4898(on)s 5195(the)s +5543(use)s 5918(of)s gsave +6189 1158 translate +0.6953 1.0000 scale +240 fnt31 0 -52(wait)m +grestore +6589(,)s +gsave +6696 1158 translate +0.6953 1.0000 scale +240 fnt31 0 -52(nowait)m +grestore +7356(or)s gsave +7615 1158 translate +0.6953 1.0000 scale +240 fnt31 0 -52(close)m + +grestore +8175(for)s 8513(the)s 0 864(rele)m 6(v)k 6(ant)k +817(\207le)s 1178(descriptor)s 2193(in)s 2436(the)s 2784(client')s 13(s)k +3524(ar)s 4(guments.)k 4620(By)s 4954(def)s 2(ault)k +5675(writing)s 6418(\207ledescriptors)s 7822(remain)s 8542(open)s 0 52(0.61.1)m +4809(User)s 5320(service)s 6052(daemon)s 6867(and)s 7271(client)s +7861(speci\207cation)s +grestore + +grestore + +pgsave restore +showpage + +%%Page: 9 9 +%%BeginPageSetup +%%PageResources: font Times-Roman +%%+ font Times-Bold +%%+ font Courier-Bold +%%+ font Times-Italic +/pgsave save def +0.0500 dup scale 10 setlinewidth +%%EndPageSetup +gsave +0 0 translate +240 fnt82 0.0 0.0 0.0 setrgbcolor 11900 16840 0 16840 240 240 60 LoutGraphic +gsave +LoutPageSet +grestore +gsave +0 16840 translate +0.0000 rotate + +grestore + +grestore +gsave +0 16840 translate +0.0000 rotate +gsave +1417 -15423 translate +240 fnt82 0.0 0.0 0.0 setrgbcolor 9066 14006 0 14006 240 240 60 LoutGraphic +gsave +1 LoutMargSet +grestore +240 fnt84 8952 13842(9)m 240 fnt82 0 13251(and)m 404(the)s +752(client)s 1342(will)s 1768(w)s 2(ait)k 2237(for)s +2575(them)s 3113(to)s 3352(be)s 3634(closed)s 4303(at)s +4535(the)s 4883(service)s 5615(end,)s 6068(and)s 6472(reading)s +7242(\207le)s 7603(descriptors)s 8702(are)s 0 13011(closed)m 669(immediately)s 15(.)k +1952(These)s 2579(lefto)s 3(v)k 3(er)k 3375(child)s +3911(processes)s 4878(will)s 5304(not)s 5670(get)s 6022(a)s +6188(an)s 3(y)k gsave +6585 13065 translate +0.6953 1.0000 scale +240 fnt31 0 -52(SIGHUP)m +grestore +7245(e)s 6(v)k 3(en)k +7745(if)s 7962(a)s 8128(read)s 8597(or)s 0 12771(write)m +546(error)s 1069(occurs)s 1744(or)s 2003(the)s 2351(client)s +2941(disconnects)s 4108(before)s 4774(then.)s 9066 609 0 609 240 240 60 0 11808 LoutGr2 +newpath 0 ysize 0.3 ft sub moveto +xsize 0 rlineto +0 0.1 ft rlineto +xsize neg 0 rlineto +closepath fill +grestore +320 fnt84 0 5(3.2.)m +628(En)s 12(vir)k 5(onment)k +grestore +0 11346(The)m 428(service)s +1160(will)s 1586(ha)s 4(v)k 3(e)k 2087(some)s +2648(information)s 3833(in)s 4076(en)s 9(vironment)k 5336(v)s 6(ariables:)k +gsave +120 11160 translate +0.6953 1.0000 scale +240 fnt31 0 -52(USERV_USER)m +grestore +480 10866(The)m 908(login)s 1457(name)s +2031(of)s 2302(the)s 2650(calling)s 3353(user)s 13(.)k +3842(If)s 4072(the)s gsave +4420 10920 translate +0.6953 1.0000 scale +240 fnt31 0 -52(LOGNAME)m +grestore +5180(v)s 6(ariable)k +5999(is)s 6209(set)s 6534($or)s 9(,)k 6910(if)s +7127(that)s 7545(is)s 7755(unset,)s 8367(if)s 8584(the)s +gsave +480 10680 translate +0.6953 1.0000 scale +240 fnt31 0 -52(USER)m +grestore +940 10626(v)m 6(ariable)k 1759(is)s +1969(set$)s 2362(in)s 2605(the)s 2953(en)s 9(vironment)k +4213(passed)s 4909(to)s 5148(the)s 5496(client)s 6086(by)s +6380(the)s 6728(caller)s 7317(then)s 7786(the)s 8134(passw)s 2(ord)k +480 10386(entry)m 1025(for)s 1363(that)s 1781(login)s 2330(name)s +2904(will)s 3330(be)s 3612(look)s 2(ed)k 4320(up;)s +4672(if)s 4889(that)s 5307(passw)s 2(ord)k 6267(entry')s 13(s)k +6968(uid)s 7332(is)s 7542(the)s 7890(same)s 8437(as)s +8687(that)s 480 10146(of)m 745(the)s 1086(calling)s 1782(process)s +2543(then)s 3005(that)s 3416(login)s 3958(name)s 4525(will)s +4945(be)s 5220(used,)s 5759(otherwise)s 6737($or)s 7068(if)s +7278(neither)s gsave +7994 10200 translate +0.6953 1.0000 scale +240 fnt31 0 -52(LOGNAME)m +grestore +8747(nor)s gsave +480 9960 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(USER)m +grestore +938 9906(is)m 1146(set$)s 1537(the)s 1883(calling)s +2583(process')s 13(s)k 3508(uid)s 3870(will)s 4294(be)s +4573(look)s 2(ed)k 5279(up)s 5570(to)s 5807(determine)s +6815(their)s 7310(login)s 7857(name)s 8429($and)s 8909(if)s +480 9666(this)m 876(lookup)s 1595(f)s 2(ails)k 2054(then)s +2523(the)s 2871(service)s 3603(will)s 4029(not)s 4395(be)s +4677(in)s 9(v)k 4(ok)k 2(ed$.)k gsave +120 9480 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(USERV_UID)m +grestore +480 9186(The)m 908(uid)s 1272(of)s 1543(the)s +1891(calling)s 2594(process.)s gsave +120 9000 translate +0.6953 1.0000 scale +240 fnt31 0 -52(USERV_GID)m +grestore +480 8706(The)m +908(gid)s 1272(and)s 1676(supplementary)s 3138(group)s 3750(list)s +4101(of)s 4372(the)s 4720(calling)s 5423(process:)s 6246(\207rst)s +6677(the)s 7025(group)s 7637(in)s 7880(gid)s 8244(and)s +8648(then)s 480 8466(those)m 1041(in)s 1284(the)s 1632(supplementary)s +3094(group)s 3706(list,)s 4104(in)s 4347(decimal,)s 5210(separated)s +6170(by)s 6464(spaces.)s gsave +120 8280 translate +0.6953 1.0000 scale +240 fnt31 0 -52(USERV_GROUP)m +grestore +480 7986(The)m +908(group)s 1520(names)s 2182(of)s 2453(the)s 2801(calling)s +3504(process,)s 4328(listed)s 4903(in)s 5146(the)s 5494(same)s +6041(w)s 2(ay)k 6492(as)s 6742(the)s 7090(ids)s +7420(are)s 7767(in)s gsave +8010 8040 translate +0.6953 1.0000 scale +240 fnt31 0 -52(USERV_GID)m +grestore +8911(.)s +480 7746(If)m 710(no)s 1003(name)s 1577(can)s 1966(be)s +2248(found)s 2865(for)s 3203(an)s 3(y)k 3600(of)s +3871(the)s 4219(calling)s 4922(process')s 13(s)k 5849(group$s$)s +6708(then)s 7177(the)s 7525(service)s 8257(will)s 8683(not)s +480 7506(be)m 762(in)s 9(v)k 4(ok)k 2(ed.)k +gsave +120 7320 translate +0.6953 1.0000 scale +240 fnt31 0 -52(USERV_CWD)m +grestore +480 7026(The)m 908(client')s 13(s)k +1648(current)s 2384(w)s 2(orking)k 3233(directory)s 4149(name)s +4723($this)s 5198(directory)s 6114(may)s 6580(not)s 6946(be)s +7228(accessible)s 8252(to)s 8491(the)s 480 6786(service$.)m 1339(If)s +1568(it)s 1759(could)s 2348(not)s 2713(be)s 2994(determined)s +4126(or)s 4384(the)s gsave +4732 6840 translate +0.6953 1.0000 scale +240 fnt31 0 -52(\211\211hidecwd)m +grestore +5692(\210ag)s +6103(w)s 2(as)k 6523(used)s 7019(then)s 7487(this)s +7882(v)s 6(ariable)k 8700(will)s 480 6546(be)m 762(set)s +1087(to)s 1326(an)s 1609(empty)s 2261(string)s 2858($this)s +3333(is)s 3543(not)s 3909(considered)s 5003(an)s 5286(error$.)s +gsave +120 6360 translate +0.6953 1.0000 scale +240 fnt31 0 -52(USERV_SERVICE)m +grestore +480 6066(The)m 908(service)s 1640(name)s +2214(requested)s 3188(by)s 3482(the)s 3830(caller)s 13(.)k +gsave +120 5880 translate +0.6953 1.0000 scale +240 fnt31 0 -52(USERV_U_)m gsave +1152 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(name)m +grestore + +grestore +480 5586(The)m +908(v)s 6(alue)k 1476(supplied)s 2345(to)s 2584(the)s +2932(client)s 3522(by)s 3816(the)s 4164(caller)s 4753(using)s +5325(-D)s 240 fnt83 5569 5588(name)m 240 fnt82 6081 5586(.)m +gsave +0 5377 translate +0.6953 1.0000 scale +240 fnt31 0 -52(HOME)m +grestore +400 5323(,)m gsave +507 5377 translate +0.6953 1.0000 scale +240 fnt31 0 -52(PATH)m + +grestore +907(,)s gsave +1014 5377 translate +0.6953 1.0000 scale +240 fnt31 0 -52(SHELL)m +grestore +1514(,)s gsave +1621 5377 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(LOGNAME)m +grestore +2381(and)s gsave +2785 5377 translate +0.6953 1.0000 scale +240 fnt31 0 -52(USER)m +grestore +3245(will)s +3671(be)s 3953(set)s 4278(appropriately)s 5606($according)s 6681(to)s +6920(the)s 7268(details)s 7942(of)s 8213(the)s 0 5083(service)m +732(user$.)s 0 52(User)m 511(service)s 1243(daemon)s 2058(and)s +2462(client)s 3052(speci\207cation)s 8491(0.61.1)s +grestore + +grestore + +pgsave restore +showpage + +%%Page: 10 10 +%%BeginPageSetup +%%PageResources: font Times-Roman +%%+ font Times-Bold +%%+ font Times-Italic +%%+ font Courier-Bold +/pgsave save def +0.0500 dup scale 10 setlinewidth +%%EndPageSetup +gsave +0 0 translate +240 fnt82 0.0 0.0 0.0 setrgbcolor 11900 16840 0 16840 240 240 60 LoutGraphic +gsave +LoutPageSet +grestore +gsave +0 16840 translate +0.0000 rotate + +grestore + +grestore +gsave +0 16840 translate +0.0000 rotate +gsave +1417 -15423 translate +240 fnt82 0.0 0.0 0.0 setrgbcolor 9066 14006 0 14006 240 240 60 LoutGraphic +gsave +0 LoutMargSet +grestore +240 fnt84 0 13842(10)m gsave +0 12725 translate +240 fnt82 9066 689 0 689 240 240 60 LoutGraphic +gsave +newpath 0 ysize 0.3 ft sub moveto +xsize 0 rlineto +0 0.2 ft rlineto +xsize neg 0 rlineto +closepath fill +grestore +340 fnt84 0 70(4.)m 412(Ser)s 3(vice-side)k +2219(con\207guration)s +grestore +240 fnt82 0 12263(Which)m 695(ser)s 973(vices)s +1515(may)s 1981(be)s 2263(run)s 2639(by)s 2933(whom)s +3592(and)s 3996(un)s 4233(der)s 4598(what)s 5123(con)s +5466(di)s 5646(tions)s 6162(is)s 6372(con)s 6715(trolled)s +7396(by)s 7690(con)s 8033(\207g)s 8279(u)s 8394(ra)s +8579(-)s 0 12023(tion)m 429(\207les.)s 0 11615(The)m 428(daemon)s +1243(will)s 1669(read)s 2138(these)s 2685(\207les)s 3134(in)s +3377(order)s 13(.)k 3972(Certain)s 4732(directi)s 6(v)k 3(es)k +5702(in)s 5945(the)s 6293(\207les)s 6742(modify)s 7487(the)s +7835(daemon')s 13(s)k 0 11375(e)m 3(x)k 3(ecution)k +981(settings)s 1762(for)s 2100(in)s 9(v)k 4(oking)k +2992(the)s 3340(service,)s 4123(for)s 4461(e)s 3(xample)k +5324(allo)s 6(wing)k 6208(certain)s 6914(\207le)s 7275(descriptors)s +8374(to)s 8613(be)s 0 11135(speci\207ed)m 908(by)s 1202(the)s +1550(client)s 2140(or)s 2399(specifying)s 3448(which)s 4090(program)s +4960(to)s 5199(e)s 3(x)k 3(ecute)k 5979(to)s +6218(pro)s 3(vide)k 7002(the)s 7350(service.)s 0 10727(The)m +240 fnt83 428 10729(last)m 240 fnt82 837 10727(instance)m 1676(of)s +1947(each)s 2442(such)s 2938(setting)s 3628(will)s 4054(tak)s 2(e)k +4506(ef)s 6(fect.)k 5146(The)s 5574(directi)s 6(v)k 3(es)k +6544(which)s 7186(specify)s 7930(which)s 0 10487(program)m 864(to)s +1096(e)s 3(x)k 3(ecute)k 1869(will)s 2288(not)s +2647(stop)s 3092(the)s 3433(con\207guration)s 4759(\207le)s 5113(from)s +5630(being)s 6208(read;)s 6724(the)s 3(y)k 7180(will)s +7599(be)s 7874(remembered)s 0 10247(and)m 404(will)s 830(only)s +1310(tak)s 2(e)k 1762(ef)s 6(fect)k 2358(if)s +2575(the)s 3(y)k 3038(are)s 3385(not)s 3751(o)s 3(v)k 3(erridden)k +4838(by)s 5132(a)s 5298(later)s 5781(directi)s 6(v)k 3(e.)k +0 9839(The)m 428(daemon)s 1243(will)s 1669(\207rst)s 2100(read)s +gsave +2569 9893 translate +0.6953 1.0000 scale +240 fnt31 0 -52(/etc/userv/system.default)m +grestore +5072(.)s 5176(Then,)s 5775(by)s +6069(def)s 2(ault)k 6790($this)s 7265(beha)s 4(viour)k +8278(may)s 0 9599(be)m 282(modi\207ed$,)s 1319(it)s 1511(will)s +1937(read)s 2406(a)s 2572(per)s 4(-user)k 3410(\207le)s +gsave +3771 9653 translate +0.6953 1.0000 scale +240 fnt31 0 -52(~/.userv/rc)m +grestore +4872(,)s 4979(if)s 5196(it)s +5388(e)s 3(xists)k 5980(and)s 6384(the)s 6732(service)s +7464(user')s 13(s)k 8072(shell)s 8578(is)s 8788(in)s +gsave +0 9413 translate +0.6953 1.0000 scale +240 fnt31 0 -52(/etc/shells)m +grestore +1101 9359(.)m 1205(Finally)s 1936(it)s +2128(will)s 2554(read)s gsave +3023 9413 translate +0.6953 1.0000 scale +240 fnt31 0 -52(/etc/userv/system.override)m +grestore +5626(.)s +0 8951(When)m 627(it)s 816(has)s 1183(read)s 1650(all)s +1940(of)s 2208(these)s 2753(\207les)s 3199(it)s 3388(will)s +3812(act)s 4147(ac)s 4352(cord)s 4775(ing)s 5131(to)s +5368(the)s 5713(cur)s 6018(rent)s 6389(ly)s 6626(v)s 6(al)k +6907(ues)s 7275(of)s 7543(of)s 7811(the)s 8156(e)s 3(x)k +8374(e)s 8476(cu)s 8697(tion)s 0 8711(set)m 265(tings.)s +9066 670 0 670 240 240 60 0 7687 LoutGr2 +newpath 0 ysize 0.3 ft sub moveto +xsize 0 rlineto +0 0.1 ft rlineto +xsize neg 0 rlineto +closepath fill +grestore +320 fnt84 0 66(4.1.)m 628(Con\207guration)s 2618(\207le)s 3100(syntax)s + +grestore +0 7225(The)m 414(con\207guration)s 1733(\207le)s 2080(is)s 2276(a)s +2428(series)s 3007(of)s 3264(directi)s 6(v)k 3(es,)k +4276(usually)s 5007(one)s 5395(per)s 5746(line.)s 6193(The)s +6607(portion)s 7341(of)s 7598(a)s 7750(line)s 8149(follo)s 6(wing)k +0 6985(a)m 154(hash)s 638(character)s gsave +1560 7039 translate +0.6953 1.0000 scale +240 fnt31 0 -52(#)m + +grestore +1708(is)s 1906(tak)s 2(en)k 2466(as)s 2704(a)s +2858(comment)s 3796(and)s 4188(ignored.)s 5011(Each)s 5533(directi)s 6(v)k 3(e)k +6403(consists)s 7199(of)s 7458(a)s 7612(series)s 8194(of)s +8452(tok)s 2(ens)k 0 6745(separated)m 960(by)s 1254(linear)s +1857(whitespace)s 2975($spaces)s 3729(and)s 4133(tabs$;)s 4709(tok)s 2(ens)k +5383(may)s 5849(be)s 6131(w)s 2(ords)k 6765(consisting)s +7788(of)s 8059(non-space)s 0 6505(characters,)m 1074(or)s 9(,)k +1371(where)s 2011(a)s 2177(string)s 2774(is)s 2984(required,)s +3887(a)s 4053(string)s 4650(in)s 4893(double)s 5601(quotes.)s +6330(Double-quoted)s 7824(strings)s 8512(may)s 0 6265(contain)m 761(the)s +1109(follo)s 6(wing)k 2086(backslash)s 3073(escapes:)s gsave +120 6079 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(\\n)m +grestore +480 5785(ne)m 6(wline)k gsave +120 5599 translate +0.6953 1.0000 scale +240 fnt31 0 -52(\\t)m + +grestore +480 5305(tab)m gsave +120 5119 translate +0.6953 1.0000 scale +240 fnt31 0 -52(\\r)m +grestore +480 4825(carriage)m 1304(return)s +gsave +120 4639 translate +0.6953 1.0000 scale +240 fnt31 0 -52(\\)m gsave +144 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(OOO)m +grestore + +grestore +480 4345(character)m +1414(whose)s 2082(octal)s 2601(code)s 3109(is)s 240 fnt83 +3319 4347(OOO)m gsave +120 4159 translate +0.6953 1.0000 scale +240 fnt31 0 -52(\\x)m gsave +288 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(XX)m + +grestore + +grestore +240 fnt82 480 3865(character)m 1414(whose)s 2082(he)s 3(x)k +2480(code)s 2988(is)s 240 fnt83 3198 3867(XX)m gsave +120 3679 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(\\)m gsave +144 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(punctuation)m +grestore + +grestore +240 fnt82 480 3385(literal)m +1090(punctuation)s 2277(character)s 3211($e)s 3(g)k gsave +3566 3439 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(\\\$m +grestore +3766(,)s gsave +3873 3439 translate +0.6953 1.0000 scale +240 fnt31 0 -52(\\")m +grestore +4073(\))s +gsave +120 3198 translate +0.6953 1.0000 scale +240 fnt31 0 -52(\\)m gsave +144 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(ne)m 3(wline)k + +grestore + +grestore +1005 3144($ie,)m 1363(backslash)s 2350(at)s 2582(end)s 2986(of)s +3257(line$)s 480 2904(string)m 1077(continues)s 2045(on)s 2342(ne)s 3(xt)k +2811(line)s 0 2342(Relati)m 6(v)k 3(e)k 843(pathnames)s +1917(in)s 2160(directi)s 6(v)k 3(es)k 3130(are)s +3477(relati)s 6(v)k 3(e)k 4239(to)s 4478(the)s +4826(service)s 5558(program')s 13(s)k 6578(current)s 7314(directory)s +8230($usually)s 0 2102(the)m 348(service)s 1080(user')s 13(s)k +1687(home)s 2275(directory$.)s 3319(P)s 3(athnames)k 4403(starting)s +5171(with)s 5653(the)s 6000(tw)s 2(o)k 6410(characters)s +gsave +7427 2156 translate +0.6953 1.0000 scale +240 fnt31 0 -52(~/)m +grestore +7687(are)s 8033(tak)s 2(en)k +8606(to)s 8844(be)s 0 1862(relati)m 6(v)k 3(e)k +762(to)s 1001(the)s 1349(service)s 2081(user')s 13(s)k +2689(home)s 3277(directory)s 15(.)k 9066 670 0 670 240 240 60 0 838 LoutGr2 +newpath 0 ysize 0.3 ft sub moveto +xsize 0 rlineto +0 0.1 ft rlineto +xsize neg 0 rlineto +closepath fill +grestore +320 fnt84 0 66(4.2.)m +628(Con\207guration)s 2618(\207le)s 3100(dir)s 5(ecti)k 3(v)k 3(es)k + +grestore +0 52(0.61.1)m 4809(User)s 5320(service)s 6052(daemon)s 6867(and)s +7271(client)s 7861(speci\207cation)s +grestore + +grestore + +pgsave restore +showpage + +%%Page: 11 11 +%%BeginPageSetup +%%PageResources: font Times-Roman +%%+ font Times-Bold +%%+ font Courier-Bold +%%+ font Times-Italic +/pgsave save def +0.0500 dup scale 10 setlinewidth +%%EndPageSetup +gsave +0 0 translate +240 fnt82 0.0 0.0 0.0 setrgbcolor 11900 16840 0 16840 240 240 60 LoutGraphic +gsave +LoutPageSet +grestore +gsave +0 16840 translate +0.0000 rotate + +grestore + +grestore +gsave +0 16840 translate +0.0000 rotate +gsave +1417 -15423 translate +240 fnt82 0.0 0.0 0.0 setrgbcolor 9066 14006 0 14006 240 240 60 LoutGraphic +gsave +1 LoutMargSet +grestore +240 fnt84 8839 13842(11)m 300 fnt84 0 13210(4.2.1.)m 813(Immediate)s +2261(dir)s 5(ecti)k 3(v)k 3(es)k 240 fnt82 +0 12696(The)m 428(follo)s 6(wing)k 1405(directi)s 6(v)k 3(es)k +2375(tak)s 2(e)k 2827(ef)s 6(fect)k 3423(immediately:)s +gsave +120 12342 translate +0.6953 1.0000 scale +240 fnt31 0 -52(cd)m gsave +432 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(pathname)m +grestore + +grestore +480 12048(Change)m +1268(directory)s 2184(in)s 2427(the)s 2775(service)s 3507(program.)s +gsave +4421 12102 translate +0.6953 1.0000 scale +240 fnt31 0 -52(cd)m +grestore +4681(is)s 4891(cumulati)s 6(v)k 3(e.)k +6048(It)s 6253(is)s 6463(an)s 6746(error)s 7269(if)s +7486(the)s 7834(directory)s 480 11808(cannot)m 1178(be)s 1460(changed)s +2316(to.)s gsave +480 11454 translate +0.6953 1.0000 scale +240 fnt31 0 -52(cd)m +grestore +740 11400(should)m 1437(not)s +1803(be)s 2085(used)s 2582(between)s gsave +3436 11454 translate +0.6953 1.0000 scale +240 fnt31 0 -52(execute\211from\211directory)m + +grestore +5698(and)s 6102(the)s 6450(in)s 9(v)k 4(ocation)k +7504(of)s 7775(the)s 8123(service)s 480 11160(program,)m 1397(as)s +1647(the)s 1995(test)s 2386(for)s 2724(the)s 3072(a)s 4(v)k 6(ailability)k +4190(of)s 4461(the)s 4809(service)s 5541(program)s 6411(w)s 2(ould)k +7066(be)s 7348(done)s 7870(with)s 8352(the)s 8700(old)s +480 10920(current)m 1216(directory)s 2132(and)s 2536(the)s 2884(actual)s +3509(e)s 3(x)k 3(ecution)k 4490(with)s 4972(the)s +5320(ne)s 6(w)k 5767($probably)s 6751(causing)s 7535(an)s +7818(error$.)s gsave +120 10580 translate +0.6953 1.0000 scale +240 fnt31 0 -52(eof)m +grestore +480 10286(Stop)m 972(reading)s +1742(the)s 2090(con\207guration)s 3423(\207le)s 3784(in)s 4027(question,)s +4945(as)s 5195(if)s 5412(end)s 5816(of)s 6087(\207le)s +6448(had)s 6852(been)s 7361(reached.)s 8208(An)s 3(y)k +480 10046(control)m 1212(constructs)s 2232($)s gsave +2305 10100 translate +0.6953 1.0000 scale +240 fnt31 0 -52(if)m + +grestore +2505(,)s gsave +2612 10100 translate +0.6953 1.0000 scale +240 fnt31 0 -52(catch\211quit)m +grestore +3673(or)s gsave +3932 10100 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(errors\211push)m +grestore +5033($)s 5161(which)s 5803(were)s 6323(started)s +7017(in)s 7260(that)s 7678(\207le)s 8039(will)s 8465(be)s +480 9806(considered)m 1574(\207nished.)s 2436(P)s 3(arsing)k 3203(will)s +3629(continue)s 4509(in)s 4752(the)s 5100(\207le)s 5461(which)s +6103(caused)s 6812(the)s 7160(\207le)s 7521(containing)s 8584(the)s +gsave +480 9620 translate +0.6953 1.0000 scale +240 fnt31 0 -52(eof)m +grestore +840 9566(to)m 1079(be)s 1361(read.)s +gsave +120 9276 translate +0.6953 1.0000 scale +240 fnt31 0 -52(quit)m +grestore +480 8982(Stop)m 969(reading)s 1735(con\207guration)s +3064(\207les)s 3510(and)s 3910(act)s 4244(immediately)s 5489(on)s +5782(the)s 6126(current)s 6859(settings.)s 7689(The)s 8113(beha)s 4(viour)k +480 8742(of)m gsave +751 8796 translate +0.6953 1.0000 scale +240 fnt31 0 -52(quit)m +grestore +1211(is)s 1421(subject)s +2158(to)s 2397(the)s gsave +2745 8796 translate +0.6953 1.0000 scale +240 fnt31 0 -52(catch\211quit)m +grestore +3806(control)s +4538(construct.)s gsave +120 8402 translate +0.6953 1.0000 scale +240 fnt31 0 -52(include)m gsave +1152 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(\207lename)m + +grestore + +grestore +gsave +120 8162 translate +0.6953 1.0000 scale +240 fnt31 0 -52(include\211ifexist)m gsave +2304 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(\207lename)m +grestore + +grestore +480 7868(Read)m +1026(the)s 1369(con\207guration)s 2698(\207le)s 240 fnt83 3054 7870(\207lename)m +240 fnt82 3858 7868(,)m 3961(and)s 4360(then)s 4825(return)s +5447(to)s 5682(this)s 6073(\207le)s 6430(and)s 6829(continue)s +7705(parsing)s 8457(it)s 8644(with)s 480 7628(the)m 822(ne)s 3(xt)k +1284(directi)s 6(v)k 3(e.)k 2207(It)s 2405(is)s +2608(an)s 2884(error)s 3400(if)s 3610(the)s 3952(\207le)s +4306(cannot)s 4997(be)s 5272(opened)s 6015(and)s 6412(read,)s +6923(unless)s gsave +7565 7682 translate +0.6953 1.0000 scale +240 fnt31 0 -52(include\211ifexist)m +grestore +480 7388(is)m 690(used)s +1187(and)s 1591(the)s 1939(\207le)s 2300(does)s 2790(not)s +3156(e)s 3(xist,)k 3711(in)s 3954(which)s 4596(case)s +5063(the)s 5411(directi)s 6(v)k 3(e)k 6293(is)s +6503(silently)s 7260(ignored.)s gsave +120 7048 translate +0.6953 1.0000 scale +240 fnt31 0 -52(include\211lookup)m gsave +2160 0 translate +1.4219 1.0000 scale +240 fnt83 +0 -52(par)m 3(ameter)k +grestore +gsave +3724 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(dir)m 8(ectory)k + +grestore + +grestore +gsave +120 6808 translate +0.6953 1.0000 scale +240 fnt31 0 -52(include\211lookup\211all)m gsave +2736 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(par)m 3(ameter)k + +grestore +gsave +4300 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(dir)m 8(ectory)k +grestore + +grestore +480 6514(Read)m 1030(the)s +1378(con\207guration)s 2711(\207le)s 3072(in)s 240 fnt83 3315 6516(dir)m 8(ectory)k +240 fnt82 4239 6514(whose)m 4907(name)s 5481(is)s 5691(the)s +6039(v)s 6(alue)k 6607(of)s 240 fnt83 6878 6516(par)m 3(ameter)k +240 fnt82 7937 6514($see)m 8377(the)s 480 6274(description)m 1599(of)s +gsave +1870 6328 translate +0.6953 1.0000 scale +240 fnt31 0 -52(if)m +grestore +2070(,)s 2177(`Control)s 3042(structure)s +3933(directi)s 6(v)k 3(es',)k 5038(page)s 5546(12$.)s +5969(If)s 240 fnt83 6199 6276(par)m 3(ameter)k 240 fnt82 +7258 6274(has)m 7628(se)s 6(v)k 3(eral)k 8350(v)s 6(alues)k +480 6034(the)m 3(y)k 943(will)s 1369(be)s 1651(tried)s +2146(in)s 2389(order;)s 3005(with)s gsave +3487 6088 translate +0.6953 1.0000 scale +240 fnt31 0 -52(include\211lookup)m + +grestore +4948(this)s 5344(search)s 6011(will)s 6437(stop)s 6889(when)s +7465(one)s 7867(is)s 8077(found,)s 8743(b)s 4(ut)k +480 5794(with)m gsave +962 5848 translate +0.6953 1.0000 scale +240 fnt31 0 -52(include\211lookup\211all)m +grestore +2824(the)s 3172(search)s +3839(will)s 4265(continue)s 5145(and)s 5549(an)s 3(y)k +5946(\207les)s 6395(appropriate)s 7539(to)s 7778(other)s 8329(v)s 6(alues)k +480 5554(will)m 906(be)s 1188(read)s 1657(too.)s 480 5146(If)m +700(none)s 1212(of)s 1473(the)s 1811(parameter')s 13(s)k +2965(v)s 6(alues)k 3610(had)s 4004(a)s 4160(corresponding)s +5572(\207le)s 5923(then)s 6381(the)s 6719(\207le)s gsave +7070 5200 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(:default)m +grestore +7921(will)s 8337(be)s 8608(read,)s 480 4906(if)m +697(it)s 889(e)s 3(xists.)k 1534(If)s 240 fnt83 +1764 4908(par)m 3(ameter)k 240 fnt82 2763 4906(')m 13(s)k +2973(list)s 3324(of)s 3595(v)s 6(alues)k 4251(w)s 2(as)k +4672(empty)s 5324(then)s 5793(the)s 6141(\207le)s gsave +6502 4960 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(:none)m +grestore +7062(will)s 7488(be)s 7770(tried)s 8265(\207rst)s +8696(and)s 480 4666(read)m 949(if)s 1166(it)s 1358(e)s 3(xists,)k +2006(otherwise)s gsave +2991 4720 translate +0.6953 1.0000 scale +240 fnt31 0 -52(:default)m +grestore +3852(will)s 4278(be)s +4560(tried.)s 480 4258(It)m 685(is)s 895(not)s 1261(an)s +1544(error)s 2067(for)s 2405(an)s 3(y)k 2802(of)s +3073(the)s 3421(\207les)s 3870($including)s gsave +4906 4312 translate +0.6953 1.0000 scale +240 fnt31 0 -52(:default)m + +grestore +5707($)s 5835(not)s 6201(to)s 6440(e)s 3(xist,)k +6995(b)s 4(ut)k 7357(it)s 7549(is)s 7759(an)s +8042(error)s 8565(if)s 8782(a)s 480 4018(\207le)m 841(e)s 3(xists)k +1433(and)s 1837(cannot)s 2535(be)s 2817(read)s 3286(or)s +3545(if)s 3762(the)s 4110(directory)s 5026(cannot)s 5724(be)s +6006(accessed.)s 480 3610(A)m 693(translation)s 1741(will)s 2150(be)s +2415(applied)s 3160(to)s 3382(v)s 6(alues)k 4021(before)s +4670(the)s 3(y)k 5116(are)s 5446(used)s 5926(to)s +6148(construct)s 7067(a)s 7216(\207lename,)s 8129(so)s 8378(that)s +8778(the)s 480 3370(lookup)m 1195(cannot)s 1888(access)s 2545(dot\207les)s +3295(or)s 3550(\207les)s 3994(in)s 4232(other)s 4779(directories:)s +5887(v)s 6(alues)k 6539(starting)s 7303(with)s 7781(full)s +8162(stops)s 8700(will)s 480 3130(ha)m 4(v)k 3(e)k +970(a)s 1124(colon)s 1702(prepended)s 2745($making)s gsave +3584 3184 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(:.)m +grestore +3784($,)s 3958(colons)s 4623(will)s 5037(be)s +5308(doubled,)s 6175(and)s 6568(each)s 7051(slash)s 7575(will)s +7989(be)s 8259(replaced)s 480 2890(with)m 962(a)s 1128(colon)s +1717(follo)s 6(wed)k 2619(by)s 2913(a)s 3079(h)s 1(yphen)k +gsave +3841 2944 translate +0.6953 1.0000 scale +240 fnt31 0 -52(:\211)m +grestore +4041(.)s 4145(A)s 4375(parameter)s +5389(v)s 6(alue)k 5957(which)s 6599(is)s 6809(the)s +7157(empty)s 7809(string)s 8406(will)s 8832(be)s 480 2650(replaced)m +1347(with)s gsave +1829 2704 translate +0.6953 1.0000 scale +240 fnt31 0 -52(:empty)m +grestore +2489($note)s 3036(that)s +3454(this)s 3850(is)s 4060(dif)s 6(ferent)k 4935(from)s +5459(a)s 5625(parameter)s 6639(not)s 7005(ha)s 4(ving)k +7706(an)s 3(y)k 8103(v)s 6(alues$.)k gsave +120 2310 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(include\211directory)m gsave +2592 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(dir)m 8(ectory)k +grestore + +grestore +480 2016(Read)m +1030(con\207guration)s 2363(from)s 2887(all)s 3180(\207les)s 3629(in)s +3872(directory)s 240 fnt83 4788 2018(dir)m 8(ectory)k 240 fnt82 +5712 2016(which)m 6354(are)s 6701(plain)s 7236(\207les)s 7685(whose)s +8353(names)s 480 1776(consist)m 1204(only)s 1684(of)s 1955(alphanumerics)s +3400(and)s 3804(h)s 1(yphens)k 4653(and)s 5057(start)s +5527(with)s 6009(an)s 6292(alphanumeric.)s 7697(The)s 3(y)k +8240(will)s 8666(be)s 480 1536(read)m 949(in)s 1192(le)s 3(xical)k +1880(order)s 13(.)k 2475(It)s 2680(is)s 2890(an)s +3173(error)s 3696(for)s 4034(the)s 4382(directory)s 5298(not)s +5664(to)s 5903(e)s 3(xist)k 6411(or)s 6670(for)s +7008(it)s 7200(or)s 7459(an)s 3(y)k 7856(of)s +8127(the)s 8475(\207les)s 480 1296(found)m 1089(not)s 1447(to)s +1677(be)s 1951(read)s 2411(successfully)s 15(,)k 3663(or)s +3914(for)s 4243(an)s 3(ything)k 5123(with)s 5596(an)s +5871(appropriate)s 7007(name)s 7572(not)s 7930(to)s 8160(be)s +8434(a)s 8591(plain)s 480 1056(\207le)m 841(or)s 1100(a)s +1266(symbolic)s 2196(link)s 2629(to)s 2868(a)s 3034(plain)s +3569(\207le.)s gsave +120 716 translate +0.6953 1.0000 scale +240 fnt31 0 -52(error)m gsave +864 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(te)m 4(xt)k +404(\202)s +grestore + +grestore +0 52(User)m 511(service)s 1243(daemon)s 2058(and)s +2462(client)s 3052(speci\207cation)s 8491(0.61.1)s +grestore + +grestore + +pgsave restore +showpage + +%%Page: 12 12 +%%BeginPageSetup +%%PageResources: font Times-Roman +%%+ font Times-Bold +%%+ font Times-Italic +%%+ font Courier-Bold +/pgsave save def +0.0500 dup scale 10 setlinewidth +%%EndPageSetup +gsave +0 0 translate +240 fnt82 0.0 0.0 0.0 setrgbcolor 11900 16840 0 16840 240 240 60 LoutGraphic +gsave +LoutPageSet +grestore +gsave +0 16840 translate +0.0000 rotate + +grestore + +grestore +gsave +0 16840 translate +0.0000 rotate +gsave +1417 -15423 translate +240 fnt82 0.0 0.0 0.0 setrgbcolor 9066 14006 0 14006 240 240 60 LoutGraphic +gsave +0 LoutMargSet +grestore +240 fnt84 0 13842(12)m 240 fnt82 480 13254(Causes)m 1209(an)s +1492(error)s 2015(whose)s 2683(message)s 3549(includes)s 4397(the)s +4745(descripti)s 6(v)k 3(e)k 5840(string)s 240 fnt83 +6437 13256(te)m 4(xt)k 240 fnt82 6781 13254(.)m 240 fnt83 +6885 13256(te)m 4(xt)k 240 fnt82 7289 13254(may)m 7755(consist)s +8479(of)s 480 13014(se)m 6(v)k 3(eral)k 1192(tok)s 2(ens)k +1855(with)s 2326(interv)s 3(ening)k 3454(whitespace.)s 4609(The)s +5026(whitespace)s 6134(will)s 6549(be)s 6820(included)s 7691(in)s +7923(the)s 8260(message)s 480 12774(as)m 726(found)s 1338(in)s +1576(the)s 1919(con\207guration)s 3247(\207le:)s 3653(all)s 3941(the)s +4284(characters)s 5298(until)s 5786(the)s 6129(end)s 6528(of)s +6794(the)s 7137(line)s 7546(will)s 7967(be)s 8244(included)s +480 12534(v)m 3(erbatim,)k 1433(unless)s 2082(the)s 3(y)k +2545(are)s 2892(part)s 3323(of)s 3594(a)s 3760(double-quoted)s +5201(string,)s 5852(in)s 6095(which)s 6737(case)s 7204(the)s +7552(usual)s 8112(meaning)s 480 12294(of)m 751(the)s 1099(string)s +1696($i.e.,)s 2174(after)s 2670(backslash)s 3657(escape)s 4350(processing$)s +5501(will)s 5927(be)s 6209(used.)s 6752(Comments)s 7840(and)s +8244(linear)s 480 12054(whitespace)m 1598(at)s 1830(the)s 2178(end)s +2582(of)s 2853(the)s 3201(line)s 3615($or)s 3953(just)s +4358(before)s 5024(the)s 5372(comment$)s 6390(will)s 6816(still)s +7228(be)s 7510(ignored.)s gsave +120 11714 translate +0.6953 1.0000 scale +240 fnt31 0 -52(message)m gsave +1152 0 translate +1.4219 1.0000 scale +240 fnt83 +0 -52(te)m 4(xt)k 404(\202)s +grestore + +grestore +480 11420(Causes)m 1209(a)s +1375(message)s 2241(including)s 3198(the)s 3546(descripti)s 6(v)k 3(e)k +4641(string)s 240 fnt83 5238 11422(te)m 4(xt)k 240 fnt82 +5642 11420(to)m 5881(be)s 6163(deli)s 6(v)k 3(ered)k +7101(as)s 7351(if)s 7568(it)s 7760(were)s 8280(an)s +8563(error)s 480 11180(message,)m 1397(b)s 4(ut)k 1759(does)s +2249(not)s 2615(actually)s 3425(cause)s 4012(an)s 4295(error)s 13(.)k +300 fnt84 0 10513(4.2.2.)m 813(Dir)s 5(ecti)k 3(v)k 3(es)k +2148(with)s 2781(delay)s 3(ed)k 3828(effect)s 240 fnt82 +0 9942(The)m 428(follo)s 6(wing)k 1405(directi)s 6(v)k 3(es)k +2375(ha)s 4(v)k 3(e)k 2876(no)s 3169(immediate)s +4233(ef)s 6(fect,)k 4876(b)s 4(ut)k 5238(are)s +5585(remembered)s 6837(and)s 7241(ha)s 4(v)k 3(e)k +7742(an)s 8025(ef)s 6(fect)k 8621(on)s 0 9702(later)m +483(processing)s 1559(of)s 1830(the)s 2178(con\207guration)s 3511(\207les.)s +gsave +120 9348 translate +0.6953 1.0000 scale +240 fnt31 0 -52(user\211rcfile)m gsave +1728 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(\207lename)m +grestore + +grestore +480 9054(Speci\207es)m +1380(that)s 1784(the)s 2118(\207le)s 240 fnt83 2465 9056(\207lename)m +240 fnt82 3315 9054(should)m 3998(be)s 4266(read)s 4721(instead)s +5442(of)s 5699(the)s 6033(user')s 13(s)k gsave +6627 9108 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(~/.userv/rc)m +grestore +7728(.)s 7818(This)s 8280(does)s 240 fnt83 +8756 9056(not)m 240 fnt82 480 8814(happen)m 1229(immediately;)s 2535(instead,)s +3319(the)s 3667(setting)s 4357(is)s 4567(remembered)s 5819(and)s +6223(used)s 6720(after)s 7216(the)s gsave +7564 8868 translate +0.6953 1.0000 scale +240 fnt31 0 -52(system.default)m + +grestore +480 8574(con\207guration)m 1812(\207le)s 2171(has)s 2539(been)s 3046(read.)s +3559(This)s 4033(directi)s 6(v)k 3(e)k 4913(has)s +5281(no)s 5572(ef)s 6(fect)k 6166(in)s 6407(a)s +6571(user')s 13(s)k 7177(con\207guration)s 8508(\207le)s 8867(or)s +480 8334(in)m 723(the)s gsave +1071 8388 translate +0.6953 1.0000 scale +240 fnt31 0 -52(system.override)m +grestore +2632(\207le,)s +3044(as)s 3294(the)s 3642(user')s 13(s)k 4250(con\207guration)s +5583(\207le)s 5944(has)s 6314(already)s 7071(been)s 7580(found)s +8197(and)s 8601(read)s 480 8094(by)m 774(then)s 1243(and)s +1647(will)s 2073(not)s 2439(be)s 2721(re-read.)s gsave +120 7754 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(errors\211to\211stderr)m +grestore +480 7460(Causes)m 1209(error)s 1732(messages)s 2686(to)s +2925(be)s 3207(deli)s 6(v)k 3(ered)k 4145(to)s +4384(the)s 4732(client')s 13(s)k 5472(stderr)s 13(.)k +gsave +120 7120 translate +0.6953 1.0000 scale +240 fnt31 0 -52(errors\211to\211file)m +grestore +240 fnt83 1581 7068(\207lename)m 240 fnt82 +480 6826(Error)m 1039(messages)s 1989(will)s 2410(be)s 2688(written)s +3416(to)s 240 fnt83 3651 6828(\207lename)m 240 fnt82 4455 6826(,)m +4557(which)s 5195(will)s 5617(be)s 5894(opened)s 6640(in)s +6878(the)s 7222(conte)s 3(xt)k 7978(of)s 8245(and)s +8644(with)s 480 6586(the)m 828(pri)s 6(vile)k 3(ges)k +1812(of)s 2083(the)s 2431(service)s 3163(user)s 13(.)k +gsave +120 6246 translate +0.6953 1.0000 scale +240 fnt31 0 -52(errors\211to\211syslog)m +grestore +1782 6192([)m 240 fnt83 1853 6194(facility)m +240 fnt82 2571 6192([)m 240 fnt83 2642 6194(le)m 3(vel)k +240 fnt82 3089 6192(]])m 480 5952(Error)m 1043(messages)s 1997(will)s +2423(be)s 2705(deli)s 6(v)k 3(ered)k 3643(using)s +gsave +4215 6006 translate +0.6953 1.0000 scale +240 fnt31 0 -52(syslog)m +grestore +4815(.)s 4919(The)s 5347(def)s 2(ault)k +240 fnt83 6068 5954(facility)m 240 fnt82 6786 5952(is)m gsave +6996 6006 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(user)m +grestore +7396(;)s 7508(the)s 7856(def)s 2(ault)k +240 fnt83 8577 5954(le)m 3(vel)k 240 fnt82 480 5712(is)m +gsave +690 5766 translate +0.6953 1.0000 scale +240 fnt31 0 -52(error)m +grestore +1190(.)s 300 fnt84 0 5095(4.2.3.)m +813(Contr)s 5(ol)k 1874(structur)s 5(e)k 3117(dir)s 5(ecti)k 3(v)k 3(es)k +240 fnt82 0 4580(The)m 421(follo)s 6(wing)k 1390(directi)s 6(v)k 3(es)k +2353(are)s 2692(used)s 3182(to)s 3413(create)s 4031(control)s +4755(structures.)s 5780(If)s 6002(the)s 6343(end)s 6739(of)s +7003(the)s 7343(\207le)s 7697(is)s 7899(encountered)s 0 4340(before)m +666(the)s 1014(end)s 1418(of)s 1689(an)s 3(y)k +2086(control)s 2818(structure)s 3709(which)s 4351(w)s 2(as)k +4772(started)s 5466(inside)s 6093(it)s 6285(then)s 6754(that)s +7172(control)s 7904(structure)s 8795(is)s 0 4100(considered)m 1094(\207nished.)s +1956(This)s 2432(is)s 2642(not)s 3008(an)s 3291(error)s 13(.)k +gsave +120 3746 translate +0.6953 1.0000 scale +240 fnt31 0 -52(if)m gsave +432 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(condition)m +grestore + +grestore +gsave +120 3506 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(elif)m gsave +720 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(condition)m +grestore + +grestore +gsave +120 3266 translate +0.6953 1.0000 scale +240 fnt31 0 -52(else)m + +grestore +gsave +120 3026 translate +0.6953 1.0000 scale +240 fnt31 0 -52(fi)m +grestore +480 2732(Lines)m 1062(follo)s 6(wing)k +gsave +2039 2786 translate +0.6953 1.0000 scale +240 fnt31 0 -52(if)m +grestore +2299(are)s 2646(interpreted)s 3738(only)s +4218(if)s 4435(the)s 4783(condition)s 5744(is)s 5954(true.)s +6429(Man)s 3(y)k 7039(conditions)s 8087(are)s 480 2492(properties)m +1486(of)s 1757(parameter)s 2771(v)s 6(alues.)k 3480(Most)s +4032(parameters)s 5130(ha)s 4(v)k 3(e)k 5631(a)s +5797(single)s 6424(string)s 7021(as)s 7271(a)s 7437(v)s 6(alue;)k +8061(ho)s 6(we)k 6(v)k 3(er)k 9(,)k +480 2252(some)m 1035(may)s 1495(yield)s 2025(zero)s 2483(or)s +2735(se)s 6(v)k 3(eral)k 3451(strings,)s 4189(in)s +4426(which)s 5062(case)s 5522(the)s 5864(condition)s 6819(is)s +7023(true)s 7444(if)s 7654(it)s 7840(is)s 8044(true)s +8465(of)s 8729(an)s 3(y)k 480 2012(of)m 751(the)s +1099(strings)s 1787(indi)s 6(vidually)k 15(.)k 3026(P)s 3(arameters)k +4134(are)s 4481(described)s 5455(belo)s 6(w)k 15(.)k +480 1604(The)m 908(conditions)s 1956(are:)s gsave +600 1418 translate +0.6953 1.0000 scale +240 fnt31 0 -52(glob)m +gsave +720 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(par)m 3(ameter)k +grestore +gsave +2284 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(glob-pattern)m + +grestore +4120(\202)s +grestore +960 1124(The)m 1388(v)s 6(alue)k 1956(of)s +2227(the)s 2575(parameter)s 3589(whose)s 4257(name)s 4831(is)s +5041(gi)s 6(v)k 3(en)k 5621(matches)s 6455(one)s +6857(of)s 7128(the)s 7476(glob)s 7955(patterns)s 960 884($anchored)m +1974(at)s 2206(both)s 2689(ends;)s 3240(backslashes)s 4420(can)s +4809(be)s 5091(used)s 5588(to)s 5827(escape)s 6520(metacharacters$.)s +0 52(0.61.1)m 4809(User)s 5320(service)s 6052(daemon)s 6867(and)s +7271(client)s 7861(speci\207cation)s +grestore + +grestore + +pgsave restore +showpage + +%%Page: 13 13 +%%BeginPageSetup +%%PageResources: font Times-Roman +%%+ font Times-Bold +%%+ font Courier-Bold +%%+ font Times-Italic +/pgsave save def +0.0500 dup scale 10 setlinewidth +%%EndPageSetup +gsave +0 0 translate +240 fnt82 0.0 0.0 0.0 setrgbcolor 11900 16840 0 16840 240 240 60 LoutGraphic +gsave +LoutPageSet +grestore +gsave +0 16840 translate +0.0000 rotate + +grestore + +grestore +gsave +0 16840 translate +0.0000 rotate +gsave +1417 -15423 translate +240 fnt82 0.0 0.0 0.0 setrgbcolor 9066 14006 0 14006 240 240 60 LoutGraphic +gsave +1 LoutMargSet +grestore +240 fnt84 8833 13842(13)m gsave +600 13310 translate +0.6953 1.0000 scale +240 fnt31 0 -52(range)m gsave +864 0 translate +1.4219 1.0000 scale +240 fnt83 +0 -52(par)m 3(ameter)k +grestore +gsave +2428 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(min)m +grestore +gsave +3073 0 translate +1.4219 1.0000 scale +240 fnt83 +0 -52(max)m +grestore + +grestore +240 fnt82 960 13016(The)m 1380(v)s 6(alue)k +1940(of)s 2203(the)s 2543(parameter)s 3548(is)s 3750(a)s +3908(nonne)s 3(g)k 1(ati)k 6(v)k 3(e)k +5113(inte)s 3(ger)k 5825(and)s 6220(lies)s 6594(within)s +7254(the)s 7594(range)s 8172(speci\207ed.)s 240 fnt83 960 12778(min)m +240 fnt82 1373 12776(or)m 240 fnt83 1632 12778(max)m 240 fnt82 +2091 12776(may)m 2557(be)s gsave +2839 12830 translate +0.6953 1.0000 scale +240 fnt31 0 -52($)m +grestore +2999(to)s +3238(indicate)s 4050(no)s 4343(lo)s 6(wer)k 4941(or)s +5200(upper)s 5805(limit,)s 6362(respecti)s 6(v)k 3(ely)k 15(.)k +gsave +600 12589 translate +0.6953 1.0000 scale +240 fnt31 0 -52(grep)m gsave +720 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(par)m 3(ameter)k + +grestore +gsave +2284 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(\207lename)m +grestore + +grestore +960 12295(The)m 240 fnt83 1388 12297(\207lename)m +240 fnt82 2252 12295(refers)m 2845(to)s 3084(a)s 3250(\207le)s +3611(one)s 4013(of)s 4284(whose)s 4952(lines)s 5454(is)s +5664(the)s 6012(v)s 6(alue)k 6580(of)s 6851(the)s +7199(parameter)s 8213($leading)s 960 12055(or)m 1211(trailing)s 1944(whitespace)s +3053(on)s 3341(each)s 3827(line)s 4232(and)s 4627(empty)s +5270(lines)s 5764(in)s 5998(the)s 6337(\207le)s 6689(are)s +7027(ignored$.)s 7932(It)s 8128(is)s 8329(an)s 8603(error)s +960 11815(for)m 1298(the)s 1646(\207le)s 2007(not)s 2373(to)s +2612(be)s 2894(opened)s 3644(and)s 4048(read.)s gsave +600 11628 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(!)m gsave +288 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(condition)m +grestore + +grestore +960 11334(The)m 240 fnt83 +1388 11336(condition)m 240 fnt82 2346 11334(is)m 240 fnt83 2556 11336(not)m +240 fnt82 2926 11334(true.)m 600 11094(Conjunctions:)m gsave +1983 11148 translate +0.6953 1.0000 scale +240 fnt31 0 -52(&)m + +grestore +2143(and)s gsave +2547 11148 translate +0.6953 1.0000 scale +240 fnt31 0 -52(|)m +grestore +gsave +1440 10901 translate +0.6953 1.0000 scale +240 fnt31 0 -52($)m +gsave +288 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(condition)m +grestore +0 -292(&)m gsave +288 -240 translate +1.4219 1.0000 scale +240 fnt83 0 -52(condition)m + +grestore +0 -532(&)m gsave +288 -480 translate +1.4219 1.0000 scale +240 fnt83 0 -52(condition)m +grestore +0 -772(\202)m 0 -1012($)m + +grestore +960 9635(is)m 1170(true)s 1597(if)s 1814(all)s 2107(the)s +2455(listed)s 3030(conditions)s 4078(are)s 4425(true;)s 4908(where)s +gsave +5548 9689 translate +0.6953 1.0000 scale +240 fnt31 0 -52(|)m +grestore +5708(is)s 5918(used)s 6415(it)s +6607(is)s 6817(true)s 7244(if)s 7461(an)s 3(y)k +7858(of)s 8129(them)s 8667(is)s 960 9390(true.)m 1428(Ne)s 6(wlines)k +2368(must)s 2885(be)s 3159(used)s 3648(to)s 3879(separate)s +4709(one)s 5104(condition)s 6057(from)s 6573(the)s 6913(ne)s 3(xt,)k +7421(as)s 7663(sho)s 6(wn,)k 8382(and)s 8778(the)s +960 9150(parentheses)m 2126(are)s 2473(mandatory)s 15(.)k 3585(These)s +4212(conjunctions)s 5486(do)s 5779(not)s 6145(do)s 6438(lazy)s +6890(e)s 6(v)k 6(aluation.)k 480 8588(The)m 908(parameters)s +2006(are:)s gsave +600 8402 translate +0.6953 1.0000 scale +240 fnt31 0 -52(service)m +grestore +960 8108(The)m 1388(service)s +2120(name)s 2694(speci\207ed)s 3602(when)s 4178(the)s 4526(client)s +5116(w)s 2(as)k 5537(called.)s gsave +600 7922 translate +0.6953 1.0000 scale +240 fnt31 0 -52(calling\211user)m + +grestore +960 7628(T)m 19(w)k 2(o)k 1431(strings:)s 2174(the)s +2522(login)s 3071(name)s 3645(of)s 3916(the)s 4264(calling)s +4967(user)s 5425($determined)s 6637(as)s 6887(for)s gsave +7225 7682 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(USERV_USER)m +grestore +8226(,)s 8333(abo)s 3(v)k 3(e$)k +960 7388(and)m 1364(the)s 1712(calling)s 2415(uid)s 2779($represented)s +4017(in)s 4260(decimal$.)s gsave +600 7202 translate +0.6953 1.0000 scale +240 fnt31 0 -52(calling\211group)m +grestore +960 6908(Se)m 6(v)k 3(eral)k +1722(strings:)s 2465(the)s 2813(primary)s 3623(and)s 4027(supplementary)s +5489(group)s 6101(names)s 6763(and)s 7167(gids)s 7617($in)s +7939(decimal$)s 960 6668(of)m 1231(the)s 1579(calling)s 2282(process.)s +3103(All)s 3463(the)s 3811(group)s 4423(names)s 5085(come)s +5659(\207rst,)s 6137(and)s 6541(then)s 7010(the)s 7358(gids.)s +7861(If)s 8091(the)s 8439(\207rst)s 960 6428(supplementary)m 2422(group)s +3034(is)s 3244(the)s 3592(same)s 4139(as)s 4389(the)s +4737(primary)s 5547(group)s 6159(then)s 6628(it)s 6820(is)s +7030(elided.)s gsave +600 6242 translate +0.6953 1.0000 scale +240 fnt31 0 -52(calling\211user\211shell)m +grestore +960 5948(The)m 1388(calling)s +2091(user')s 13(s)k 2699(shell,)s 3257(as)s 3507(listed)s +4082(in)s 4325(the)s 4673(passw)s 2(ord)k 5633(entry)s +6178(for)s 6516(the)s 6864(calling)s 7567(login)s 8116(name)s +8690($as)s 960 5708(determined)m 2093(for)s gsave +2431 5762 translate +0.6953 1.0000 scale +240 fnt31 0 -52(USERV_USER)m + +grestore +3432(,)s 3539(abo)s 3(v)k 3(e$.)k gsave +600 5522 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(service\211user)m +grestore +960 5228(T)m 19(w)k 2(o)k 1431(strings:)s +2174(the)s 2522(name)s 3096(of)s 3367(the)s 3715(service)s +4447(user)s 4905($as)s 5234(speci\207ed)s 6142(to)s 6381(the)s +6729(client$)s 7387(and)s 7791(their)s 8288(uid)s 960 4988($represented)m +2198(in)s 2441(decimal$.)s gsave +600 4802 translate +0.6953 1.0000 scale +240 fnt31 0 -52(service\211group)m +grestore +960 4508(Se)m 6(v)k 3(eral)k +1722(strings:)s 2465(the)s 2813(primary)s 3623(and)s 4027(supplementary)s +5489(group)s 6101(names)s 6763(and)s 7167(gids)s 7617($in)s +7939(decimal$)s 8823(of)s 960 4268(the)m 1308(service)s 2040(user)s 13(.)k +gsave +600 4082 translate +0.6953 1.0000 scale +240 fnt31 0 -52(service\211user\211shell)m +grestore +960 3788(The)m 1388(service)s 2120(user')s 13(s)k +2728(shell,)s 3286(as)s 3536(listed)s 4111(in)s 4354(their)s +4851(passw)s 2(ord)k 5811(entry)s 15(.)k gsave +600 3602 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(u\211)m gsave +288 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(name)m +grestore + +grestore +960 3308(The)m 1388(v)s 6(alue)k +1956(of)s 2227(the)s 2575(user)s 4(-de\207ned)k 3811(v)s 6(ariable)k +240 fnt83 4630 3310(name)m 240 fnt82 5202 3308(passed)m 5898(by)s +6192(the)s 6540(caller)s 7129(using)s 7701(the)s gsave +8049 3362 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(\211\211defvar)m +grestore +960 3068(command-line)m 2397(option)s 3066(to)s 3305(the)s +3653(client.)s 4287(If)s 4517(the)s 4865(v)s 6(ariable)k +5684(w)s 2(as)k 6105(not)s 6471(de\207ned)s 7234(then)s +7703(this)s 8099(parameter)s 960 2828(is)m 1170(an)s 1453(empty)s +2105(list)s 2456(of)s 2727(strings;)s 3476(in)s 3719(this)s +4115(case)s 4582(an)s 3(y)k 4979(condition)s 5940(which)s +6582(tests)s 7057(it)s 7249(will)s 7675(be)s 7957(f)s 2(alse,)k +8512(and)s gsave +960 2642 translate +0.6953 1.0000 scale +240 fnt31 0 -52(include\211lookup)m +grestore +2421 2588(on)m 2718(it)s +2910(will)s 3336(read)s 3805(the)s gsave +4153 2642 translate +0.6953 1.0000 scale +240 fnt31 0 -52(:none)m + +grestore +4713(\207le,)s 5125(or)s gsave +5384 2642 translate +0.6953 1.0000 scale +240 fnt31 0 -52(:default)m +grestore +6245(if)s +gsave +6462 2642 translate +0.6953 1.0000 scale +240 fnt31 0 -52(:none)m +grestore +7022(is)s 7232(not)s 7598(found.)s +gsave +120 2219 translate +0.6953 1.0000 scale +240 fnt31 0 -52(errors\211push)m +grestore +240 fnt83 1281 2167(\207lename)m gsave +120 1979 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(srorre)m +grestore +240 fnt82 480 1685(Stacks)m 1155(the)s 1503(error)s +2026(handling)s 2917(beha)s 4(viour)k 3930(currently)s 4846(in)s +5089(ef)s 6(fect.)k 5729(An)s 3(y)k 6193(changes)s +7015(to)s 7254(error)s 7777(handling)s 8668(will)s 480 1445(tak)m 2(e)k +932(ef)s 6(fect)k 1528(only)s 2008(between)s gsave +2862 1499 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(errors\211push)m +grestore +4023(and)s gsave +4427 1499 translate +0.6953 1.0000 scale +240 fnt31 0 -52(srorre)m +grestore +5027(.)s +gsave +120 1105 translate +0.6953 1.0000 scale +240 fnt31 0 -52(catch\211quit)m +grestore +gsave +120 865 translate +0.6953 1.0000 scale +240 fnt31 0 -52(hctac)m +grestore +0 52(User)m +511(service)s 1243(daemon)s 2058(and)s 2462(client)s 3052(speci\207cation)s +8491(0.61.1)s +grestore + +grestore + +pgsave restore +showpage + +%%Page: 14 14 +%%BeginPageSetup +%%PageResources: font Times-Roman +%%+ font Times-Bold +%%+ font Courier-Bold +%%+ font Times-Italic +/pgsave save def +0.0500 dup scale 10 setlinewidth +%%EndPageSetup +gsave +0 0 translate +240 fnt82 0.0 0.0 0.0 setrgbcolor 11900 16840 0 16840 240 240 60 LoutGraphic +gsave +LoutPageSet +grestore +gsave +0 16840 translate +0.0000 rotate + +grestore + +grestore +gsave +0 16840 translate +0.0000 rotate +gsave +1417 -15423 translate +240 fnt82 0.0 0.0 0.0 setrgbcolor 9066 14006 0 14006 240 240 60 LoutGraphic +gsave +0 LoutMargSet +grestore +240 fnt84 0 13842(14)m 240 fnt82 480 13254(An)m 3(y)k +935(use)s 1301(of)s gsave +1563 13308 translate +0.6953 1.0000 scale +240 fnt31 0 -52(quit)m +grestore +2013(inside)s +gsave +2631 13308 translate +0.6953 1.0000 scale +240 fnt31 0 -52(catch\211quit)m +grestore +3683(will)s 4100(merely)s 4807(cause)s +5385(the)s 5724(parsing)s 6472(to)s 6701(continue)s 7572(at)s +gsave +7795 13308 translate +0.6953 1.0000 scale +240 fnt31 0 -52(hctac)m +grestore +8345(instead.)s 480 13014(An)m 3(y)k +944(control)s 1676(constructs)s 2696(started)s 3390(since)s 3937(the)s +gsave +4285 13068 translate +0.6953 1.0000 scale +240 fnt31 0 -52(catch\211quit)m +grestore +5346(will)s 5772(be)s 6054(considered)s +7148(\207nished)s 7964(if)s 8181(a)s gsave +8347 13068 translate +0.6953 1.0000 scale +240 fnt31 0 -52(quit)m + +grestore +480 12774(is)m 690(found.)s 480 12366(If)m 710(an)s 993(error)s +1516(occurs)s 2191(inside)s gsave +2818 12420 translate +0.6953 1.0000 scale +240 fnt31 0 -52(catch\211quit)m +grestore +3879(the)s +4227(e)s 3(x)k 3(ecution)k 5208(settings)s 5989(will)s +6415(be)s 6697(reset)s 7207($as)s 7536(if)s 7753(by)s +8047(the)s gsave +8395 12420 translate +0.6953 1.0000 scale +240 fnt31 0 -52(reset)m +grestore +480 12126(directi)m 6(v)k 3(e$)k +1434(and)s 1838(parsing)s 2595(will)s 3021(lik)s 2(e)k 6(wise)k +3865(continue)s 4745(at)s gsave +4977 12180 translate +0.6953 1.0000 scale +240 fnt31 0 -52(hctac)m +grestore +5477(.)s +480 11718(If)m 705(a)s 865(le)s 3(xical)k 1548(or)s +1801(syntax)s 2476(error)s 2993(is)s 3198(detected)s 4046(in)s +4283(the)s 4626(same)s 5167(con\207guration)s 6495(\207le)s 6850(as)s +7095(the)s gsave +7437 11772 translate +0.6953 1.0000 scale +240 fnt31 0 -52(catch\211quit)m +grestore +8438(,)s 8539(while)s +480 11478(looking)m 1265(for)s 1603(the)s gsave +1951 11532 translate +0.6953 1.0000 scale +240 fnt31 0 -52(hctac)m + +grestore +2511(after)s 3007(an)s 3290(error)s 3813(or)s gsave +4072 11532 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(quit)m +grestore +4472(,)s 4579(that)s 4997(ne)s 6(w)k +5444(error)s 5967(will)s 6393(not)s 6759(be)s 7041(caught.)s +300 fnt84 0 10811(4.2.4.)m 813(Dir)s 5(ecti)k 3(v)k 3(es)k +2148(f)s 7(or)k 2595(changing)s 3829(execution)s 5112(settings)s +240 fnt82 0 10240(The)m 419(follo)s 6(wing)k 1386(directi)s 6(v)k 3(es)k +2346(modify)s 3082(the)s 3420(e)s 3(x)k 3(ecution)k +4391(settings;)s 5223(the)s 5562(serv)s 3(er)k 6192(will)s +6608(remember)s 7627(the)s 7965(f)s 2(act)k 8370(that)s +8778(the)s 0 9999(directi)m 6(v)k 3(e)k 881(w)s 2(as)k +1300(encountered)s 2525(and)s 2927(act)s 3263(on)s 3559(it)s +3749(only)s 4227(after)s 4721(all)s 5012(the)s 5359(con\207guration)s +6690(has)s 7058(been)s 7565(parsed.)s 8291(The)s 240 fnt83 +8717 10001(last)m 240 fnt82 0 9759(directi)m 6(v)k 3(e)k +882(which)s 1524(modi\207es)s 2399(an)s 3(y)k 2796(particuar)s +3704(setting)s 4394(will)s 4820(tak)s 2(e)k 5272(ef)s 6(fect.)k +gsave +120 9405 translate +0.6953 1.0000 scale +240 fnt31 0 -52(reject)m +grestore +480 9111(Reject)m 1150(the)s 1498(request.)s +gsave +2292 9165 translate +0.6953 1.0000 scale +240 fnt31 0 -52(execute)m +grestore +2992(,)s gsave +3099 9165 translate +0.6953 1.0000 scale +240 fnt31 0 -52(execute\211from\211directory)m + +grestore +5361(and)s gsave +5765 9165 translate +0.6953 1.0000 scale +240 fnt31 0 -52(execute\211from\211path)m +grestore +7527(will)s 7953(change)s +480 8871(this)m 876(setting.)s gsave +120 8531 translate +0.6953 1.0000 scale +240 fnt31 0 -52(execute)m gsave +1152 0 translate +1.4219 1.0000 scale +240 fnt83 +0 -52(pr)m 10(o)k 2(gr)k 3(am)k +grestore +2461([)s +gsave +2605 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(ar)m 8(gument)k +grestore +4048(\202])s +grestore +480 8237(Ex)m 3(ecute)k +1300(the)s 1645(program)s 240 fnt83 2512 8239(pr)m 10(o)k 2(gr)k 3(am)k +240 fnt82 3332 8237(,)m 3436(with)s 3915(the)s 4259(ar)s 4(guments)k +5299(as)s 5546(speci\207ed,)s 6500(follo)s 6(wed)k 7399(by)s +7690(an)s 3(y)k 8083(ar)s 4(guments)k 480 7997(gi)m 6(v)k 3(en)k +1052(to)s 1282(the)s 1621(client)s 2203(if)s gsave +2411 8051 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(no\211suppress\211args)m +grestore +4064(is)s 4266(in)s 4500(ef)s 6(fect.)k +5131(It)s 5328(is)s 5529(an)s 5803(error)s 6318(for)s +6647(the)s 6986(e)s 3(x)k 3(ecution)k 7959(to)s +8189(f)s 2(ail)k 8550(when)s 480 7757(it)m 672(is)s +882(attempted)s 1882($after)s 2457(all)s 2750(the)s 3098(con\207guration)s +4431(has)s 4801(been)s 5310(parsed$.)s 6117(If)s 240 fnt83 +6347 7759(pr)m 10(o)k 2(gr)k 3(am)k 240 fnt82 +7227 7757(does)m 7717(not)s 8083(contain)s 8844(a)s 480 7517(slash)m +1015(it)s 1207(will)s 1633(be)s 1915(searched)s 2809(for)s +3147(on)s 3444(the)s 3792(service)s 4524(user')s 13(s)k +5132(path.)s gsave +120 7177 translate +0.6953 1.0000 scale +240 fnt31 0 -52(execute\211from\211directory)m gsave +3312 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(pathname)m + +grestore +4789([)s gsave +4933 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(ar)m 8(gument)k +grestore +6376(\202])s + +grestore +480 6883(T)m 19(ak)k 2(e)k 993(all)s 1286(the)s +1634(characters)s 2652(after)s 3148(the)s 3496(last)s 3887(slash)s +4422(of)s 4693(the)s 5041(service)s 5773(name)s 6347(speci\207ed)s +7255(when)s 7831(the)s 8179(client)s 480 6642(w)m 2(as)k +901(called,)s 1578(and)s 1982(e)s 3(x)k 3(ecute)k +2762(that)s 3180(program)s 4050(in)s 4293(the)s 4641(directory)s +5557(named)s 6253(by)s 240 fnt83 6547 6644(pathname)m 240 fnt82 +7545 6642(as)m 7795(if)s 8012(it)s 8204(had)s 8608(been)s +480 6402(speci\207ed)m 1388(for)s 240 fnt83 1726 6404(e)m 4(xecute)k +240 fnt82 2431 6402(.)m 2535(The)s 2963(part)s 3394(of)s +3665(the)s 4013(service)s 4745(name)s 5319(used)s 5816(may)s +6282(contain)s 7043(only)s 7523(alphanumerics)s 480 6162(and)m 884(h)s 1(yphens)k +1732(and)s 2136(must)s 2660(start)s 3130(with)s 3611(an)s +3894(alphanumeric)s 5247($and)s 5730(it)s 5921(must)s 6446(be)s +6727(non-empty$,)s 7950(otherwise)s 8934(it)s 480 5922(is)m 690(an)s +973(error)s 13(.)k 480 5514(This)m 956(directi)s 6(v)k 3(e)k +1838(is)s 2048(ignored)s 2837(if)s 3054(the)s 3402(rele)s 6(v)k 6(ant)k +4219(program)s 5089(does)s 5579(not)s 5945(e)s 3(xist)k +6453(in)s 6696(the)s 7044(directory)s 7960(speci\207ed;)s 480 5274(in)m +723(this)s 1119(case)s 1586(the)s 1934(program)s 2804(to)s +3043(e)s 3(x)k 3(ecute)k 3823(is)s 4033(left)s +4410(at)s 4642(its)s 4918(pre)s 6(vious)k 5787(setting)s +6477($or)s 6815(unset,)s 7427(if)s 7644(it)s 7836(w)s 2(as)k +8257(not)s 480 5034(set)m 805(before$.)s 480 4626(It)m 672(is)s +869(an)s 1139(error)s 1649(for)s 1974(the)s 2309(test)s +2687(for)s 3012(the)s 3347(e)s 3(xistence)k 4276(of)s +4533(the)s 4868(program)s 5725(to)s 5951(f)s 2(ail)k +6308(other)s 6846(than)s 7302(with)s 7771(a)s 7924(`no)s +8283(such)s 8765(\207le)s 480 4386(or)m 729(directory')s 1693(indication.)s +2743(It)s 2938(is)s 3138(also)s 3566(an)s 3839(error)s +4352(for)s 4680(the)s 5018(e)s 3(x)k 3(ecution)k +5989(to)s 6218(f)s 2(ail)k 6578(if)s 6785(and)s +7179(when)s 7745(it)s 7927(is)s 8126(attempted)s 480 4146($after)m +1055(all)s 1348(the)s 1696(con\207guration)s 3029(has)s 3399(been)s +3908(parsed$.)s gsave +120 3806 translate +0.6953 1.0000 scale +240 fnt31 0 -52(execute\211from\211path)m +grestore +240 fnt83 480 3514(service)m +240 fnt82 1202 3512(is)m 1404(interpreted)s 2488(as)s 2731(a)s +2889(program)s 3751(on)s 4041(the)s 4381(def)s 2(ault)k +gsave +5094 3566 translate +0.6953 1.0000 scale +240 fnt31 0 -52(PATH)m +grestore +5546($or)s 5877(as)s 6119(a)s +6277(pathname)s 7256(of)s 7519(an)s 7794(e)s 3(x)k 3(ecutable,)k +8909(if)s 480 3271(it)m 660(contains)s 1495(a)s gsave +1649 3325 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(/)m +grestore +1749($.)s 1919(This)s 2383(directi)s 6(v)k 3(e)k +3252(is)s 240 fnt83 3450 3273(very)m 3904(dang)s 2(er)k 10(ous)k +240 fnt82 4899 3271(,)m 4994(and)s 5385(is)s 5583(only)s +6050(pro)s 3(vided)k 6944(to)s 7170(mak)s 2(e)k +7730(the)s gsave +8065 3325 translate +0.6953 1.0000 scale +240 fnt31 0 -52(\211\211override)m +grestore +480 3031(options)m 1230(ef)s 6(fecti)k 6(v)k 3(e.)k +2146(It)s 2344(should)s 3034(not)s 3393(normally)s 4304(be)s +4579(used.)s 5115(It)s 5313(is)s 5516(an)s 5792(error)s +6309(for)s 6640(the)s 6981(e)s 3(x)k 3(ecution)k +7955(to)s 8187(f)s 2(ail)k 8550(when)s 480 2791(it)m +672(is)s 882(attempted)s 1882($after)s 2457(all)s 2750(the)s +3098(con\207guration)s 4431(has)s 4801(been)s 5310(parsed$.)s gsave +120 2451 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(execute\211builtin)m gsave +2304 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(service-name)m +grestore +gsave +4249 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(service-ar)m 8(guments)k + +grestore + +grestore +480 2157(Ex)m 3(ecutes)k 1388(the)s 1732(b)s 4(uiltin)k +2405(service)s 240 fnt83 3133 2159(service-name)m 240 fnt82 4400 2157(.)m +4500(These)s 5123(b)s 4(uiltin)k 5796(services)s 6612(display)s +7353(information)s 8534(about)s 480 1917(the)m 822(serv)s 3(er)k +1455(and/or)s 2120(the)s 2461(request,)s 3252(and)s 3649(ignore)s +4310(an)s 3(y)k 4700(ar)s 4(guments)k 5737(passed)s +6426(from)s 6944(the)s 7285(service)s 8011(side)s 8445(e)s 3(xcept)k +480 1677(possibly)m 1320(to)s 1547(print)s 2046(them)s 2572(as)s +2810(part)s 3228(of)s 3487(their)s 3972(output.)s 4676(The)s 3(y)k +5207(write)s 5740(their)s 6225(results)s 6887(to)s 7114(their)s +7599(standard)s 8454(output)s 480 1437($i.e.,)m 958(where)s 6(v)k 3(er)k +1898(\207le)s 2259(descriptor)s 3274(1)s 3429(is)s 3639(directed$.)s +4591(The)s 5019(b)s 4(uiltin)k 5696(services)s 6516(are:)s +gsave +600 1251 translate +0.6953 1.0000 scale +240 fnt31 0 -52(execute)m +grestore +960 957(Displays)m 1848(the)s 2196(e)s 3(x)k 3(ecution)k +3177(settings,)s 4014(de\207ned)s 4777(v)s 6(ariables,)k 5740(ar)s 4(guments,)k +6839(etc.)s 7221(with)s 7703(which)s 8345(the)s 960 717(b)m 4(uiltin)k +1637(service)s 2369(w)s 2(as)k 2790(in)s 9(v)k 4(ok)k 2(ed.)k +0 52(0.61.1)m 4809(User)s 5320(service)s 6052(daemon)s 6867(and)s +7271(client)s 7861(speci\207cation)s +grestore + +grestore + +pgsave restore +showpage + +%%Page: 15 15 +%%BeginPageSetup +%%PageResources: font Times-Roman +%%+ font Times-Bold +%%+ font Courier-Bold +%%+ font Times-Italic +/pgsave save def +0.0500 dup scale 10 setlinewidth +%%EndPageSetup +gsave +0 0 translate +240 fnt82 0.0 0.0 0.0 setrgbcolor 11900 16840 0 16840 240 240 60 LoutGraphic +gsave +LoutPageSet +grestore +gsave +0 16840 translate +0.0000 rotate + +grestore + +grestore +gsave +0 16840 translate +0.0000 rotate +gsave +1417 -15423 translate +240 fnt82 0.0 0.0 0.0 setrgbcolor 9066 14006 0 14006 240 240 60 LoutGraphic +gsave +1 LoutMargSet +grestore +240 fnt84 8833 13842(15)m gsave +600 13310 translate +0.6953 1.0000 scale +240 fnt31 0 -52(environment)m +grestore +240 fnt82 +960 13016(Dis)m 1283(plays)s 1839(the)s 2187(en)s 2410(vi)s +2590(ron)s 2906(ment)s 3444(v)s 6(ari)k 3803(able)s +4257(set)s 4522(tings)s 5038(with)s 5520(which)s 6162(the)s +6510(b)s 4(uiltin)k 7187(ser)s 7465(vice)s 7919(w)s 2(as)k +960 12776(in)m 1143(v)s 4(ok)k 2(ed.)k gsave +600 12590 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(parameter)m gsave +1440 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(par)m 3(ameter)k +grestore + +grestore +960 12296(Displays)m +1848(the)s 2196(v)s 6(alues)k 2852(of)s 3123(the)s +3471(service)s 4203(con\207guration)s 5536(language)s 6456(parameter)s 7470(speci\207ed.)s +gsave +600 12110 translate +0.6953 1.0000 scale +240 fnt31 0 -52(version)m +grestore +960 11816(Displays)m 1848(the)s 2196(v)s 3(ersion)k +2954(string)s 3551(and)s 3955(compilation)s 5154(details)s 5828(of)s +6099(the)s 6447(uservd)s 7143(serv)s 3(er)k 7783(program.)s +gsave +600 11630 translate +0.6953 1.0000 scale +240 fnt31 0 -52(reset)m +grestore +960 11336(Dis)m 1283(plays)s 1838(the)s +2184(de)s 2406(f)s 2(ault)k 2899(re)s 3080(set)s +3403(con)s 3746(\207g)s 3992(u)s 4107(ra)s 4292(tion)s +4719($e)s 6(v)k 6(al)k 5179(u)s 5294(at)s +5466(ed)s 5748(when)s gsave +6323 11390 translate +0.6953 1.0000 scale +240 fnt31 0 -52(reset)m +grestore +6881(is)s +7089(found)s 7704(in)s 7945(a)s 8109(con)s 8452(\207g)s +8698(u)s 8813(ra)s 8998(-)s 960 11096(tion)m 1389(\207le,)s +1801(or)s 2060(when)s 2636(an)s 2919(er)s 3104(ror)s +3442(is)s 3652(caught)s 4350(by)s gsave +4644 11150 translate +0.6953 1.0000 scale +240 fnt31 0 -52(catch\211quit)m + +grestore +5645($.)s gsave +600 10910 translate +0.6953 1.0000 scale +240 fnt31 0 -52(toplevel)m +grestore +960 10616(Displays)m 1848(the)s +2196(top-le)s 6(v)k 3(el)k 3091(def)s 2(ault)k +3812(con\207guration)s 5145($the)s 5572(con\207guration)s 6905(data,)s 7410(e)s 6(v)k 6(aluated)k +8372(by)s 8666(the)s 960 10376(serv)m 3(er)k 9(,)k +1638(which)s 2280(calls)s 2768(all)s 3061(the)s 3409(other)s +3960(con\207guration)s 5293(\207les$.)s gsave +600 10190 translate +0.6953 1.0000 scale +240 fnt31 0 -52(override)m +grestore +960 9896(Displays)m +1847(the)s 2194(top-le)s 6(v)k 3(el)k 3088(o)s 3(v)k 3(erride)k +3932(con\207guration)s 5264($the)s 5690(con\207guration)s 7021(data,)s 7525(e)s 6(v)k 6(aluated)k +8486(by)s 8778(the)s 960 9656(serv)m 3(er)k 9(,)k +1638(which)s 2280(causes)s 2955(all)s 3248(the)s 3596(other)s +4147(con\207guration)s 5480(data)s 5938(to)s 6177(be)s 6459(parsed$.)s +gsave +600 9470 translate +0.6953 1.0000 scale +240 fnt31 0 -52(help)m +grestore +960 9176(Displays)m 1848(a)s 2014(list)s +2365(of)s 2636(the)s 2984(understood)s 4106(b)s 4(uiltin)k +4783(service)s 5515(names)s 6177(and)s 6581(ar)s 4(guments.)k +480 8913(In)m 736(the)s 1084(fu)s 1278(ture)s 1705(oth)s +2008(er)s 2253(b)s 4(uiltin)k 2930(ser)s 3208(vices)s +3750(may)s 4216(be)s 4498(de)s 4720(\207ned)s 5257(which)s +5899(do)s 6192(more)s 6739(than)s 7208(just)s 7613(print)s +8124(in)s 8307(for)s 8585(-)s 480 8673(ma)m 772(tion.)s +gsave +120 8383 translate +0.6953 1.0000 scale +240 fnt31 0 -52(set\211environment)m +grestore +gsave +120 8143 translate +0.6953 1.0000 scale +240 fnt31 0 -52(no\211set\211environment)m +grestore +480 7849(Runs)m +gsave +1024 7903 translate +0.6953 1.0000 scale +240 fnt31 0 -52(/etc/environment)m +grestore +2686(to)s 2925(set)s 3250(the)s +3598(service)s 4330(user')s 13(s)k 4938(en)s 9(vironment.)k +6242(This)s 6718(adds)s 7208(the)s 7556(o)s 3(v)k 3(erhead)k +8485(of)s 480 7609(in)m 9(v)k 4(oking)k 1372(a)s +1538(shell,)s 2096(b)s 4(ut)k 2458(doesn')s 4(t)k +3218(cause)s 3805(an)s 3(y)k 4202(shell)s 4708($de$mangling)s +6049(of)s 6320(the)s 6668(service')s 13(s)k 7554(ar)s 4(guments.)k +8650(This)s 480 7369(is)m 690(achie)s 6(v)k 3(ed)k +1589(by)s 1883(in)s 9(v)k 4(oking)k gsave +960 7183 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(.../program)m 1728(arg)s 2304(arg)s 2880(arg)s 3456(\202)s + +grestore +480 6938(as)m gsave +960 6752 translate +0.6953 1.0000 scale +240 fnt31 0 -52(/bin/sh)m 1152(\211c)s 1584('.)s +2016(/etc/environment;)s 4608(exec)s 5328("$@"')s 6192(\211)s 6480(.../program)s +8208(arg)s 8784(arg)s 9360(arg)s 9936(\202)s +grestore +gsave +480 6508 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(no\211set\211environment)m +grestore +2342 6454(cancels)m 3096(the)s 3444(ef)s 6(fect)k +4040(of)s gsave +4311 6508 translate +0.6953 1.0000 scale +240 fnt31 0 -52(set\211environment)m +grestore +5812(.)s gsave +120 6164 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(no\211suppress\211args)m +grestore +gsave +120 5924 translate +0.6953 1.0000 scale +240 fnt31 0 -52(suppress\211args)m +grestore +480 5630(Include)m 1253(an)s 3(y)k +1650(ar)s 4(guments)k 2693(gi)s 6(v)k 3(en)k +3273(to)s 3512(the)s 3860(client)s 4450(as)s 4700(ar)s 4(guments)k +5743(to)s 5982(the)s 6330(program)s 7200(in)s 9(v)k 4(ok)k 2(ed)k +8015(as)s 8265(a)s 8431(result)s 480 5390(of)m 749(an)s +gsave +1030 5444 translate +0.6953 1.0000 scale +240 fnt31 0 -52(execute)m +grestore +1730(,)s gsave +1834 5444 translate +0.6953 1.0000 scale +240 fnt31 0 -52(execute\211from\211directory)m + +grestore +4094(or)s gsave +4351 5444 translate +0.6953 1.0000 scale +240 fnt31 0 -52(execute\211from\211path)m +grestore +6110(directi)s 6(v)k 3(e.)k +gsave +7038 5444 translate +0.6953 1.0000 scale +240 fnt31 0 -52(suppress\211args)m +grestore +8396(undoes)s 480 5150(the)m 828(ef)s 6(fect)k +1424(of)s gsave +1695 5204 translate +0.6953 1.0000 scale +240 fnt31 0 -52(no\211suppress\211args)m +grestore +3297(.)s gsave +120 4829 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(require\211fd)m gsave +1584 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(fd-r)m 3(ang)k 2(e)k + +grestore +2882(read|write)s +grestore +480 4530(In)m 676(sist)s 1054(that)s 1472(the)s +1820(\207ledescrip)s 2808(tor$s$)s 3373(be)s 3655(opened)s 4405(for)s +4743(read)s 5152(ing)s 5511(resp.)s 6013(writ)s 6397(ing.)s +6807(It)s 7012(is)s 7222(an)s 7505(er)s 7690(ror)s +8028(if)s 8245(an)s 3(y)k 8642(de)s 8864(-)s +480 4290(scrip)m 937(tor)s 1258(mark)s 2(ed)k 2027(as)s +2272(re)s 2453(quired)s 3118(when)s 3689(the)s 4033(ser)s +4311(vice)s 4760(is)s 4966(about)s 5554(to)s 5788(be)s +6066(in)s 6249(v)s 4(ok)k 2(ed)k 6882($af)s +7158(ter)s 7465(the)s 7808(con)s 8151(\207g)s 8397(u)s +8512(ra)s 8697(tion)s 480 4050(has)m 850(been)s 1359(parsed$)s +2111(w)s 2(as)k 2532(not)s 2898(spec)s 3316(i)s +3376(\207ed)s 3793(when)s 4369(the)s 4717(client)s 5307(w)s 2(as)k +5728(in)s 5911(v)s 4(ok)k 2(ed.)k 6595(Each)s +7130(\207le)s 7491(de)s 7713(scrip)s 8170(tor)s 8495(has)s +480 3810(a)m 646(sep)s 958(a)s 1064(rate)s 1477(set)s +1742(ting,)s 2221(and)s 2625(the)s 2973(last)s 3364(one)s +3766(of)s gsave +4037 3864 translate +0.6953 1.0000 scale +240 fnt31 0 -52(require\211fd)m +grestore +5038(,)s gsave +5145 3864 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(allow\211fd)m +grestore +5946(,)s gsave +6053 3864 translate +0.6953 1.0000 scale +240 fnt31 0 -52(ignore\211fd)m +grestore +6954(,)s +gsave +7061 3864 translate +0.6953 1.0000 scale +240 fnt31 0 -52(null\211fd)m +grestore +7821(or)s gsave +8080 3864 translate +0.6953 1.0000 scale +240 fnt31 0 -52(reject\211fd)m + +grestore +480 3570(which)m 1122(af)s 1319(fect)s 1676(ed)s 1960(a)s +2126(par)s 2431(tic)s 2662(u)s 2777(lar)s 3088(\207le)s +3449(de)s 3671(scrip)s 4128(tor)s 4453(will)s 4879(tak)s 2(e)k +5331(ef)s 5528(fect.)s 240 fnt83 480 3164(fd-r)m 3(ang)k 2(e)k +240 fnt82 1352 3162(may)m 1818(be)s 2100(a)s 2266(single)s +2893(number)s 9(,)k 3722(tw)s 2(o)k 4132(numbers)s +5007(separated)s 5967(by)s 6261(a)s 6427(h)s 1(yphen,)k +7239(or)s 7498(one)s 7900(number)s 480 2922(follo)m 6(wed)k +1382(by)s 1676(a)s 1842(h)s 1(yphen)k 2604($indicating)s +3692(all)s 3985(descriptors)s 5084(from)s 5608(that)s 6026(number)s +6817(onw)s 2(ards$.)k 7809(It)s 8014(may)s 8480(also)s +480 2682(be)m 760(one)s 1159(of)s 1428(the)s 1773(w)s 2(ords)k +gsave +2405 2736 translate +0.6953 1.0000 scale +240 fnt31 0 -52(stdin)m +grestore +2905(,)s gsave +3009 2736 translate +0.6953 1.0000 scale +240 fnt31 0 -52(stdout)m + +grestore +3667(or)s gsave +3923 2736 translate +0.6953 1.0000 scale +240 fnt31 0 -52(stderr)m +grestore +4523(.)s 4625(Open-ended)s +5850(\207le)s 6209(descriptor)s 7221(rangers)s 7973(are)s 8317(allo)s 6(wed)k +480 2442(only)m 960(with)s gsave +1442 2496 translate +0.6953 1.0000 scale +240 fnt31 0 -52(reject\211fd)m +grestore +2403(and)s +gsave +2807 2496 translate +0.6953 1.0000 scale +240 fnt31 0 -52(ignore\211fd)m +grestore +3708(,)s 3815(as)s 4065(otherwise)s +5050(the)s 5398(service)s 6130(program)s 7000(w)s 2(ould)k +7655(\207nd)s 8086(itself)s 8634(with)s 480 2202(a)m 646(v)s 3(ery)k +1122(lar)s 4(ge)k 1651(number)s 2442(of)s 2713(\207le)s +3074(descriptors)s 4173(open.)s 480 1794(When)m 1109(the)s 1457(con\207guration)s +2790(has)s 3160(been)s 3669(parsed,)s 4400(and)s 4804(before)s +5470(the)s 5818(service)s 6550(is)s 6760(about)s 7352(to)s +7591(be)s 7873(e)s 3(x)k 3(ecuted,)k 480 1554(stderr)m +1082($fd)s 1417(2$)s 1663(must)s 2187(be)s 2468(required)s +3320(or)s 3578(allo)s 6(wed)k 4385($)s gsave +4458 1608 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(require\211fd)m +grestore +5518(or)s gsave +5776 1608 translate +0.6953 1.0000 scale +240 fnt31 0 -52(allow\211fd)m +grestore +6577($)s +6703(for)s 7040(writing;)s 7841(this)s 8235(is)s 8444(so)s +8708(that)s 480 1314(the)m 823(error)s 1341(message)s 2202(printed)s +2931(by)s 3220(the)s 3563(serv)s 3(er')k 13(s)k +4348(child)s 4878(process)s 5641(if)s 5853(it)s 6040(cannot)s +gsave +6732 1368 translate +0.6953 1.0000 scale +240 fnt31 0 -52(exec)m +grestore +7187(the)s 7530(service)s 8256(program)s +480 1074(is)m 690(not)s 1056(lost.)s gsave +120 784 translate +0.6953 1.0000 scale +240 fnt31 0 -52(allow\211fd)m +gsave +1296 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(fd-r)m 3(ang)k 2(e)k +grestore +2594([read|write])s + +grestore +0 52(User)m 511(service)s 1243(daemon)s 2058(and)s 2462(client)s +3052(speci\207cation)s 8491(0.61.1)s +grestore + +grestore + +pgsave restore +showpage + +%%Page: 16 16 +%%BeginPageSetup +%%PageResources: font Times-Roman +%%+ font Times-Bold +%%+ font Courier-Bold +%%+ font Times-Italic +/pgsave save def +0.0500 dup scale 10 setlinewidth +%%EndPageSetup +gsave +0 0 translate +240 fnt82 0.0 0.0 0.0 setrgbcolor 11900 16840 0 16840 240 240 60 LoutGraphic +gsave +LoutPageSet +grestore +gsave +0 16840 translate +0.0000 rotate + +grestore + +grestore +gsave +0 16840 translate +0.0000 rotate +gsave +1417 -15423 translate +240 fnt82 0.0 0.0 0.0 setrgbcolor 9066 14006 0 14006 240 240 60 LoutGraphic +gsave +0 LoutMargSet +grestore +240 fnt84 0 13842(16)m 240 fnt82 480 13251(Allo)m 6(w)k +1126(the)s 1474(descriptor$s$)s 2729(to)s 2968(be)s 3250(opened)s +4000(for)s 4338(reading)s 5108(resp.)s 5610(writing,)s 6407(or)s +6666(either)s 7269(if)s 7486(neither)s gsave +8209 13305 translate +0.6953 1.0000 scale +240 fnt31 0 -52(read)m + +grestore +8669(nor)s gsave +480 13065 translate +0.6953 1.0000 scale +240 fnt31 0 -52(write)m +grestore +1040 13011(is)m 1250(speci\207ed.)s +2204(If)s 2434(a)s 2600(particular)s 3574(descriptor)s 4589(not)s +4955(speci\207ed)s 5863(by)s 6157(the)s 6505(client)s 7095(then)s +7564(it)s 7756(will)s 8182(be)s 8464(open)s 480 12771(onto)m +gsave +959 12825 translate +0.6953 1.0000 scale +240 fnt31 0 -52(/dev/null)m +grestore +1920($for)s 2337(reading,)s 3161(writing,)s +3958(or)s 4217(both,)s 4750(depending)s 5801(on)s 6098(whether)s +gsave +6928 12825 translate +0.6953 1.0000 scale +240 fnt31 0 -52(read)m +grestore +7328(,)s gsave +7435 12825 translate +0.6953 1.0000 scale +240 fnt31 0 -52(write)m + +grestore +7995(or)s 8254(neither)s 480 12531(w)m 2(as)k 901(speci\207ed$.)s +gsave +120 12191 translate +0.6953 1.0000 scale +240 fnt31 0 -52(null\211fd)m gsave +1152 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(fd-r)m 3(ang)k 2(e)k + +grestore +2450([read|write])s +grestore +480 11892(Spec)m 938(i)s 998(fy)s 1251(that)s +1669(the)s 2017(de)s 2239(scrip)s 2696(tor$s$)s 3261(be)s +3543(opened)s 4293(onto)s gsave +4772 11946 translate +0.6953 1.0000 scale +240 fnt31 0 -52(/dev/null)m +grestore +5733(for)s +6071(read)s 6480(ing)s 6839(resp.)s 7341(writ)s 7725(ing,)s +8138(or)s 8397(both)s 8880(if)s 480 11652(nei)m 766(ther)s +gsave +1181 11706 translate +0.6953 1.0000 scale +240 fnt31 0 -52(read)m +grestore +1624(nor)s gsave +1986 11706 translate +0.6953 1.0000 scale +240 fnt31 0 -52(write)m + +grestore +2529(is)s 2722(spec)s 3140(i)s 3200(\207ed.)s 3646(An)s 3(y)k +4093(spec)s 4511(i)s 4571(\207)s 4696(ca)s 4908(tion)s +5320(of)s 5574(these)s 6104(\207le)s 6448(de)s 6670(scrip)s +7127(tors)s 7519(by)s 7796(the)s 8127(client)s 8700(will)s +480 11412(be)m 762(silent)s 1279(ly)s 1519(ig)s 1698(nored;)s +2355(the)s 2703(client)s 3293(will)s 3719(see)s 4080(its)s +4356(ends)s 4846(of)s 5117(the)s 5465(de)s 5687(scrip)s +6144(tors)s 6553(be)s 6775(ing)s 7134(closed)s 7803(im)s +8055(me)s 8343(di)s 8523(ate)s 8797(ly)s 15(.)k +gsave +120 11072 translate +0.6953 1.0000 scale +240 fnt31 0 -52(reject\211fd)m gsave +1440 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(fd-r)m 3(ang)k 2(e)k + +grestore + +grestore +480 10778(Do)m 824(not)s 1187(allo)s 6(w)k 1764(the)s +2109(descriptor$s$)s 3362(to)s 3598(be)s 3878(speci\207ed)s 4783(by)s +5075(the)s 5420(client.)s 6052(It)s 6254(is)s 6462(an)s +6742(error)s 7263(if)s 7477(an)s 3(y)k 7871(descriptor$s$)s +480 10538(mark)m 2(ed)k 1253(for)s 1591(rejection)s 2483(are)s +2830(speci\207ed)s 3738(when)s 4314(the)s 4662(service)s 5394(is)s +5604(about)s 6196(to)s 6435(be)s 6717(in)s 9(v)k 4(ok)k 2(ed)k +7532($after)s 8107(the)s 480 10298(con\207guration)m 1813(has)s 2183(been)s +2692(parsed$.)s gsave +120 9958 translate +0.6953 1.0000 scale +240 fnt31 0 -52(ignore\211fd)m gsave +1440 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(fd-r)m 3(ang)k 2(e)k + +grestore + +grestore +480 9664(Silent)m 1037(ly)s 1260(ig)s 1439(nore)s 1902(an)s 3(y)k +2281(spec)s 2699(i)s 2759(\207)s 2884(ca)s 3096(tion)s +3507(by)s 3783(the)s 4113(client)s 4685(of)s 4938(those)s +5481(de)s 5703(scrip)s 6160(tor$s$.)s 6762(The)s 7172(pipes)s +7710(cor)s 8015(re)s 8196(spond)s 8767(ing)s 480 9424(to)m +719(these)s 1266(de)s 1488(scrip)s 1945(tors)s 2354(will)s +2780(be)s 3062(closed)s 3731(just)s 4136(be)s 4358(fore)s +4798(the)s 5146(ser)s 5424(vice)s 5878(is)s 6088(in)s +6271(v)s 4(ok)k 2(ed.)k gsave +120 9084 translate +0.6953 1.0000 scale +240 fnt31 0 -52(disconnect\211hup)m + +grestore +gsave +120 8844 translate +0.6953 1.0000 scale +240 fnt31 0 -52(no\211disconnect\211hup)m +grestore +480 8550(Causes)m 1209(the)s 1557(service')s 13(s)k +2443(process)s 3211(group)s 3823(to)s 4062(get)s 4414(a)s +gsave +4580 8604 translate +0.6953 1.0000 scale +240 fnt31 0 -52(SIGHUP)m +grestore +5240(if)s 5457(the)s 5805(client)s +6395(disconnects)s 7562(before)s 8228(the)s 8576(main)s 480 8310(service)m +1212(process)s 1980(terminates.)s gsave +3078 8364 translate +0.6953 1.0000 scale +240 fnt31 0 -52(no\211disconnect\211hup)m +grestore +4840(cancels)s +gsave +5594 8364 translate +0.6953 1.0000 scale +240 fnt31 0 -52(disconnect\211hup)m +grestore +6995(.)s 480 7902(If)m 700(one)s +1091(of)s 1352(the)s 1689(reading)s 2449(descriptors)s 3537(speci\207ed)s +4435(when)s 5000(the)s 5337(client)s 5917(is)s 6116(called)s +6734(gets)s 7159(a)s 7315(read)s 7773(error)s 9(,)k +8324(or)s 8572(if)s 8778(the)s 480 7661(service)m 1212(is)s +1422(disconnected)s 2729(for)s 3067(some)s 3628(other)s 4179(reason,)s +4910(then)s 5379(the)s gsave +5727 7715 translate +0.6953 1.0000 scale +240 fnt31 0 -52(SIGHUP)m +grestore +6387(will)s +6813(be)s 7095(deli)s 6(v)k 3(ered)k 240 fnt83 +8033 7663(befor)m 8(e)k 240 fnt82 8689 7661(the)m 480 7421(writing)m +1223(end$s$)s 1869(of)s 2140(the)s 2488(service')s 13(s)k +3374(reading)s 4144(pipe$s$)s 4856(are)s 5203(closed,)s 5921(so)s +6187(that)s 6605(the)s 6953(client)s 7543(can)s 7932(distinguish)s +480 7181(disconnection)m 1866(from)s 2390(reading)s 3160(EOF)s 3670(on)s +3967(a)s 4133(pipe.)s gsave +120 6841 translate +0.6953 1.0000 scale +240 fnt31 0 -52(reset)m +grestore +480 6547(Resets)m +1155(the)s 1503(e)s 3(x)k 3(ecution)k 2484(settings)s +3265(to)s 3504(the)s 3852(def)s 2(ault.)k 4617(This)s +5093(is)s 5303(equi)s 6(v)k 6(alent)k 6347(to:)s +gsave +960 6361 translate +0.6953 1.0000 scale +240 fnt31 0 -52(cd)m 432(~/)s 0 -292(reject)m 0 -532(no\211set\211environment)m +0 -772(suppress\211args)m 0 -1012(allow\211fd)m 1296(0)s 1584(read)s 0 -1252(allow\211fd)m +1296(1\2112)s 1872(write)s 0 -1492(reject\211fd)m 1440(3\211)s 0 -1732(disconnect\211hup)m + +grestore +0 4085(If)m 230(no)s gsave +523 4139 translate +0.6953 1.0000 scale +240 fnt31 0 -52(execute)m +grestore +1223(,)s +gsave +1330 4139 translate +0.6953 1.0000 scale +240 fnt31 0 -52(execute\211from\211path)m +grestore +3032(,)s gsave +3139 4139 translate +0.6953 1.0000 scale +240 fnt31 0 -52(execute\211from\211directory)m + +grestore +5401(or)s gsave +5660 4139 translate +0.6953 1.0000 scale +240 fnt31 0 -52(builtin)m +grestore +6420(is)s 6630(interpreted)s +7722(before)s 8388(all)s 8681(the)s 0 3845(\207les)m 449(are)s +796(read)s 1265(then)s 1734(the)s 2082(request)s 2832(is)s +3042(rejected.)s 9066 670 0 670 240 240 60 0 2821 LoutGr2 +newpath 0 ysize 0.3 ft sub moveto +xsize 0 rlineto +0 0.1 ft rlineto +xsize neg 0 rlineto +closepath fill +grestore +320 fnt84 0 66(4.3.)m 628(Err)s 5(ors)k +1618(in)s 1958(the)s 2458(con\207guration)s 4359(\207le)s +grestore +0 2359(If)m +230(a)s 396(syntax)s 1076(error)s 1599(or)s 1858(other)s +2409(problem)s 3266(occurs)s 3941(when)s 4517(processing)s 5593(a)s +5759(con\207guration)s 7092(\207le)s 7453(then)s 7922(a)s 8088(diagnostic)s +0 2119(will)m 422(be)s 699(issued,)s 1399(to)s 1633(where)s 6(v)k 3(er)k +2568(the)s 2911(error)s 3429(messages)s 4378(are)s 4721(currently)s +5632(being)s 6212(sent)s 6652($see)s 7087(the)s gsave +7430 2173 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(errors\211)m +grestore +8185(f)s 2(amily)k 8855(of)s 0 1879(directi)m 6(v)k 3(es,)k +1026(abo)s 3(v)k 3(e$.)k 0 1471(The)m 428(error)s +951(will)s 1377(cause)s 1964(processing)s 3040(of)s 3311(the)s +3659(con\207guration)s 4992(\207les)s 5441(to)s 5680(cease)s 6253(at)s +6485(that)s 6903(point,)s 7502(unless)s 8151(the)s 8499(error)s +0 1231(w)m 2(as)k 421(inside)s 1048(a)s gsave +1214 1285 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(catch\211quit)m +grestore +2275(construct.)s 3255(In)s 3511(this)s 3907(case)s +4374(the)s 4722(settings)s 5503(controlling)s 6605(the)s 6953(program')s 13(s)k +7973(e)s 3(x)k 3(ecution)k 0 991(will)m 426(be)s +708(reset)s 1218(to)s 1457(the)s 1805(def)s 2(aults)k +2610(as)s 2860(if)s 3077(a)s gsave +3243 1045 translate +0.6953 1.0000 scale +240 fnt31 0 -52(reset)m + +grestore +3803(directi)s 6(v)k 3(e)k 4685(had)s 5089(been)s +5598(issued,)s 6303(and)s 6707(parsing)s 7464(continues)s 8432(after)s +gsave +0 805 translate +0.6953 1.0000 scale +240 fnt31 0 -52(hctac)m +grestore +500 751(.)m 0 52(0.61.1)m 4809(User)s +5320(service)s 6052(daemon)s 6867(and)s 7271(client)s 7861(speci\207cation)s + +grestore + +grestore + +pgsave restore +showpage + +%%Page: 17 17 +%%BeginPageSetup +%%PageResources: font Times-Roman +%%+ font Times-Bold +%%+ font Courier-Bold +%%+ font Times-Italic +/pgsave save def +0.0500 dup scale 10 setlinewidth +%%EndPageSetup +gsave +0 0 translate +240 fnt82 0.0 0.0 0.0 setrgbcolor 11900 16840 0 16840 240 240 60 LoutGraphic +gsave +LoutPageSet +grestore +gsave +0 16840 translate +0.0000 rotate + +grestore + +grestore +gsave +0 16840 translate +0.0000 rotate +gsave +1417 -15423 translate +240 fnt82 0.0 0.0 0.0 setrgbcolor 9066 14006 0 14006 240 240 60 LoutGraphic +gsave +1 LoutMargSet +grestore +240 fnt84 8831 13842(17)m gsave +0 12808 translate +240 fnt82 9066 609 0 609 240 240 60 LoutGraphic +gsave +newpath 0 ysize 0.3 ft sub moveto +xsize 0 rlineto +0 0.1 ft rlineto +xsize neg 0 rlineto +closepath fill +grestore +320 fnt84 0 5(4.4.)m 628(Defaults)s + +grestore +240 fnt82 0 12346(The)m 428(def)s 2(ault)k 1149(con\207guration)s +2482(processing)s 3558(is)s 3768(as)s 4018(if)s 4235(the)s +4583(daemon)s 5398(were)s 5918(parsing)s 6675(an)s 6958(o)s 3(v)k 3(erall)k +7670(con\207guration)s 0 12106(\207le)m 361(whose)s 1029(contents)s 1877(were)s +2397(as)s 2647(follo)s 6(ws:)k gsave +480 11920 translate +0.6953 1.0000 scale +240 fnt31 0 -52(reset)m +0 -292(user\211rcfile)m 1728(~/.userv/rc)s 0 -532(errors\211to\211stderr)m 0 -772(include)m 1152(/etc/userv/system.default)s +0 -1012(if)m 432(grep)s 1152(service\211user\211shell)s 3888(/etc/shells)s 432 -1252(errors\211push)m +720 -1492(catch\211quit)m 1008 -1732(include\211ifexist)m gsave +3312 -1680 translate +1.4219 1.0000 scale +240 fnt83 0 -52(\207le)m 345(speci\207ed)s +1248(by)s 1530(most)s 2046(r)s 8(ecent)k 2699(user\211r)s 8(c\207le)k +3767(dir)s 8(ective)k +grestore +720 -1972(hctac)m 432 -2212(srorre)m 0 -2452(fi)m +0 -2692(include)m 1152(/etc/userv/system.override)s 0 -2932(quit)m +grestore +0 8444(If)m 226(one)s +624(of)s 891(the)s gsave +1235 8498 translate +0.6953 1.0000 scale +240 fnt31 0 -52(\211\211override)m +grestore +2292(options)s +3044(to)s 3279(the)s 3623(client)s 4209(is)s 4415(used)s +4908(then)s 5373(it)s 5561(will)s 5983(instead)s 6714(be)s +6992(as)s 7238(if)s 7451(the)s 7795(daemon)s 8606(were)s +0 8204(parsing)m 757(an)s 1040(o)s 3(v)k 3(erall)k +1752(con\207guration)s 3085(as)s 3335(follo)s 6(ws:)k gsave +480 8018 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(reset)m 0 -292(errors\211to\211stderr)m 0 -532(include)m gsave +1152 -480 translate +1.4219 1.0000 scale +240 fnt83 0 -52(\207le)m +345(containing)s 1423(con\207gur)s 3(ation)k 2765(data)s 3246(sent)s +3695(by)s 3977(client)s +grestore +0 -772(quit)m +grestore +0 52(User)m 511(service)s +1243(daemon)s 2058(and)s 2462(client)s 3052(speci\207cation)s 8491(0.61.1)s + +grestore + +grestore + +pgsave restore +showpage + +%%Page: 18 18 +%%BeginPageSetup +%%PageResources: font Times-Roman +%%+ font Times-Bold +%%+ font Courier-Bold +/pgsave save def +0.0500 dup scale 10 setlinewidth +%%EndPageSetup +gsave +0 0 translate +240 fnt82 0.0 0.0 0.0 setrgbcolor 11900 16840 0 16840 240 240 60 LoutGraphic +gsave +LoutPageSet +grestore +gsave +0 16840 translate +0.0000 rotate + +grestore + +grestore +gsave +0 16840 translate +0.0000 rotate +gsave +1417 -15423 translate +240 fnt82 0.0 0.0 0.0 setrgbcolor 9066 14006 0 14006 240 240 60 LoutGraphic +gsave +0 LoutMargSet +grestore +240 fnt84 0 13842(18)m gsave +0 12726 translate +240 fnt82 9066 688 0 688 240 240 60 LoutGraphic +gsave +newpath 0 ysize 0.3 ft sub moveto +xsize 0 rlineto +0 0.2 ft rlineto +xsize neg 0 rlineto +closepath fill +grestore +340 fnt84 0 70(5.)m 412(Inf)s 8(ormation)k +2257(passed)s 3297(thr)s 6(ough)k 4539(the)s 5070(client/daemon)s +7185(combination)s +grestore +240 fnt82 0 12264(The)m 428(information)s 1613(described)s +2587(belo)s 6(w)k 3220(is)s 3430(the)s 3778(only)s +4258(information)s 5443(which)s 6085(passes)s 6747(between)s 7601(the)s +7949(caller)s 8538(and)s 0 12024(the)m 348(service.)s 0 11616(\213)m +480(The)s 908(service)s 1640(name)s 2214(supplied)s 3083(by)s +3377(the)s 3725(caller)s 4314(is)s 4524(a)s 4(v)k 6(ailable)k +5432(in)s 5675(the)s 6023(con\207guration)s 7356(language)s 8276(for)s +480 11376(deciding)m 1343(whether)s 2158(and)s 2547(which)s 3175(service)s +3892(program)s 4747(to)s 4971(in)s 9(v)k 4(ok)k 2(e,)k +5701(in)s 5929(the)s gsave +6262 11430 translate +0.6953 1.0000 scale +240 fnt31 0 -52(service)m +grestore +7008(parameter)s 9(,)k +8045(and)s 8434(is)s 8629(used)s 480 11136(by)m 774(the)s +gsave +1122 11190 translate +0.6953 1.0000 scale +240 fnt31 0 -52(execute\211from\211directory)m +grestore +3384(and)s gsave +3788 11190 translate +0.6953 1.0000 scale +240 fnt31 0 -52(execute\211from\211path)m + +grestore +5550(con\207guration)s 6883(directi)s 6(v)k 3(es.)k 7906(It)s +8111(is)s 8321(usually)s 480 10896(used)m 977(to)s 1216(select)s +1819(which)s 2461(service)s 3193(program)s 4063(to)s 4302(in)s 9(v)k 4(ok)k 2(e.)k +5043(It)s 5248(is)s 5458(also)s 5896(passed)s 6592(to)s +6831(the)s 7179(service)s 7911(program)s 8781(in)s 480 10656(the)m +gsave +828 10710 translate +0.6953 1.0000 scale +240 fnt31 0 -52(USERV_SERVICE)m +grestore +2189(en)s 9(vironment)k 3449(v)s 6(ariable.)k +0 10225(\213)m 480(File)s 902(descriptors)s 1995(speci\207ed)s 2897(by)s +3185(the)s 3528(client)s 4112(and)s 4510(allo)s 6(wed)k +5313(according)s 6304(to)s 6537(the)s 6879(con\207guration)s 8206(language)s +480 9985(will)m 906(be)s 1188(connected.)s 2262(Each)s 2797(\207le)s +3158(descriptor)s 4173(is)s 4383(opened)s 5133(for)s 5471(reading)s +6241(or)s 6500(writing.)s 7294(Communication)s 8893(is)s 480 9745(via)m +832(pipes,)s 1444(one)s 1846(end)s 2250(of)s 2521(each)s +3016(pipe)s 3484(being)s 4069(open)s 4592(on)s 4889(the)s +5237(appropriate)s 6381(\207le)s 6742(descriptor)s 7757(in)s 8000(the)s +8348(service)s 480 9505(program)m 1350($when)s 2005(it)s 2197(is)s +2407(in)s 9(v)k 4(ok)k 2(ed$)k 3292(and)s +3696(the)s 4044(other)s 4595(end)s 4999(being)s 5584(held)s +6054(by)s 6348(the)s 6696(client)s 7286(process,)s 8110(which)s +480 9265(will)m 906(read)s 1375(and)s 1779(write)s 2325(\207les)s +2774(it)s 2966(opens)s 3576(on)s 3873(behalf)s 4542(of)s +4813(its)s 5089(caller)s 5678(or)s 5937(\207le)s 6298(descriptors)s +7397(it)s 7589(is)s 7799(passed)s 8495(by)s 480 9025(its)m +756(caller)s 13(.)k 480 8617(Data)m 991(may)s 1457(be)s +1739(passed)s 2435(into)s 2860(the)s 3208(service)s 3940(through)s +4742(reading)s 5512(pipes)s 6068(and)s 6472(out)s 6838(of)s +7109(it)s 7301(through)s 8103(writing)s 480 8377(pipes.)m 1083(These)s +1703(pipes)s 2252(can)s 2634(remain)s 3347(open)s 3864(only)s +4337(until)s 4823(the)s 5164(service)s 5889(and)s 6287(client)s +6870(ha)s 4(v)k 3(e)k 7364(terminated,)s 8485(or)s +8737(can)s 480 8137(be)m 762(made)s 1336(to)s 1575(stay)s +2014(open)s 2537(after)s 3033(the)s 3381(client)s 3971(has)s +4341(terminated)s 5420(and)s 5824($if)s 6120(the)s 6468(service)s +7200(program)s 8070(forks$)s 8689(the)s 480 7897(main)m 1015(service)s +1747(process)s 2515(has)s 2885(e)s 3(xited;)k 3578(the)s +3926(beha)s 4(viour)k 4939(is)s 5149(controlled)s 6176(by)s +6470(options)s 7226(passed)s 7922(to)s 8161(the)s 8509(client)s +480 7657(by)m 774(its)s 1050(caller)s 13(.)k 480 7249(The)m +901(caller)s 1483(can)s 1864(arrange)s 2629(that)s 3039(a)s +3198(writing)s 3934(pipe)s 4394(be)s 4669(connected)s 5689(to)s +5921(a)s 6080(pipe)s 6540(or)s 6792(similar)s 7506(object)s +8143(and)s 8539(cause)s 480 7009(attempts)m 1340(to)s 1579(write)s +2125(to)s 2364(that)s 2782(descriptor)s 3797(by)s 4091(the)s +4439(service)s 5171(to)s 5410(generate)s 6275(a)s gsave +6441 7063 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(SIGPIPE)m +grestore +7201($or)s gsave +7539 7063 translate +0.6953 1.0000 scale +240 fnt31 0 -52(EPIPE)m +grestore +8099(if)s +gsave +8316 7063 translate +0.6953 1.0000 scale +240 fnt31 0 -52(SIGPIPE)m +grestore +480 6769(is)m 690(caught)s 1388(or)s +1647(ignored$)s 2506(in)s 2749(the)s 3097(service.)s 480 6361(Lik)m 2(e)k 6(wise,)k +1455(the)s 1803(service)s 2535(can)s 2924(close)s 3471(\207ledescriptors)s +4875(speci\207ed)s 5783(for)s 6121(reading,)s 6945(which)s 7587(will)s +8013(cause)s 8600(the)s 480 6121(corresponding)m 1902(\207ledescriptors)s 3306(passed)s +4002(by)s 4296(the)s 4644(caller)s 5233(to)s 5472(be)s +5754(closed,)s 6472(so)s 6738(that)s 7156(if)s 7373(these)s +7920(are)s 8267(pipes)s 480 5881(processes)m 1447(which)s 2089(write)s +2635(to)s 2874(them)s 3412(will)s 3838(recei)s 6(v)k 3(e)k +gsave +4574 5935 translate +0.6953 1.0000 scale +240 fnt31 0 -52(SIGPIPE)m +grestore +5334(or)s gsave +5593 5935 translate +0.6953 1.0000 scale +240 fnt31 0 -52(EPIPE)m + +grestore +6093(.)s 0 5426(\213)m 480(If)s gsave +706 5480 translate +0.6953 1.0000 scale +240 fnt31 0 -52(no\211suppress\211args)m + +grestore +2363(is)s 2568(set)s 2888(then)s 3353(ar)s 4(guments)k +4391(passed)s 5082(to)s 5316(the)s 5660(client)s 6245(by)s +6534(its)s 6805(caller)s 7390(will)s 7811(be)s 8088(passed)s +8779(on,)s 480 5186(v)m 3(erbatim,)k 1433(to)s 1672(the)s +2020(service.)s 0 4750(\213)m 480(F)s 3(a)k 716(tal)s +1009(sig)s 1281(nals)s 1717(and)s 2121(sys)s 2418(tem)s +2836(call)s 3235(f)s 2(ail)k 3545(ures)s 3994(e)s 3(x)k +4212(pe)s 4434(ri)s 4573(enced)s 5189(by)s 5483(the)s +5831(client)s 6421(will)s 6847(re)s 7028(sult)s 7433(in)s +7676(the)s 8024(dis)s 8294(con)s 8637(nec)s 8962(-)s +480 4510(tion)m 909(of)s 1180(the)s 1528(ser)s 1806(vice)s +2260(from)s 2784(the)s 3132(client)s 3722(and)s 4126(pos)s +4450(si)s 4603(bly)s 4963(some)s 5524(of)s 5795(the)s +6143(com)s 6555(mu)s 6856(ni)s 7036(ca)s 7248(tion)s +7677(\207le)s 8038(de)s 8260(scrip)s 8717(tors)s 480 4270(de)m +702(scribed)s 1450(abo)s 3(v)k 3(e;)k 2128(if)s +gsave +2345 4324 translate +0.6953 1.0000 scale +240 fnt31 0 -52(disconnect\211hup)m +grestore +3806(is)s 4016(set)s 4341(then)s +4810(the)s 5158(ser)s 5436(vice)s 5890(will)s 6316(also)s +6754(be)s 7036(sent)s 7481(a)s gsave +7647 4324 translate +0.6953 1.0000 scale +240 fnt31 0 -52(SIGHUP)m + +grestore +8247(.)s 0 3834(\213)m 480(The)s 908(v)s 6(alue)k +1476(of)s 1747(the)s gsave +2095 3888 translate +0.6953 1.0000 scale +240 fnt31 0 -52(LOGNAME)m +grestore +2855($or)s +gsave +3193 3888 translate +0.6953 1.0000 scale +240 fnt31 0 -52(USER)m +grestore +3593($)s 3721(en)s 9(vironment)k +4981(v)s 6(ariable)k 5800(as)s 6050(passed)s 6746(to)s +6985(the)s 7333(client)s 7923(will)s 8349(be)s 480 3594(used)m +977(as)s 1227(the)s 1575(login)s 2124(name)s 2698(of)s +2969(the)s 3317(calling)s 4020(user)s 4478(if)s 4695(the)s +5043(uid)s 5407(of)s 5678(the)s 6026(calling)s 6729(process)s +7497(matches)s 8331(the)s 8679(uid)s 480 3354(corresponding)m 1902(to)s +2141(that)s 2559(login)s 3108(name.)s 3730(Otherwise)s 4768(the)s +5116(calling)s 5819(uid')s 13(s)k 6335(passw)s 2(ord)k +7295(entry)s 7840(will)s 8266(be)s 8548(used)s 480 3114(to)m +719(determine)s 1730(the)s 2078(calling)s 2781(user')s 13(s)k +3389(login)s 3938(name.)s 480 2706(This)m 956(login)s 1505(name)s +2079(and)s 2483(the)s 2831(calling)s 3534(uid)s 3898(are)s +4245(a)s 4(v)k 6(ailable)k 5153(in)s 5396(the)s +5744(con\207guration)s 7077(language)s 7997(in)s 8240(the)s gsave +480 2520 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(calling\211user)m +grestore +1741 2466(parameter)m 2755(and)s 3159(are)s 3506(passed)s +4202(to)s 4441(the)s 4789(service)s 5521(program)s 6391(in)s +6634(en)s 9(vironment)k 7894(v)s 6(ariables)k gsave +480 2280 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(USERV_USER)m +grestore +1541 2226(and)m gsave +1945 2280 translate +0.6953 1.0000 scale +240 fnt31 0 -52(USERV_UID)m +grestore +2846(.)s +480 1818(The)m 901(shell)s 1400(corresponding)s 2815(to)s 3047(that)s +3458(login)s 4000(name)s 4567($according)s 5635(to)s 5867(the)s +6208(passw)s 2(ord)k 7161(entry$)s 7773(is)s 7976(a)s 4(v)k 6(ailable)k +8876(as)s 480 1578(in)m 723(the)s 1071(con\207guration)s 2404(language')s 13(s)k +gsave +3478 1632 translate +0.6953 1.0000 scale +240 fnt31 0 -52(calling\211user\211shell)m +grestore +5340(parameter)s 13(.)k 480 1170(If)m +710(no)s 1003(rele)s 6(v)k 6(ant)k 1820(passw)s 2(ord)k +2780(entry)s 3325(can)s 3714(be)s 3996(found)s 4613(then)s +5082(no)s 5375(service)s 6107(will)s 6533(be)s 6815(in)s 9(v)k 4(ok)k 2(ed.)k +0 715(\213)m 480(The)s 908(numeric)s 1744(v)s 6(alues)k +2400(and)s 2804(te)s 3(xtual)k 3506(names)s 4168(for)s +4506(calling)s 5209(gid)s 5573(and)s 5977(supplementary)s 7439(group)s +8051(list)s 8402(are)s 0 52(0.61.1)m 4809(User)s 5320(service)s +6052(daemon)s 6867(and)s 7271(client)s 7861(speci\207cation)s +grestore + +grestore + +pgsave restore +showpage + +%%Page: 19 19 +%%BeginPageSetup +%%PageResources: font Times-Roman +%%+ font Times-Bold +%%+ font Courier-Bold +%%+ font Times-Italic +/pgsave save def +0.0500 dup scale 10 setlinewidth +%%EndPageSetup +gsave +0 0 translate +240 fnt82 0.0 0.0 0.0 setrgbcolor 11900 16840 0 16840 240 240 60 LoutGraphic +gsave +LoutPageSet +grestore +gsave +0 16840 translate +0.0000 rotate + +grestore + +grestore +gsave +0 16840 translate +0.0000 rotate +gsave +1417 -15423 translate +240 fnt82 0.0 0.0 0.0 setrgbcolor 9066 14006 0 14006 240 240 60 LoutGraphic +gsave +1 LoutMargSet +grestore +240 fnt84 8832 13842(19)m 240 fnt82 480 13251(a)m 4(v)k 6(ailable)k +1380(in)s 1615(the)s 1955(con\207guration)s 3280(language)s 4192(in)s +4427(the)s gsave +4766 13305 translate +0.6953 1.0000 scale +240 fnt31 0 -52(calling\211group)m +grestore +6119(parameter)s 7125(and)s +7521(are)s 7860(passed)s 8548(to)s 8778(the)s 480 13011(service)m +1212(in)s 1455(en)s 9(vironment)k 2715(v)s 6(ariables.)k +480 12603(If)m 710(no)s 1003(name)s 1577(can)s 1966(be)s +2248(found)s 2865(for)s 3203(a)s 3369(numeric)s 4205(group)s +4817(to)s 5056(which)s 5698(the)s 6046(calling)s 6749(process)s +7517(belongs)s 8313(then)s 8782(no)s 480 12363(service)m 1212(will)s +1638(be)s 1920(in)s 9(v)k 4(ok)k 2(ed.)k +0 11957(\213)m 480(The)s 908(name)s 1482(of)s 1753(the)s +2101(current)s 2837(w)s 2(orking)k 3686(directory)s 4602(in)s +4845(which)s 5487(the)s 5835(client)s 6425(w)s 2(as)k +6846(in)s 9(v)k 4(ok)k 2(ed)k 7661(is)s +7871(passed,)s 8616(if)s 480 11717(a)m 4(v)k 6(ailable)k +1388(and)s 1792(not)s 2158(hidden)s 2867(using)s gsave +3439 11771 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(\211\211hidecwd)m +grestore +4340(,)s 4447(to)s 4686(the)s 5034(service)s +5766(program)s 6636(in)s 6879(the)s gsave +7227 11771 translate +0.6953 1.0000 scale +240 fnt31 0 -52(USERV_CWD)m + +grestore +8188(v)s 6(ariable.)k 480 11477(This)m 946(grants)s 1570(no)s +1852(special)s 2560(access)s 3210(to)s 3438(that)s 3846(directory)s +4751(unless)s 5389(it)s 5571(is)s 5770(a)s 5925(subdirectory)s +7164(of)s 7424(a)s 7579(directory)s 8484(which)s 480 11237(is)m +690(e)s 3(x)k 3(ecutable)k 1762($searchable$)s 2977(b)s 4(ut)k +3339(not)s 3705(readable)s 4570(by)s 4864(the)s 5212(service)s +5944(user)s 13(.)k 0 10780(\213)m 480(Settings)s 1301(speci\207ed)s +2209(by)s 2503(the)s 2851(caller)s 3440(using)s 4012(the)s +gsave +4360 10834 translate +0.6953 1.0000 scale +240 fnt31 0 -52(\211\211defvar)m gsave +1295 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(name)m +grestore +2023(=)s +gsave +2167 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(value)m +grestore + +grestore +6432(option)s 7101(to)s 7340(the)s +7688(client)s 8278(are)s 480 10540(a)m 4(v)k 6(ailable)k +1388(in)s 1631(the)s 1979(con\207guration)s 3312(language)s 4232(as)s +4482(the)s 4830(corresponding)s gsave +6252 10594 translate +0.6953 1.0000 scale +240 fnt31 0 -52(u\211)m gsave +288 0 translate +1.4219 1.0000 scale +240 fnt83 +0 -52(name)m +grestore + +grestore +7018(parameters)s 8116(and)s 8520(are)s 480 10300(passed)m +1176(to)s 1415(the)s 1763(service)s 2495(program)s 3365(in)s +3608(en)s 9(vironment)k 4868(v)s 6(ariables)k gsave +5775 10354 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(USERV_U_)m gsave +1152 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(name)m +grestore + +grestore +7082(.)s 0 9845(\213)m +480(If)s 710(the)s 1058(calling)s 1761(user)s 2219(is)s +2429(root)s 2874(or)s 3133(the)s 3481(same)s 4028(as)s +4278(the)s 4626(service)s 5358(user)s 5816(then)s 6285(options)s +7041(may)s 7507(be)s 7789(gi)s 6(v)k 3(en)k +8369(to)s 8608(the)s 480 9605(client)m 1070(which)s 1712(bypass)s +2415(the)s 2763(usual)s 3323(security)s 4133(features;)s 5000(in)s +5243(this)s 5639(case)s 6106(other)s 6657(information)s 7842(may)s +8308(pass)s 480 9365(between)m 1334(the)s 1682(caller)s 2271(and)s +2675(the)s 3023(service.)s 0 52(User)m 511(service)s 1243(daemon)s +2058(and)s 2462(client)s 3052(speci\207cation)s 8491(0.61.1)s +grestore + +grestore + +pgsave restore +showpage + +%%Page: 20 20 +%%BeginPageSetup +%%PageResources: font Times-Roman +%%+ font Times-Bold +%%+ font Courier-Bold +%%+ font Times-Italic +/pgsave save def +0.0500 dup scale 10 setlinewidth +%%EndPageSetup +gsave +0 0 translate +240 fnt82 0.0 0.0 0.0 setrgbcolor 11900 16840 0 16840 240 240 60 LoutGraphic +gsave +LoutPageSet +grestore +gsave +0 16840 translate +0.0000 rotate + +grestore + +grestore +gsave +0 16840 translate +0.0000 rotate +gsave +1417 -15423 translate +240 fnt82 0.0 0.0 0.0 setrgbcolor 9066 14006 0 14006 240 240 60 LoutGraphic +gsave +0 LoutMargSet +grestore +240 fnt84 0 13842(20)m gsave +0 12727 translate +240 fnt82 9066 687 0 687 240 240 60 LoutGraphic +gsave +newpath 0 ysize 0.3 ft sub moveto +xsize 0 rlineto +0 0.2 ft rlineto +xsize neg 0 rlineto +closepath fill +grestore +340 fnt84 0 69(6.)m 412(A)s 8(pplications)k +2309(and)s 2935(notes)s 3765(on)s 4204(use)s +grestore +gsave +0 11649 translate +240 fnt82 9066 670 0 670 240 240 60 LoutGraphic +gsave +newpath 0 ysize 0.3 ft sub moveto +xsize 0 rlineto +0 0.1 ft rlineto +xsize neg 0 rlineto +closepath fill +grestore +320 fnt84 +0 66(6.1.)m 628(Standard)s 1977(ser)s 3(vices)k 3110(and)s +3697(dir)s 5(ectory)k 5025(management)s +grestore +240 fnt82 0 11187(In)m +250(later)s 726(v)s 3(ersions)k 1565(of)s 1829(this)s +2219(speci\207cation)s 3477(standard)s 4339(service)s 5064(names)s 5720(and)s +6117(interf)s 2(aces)k 7087(for)s 7418(common)s 8306(services)s +0 10947(such)m 496(as)s 746(mail)s 1225(deli)s 6(v)k 3(ery)k +2053(and)s 2457(WWW)s 3193(CGI)s 3661(scripts)s 4335(will)s +4761(be)s 5043(speci\207ed.)s gsave +0 10593 translate +0.6953 1.0000 scale +240 fnt31 0 -52(userv)m +grestore +500 10539(-us)m +783(ing)s 1142(ap)s 1361(pli)s 1607(ca)s 1819(tions)s +2335(and)s 2739(sys)s 3036(tem)s 3454(ser)s 3732(vices)s +4274(which)s 4916(hide)s gsave +5384 10593 translate +0.6953 1.0000 scale +240 fnt31 0 -52(userv)m +grestore +5944(be)s +6166(hind)s 6650(wrap)s 7121(per)s 7486(scripts)s 8160(may)s +0 10299(need)m 510(to)s 749(store)s 1269(in)s 1452(for)s +1730(ma)s 2022(tion)s 2451(in)s 2694(the)s 3042(user')s 13(s)k +3650(\207lespace)s 4542(to)s 4781(pre)s 5082(serv)s 3(e)k +5639(the)s 5987(cor)s 6292(rect)s 6709(place)s 7209(ment)s +7747(of)s 8018(the)s 8366(se)s 8561(-)s 0 10059(cu)m +221(ri)s 360(ty)s 600(perim)s 1157(iters.)s 1671(Such)s +2207(ap)s 2426(pli)s 2672(ca)s 2884(tions)s 3400(should)s +4097(usu)s 4425(al)s 4592(ly)s 4832(do)s 5125(so)s +5391(in)s 5634(a)s 5800(di)s 5980(rec)s 6264(to)s +6443(ry)s 6696($cre)s 7062(at)s 7234(ed)s 7518(by)s +7812(them$)s gsave +0 9873 translate +0.6953 1.0000 scale +240 fnt31 0 -52(~/.userv/.servdata/)m gsave +2736 0 translate +1.4219 1.0000 scale +240 fnt83 0 -52(service)m + +grestore + +grestore +2563 9819(,)m 2670(where)s 240 fnt83 3310 9821(ser)m 3607(vice)s +240 fnt82 4044 9819(is)m 4254(the)s 4602(ser)s 4880(vice)s +5334(name)s 5908(or)s 6167(ap)s 6386(pli)s 6632(ca)s +6844(tion)s 7273(in)s 7516(ques)s 7946(tion.)s 0 9411(The)m +428(use)s 803(of)s 1074(a)s 1240(dot-directory)s 2541(inside)s +gsave +3168 9465 translate +0.6953 1.0000 scale +240 fnt31 0 -52(~/.userv)m +grestore +4029(will)s 4455(hopefully)s 5426(a)s 4(v)k 4(oid)k +6008(the)s 6356(user)s 6814(becoming)s 7811(confused)s 0 9171(by)m +294(\207nding)s 1026(parts)s 1541(of)s 1812(a)s 1978(semi-pri)s 6(vile)k 3(ged)k +3526(application')s 13(s)k 4798(internal)s 5582(state)s 6075(in)s +6318(their)s 6815(\207lespace,)s 7758(and)s 8162(or)s 0 8931(discourage)m +1092(them)s 1630(from)s 2154(\207ddling)s 2952(with)s 3434(and)s +3838(thus)s 4288(corrupting)s 5337(it.)s 5573($Note)s 6173(that)s +6591(such)s 7087(applications)s 8293(should)s 0 8691(of)m 271(course)s +951(not)s 1317(rely)s 1742(for)s 2080(their)s 2577(global)s +3230(inte)s 3(grity)k 4090(on)s 4387(the)s 4735(inte)s 3(grity)k +5595(of)s 5866(the)s 6214(data)s 6672(on)s 6969(the)s +7317(user')s 13(s)k 7925(side)s 8366(of)s 8637(the)s +0 8451(security)m 810(boundary)s 15(.$)k 9066 670 0 670 240 240 60 0 7427 LoutGr2 +newpath 0 ysize 0.3 ft sub moveto +xsize 0 rlineto +0 0.1 ft rlineto +xsize neg 0 rlineto +closepath fill +grestore +320 fnt84 0 66(6.2.)m +628(Reducing)s 1997(the)s 2497(number)s 3655(of)s 4018(absolutely)s +5474(pri)s 3(vileged)k 6908(subsystems)s +grestore +0 6965(Currently)m 970(most)s +1495(Unix)s 2029(systems)s 2837(ha)s 4(v)k 3(e)k +3338(man)s 3(y)k 3921(components)s 5129(which)s 5771(need)s +6281(to)s 6520(run)s 6896(as)s 7146(root,)s 7638(e)s 6(v)k 3(en)k +8138(though)s 0 6725(most)m 525(of)s 796(their)s 1293(acti)s 6(vity)k +2057(does)s 2547(not)s 2913(strictly)s 3629(require)s 4361(it.)s +4597(This)s 5073(gi)s 6(v)k 3(es)k 5620(rise)s +6020(to)s 6259(a)s 6425(lar)s 4(ge)k 6954(and)s +7358(comple)s 3(x)k 8234(body)s 8768(of)s 0 6485(code)m +508(which)s 1150(must)s 1675(be)s 1957(trusted)s 2665(with)s +3147(the)s 3495(security)s 4305(of)s 4576(the)s 4924(system.)s +0 6077(Using)m gsave +625 6131 translate +0.6953 1.0000 scale +240 fnt31 0 -52(userv)m +grestore +1185(man)s 3(y)k +1768(of)s 2039(these)s 2586(subsystems)s 3727(no)s 4020(longer)s +4691(need)s 5201(an)s 3(y)k 5598(unusual)s 6398(pri)s 6(vile)k 3(ge.)k +gsave +0 5723 translate +0.6953 1.0000 scale +240 fnt31 0 -52(cron)m +grestore +455 5669(and)m gsave +853 5723 translate +0.6953 1.0000 scale +240 fnt31 0 -52(at)m + +grestore +1053(,)s gsave +1154 5723 translate +0.6953 1.0000 scale +240 fnt31 0 -52(lpr)m +grestore +1509(and)s 1907(the)s +2249(system')s 13(s)k 3117(mail)s 3591(transfer)s 4373(agent)s +4945($)s gsave +5018 5723 translate +0.6953 1.0000 scale +240 fnt31 0 -52(sendmail)m +grestore +5819(,)s gsave +5921 5723 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(smail)m +grestore +6421(,)s gsave +6522 5723 translate +0.6953 1.0000 scale +240 fnt31 0 -52(exim)m +grestore +6976(or)s +7229(the)s 7572(lik)s 2(e$)k 8050(all)s 8337(f)s 2(all)k +8701(into)s 0 5429(this)m 396(cate)s 3(gory)k 15(.)k +9066 670 0 670 240 240 60 0 4405 LoutGr2 +newpath 0 ysize 0.3 ft sub moveto +xsize 0 rlineto +0 0.1 ft rlineto +xsize neg 0 rlineto +closepath fill +grestore +320 fnt84 0 66(6.3.)m 628(Do)s 1092(not)s 1615(gi)s 3(v)k 3(e)k +2234(away)s 3019(excessi)s 3(v)k 3(e)k 4312(pri)s 3(vilege)k +5571(to)s gsave +5910 139 translate +0.6953 1.0000 scale +320 fnt31 0 -70(userv)m +grestore +6577(-using)s 7484(facilities)s + +grestore +0 3943(There)m 613(is)s 823(a)s 989(danger)s 1700(that)s +2118(people)s 2812(reimplementing)s 4378(the)s 4726(f)s 2(acilities)k +5595(I)s 5730(mention)s 6571(abo)s 3(v)k 3(e)k +7193(using)s gsave +7765 3997 translate +0.6953 1.0000 scale +240 fnt31 0 -52(userv)m +grestore +8325(will)s 0 3703(discard)m +731(much)s 1303(of)s 1557(the)s 1888(security)s 2680(bene\207t)s +3374(by)s 3651(using)s 4206(a)s 4355(nai)s 6(v)k 3(e)k +4902(implementation)s 6442(technique.)s 7459(This)s 7918(will)s 8326(become)s +0 3463(clearer)m 708(with)s 1190(an)s 1473(e)s 3(xample:)k +0 3055(Consider)m 924(the)s gsave +1272 3109 translate +0.6953 1.0000 scale +240 fnt31 0 -52(lpr)m +grestore +1632(program.)s +2546(In)s 2802(current)s 3538(systems)s 4346(this)s 4742(needs)s +5338(to)s 5577(ha)s 4(v)k 3(e)k 6078(an)s +6361(absolutely)s 7398(pri)s 6(vile)k 3(ged)k 0 2815(component)m +1124(in)s 1367(order)s 1931(to)s 2170(support)s 2948(delayed)s +3750(printing)s 4560(without)s 5351(cop)s 2(ying:)k 6227(when)s +6803(the)s 7151(user)s 7609(queues)s 8325(a)s 8491(\207le)s +0 2575(to)m 239(be)s 521(printed)s 1256(the)s 1604(\207lename)s +2483(is)s 2693(stored)s 3335(in)s 3578(the)s 3926(print)s +4437(queue,)s 5116(rather)s 5732(than)s 6201(a)s 6367(cop)s 2(y)k +6885(of)s 7156(it,)s 7395(and)s 7799(the)s 8147(printer)s +0 2335(daemon)m 813(accesses)s 1671(the)s 2016(\207le)s 2375(directly)s +3155(when)s 3729(it)s 3918(is)s 4126(ready)s 4708(to)s +4945(print)s 5453(the)s 5799(job)s 9(.)k 6197(In)s +6451(order)s 7012(that)s 7428(the)s 7773(user)s 8229(can)s +8615(print)s 0 2095(\207les)m 449(which)s 1091(are)s 1438(not)s +1804(w)s 2(orld-readable)k 3304(the)s 3652(daemon)s 4467(is)s +4677(gi)s 6(v)k 3(en)k 5257(root)s 5702(pri)s 6(vile)k 3(ge)k +6598(so)s 6864(that)s 7282(it)s 7474(can)s 7863(open)s +8386(the)s 8734(\207le)s 0 1855(in)m 243(the)s 591(conte)s 3(xt)k +1352(of)s 1623(the)s 1971(user)s 9(,)k 2467(rather)s +3083(than)s 3552(its)s 3828(o)s 6(wn.)k 0 1447(A)m +212(simple-minded)s 1686(approach)s 2602(to)s 2823(con)s 9(v)k 3(erting)k +3868(this)s 4246(scheme)s 5001(to)s 5222(use)s gsave +5579 1501 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(userv)m +grestore +6120(might)s 6720(in)s 9(v)k 4(olv)k 3(e)k +7460(gi)s 6(ving)k 8101(the)s 8430(printer)s 0 1207(daemon)m +811($the)s gsave +1233 1261 translate +0.6953 1.0000 scale +240 fnt31 0 -52(lp)m +grestore +1489(user$)s 2010(the)s +2354(ability)s 3013(to)s 3248(read)s 3712(the)s 4055(\207le)s +4412(by)s 4701(allo)s 6(wing)k 5581(them)s 6114(to)s +6349(run)s gsave +6720 1261 translate +0.6953 1.0000 scale +240 fnt31 0 -52(cat)m +grestore +7076($or)s 7409(a)s +7570(special-purpose)s 0 967(\207le-reading)m 1140(program$)s 2063(as)s 2299(an)s 3(y)k +2681(user)s 13(.)k 3155(The)s gsave +3569 1021 translate +0.6953 1.0000 scale +240 fnt31 0 -52(lpr)m + +grestore +3914(program)s 4769(w)s 2(ould)k 5410(use)s 5770(a)s +gsave +5922 1021 translate +0.6953 1.0000 scale +240 fnt31 0 -52(userv)m +grestore +6467(service)s 7184(to)s 7409(store)s +7914(the)s 8247(\207lename)s 0 727(in)m 243(the)s 591(printer)s +1287(daemon')s 13(s)k 2255(queues,)s 3027(and)s 3431(the)s +3779(daemon)s 4594(w)s 2(ould)k 5249(read)s 5718(the)s +6066(\207le)s 6427(later)s 6910(when)s 7486(it)s 7678(felt)s +8055(lik)s 2(e)k 8467(it.)s 0 52(0.61.1)m 4809(User)s +5320(service)s 6052(daemon)s 6867(and)s 7271(client)s 7861(speci\207cation)s + +grestore + +grestore + +pgsave restore +showpage + +%%Page: 21 21 +%%BeginPageSetup +%%PageResources: font Times-Roman +%%+ font Times-Bold +%%+ font Courier-Bold +%%+ font Times-Italic +/pgsave save def +0.0500 dup scale 10 setlinewidth +%%EndPageSetup +gsave +0 0 translate +240 fnt82 0.0 0.0 0.0 setrgbcolor 11900 16840 0 16840 240 240 60 LoutGraphic +gsave +LoutPageSet +grestore +gsave +0 16840 translate +0.0000 rotate + +grestore + +grestore +gsave +0 16840 translate +0.0000 rotate +gsave +1417 -15423 translate +240 fnt82 0.0 0.0 0.0 setrgbcolor 9066 14006 0 14006 240 240 60 LoutGraphic +gsave +1 LoutMargSet +grestore +240 fnt84 8839 13842(21)m 240 fnt82 0 13254(Ho)m 6(we)k 6(v)k 3(er)k 9(,)k +960(this)s 1356(w)s 2(ould)k 2011(allo)s 6(w)k +2590(the)s 2938(printer)s 3634(daemon)s 4449(to)s 4688(read)s +5157(an)s 3(y)k 5554(\207le)s 5915(on)s 6212(the)s +6560(system,)s 7331(whether)s 8161(or)s 8420(not)s 0 13014(someone)m +907(had)s 1311(ask)s 2(ed)k 1912(for)s 2250(it)s +2442(to)s 2681(be)s 2963(printed.)s 3744(Since)s 4331(man)s 3(y)k +4914(\207les)s 5363(will)s 5789(contain)s 6550(passw)s 2(ords)k +7596(and)s 8000(other)s 0 12774(security-critical)m 1551(information)s 2736(this)s +3132(is)s 3342(nearly)s 3993(as)s 4243(bad)s 4647(as)s +4897(gi)s 6(ving)k 5556(the)s 5904(daemon)s 6719(root)s +7164(access)s 7825(in)s 8068(the)s 8416(\207rst)s 0 12534(place.)m +608(An)s 3(y)k 1072(security)s 1882(holes)s 2438(in)s +2681(the)s 3029(print)s 3540(serv)s 3(er)k 4180(which)s +4822(allo)s 6(w)k 5401(a)s 5567(user)s 6025(to)s +6264(e)s 3(x)k 3(ecute)k 7044(commands)s 8132(as)s +8382(the)s gsave +8730 12588 translate +0.6953 1.0000 scale +240 fnt31 0 -52(lp)m +grestore +0 12294(user)m 458(will)s +884(gi)s 6(v)k 3(e)k 1343(the)s 1691(user)s +2149(the)s 2497(ability)s 3161(to)s 3400(read)s 3869(an)s 3(y)k +4266(\207le)s 4627(on)s 4924(the)s 5272(system.)s 0 11886(Instead,)m +790(it)s 975(is)s 1178(necessary)s 2153(to)s 2385(k)s 2(eep)k +2881(a)s 3040(record)s 3700(of)s 3964(which)s 4599(\207les)s +5040(the)s 5381(daemon)s 6189(has)s 6552(been)s 7053(ask)s 2(ed)k +7647(to)s 7879(print)s 240 fnt83 8382 11888(outside)m 240 fnt82 +0 11646(the)m 348(control)s 1080(of)s 1351(the)s 1699(print)s +2210(daemon.)s 3072(This)s 3548(record)s 4216(could)s 4806(be)s +5088(k)s 2(ept)k 5558(by)s 5852(a)s 6018(ne)s 6(w)k +6465(root-pri)s 6(vile)k 3(ged)k 7947(component,)s 0 11406(b)m 4(ut)k +352(this)s 737(is)s 936(not)s 1291(necessary:)s 2315(the)s +2652(record)s 3309(of)s 3569(which)s 4200(\207les)s 4638(a)s +4794(user)s 5241(has)s 5600(ask)s 2(ed)k 6190(to)s +6418(be)s 6689(printed)s 7413(can)s 7791(be)s 8062(k)s 2(ept)k +8521(under)s 0 11166(the)m 348(control)s 1080(of)s 1351(the)s +1699(user)s 2157(in)s 2400(question.)s 3315(The)s 3743(submission)s +4877(program)s gsave +5747 11220 translate +0.6953 1.0000 scale +240 fnt31 0 -52(lpr)m +grestore +6107(will)s 6533(mak)s 2(e)k +7105(a)s 7271(record)s 7939(in)s 8182(an)s 8465(area)s +0 10926(under)m 605(the)s 953(user')s 13(s)k 1561(control)s +2293(before)s 2959(communicating)s 4500(with)s 4982(the)s 5330(print)s +5841(serv)s 3(er)k 9(,)k 6519(and)s 6923(the)s +7271(print)s 7782(serv)s 3(er)k 8422(w)s 2(ould)k +0 10686(be)m 279(gi)s 6(v)k 3(en)k 855(the)s +1199(ability)s 1859(to)s 2094(run)s 2466(a)s 2628(special)s +3342(\207le-reading)s 4493(program)s 5359(which)s 5997(w)s 2(ould)k +6648(only)s 7124(allo)s 6(w)k 7699(\207les)s 8144(to)s +8379(be)s 8657(read)s 0 10446(which)m 642(were)s 1162(listed)s +1737(in)s 1980(the)s 2328(user')s 13(s)k 2936(\207le)s +3297(of)s 3568(things)s 4204(the)s 3(y')k 12(d)k +4858(ask)s 2(ed)k 5459(to)s 5698(print.)s 0 10038(No)m 6(w)k +502(security)s 1300(holes)s 1844(in)s 2075(most)s 2588(of)s +2846(the)s 3182(printing)s 3980(system)s 4692(do)s 4973(not)s +5327(critically)s 6215(af)s 6(fect)k 6799(the)s 7135(security)s +7933(of)s 8192(the)s 8527(entire)s 0 9798(system:)m 770(the)s 3(y)k +1233(only)s 1713(allo)s 6(w)k 2292(the)s 2640(attack)s 2(er)k +3453(to)s 3692(read)s 4161(and)s 4565(interfere)s 5428(with)s +5910(print)s 6421(jobs.)s 6924(Bugs)s 7468(in)s 7711(the)s +8059(programs)s 0 9558(run)m 373(by)s 664(the)s 1009(print)s +1517(serv)s 3(er)k 2154(to)s 2390(read)s 2856(users')s +3456(\207les)s 3902($and)s 4382(to)s 4618(remo)s 3(v)k 3(e)k +5382(entries)s 6066(from)s 6587(the)s 6932(list)s 7280(of)s +7548(\207les)s 7994(when)s 8567(it)s 8756(has)s 0 9318(done)m +522(with)s 1004(them$)s 1610(will)s 2036(still)s 2448(be)s +2730(serious,)s 3514(b)s 4(ut)k 3876(this)s 4272(program)s +5142(can)s 5531(be)s 5813(quite)s 6347(simple.)s 0 8910(Similar)m +762(considerations)s 2194(apply)s 2780(to)s 3019(man)s 3(y)k +gsave +3602 8964 translate +0.6953 1.0000 scale +240 fnt31 0 -52(userv)m +grestore +4102(-based)s 4784(v)s 3(ersions)k +5629(of)s 5900(f)s 2(acilities)k 6769(which)s 7411(currently)s +8327(run)s 0 8670(as)m 250(root.)s 0 8262(It)m 198(is)s +401(debatable)s 1366(whether)s 2189(the)s 2530(user)s 4(-controlled)k +4023(state)s 4509(should)s 5199(be)s 5474(k)s 2(ept)k +5937(in)s 6173(the)s 6514(user')s 13(s)k 7115(\207lespace)s +8000($in)s 8315(dot\207les,)s 0 8022(say$)m 440(or)s 692(k)s 2(ept)k +1155(in)s 1391(a)s 1550(separate)s 2381(area)s 2831(set)s +3149(aside)s 3688(for)s 4019(the)s 4360(purpose;)s 5223(ho)s 6(we)k 6(v)k 3(er)k 9(,)k +6123(using)s 6688(the)s 7029(user')s 13(s)k 7630(home)s +8210(directory)s 0 7782($and)m 468(probably)s 1357(creating)s 2164(a)s +2314(separate)s 3137(subdirectory)s 4370(of)s 4626(it)s 4802(as)s +5037(a)s 5187(dot\207le)s 5839(to)s 6062(contain)s 6808(man)s 3(y)k +7375(subsystems')s 8561(state$)s 0 7542(has)m 370(fe)s 6(wer)k +967(implications)s 2199(for)s 2537(the)s 2885(rest)s 3289(of)s +3560(the)s 3908(system)s 4632(and)s 5036(mak)s 2(es)k +5696(it)s 5888(entirely)s 6671(clear)s 7194(where)s 7834(the)s +8182(security)s 0 7302(boundaries)m 1101(lie.)s 9066 670 0 670 240 240 60 0 6278 LoutGr2 +newpath 0 ysize 0.3 ft sub moveto +xsize 0 rlineto +0 0.1 ft rlineto +xsize neg 0 rlineto +closepath fill +grestore +320 fnt84 0 66(6.4.)m +gsave +628 139 translate +0.6953 1.0000 scale +320 fnt31 0 -70(userv)m +grestore +1375(is)s 1659(not)s 2182(a)s +2419(r)s 5(eplacement)k 4178(f)s 8(or)k gsave +4655 139 translate +0.6953 1.0000 scale +320 fnt31 +0 -70(really)m +grestore +5536(and)s gsave +6123 139 translate +0.6953 1.0000 scale +320 fnt31 0 -70(sudo)m +grestore + +grestore +gsave +0 5870 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(userv)m +grestore +560 5816(is)m 770(not)s 1136(intended)s 2018(as)s +2268(a)s 2434(general-purpose)s 4030(system)s 4754(administration)s 6191(tool)s +6618(with)s 7100(which)s 7742(system)s 0 5576(administrators)m 1398(can)s +1767(e)s 3(x)k 3(ecute)k 2528(pri)s 6(vile)k 3(ged)k +3526(programs)s 4461(when)s 5017(the)s 3(y)k 5461(need)s +5951(to.)s 6222(It)s 6407(is)s 6598(unsuitable)s 7617(for)s +7936(this)s 8312(purpose)s 0 5336(precisely)m 916(because)s 1729(it)s +1921(enforces)s 2781(a)s 2947(strong)s 3598(separation)s 4637(between)s +5491(the)s 5839(calling)s 6542(and)s 6946(the)s 7294(called)s +7922(program,)s 0 5096(which)m 642(is)s 852(undesirable)s 2010(in)s +2253(this)s 2649(conte)s 3(xt.)k 0 4688(Its)m 289(f)s 2(acilities)k +1158(for)s 1496(restricting)s 2516(acti)s 6(vities)k 3422(to)s +3661(running)s 4459(certain)s 5165(programs)s 6119(may)s 6585(at)s +6817(\207rst)s 7248(glance)s 7928(seem)s 8479(to)s 0 4420(pro)m 3(vide)k +769(similar)s 1476(functionality)s 2736(to)s gsave +2960 4474 translate +0.6953 1.0000 scale +240 fnt31 0 -52(sudo)m + +grestore +153 fnt82 3360 4509(1)m 240 fnt82 3420 4420(.)m 3509(Ho)s 6(we)k 6(v)k 3(er)k 9(,)k +4454(the)s 4787(separation)s 5811(mentioned)s 6864(abo)s 3(v)k 3(e)k +7471(is)s 7666(a)s 7817(problem)s 8659(here)s 0 4180(too,)m +413(particular)s 1387(for)s 1725(interaction)s 2803(-)s 2931(it)s +3123(can)s 3512(be)s 3794(hard)s 4277(for)s 4615(a)s +gsave +4781 4234 translate +0.6953 1.0000 scale +240 fnt31 0 -52(userv)m +grestore +5341(service)s 6073(program)s 6943(to)s +7182(interact)s 7957(with)s 8439(its)s 8714(real)s 0 3940(caller)m +589(or)s 848(the)s 1196(user)s 1654(in)s 1897(question.)s +9066 670 0 670 240 240 60 0 2916 LoutGr2 +newpath 0 ysize 0.3 ft sub moveto +xsize 0 rlineto +0 0.1 ft rlineto +xsize neg 0 rlineto +closepath fill +grestore +320 fnt84 0 66(6.5.)m 628(Don't)s 1488(gi)s 3(v)k 3(e)k +2107(access)s 3013(to)s 3352(general-pur)s 3(pose)k 5640(utilities)s + +grestore +0 2454(Do)m 346(not)s 712(specify)s 1456(general)s 2214(purpose)s +3028(programs)s 3982(lik)s 2(e)k gsave +4394 2508 translate +0.6953 1.0000 scale +240 fnt31 0 -52(mv)m + +grestore +4654(or)s gsave +4913 2508 translate +0.6953 1.0000 scale +240 fnt31 0 -52(cat)m +grestore +5273(in)s gsave +5516 2508 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(execute\211)m +grestore +6377(directi)s 6(v)k 3(es)k 7347(without)s +8138(careful)s 0 2214(thought)m 792(about)s 1384(their)s 1881(ar)s 4(guments,)k +2980(and)s 3384(certainly)s 4273(not)s 4639(if)s gsave +4856 2268 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(no\211suppress\211args)m +grestore +6518(is)s 6728(speci\207ed.)s 7682(If)s 7912(you)s +8327(do)s 8620(so)s 8886(it)s 0 1974(will)m 426(gi)s 6(v)k 3(e)k +885(the)s 1233(caller)s 1822(much)s 2411(more)s 2958(pri)s 6(vilige)k +3817(than)s 4286(you)s 4701(probably)s 5606(intend.)s 0 1566(It)m +205(is)s 415(a)s 581(shame)s 1248(that)s 1666(I)s +1801(ha)s 4(v)k 3(e)k 2302(to)s 2541(say)s +2914(this)s 3310(here,)s 3828(b)s 4(ut)k 4190(ine)s 3(xperienced)k +5586(administrators)s 7003(ha)s 4(v)k 3(e)k 7504(made)s +8078(similar)s 1134 0 0 0 240 240 60 0 1178 LoutGr2 +0 0 moveto xsize 0 lineto stroke +grestore + +grestore +122 fnt82 0 983(1)m gsave +58 956 translate +0.6953 1.0000 scale +192 fnt31 0 -42(sudo)m + +grestore +192 fnt82 425 913(is)m 593(a)s 726(program)s 1422(which)s +1936(allo)s 4(ws)k 2472(users)s 2905(to)s 3097(e)s 2(x)k 2(ecute)k +3723(certain)s 4289(programs)s 5052(as)s 5252(root,)s 5646(according)s +6444(to)s 6636(con\207guration)s 7703(\207les)s 8062(speci\207ed)s 8789(by)s +0 683(the)m 279(system)s 858(administrator)s 10(.)k 240 fnt82 +0 52(User)m 511(service)s 1243(daemon)s 2058(and)s 2462(client)s +3052(speci\207cation)s 8491(0.61.1)s +grestore + +grestore + +pgsave restore +showpage + +%%Page: 22 22 +%%BeginPageSetup +%%PageResources: font Times-Roman +%%+ font Times-Bold +%%+ font Courier-Bold +/pgsave save def +0.0500 dup scale 10 setlinewidth +%%EndPageSetup +gsave +0 0 translate +240 fnt82 0.0 0.0 0.0 setrgbcolor 11900 16840 0 16840 240 240 60 LoutGraphic +gsave +LoutPageSet +grestore +gsave +0 16840 translate +0.0000 rotate + +grestore + +grestore +gsave +0 16840 translate +0.0000 rotate +gsave +1417 -15423 translate +240 fnt82 0.0 0.0 0.0 setrgbcolor 9066 14006 0 14006 240 240 60 LoutGraphic +gsave +0 LoutMargSet +grestore +240 fnt84 0 13842(22)m 240 fnt82 0 13254(mistak)m 2(es)k +885(with)s 1367(programs)s 2321(lik)s 2(e)k gsave +2733 13308 translate +0.6953 1.0000 scale +240 fnt31 +0 -52(sudo)m +grestore +3133(.)s 0 52(0.61.1)m 4809(User)s 5320(service)s +6052(daemon)s 6867(and)s 7271(client)s 7861(speci\207cation)s +grestore + +grestore + +pgsave restore +showpage + +%%Trailer +%%DocumentNeededResources: font Courier-Bold +%%+ font Times-Roman +%%+ font Times-Italic +%%+ font Times-Bold +%%DocumentSuppliedResources: procset LoutStartUp +%%+ procset LoutMarginNotes +%%+ encoding vec2 +%%Pages: 22 +%%EOF diff --git a/spec.sgml b/spec.sgml new file mode 100644 index 0000000..2126247 --- /dev/null +++ b/spec.sgml @@ -0,0 +1,1385 @@ + + + +User service daemon and client specification +<author>Ian Jackson <email>ian@davenant.greenend.org.uk +<version>0.61.1</version> + +<abstract> +This is a specification for a Unix system facility to allow one +program to invoke another when only limited trust exists +between them. + +<copyright> +<prgn/userv/ is Copyright 1996-1999 Ian Jackson. + + +<prgn/userv/ is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + + +This program is distributed in the hope that it will be useful, but +<em/without any warranty/; without even the implied warranty of +<em/merchantability/ or <em/fitness for a particular purpose/. See +the GNU General Public License for more details. + + +You should have received a copy of the GNU General Public License +along with <prgn/userv/; if not, write to the Free Software +Foundation, 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + +<toc sect> + +<chapt id="intro">Introduction + +There is a daemon which invokes user service programs (henceforth +`services') in response to requests by callers of a companion client +program (henceforth the `client') and according to rules set forth in +system-wide and user-specific configuration files. The companion +client program is setuid root, and negotiates with the daemon through +an <prgn/AF_UNIX/ socket and associated objects in a system-wide +private directory set aside for the purpose. The user who wishes the +service to be performed and calls the client is called the `calling +user'; the process which calls the client is called the `calling +process'. + + +The daemon and the client are responsible for ensuring that +information is safely carried across the security boundary between the +two users, and that the processes on either side cannot interact with +each other in any unexpected ways. + +<chapt id="client">Client program usage + + +<example> +userv <var/options/ [--] <var/service-user/ <var/service-name/ [<var/argument/ ...] +userv <var/options/ -B|--builtin [--] <var/builtin-service/ [<var/info-argument/ ...] +</example> + + +<var/service-user/ specifies which user is to provide the service. +The user may be a login name or a numeric uid, or <tt/-/ to indicate +that the service user is to be the same as the calling user. + + +The service name is interpreted by the userv<footnote><prgn/userv/ is +short for `user services', and is pronounced `you-serve'.</footnote> +daemon on behalf of the service user. It will often be the name of a +program. + +<sect>Options + + +Single-letter options may be combined as is usual with Unix programs, +and the value for such an option may appear in the same argument or in +the next. + +<taglist> +<tag/<tt/-B// +<tag/<tt/--builtin// +<item> +Requests that a builtin service be provided. This is equivalent to +using the <prgn/--override/ option to specify a string consisting of +<prgn/execute-builtin/ followed by the <var/builtin-service/ +requested, and requesting a service user of <tt/-/ (indicating the +calling user). + + +If the builtin service being requested requires a +<var/service-argument/ then this must be supplied to the client in the +same argument as the <var/builtin-service/. See <ref +id="dirs-execution"> for details of the builtin services available, +and <ref id="optoverride"> for details of the <prgn/--override/ +options. + + +The actual service name passed will be the <var/builtin-service/; note +that this actual service name (as opposed to the override data) and +the <var/info-argument/s supplied will be ignored by most builtin +services; the override mechanism and <prgn/execute-builtin/ will be +used to ensure that the right builtin service is called with the right +<var/service-argument/s. + +<tag/<tt/-f<var/fd/[<var/modifiers/]=<var/filename/// +<tag/<tt/--file <var/fd/[<var/modifiers/]=<var/filename/// +<item> +Requests that data be copied in and out of the service using pipes. +For each file or descriptor this will be done by creating a pipe, one +end of which is passed to the service program and the other end of +which is passed to a copy of <prgn/cat/ invoked by the client; the +other file descriptor passed to <prgn/cat/ will be one inherited by +the client program from the caller or one opened by the client program +on behalf of the caller. + + +The descriptor in the service program that should be connected must be +specified as <var/fd/, either as a decimal number or as one of the +strings <tt/stdin/, <tt/stdout/ or <tt/stderr/. The next argument is +a filename which will be opened by the client with the privileges of +the calling user. + + +<var/modifiers/ is used to specify whether the file or descriptor is +to be read from or written to. It consists of a series of words +separated by commas. A comma may separate the <var/modifiers/ from +the <var/fd/ and is required if <var/fd/ is not numeric. + + +The modifier words are: +<taglist compact> +<tag/<tt/read// +<item> +<tt/O_RDONLY/: Allow reading and not writing. May not be used with +<tt/write/ or things that imply it. + +<tag/<tt/write// +<item> +<tt/O_WRONLY/: Allow writing and not reading. <em/Doesn't truncate or +create/ without <tt/truncate/ or <tt/create/. <tt/write/ or things +that imply it may not be used with <tt/read/. + +<tag/<tt/overwrite// +<item> +Equivalent to <tt/write,create,truncate/. + +<tag/<tt/create// +<tag/<tt/creat// +<item> +<tt/O_CREAT/: Creates the file if necessary. Implies <tt/write/. + +<tag/<tt/exclusive// +<tag/<tt/excl// +<item> +<tt/O_EXCL/: Fails if the file already exists. Implies <tt/write/ and +<tt/create/. May not be used with <tt/truncate/. + +<tag/<tt/truncate// +<tag/<tt/trunc// +<item> +<tt/O_TRUNC/: Truncate any existing file. Implies <tt/write/. +May not be used with <tt/exclusive/. + +<tag/<tt/append// +<item> +<tt/O_APPEND/: All writes will append to the file. Implies <tt/write/ +(but not <tt/create/). + +<tag/<tt/sync// +<item> +<tt/O_SYNC/: Do writes synchronously. Implies <tt/write/. + +<tag/<tt/wait// +<tag/<tt/nowait// +<tag/<tt/close// +<item> + +These modifiers control the behaviour of the client, with respect to +the pipes carrying data to and from the service, when the service +terminates. See below. + +<tag/<tt/fd// +<item> +The <var/filename/ is not a filename but a numeric file descriptor. +One or both of <tt/read/ and <tt/write/ must be specified, and no +other words are allowed. The <var/filename/ may also be <tt/stdin/, +<tt/stdout/ or <tt/stderr/ for file descriptor 0, 1 or 2 respectively. + +</taglist> + + +If no <var/modifiers/ which imply <tt/read/ or <tt/write/ are used it +is as if <tt/write/ had been specified, except that if the +filedescriptor 0 of the service is being opened (either specified +numerically or with <tt/stdin/) it is as if <tt/overwrite/ had been +specified (or <tt/write/ if only <tt/fd/ was specified). + + +The client will also use <tt/O_NOCTTY/ when opening files specified by +the caller, to avoid changing its controlling terminal. + + +By default stdin, stdout and stderr of the service will be connected +to the corresponding descriptors on the client. Diagnostics from +the client and daemon will also appear on stderr. + + +If <tt/wait/ is specified, the client will wait for the pipe to be +closed, and only exit after this has happened. This means that either +the receiving end of the pipe connection was closed while data was +still available at the sending end, or that the end of file was +reached on the reading file descriptor. Errors encountered reading or +writing in the client at this stage will be considered a system error +and cause the client to exit with status 255, but will not cause +disconnection at the service side since the service has already +exited. + + +If <tt/close/ is specified the client will immediately close the pipe +connection by killing the relevant copy of <prgn/cat/. If the service +uses the descriptor it will get <prgn/SIGPIPE/ (or <prgn/EPIPE/) for a +writing descriptor or end of file for a reading one; the descriptor +opened by or passed to the client will also be closed. + + +If <tt/nowait/ is specified then the client will not wait and the +connection will remain open after the client terminates. Data may +continue to be passed between the inheritors of the relevant +descriptor on the service side and the corresponding file or +descriptor on the client side until either side closes their +descriptor. This should not usually be specified for stderr (or +stdout if <tt/--signals stdout/ is used) since diagnostics from +the service side may arrive after the client has exited and be +confused with expected output. + + +The default is <tt/wait/ for writing file descriptors and <tt/close/ +for reading ones. + +<tag/<tt/-w<var/fd/=<var/action/// +<tag/<tt/--fdwait<var/fd/=<var/action/// +<item> +Sets the action on termination of the service for the specified file +descriptor; <var/action/ must be <tt/wait/, <tt/nowait/ or <tt/close/ +as described above. The file descriptor must be specified as open +when this option is encountered; this option is overridden by any +later <prgn/--file/ or <prgn/--fdwait/ option - even by a +<prgn/--file/ which does not specify an action on termination (in this +case the default will be used, as described above). + +<tag/<tt/-D<var/name/=<var/value/// +<tag/<tt/--defvar <var/name/=<var/value/// +<item> +Set a user-defined variable <var/name/ to <var/value/. These +user-defined variables are made available in the configuration +language as the parameters <tt/u-<var/name// and are passed to the +service in environment variables <tt/USERV_U_<var/name//. <var/name/ +may contain only alphanumerics and underscores, and must start with a +letter. If several definitions are given for the same <var/name/ then +only the last is effective. + +<tag/<tt/-t <var/seconds/// +<tag/<tt/--timeout <var/seconds/// +<item> +Time out the service if it takes longer than <var/seconds/ seconds (a +positive integer, in decimal). Timeout will produce a diagnostic on +stderr and an exit status of 255. If <var/seconds/ is zero then no +timeout will be implemented (this is the default). + +<tag/<tt/-S/ <var/method// +<tag/<tt/--signals/ <var/method// +<item> +Affects the handling of the exit status when the service terminates +due to a signal. (The client will always finish by calling +<prgn/_exit/, so that only numbers from 0 to 255 can be returned and +not the full range of numbers and signal indications which can be +returned by the <prgn/wait/ family of system calls.) + + +The <var/method/ may be one of the following: +<taglist compact> +<tag/<var/status/ +<item> +The client's exit status will be <var/status/. This will not be +distinguishable from the service really having exited with code +<var/status/. This method is the default, with a <var/status/ of 254. + +<tag/<tt/number// +<tag/<tt/number-nocore// +<item> +The client's exit status will be the number of the signal which caused +the termination of the service. If <tt/number/ is used rather than +<tt/number-nocore/ then 128 will be added if the service dumped core. +<tt/number/ is very like the exit code mangling done by the Bourne +shell. + +<tag/<tt/highbit// +<item>The client's exit status will be the number of the signal with +128 added. If the service exits normally with an exit code of greater +than 127 then 127 will be returned. + +<tag/<tt/stdout// +<item> +The service's numeric wait status as two decimal numbers (high byte +first) and a textual description of its meaning will be printed to the +client's standard output. It will be preceded by a newline and +followed by an extra newline, and the numbers are separated from each +other and from the textual description by single spaces. The exit +status of the client will be zero, unless a system error occurs in +which case no exit status and description will be printed to stdout, +and an error message will be printed to stderr as usual. +</taglist> + + +Problems such as client usage errors, the service not being found or +permission being denied or failure of a system call are system errors. +An error message describing the problem will be printed on the +client's stderr, and the client's exit status will be 255. If the +client dies due to a signal this should be treated as a serious system +error. + +<tag/<tt/-H// +<tag/<tt/--hidecwd// +<item> +Prevents the calling process's current directory name from being +passed to the service; the null string will be passed instead. + +<tag/<tt/-P// +<tag/<tt/--sigpipe// +<item> +If the service program is terminated due to a <prgn/SIGPIPE/ the exit +status of the client will be zero, even if it would have been +something else according to the exit status method specified. This +option has no effect on the code and description printed if the exit +status method <tt/stdout/ is in use. + +<tag/<tt/-h// +<tag/<tt/--help// +<tag/<tt/--copyright// +<item> +<tt/-h/ or <tt/--help/ prints the client's usage message; +<tt/--copyright/ prints the copyright and lack of warranty notice. + +</taglist> + +<sect id="optoverride">Security-overriding options + + +There are also some options which are available for debugging and to +allow the system administrator to override a user's policy. These +options are available only if the client is called by root or if the +calling user is the same as the service user. + +<taglist> + +<tag/<tt/--override <var/configuration-data/// +<tag/<tt/--override-file <var/filename/// +<item> +Do not read the usual configuration files. Instead, the client sends +<var/configuration-data/ (followed by a newline) or the contents of +<var/filename/ (which is opened in the context of the client) to the +daemon and the daemon uses that data instead. The +<var/configuration-data/ must all be in one argument. It will have a +single newline appended so that a single directive can easily be +given, but if more than one directive is required it will have to +contain one or more real newlines. + +<tag/<tt/--spoof-user <var/user/// +<item> +Pretend to the service that it is being called by <var/user/ (which +may be a username or a uid). This will also affect the group and +supplementary groups supplied to the service; they will be the +standard group and supplementary groups for <var/user/. The +<tt/--spoof-user/ option will <em/not/ affect which user is chosen if +the service user is specified as just <tt/-/; in this case the service +user will be the real calling user. + +</taglist> + + +<chapt id="envir">Execution environment of the service program + + +The daemon which is handling the service user side of things will read +configuration files to decide what to do. If it decides to allow the +service to be provided it will fork a subprocess to execute the +service. + + +The service will have no controlling terminal, but it will be a +process group leader. + + +If the client is killed or times out or a file or descriptor being +read or written by the client process gets an error then the service +will be disconnected from the client. The client will return an exit +status of 255 and some the service's pipes may be closed at the other +end. The service will become a child of <prgn/init/. The service may +well not notice the disconnection, though writing to a pipe after this +may produce a <prgn/SIGPIPE/ and the facility exists to have a +<prgn/SIGHUP/ sent to the service on disconnection. + +<sect>File descriptors + + +The service program's standard filedescriptors, and possibly other +file descriptors, will be connected to pipes or to +<prgn>/dev/null</>. The <prgn/userv/ client/daemon pair will arrange +that data is copied between the files or file descriptors specified to +to the client by the caller and these these pipes. + + +Pipes which may be written to will be closed if a write error occurs +on the corresponding client-side file or descriptor, which may result +in a <prgn/SIGPIPE/ in the service program; pipes open for reading +will get <prgn/EOF/ if the client-side file descriptor gets <prgn/EOF/ +or an error. + + +If the service closes one of its reading file descriptors the writing +end of the corresponding pipe will generate a <prgn/SIGPIPE/ when +attempts are made by the client/daemon pair to write to it. This will +not be considered an error; rather, the relevant pipe will be +discarded and the corresponding file or file descriptor held by the +client will be closed. + + +Likewise, if one of the file descriptors held by the client for +writing by the service is a pipe whose other end is closed by the +caller then the client/daemon pair will see an error when trying to +copy data provided by the service. This too will not be considered an +error; rather, the pipe correspondong to that descriptor will be +closed and any further writes will cause the service to get a +<prgn/SIGPIPE/. + + +Note that not all write errors or broken pipes on file descriptors may +be visible to the service, since buffered data may be discarded by the +operating system and there will be a finite interval between the error +happening and the service being disconnected from the client or the +next write causing a <prgn/SIGPIPE/. + + +Read errors on file descriptors (and disconnection) will only be +visible to the service and distinguishable from normal end of file if +<prgn/disconnect-hup/ is in effect. + + +Read and write errors (other than broken pipes, as described above) +will always be visible to the caller; they are system errors, and will +therefore cause the client to print an error message to stderr and +return with an exit status of 255. + + +If the main service program process exits while it still has running +children any file descriptors held by those children can remain open, +depending on the use of <tt/wait/, <tt/nowait/ or <tt/close/ for the +relevant file descriptor in the client's arguments. By default +writing filedescriptors remain open and the client will wait for them +to be closed at the service end, and reading file descriptors are +closed immediately. These leftover child processes will not get a any +<prgn/SIGHUP/ even if a read or write error occurs or the client +disconnects before then. + +<sect>Environment + + +The service will have some information in environment variables: +<taglist compact> +<tag/<tt/USERV_USER// +<item> +The login name of the calling user. If the <prgn/LOGNAME/ variable is +set (or, if that is unset, if the <prgn/USER/ variable is set) in the +environment passed to the client by the caller then the password entry +for that login name will be looked up; if that password entry's uid is +the same as that of the calling process then that login name will be +used, otherwise (or if neither <prgn/LOGNAME/ nor <prgn/USER/ is set) +the calling process's uid will be looked up to determine their login +name (and if this lookup fails then the service will not be invoked). + +<tag/<tt/USERV_UID// +<item> +The uid of the calling process. + +<tag/<tt/USERV_GID// +<item> +The gid and supplementary group list of the calling process: first the +group in gid and then those in the supplementary group list, in +decimal, separated by spaces. + +<tag/<tt/USERV_GROUP// +<item> +The group names of the calling process, listed in the same way as the +ids are in <prgn/USERV_GID/. If no name can be found for any of the +calling process's group(s) then the service will not be invoked. + +<tag/<tt/USERV_CWD// +<item> +The client's current working directory name (this directory may not be +accessible to the service). If it could not be determined or the +<prgn/--hidecwd/ flag was used then this variable will be set to an +empty string (this is not considered an error). + +<tag/<tt/USERV_SERVICE// +<item> +The service name requested by the caller. + +<tag/<tt/USERV_U_<var/name/// +<item> +The value supplied to the client by the caller using -D<var/name/. + +</taglist> + +<prgn/HOME/, <prgn/PATH/, <prgn/SHELL/, <prgn/LOGNAME/ and <prgn/USER/ +will be set appropriately (according to the details of the service +user). + + +<chapt id="config">Service-side configuration + + +Which services may be run by whom and under what conditions is +controlled by configuration files. + + +The daemon will read these files in order. Certain directives in the +files modify the daemon's execution settings for invoking the service, +for example allowing certain file descriptors to be specified by the +client or specifying which program to execute to provide the service. + + +The <em/last/ instance of each such setting will take effect. The +directives which specify which program to execute will not stop the +configuration file from being read; they will be remembered and will +only take effect if they are not overridden by a later directive. + + +The daemon will first read <tt>/etc/userv/system.default</>. Then, by +default (this behaviour may be modified), it will read a per-user file +<tt>~/.userv/rc</>, if it exists and the service user's shell is in +<tt>/etc/shells</>. Finally it will read +<tt>/etc/userv/system.override</>. + + +When it has read all of these files it will act according to the +currently values of of the execution settings. + +<sect>Configuration file syntax + + +The configuration file is a series of directives, usually one per +line. The portion of a line following a hash character <tt/#/ is +taken as a comment and ignored. Each directive consists of a series +of tokens separated by linear whitespace (spaces and tabs); tokens may +be words consisting of non-space characters, or, where a string is +required, a string in double quotes. Double-quoted strings may +contain the following backslash escapes: + +<taglist compact> +<tag/<tt/\n//<item>newline +<tag/<tt/\t//<item>tab +<tag/<tt/\r//<item>carriage return +<tag/<tt/\<var/OOO///<item>character whose octal code is <var/OOO/ +<tag/<tt/\x<var/XX///<item>character whose hex code is <var/XX/ +<tag/<tt/\<var/punctuation///<item>literal punctuation character (eg <tt/\\/, <tt/\"/) +<tag/<tt/\<var/newline// (ie, backslash at end of line)/ +<item>string continues on next line +</taglist> + + +Relative pathnames in directives are relative to the service program's +current directory (usually the service user's home directory). +Pathnames starting with the two characters <tt>~/</> are taken to be +relative to the service user's home directory. + +<sect id="directives">Configuration file directives + + +<sect1 id="dirs-immediate">Immediate directives + + +The following directives take effect immediately: + +<taglist> +<tag/<tt/cd <var/pathname/// +<item> +Change directory in the service program. <prgn/cd/ is cumulative. It +is an error if the directory cannot be changed to. + + +<prgn/cd/ should not be used between <prgn/execute-from-directory/ and +the invocation of the service program, as the test for the +availability of the service program would be done with the old current +directory and the actual execution with the new (probably causing an +error). + +<tag/<tt/eof// +<item> +Stop reading the configuration file in question, as if end of file had +been reached. Any control constructs (<prgn/if/, <prgn/catch-quit/ or +<prgn/errors-push/) which were started in that file will be considered +finished. Parsing will continue in the file which caused the file +containing the <prgn/eof/ to be read. + +<tag/<tt/quit// +<item> +Stop reading configuration files and act immediately on the current +settings. The behaviour of <prgn/quit/ is subject to the +<prgn/catch-quit/ control construct. + +<tag/<tt/include <var/filename/// +<tag/<tt/include-ifexist <var/filename/// +<item> +Read the configuration file <var/filename/, and then return to this +file and continue parsing it with the next directive. It is an error +if the file cannot be opened and read, unless <prgn/include-ifexist/ +is used and the file does not exist, in which case the directive is +silently ignored. + +<tag/<tt/include-lookup <var/parameter/ <var/directory/// +<tag/<tt/include-lookup-all <var/parameter/ <var/directory/// +<item> +Read the configuration file in <var/directory/ whose name is the value +of <var/parameter/ (see the description of <prgn/if/, <ref +id="dirs-control">). If <var/parameter/ has several values they will +be tried in order; with <prgn/include-lookup/ this search will stop +when one is found, but with <prgn/include-lookup-all/ the search will +continue and any files appropriate to other values will be read too. + + +If none of the parameter's values had a corresponding file then the +file <tt/:default/ will be read, if it exists. If <var/parameter/'s +list of values was empty then the file <tt/:none/ will be tried first +and read if it exists, otherwise <tt/:default/ will be tried. + + +It is not an error for any of the files (including <tt/:default/) not +to exist, but it is an error if a file exists and cannot be read or if +the directory cannot be accessed. + + +A translation will be applied to values before they are used to +construct a filename, so that the lookup cannot access dotfiles or +files in other directories: values starting with full stops will have +a colon prepended (making <tt/:./), colons will be doubled, and each +slash will be replaced with a colon followed by a hyphen <tt>:-</>. A +parameter value which is the empty string will be replaced with +<tt/:empty/ (note that this is different from a parameter not having +any values). + +<tag/<tt/include-directory <var/directory/// +<item> +Read configuration from all files in directory <var/directory/ which +are plain files whose names consist only of alphanumerics and hyphens +and start with an alphanumeric. They will be read in lexical order. +It is an error for the directory not to exist or for it or any of the +files found not to be read successfully, or for anything with an +appropriate name not to be a plain file or a symbolic link to a plain +file. + +<tag/<tt/error <var/text .../// +<item> +Causes an error whose message includes the descriptive string +<var/text/. <var/text/ may consist of several tokens with intervening +whitespace. The whitespace will be included in the message as found +in the configuration file: all the characters until the end of the +line will be included verbatim, unless they are part of a +double-quoted string, in which case the usual meaning of the string +(i.e., after backslash escape processing) will be used. Comments and +linear whitespace at the end of the line (or just before the comment) +will still be ignored. + +<tag/<tt/message <var/text .../// +<item> +Causes a message including the descriptive string <var/text/ to be +delivered as if it were an error message, but does not actually cause +an error. +</taglist> + +<sect1 id="dirs-delayed">Directives with delayed effect + + +The following directives have no immediate effect, but are remembered +and have an effect on later processing of the configuration files. + +<taglist> +<tag/<tt/user-rcfile <var/filename/// +<item> +Specifies that the file <var/filename/ should be read instead of the +user's <tt>~/.userv/rc</>. This does <em/not/ happen immediately; +instead, the setting is remembered and used after the +<prgn/system.default/ configuration file has been read. This +directive has no effect in a user's configuration file or in the +<prgn/system.override/ file, as the user's configuration file has +already been found and read by then and will not be re-read. + +<tag/<tt/errors-to-stderr// +<item> +Causes error messages to be delivered to the client's stderr. + +<tag/<tt/errors-to-file/ <var/filename// +<item> +Error messages will be written to <var/filename/, which will be opened +in the context of and with the privileges of the service user. + +<tag/<tt/errors-to-syslog/ [<var/facility/ [<var/level/]]/ +<item> +Error messages will be delivered using <prgn/syslog/. The default +<var/facility/ is <tt/user/; the default <var/level/ is <tt/error/. +</taglist> + +<sect1 id="dirs-control">Control structure directives + + +The following directives are used to create control structures. If +the end of the file is encountered before the end of any control +structure which was started inside it then that control structure is +considered finished. This is not an error. + +<taglist> +<tag/<tt/if <var/condition/// +<tag/<tt/elif <var/condition/// +<tag/<tt/else// +<tag/<tt/fi// +<item> +Lines following <prgn/if/ are interpreted only if the condition is +true. Many conditions are properties of parameter values. Most +parameters have a single string as a value; however, some may yield +zero or several strings, in which case the condition is true if it is +true of any of the strings individually. Parameters are described +below. + + +The conditions are: + +<taglist compact> +<tag/<tt/glob <var/parameter/ <var/glob-pattern/ ...// +<item> +The value of the parameter whose name is given matches one of the glob +patterns (anchored at both ends; backslashes can be used to escape +metacharacters). + +<tag/<tt/range <var/parameter/ <var/min/ <var/max/// +<item> +The value of the parameter is a nonnegative integer and lies within +the range specified. <var/min/ or <var/max/ may be <tt/$/ to indicate +no lower or upper limit, respectively. + +<tag/<tt/grep <var/parameter/ <var/filename/// +<item> +The <var/filename/ refers to a file one of whose lines is the value of +the parameter (leading or trailing whitespace on each line and empty +lines in the file are ignored). It is an error for the file not to be +opened and read. + +<tag/<tt/! <var/condition/// +<item> +The <var/condition/ is <em/not/ true. + +<tag/Conjunctions: <tt/&/ and <tt/|// +<item> +<example> +( <var/condition/ +& <var/condition/ +& <var/condition/ +... +) +</example> +is true if all the listed conditions are true; where <tt/|/ is used it +is true if any of them is true. Newlines must be used to separate one +condition from the next, as shown, and the parentheses are mandatory. +These conjunctions do not do lazy evaluation. +</taglist> + + +The parameters are: + +<taglist compact> +<tag/<tt/service// +<item> +The service name specified when the client was called. + +<tag/<tt/calling-user// +<item> +Two strings: the login name of the calling user (determined as for +<prgn/USERV_USER/, above) and the calling uid (represented in +decimal). + +<tag/<tt/calling-group// +<item> +Several strings: the primary and supplementary group names and gids +(in decimal) of the calling process. All the group names come first, +and then the gids. If the first supplementary group is the same as +the primary group then it is elided. + +<tag/<tt/calling-user-shell// +<item> +The calling user's shell, as listed in the password entry for the +calling login name (as determined for <prgn/USERV_USER/, above). + +<tag/<tt/service-user// +<item> +Two strings: the name of the service user (as specified to the client) +and their uid (represented in decimal). + +<tag/<tt/service-group// +<item> +Several strings: the primary and supplementary group names and gids +(in decimal) of the service user. + +<tag/<tt/service-user-shell// +<item> +The service user's shell, as listed in their password entry. + +<tag/<tt/u-<var/name/// +<item> +The value of the user-defined variable <var/name/ passed by the caller +using the <prgn/--defvar/ command-line option to the client. If the +variable was not defined then this parameter is an empty list of +strings; in this case any condition which tests it will be false, and +<tt/include-lookup/ on it will read the <tt/:none/ file, or +<tt/:default/ if <tt/:none/ is not found. + +</taglist> + +<tag/<tt/errors-push/ <var/filename// +<tag/<tt/srorre// +<item> +Stacks the error handling behaviour currently in effect. Any changes +to error handling will take effect only between <prgn/errors-push/ and +<prgn/srorre/. + +<tag/<tt/catch-quit// +<tag/<tt/hctac// +<item> +Any use of <prgn/quit/ inside <prgn/catch-quit/ will merely cause the +parsing to continue at <prgn/hctac/ instead. Any control constructs +started since the <prgn/catch-quit/ will be considered finished if a +<prgn/quit/ is found. + + +If an error occurs inside <prgn/catch-quit/ the execution settings +will be reset (as if by the <prgn/reset/ directive) and parsing will +likewise continue at <prgn/hctac/. + + +If a lexical or syntax error is detected in the same configuration +file as the <prgn/catch-quit/, while looking for the <prgn/hctac/ +after an error or <prgn/quit/, that new error will not be caught. + +</taglist> + +<sect1 id="dirs-execution">Directives for changing execution settings + + +The following directives modify the execution settings; the server +will remember the fact that the directive was encountered and act on +it only after all the configuration has been parsed. The <em/last/ +directive which modifies any particuar setting will take effect. + +<taglist> +<tag/<tt/reject// +<item> +Reject the request. <prgn/execute/, <prgn/execute-from-directory/ and +<prgn/execute-from-path/ will change this setting. + +<tag/<tt/execute <var/program/ [<var/argument/ ...]// +<item> +Execute the program <var/program/, with the arguments as specified, +followed by any arguments given to the client if +<prgn/no-suppress-args/ is in effect. It is an error for the +execution to fail when it is attempted (after all the configuration +has been parsed). If <var/program/ does not contain a slash it will +be searched for on the service user's path. + +<tag/<tt/execute-from-directory <var/pathname/ [<var/argument/ ...]// +<item> +Take all the characters after the last slash of the service name +specified when the client was called, and execute that program in the +directory named by <var/pathname/ as if it had been specified for +<var/execute/. The part of the service name used may contain only +alphanumerics and hyphens and must start with an alphanumeric (and it +must be non-empty), otherwise it is an error. + + +This directive is ignored if the relevant program does not exist in +the directory specified; in this case the program to execute is left +at its previous setting (or unset, if it was not set before). + + +It is an error for the test for the existence of the program to fail +other than with a `no such file or directory' indication. It is also +an error for the execution to fail if and when it is attempted (after +all the configuration has been parsed). + +<tag/<tt/execute-from-path// +<item> +<var/service/ is interpreted as a program on the default <prgn/PATH/ +(or as a pathname of an executable, if it contains a <tt>/</>). This +directive is <em/very dangerous/, and is only provided to make the +<prgn/--override/ options effective. It should not normally be used. +It is an error for the execution to fail when it is attempted (after +all the configuration has been parsed). + +<tag/<tt/execute-builtin <var/service-name/ <var/service-arguments// +<item> +Executes the builtin service <var/service-name/. These builtin +services display information about the server and/or the request, and +ignore any arguments passed from the service side except possibly to +print them as part of their output. They write their results to their +standard output (i.e., wherever file descriptor 1 is directed). The +builtin services are: + +<taglist compact> +<tag/<tt/execute// +<item> +Displays the execution settings, defined variables, +arguments, etc. with which the builtin service was invoked. + +<tag/<tt/environment// +<item> +Displays the environment variable settings with which the builtin +service was invoked. + +<tag/<tt/parameter <var/parameter/// +<item> +Displays the values of the service configuration language parameter +specified. + +<tag/<tt/version// +<item> +Displays the version string and compilation details of the uservd +server program. + +<tag/<tt/reset// +<item> +Displays the default reset configuration (evaluated when <prgn/reset/ +is found in a configuration file, or when an error is caught by +<prgn/catch-quit/). + +<tag/<tt/toplevel// +<item> +Displays the top-level default configuration (the configuration data, +evaluated by the server, which calls all the other configuration +files). + +<tag/<tt/override// +<item> +Displays the top-level override configuration (the configuration data, +evaluated by the server, which causes all the other configuration data +to be parsed). + +<tag/<tt/help// +<item> +Displays a list of the understood builtin service names and arguments. +</taglist> + +In the future other builtin services may be defined which do more than +just print information. + +<tag/<tt/set-environment// +<tag/<tt/no-set-environment// +<item> +Runs <tt>/etc/environment</> to set the service user's environment. +This adds the overhead of invoking a shell, but doesn't cause any +shell (de)mangling of the service's arguments. This is achieved by +invoking +<example> +.../program arg arg arg ... +</example> +as +<example> +/bin/sh -c '. /etc/environment; exec "$@"' - .../program arg arg arg ... +</example> +<prgn/no-set-environment/ cancels the effect of +<prgn/set-environment/. + +<tag/<tt/no-suppress-args// +<tag/<tt/suppress-args// +<item> +Include any arguments given to the client as arguments to the program +invoked as a result of an <prgn/execute/, +<prgn/execute-from-directory/ or <prgn/execute-from-path/ directive. +<prgn/suppress-args/ undoes the effect of <prgn/no-suppress-args/. + +<tag/<tt/require-fd <var/fd-range/ read|write// +<item> +Insist that the filedescriptor(s) be opened for reading resp. writing. +It is an error if any descriptor marked as required when the service +is about to be invoked (after the configuration has been parsed) was +not specified when the client was invoked. Each file descriptor has a +separate setting, and the last one of <prgn/require-fd/, +<prgn/allow-fd/, <prgn/ignore-fd/, <prgn/null-fd/ or <prgn/reject-fd/ +which affected a particular file descriptor will take effect. + + +<var/fd-range/ may be a single number, two numbers separated by a +hyphen, or one number followed by a hyphen (indicating all descriptors +from that number onwards). It may also be one of the words +<tt/stdin/, <tt/stdout/ or <tt/stderr/. Open-ended file descriptor +rangers are allowed only with <prgn/reject-fd/ and <prgn/ignore-fd/, +as otherwise the service program would find itself with a very large +number of file descriptors open. + + +When the configuration has been parsed, and before the service is +about to be executed, stderr (fd 2) must be required or allowed +(<prgn/require-fd/ or <prgn/allow-fd/) for writing; this is so that +the error message printed by the server's child process if it cannot +<prgn/exec/ the service program is not lost. + +<tag/<tt/allow-fd <var/fd-range/ [read|write]// +<item> +Allow the descriptor(s) to be opened for reading resp. writing, or +either if neither <tt/read/ nor <tt/write/ is specified. If a +particular descriptor not specified by the client then it will be open +onto <tt>/dev/null</> (for reading, writing, or both, depending on +whether <tt/read/, <tt/write/ or neither was specified). + +<tag/<tt/null-fd <var/fd-range/ [read|write]// +<item> +Specify that the descriptor(s) be opened onto <prgn>/dev/null</> for +reading resp. writing, or both if neither <tt/read/ nor <tt/write/ +is specified. Any specification of these file descriptors by the +client will be silently ignored; the client will see its ends of the +descriptors being closed immediately. + +<tag/<tt/reject-fd <var/fd-range/// +<item> +Do not allow the descriptor(s) to be specified by the client. It is +an error if any descriptor(s) marked for rejection are specified when +the service is about to be invoked (after the configuration has been +parsed). + +<tag/<tt/ignore-fd <var/fd-range/// +<item> +Silently ignore any specification by the client of those +descriptor(s). The pipes corresponding to these descriptors will be +closed just before the service is invoked. + +<tag/<tt/disconnect-hup// +<tag/<tt/no-disconnect-hup// +<item> +Causes the service's process group to get a <prgn/SIGHUP/ if the +client disconnects before the main service process terminates. +<prgn/no-disconnect-hup/ cancels <prgn/disconnect-hup/. + + +If one of the reading descriptors specified when the client is called +gets a read error, or if the service is disconnected for some other +reason, then the <prgn/SIGHUP/ will be delivered <em/before/ the +writing end(s) of the service's reading pipe(s) are closed, so that +the client can distinguish disconnection from reading EOF on a pipe. + +<tag/<tt/reset// +<item> +Resets the execution settings to the default. This is equivalent to: +<example> +cd ~/ +reject +no-set-environment +suppress-args +allow-fd 0 read +allow-fd 1-2 write +reject-fd 3- +disconnect-hup +</example> + +</taglist> + +If no <prgn/execute/, <prgn/execute-from-path/, +<prgn/execute-from-directory/ or <prgn/builtin/ is interpreted before +all the files are read then the request is rejected. + + +<sect id="configerrors">Errors in the configuration file + + +If a syntax error or other problem occurs when processing a +configuration file then a diagnostic will be issued, to wherever the +error messages are currently being sent (see the <prgn/errors-/ family +of directives, above). + + +The error will cause processing of the configuration files to cease at +that point, unless the error was inside a <prgn/catch-quit/ construct. +In this case the settings controlling the program's execution will be +reset to the defaults as if a <prgn/reset/ directive had been issued, +and parsing continues after <prgn/hctac/. + + +<sect id="defaults">Defaults + + +The default configuration processing is as if the daemon were parsing +an overall configuration file whose contents were as follows: + +<example> +reset +user-rcfile ~/.userv/rc +errors-to-stderr +include /etc/userv/system.default +if grep service-user-shell /etc/shells + errors-push + catch-quit + include-ifexist <var/file specified by most recent user-rcfile directive/ + hctac + srorre +fi +include /etc/userv/system.override +quit +</example> + + +If one of the <prgn/--override/ options to the client is used then it +will instead be as if the daemon were parsing an overall configuration +as follows: + +<example> +reset +errors-to-stderr +include <var/file containing configuration data sent by client/ +quit +</example> + + +<chapt id="ipass">Information passed through the client/daemon combination + + +The information described below is the only information which passes +between the caller and the service. + +<list> +<item> +The service name supplied by the caller is available in the +configuration language for deciding whether and which service program +to invoke, in the <prgn/service/ parameter, and is used by the +<prgn/execute-from-directory/ and <prgn/execute-from-path/ +configuration directives. It is usually used to select which service +program to invoke. It is also passed to the service program in the +<prgn/USERV_SERVICE/ environment variable. + +<item> +File descriptors specified by the client and allowed according to the +configuration language will be connected. Each file descriptor is +opened for reading or writing. Communication is via pipes, one end of +each pipe being open on the appropriate file descriptor in the service +program (when it is invoked) and the other end being held by the +client process, which will read and write files it opens on behalf of +its caller or file descriptors it is passed by its caller. + + +Data may be passed into the service through reading pipes and out of +it through writing pipes. These pipes can remain open only until the +service and client have terminated, or can be made to stay open after +the client has terminated and (if the service program forks) the main +service process has exited; the behaviour is controlled by options +passed to the client by its caller. + + +The caller can arrange that a writing pipe be connected to a pipe or +similar object and cause attempts to write to that descriptor by the +service to generate a <prgn/SIGPIPE/ (or <prgn/EPIPE/ if +<prgn/SIGPIPE/ is caught or ignored) in the service. + + +Likewise, the service can close filedescriptors specified for reading, +which will cause the corresponding filedescriptors passed by the +caller to be closed, so that if these are pipes processes which write +to them will receive <prgn/SIGPIPE/ or <prgn/EPIPE/. + +<item> +If <prgn/no-suppress-args/ is set then arguments passed to the client +by its caller will be passed on, verbatim, to the service. + +<item> +Fatal signals and system call failures experienced by the client will +result in the disconnection of the service from the client and +possibly some of the communication file descriptors described above; +if <prgn/disconnect-hup/ is set then the service will also be sent a +<prgn/SIGHUP/. + +<item> +The value of the <prgn/LOGNAME/ (or <prgn/USER/) environment variable +as passed to the client will be used as the login name of the calling +user if the uid of the calling process matches the uid corresponding +to that login name. Otherwise the calling uid's password entry will +be used to determine the calling user's login name. + + +This login name and the calling uid are available in the configuration +language in the <prgn/calling-user/ parameter and are passed to the +service program in environment variables <prgn/USERV_USER/ and +<prgn/USERV_UID/. + + +The shell corresponding to that login name (according to the password +entry) is available as in the configuration language's +<prgn/calling-user-shell/ parameter. + + +If no relevant password entry can be found then no service will be +invoked. + +<item> +The numeric values and textual names for calling gid and supplementary +group list are available in the configuration language in the +<prgn/calling-group/ parameter and are passed to the service in +environment variables. + + +If no name can be found for a numeric group to which the calling +process belongs then no service will be invoked. + +<item> +The name of the current working directory in which the client was +invoked is passed, if available and not hidden using <prgn/--hidecwd/, +to the service program in the <prgn/USERV_CWD/ variable. This grants no +special access to that directory unless it is a subdirectory of a +directory which is executable (searchable) but not readable by the +service user. + +<item> +Settings specified by the caller using the <tt/--defvar +<var/name/=<var/value// option to the client are available in the +configuration language as the corresponding <tt/u-<var/name// +parameters and are passed to the service program in environment +variables <tt/USERV_U_<var/name//. + +<item> +If the calling user is root or the same as the service user then +options may be given to the client which bypass the usual security +features; in this case other information may pass between the caller +and the service. + +</list> + +<chapt id="notes">Applications and notes on use + + +<sect id="standards">Standard services and directory management + + +In later versions of this specification standard service names and +interfaces for common services such as mail delivery and WWW CGI +scripts will be specified. + + +<prgn/userv/-using applications and system services which hide +<prgn/userv/ behind wrapper scripts may need to store information in +the user's filespace to preserve the correct placement of the security +perimiters. Such applications should usually do so in a directory +(created by them) <tt>~/.userv/.servdata/<var/service/</>, where +<var/service/ is the service name or application in question. + + +The use of a dot-directory inside <tt>~/.userv</> will hopefully avoid +the user becoming confused by finding parts of a semi-privileged +application's internal state in their filespace, and or discourage +them from fiddling with and thus corrupting it. (Note that such +applications should of course not rely for their global integrity on +the integrity of the data on the user's side of the security +boundary.) + +<sect id="reducepriv">Reducing the number of absolutely privileged subsystems + + +Currently most Unix systems have many components which need to run as +root, even though most of their activity does not strictly require +it. This gives rise to a large and complex body of code which must be +trusted with the security of the system. + + +Using <prgn/userv/ many of these subsystems no longer need any unusual +privilege. + + +<prgn/cron/ and <prgn/at/, <prgn/lpr/ and the system's mail transfer +agent (<prgn/sendmail/, <prgn/smail/, <prgn/exim/ or the like) all +fall into this category. + +<sect id="noexcess">Do not give away excessive privilege to <prgn/userv/-using facilities + + +There is a danger that people reimplementing the facilities I mention +above using <prgn/userv/ will discard much of the security benefit by +using a naive implementation technique. This will become clearer with +an example: + + +Consider the <prgn/lpr/ program. In current systems this needs to +have an absolutely privileged component in order to support delayed +printing without copying: when the user queues a file to be printed +the filename is stored in the print queue, rather than a copy of it, +and the printer daemon accesses the file directly when it is ready to +print the job. In order that the user can print files which are not +world-readable the daemon is given root privilege so that it can open +the file in the context of the user, rather than its own. + + +A simple-minded approach to converting this scheme to use <prgn/userv/ +might involve giving the printer daemon (the <prgn/lp/ user) the +ability to read the file by allowing them to run <prgn/cat/ (or a +special-purpose file-reading program) as any user. The <prgn/lpr/ +program would use a <prgn/userv/ service to store the filename in the +printer daemon's queues, and the daemon would read the file later when +it felt like it. + + +However, this would allow the printer daemon to read any file on the +system, whether or not someone had asked for it to be printed. Since +many files will contain passwords and other security-critical +information this is nearly as bad as giving the daemon root access in +the first place. Any security holes in the print server which allow a +user to execute commands as the <prgn/lp/ user will give the user the +ability to read any file on the system. + + +Instead, it is necessary to keep a record of which files the daemon +has been asked to print <em/outside/ the control of the print daemon. +This record could be kept by a new root-privileged component, but this +is not necessary: the record of which files a user has asked to be +printed can be kept under the control of the user in question. The +submission program <prgn/lpr/ will make a record in an area under the +user's control before communicating with the print server, and the +print server would be given the ability to run a special file-reading +program which would only allow files to be read which were listed in +the user's file of things they'd asked to print. + + +Now security holes in most of the printing system do not critically +affect the security of the entire system: they only allow the attacker +to read and interfere with print jobs. Bugs in the programs run by the +print server to read users' files (and to remove entries from the list +of files when it has done with them) will still be serious, but this +program can be quite simple. + + +Similar considerations apply to many <prgn/userv/-based versions of +facilities which currently run as root. + + +It is debatable whether the user-controlled state should be kept in +the user's filespace (in dotfiles, say) or kept in a separate area set +aside for the purpose; however, using the user's home directory (and +probably creating a separate subdirectory of it as a dotfile to +contain many subsystems' state) has fewer implications for the rest of +the system and makes it entirely clear where the security boundaries +lie. + +<sect id="notreally"><prgn/userv/ is not a replacement for <prgn/really/ and <prgn/sudo/ + + +<prgn/userv/ is not intended as a general-purpose system +administration tool with which system administrators can execute +privileged programs when they need to. It is unsuitable for this +purpose precisely because it enforces a strong separation between the +calling and the called program, which is undesirable in this context. + + +Its facilities for restricting activities to running certain programs +may at first glance seem to provide similar functionality to +<prgn/sudo/<footnote><prgn/sudo/ is a program which allows users to +execute certain programs as root, according to configuration files +specified by the system administrator.</footnote>. However, the +separation mentioned above is a problem here too, particular for +interaction - it can be hard for a <prgn/userv/ service program to +interact with its real caller or the user in question. + +<sect id="nogeneral">Don't give access to general-purpose utilities + + +Do not specify general purpose programs like <prgn/mv/ or <prgn/cat/ +in <prgn/execute-/ directives without careful thought about their +arguments, and certainly not if <prgn/no-suppress-args/ is specified. +If you do so it will give the caller much more privilige than you +probably intend. + + +It is a shame that I have to say this here, but inexperienced +administrators have made similar mistakes with programs like +<prgn/sudo/. + +</book> diff --git a/tokens.h b/tokens.h new file mode 100644 index 0000000..de555fe --- /dev/null +++ b/tokens.h @@ -0,0 +1,263 @@ +/* + * Copyright (C)1996-1997,1999 Ian Jackson + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with userv; if not, write to the Free Software + * Foundation, 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + */ + + + + + + +#ifndef TOKENS_H +#define TOKENS_H + +enum tokens { + tokm_instance= 0x000000ff, + tokm_repres= 0x00000f00, + tokm_type= 0xfffff000, + tokr_nonstring= 0x00000100, + tokr_word= 0x00000200, + tokr_punct= 0x00000300, + tokr_string= 0x00000400, + tokt_directive= 0x00001000, + tokt_controlstart= 0x00002000, + tokt_controlend= 0x00004000, + tokt_exception= 0x00008000, + tokt_parmcondition= 0x00010000, + tokt_condop= 0x00020000, + tokt_parameter= 0x00040000, + tokt_number= 0x00080000, + tokt_fdrange= 0x00100000, + tokt_logfacility= 0x00200000, + tokt_loglevel= 0x00400000, + tokt_readwrite= 0x00800000, + tokt_string= 0x01000000, + tokt_execmode= 0x02000000, + tokt_ehandlemode= 0x04000000, + tokt_builtinservice= 0x08000000, + tokt_misc= 0x10000000, + tokt_internal= 0x20000000, + + toki_word_reject= 0x00000001, + toki_word_executefromdirectory= 0x00000002, + toki_word_executefrompath= 0x00000003, + toki_word_executebuiltin= 0x00000004, + toki_word_errorstostderr= 0x00000005, + toki_word_errorstosyslog= 0x00000006, + toki_word_errorstofile= 0x00000007, + toki_word_requirefd= 0x00000008, + toki_word_allowfd= 0x00000009, + toki_word_nullfd= 0x0000000a, + toki_word_rejectfd= 0x0000000b, + toki_word_ignorefd= 0x0000000c, + toki_word_setenvironment= 0x0000000d, + toki_word_nosetenvironment= 0x0000000e, + toki_word_suppressargs= 0x0000000f, + toki_word_nosuppressargs= 0x00000010, + toki_word_disconnecthup= 0x00000011, + toki_word_nodisconnecthup= 0x00000012, + toki_word_cd= 0x00000013, + toki_word_userrcfile= 0x00000014, + toki_word_include= 0x00000015, + toki_word_includeifexist= 0x00000016, + toki_word_includelookup= 0x00000017, + toki_word_includelookupall= 0x00000018, + toki_word_includedirectory= 0x00000019, + toki_word_message= 0x0000001a, + toki_word_includesysconfig= 0x0000001b, + toki_word_includeuserrcfile= 0x0000001c, + toki_word_includeclientconfig= 0x0000001d, + toki_word_quit= 0x0000001e, + toki_word_eof= 0x0000001f, + toki_word_if= 0x00000020, + toki_word_catchquit= 0x00000021, + toki_word_errorspush= 0x00000022, + toki_word_elif= 0x00000023, + toki_word_else= 0x00000024, + toki_word_fi= 0x00000025, + toki_word_hctac= 0x00000026, + toki_word_srorre= 0x00000027, + toki_word_glob= 0x00000028, + toki_word_range= 0x00000029, + toki_word_grep= 0x0000002a, + toki_word_environment= 0x0000002b, + toki_word_parameter= 0x0000002c, + toki_word_version= 0x0000002d, + toki_word_toplevel= 0x0000002e, + toki_word_override= 0x0000002f, + toki_word_reset= 0x00000030, + toki_word_execute= 0x00000031, + toki_word_help= 0x00000032, + toki_word_service= 0x00000033, + toki_word_callinguser= 0x00000034, + toki_word_callinggroup= 0x00000035, + toki_word_callingusershell= 0x00000036, + toki_word_serviceuser= 0x00000037, + toki_word_servicegroup= 0x00000038, + toki_word_serviceusershell= 0x00000039, + toki_syslog_debug= 0x0000003a, + toki_syslog_info= 0x0000003b, + toki_syslog_notice= 0x0000003c, + toki_syslog_warning= 0x0000003d, + toki_syslog_err= 0x0000003e, + toki_syslog_crit= 0x0000003f, + toki_syslog_alert= 0x00000040, + toki_syslog_emerg= 0x00000041, + toki_syslog_authpriv= 0x00000042, + toki_syslog_cron= 0x00000043, + toki_syslog_daemon= 0x00000044, + toki_syslog_kern= 0x00000045, + toki_syslog_lpr= 0x00000046, + toki_syslog_mail= 0x00000047, + toki_syslog_news= 0x00000048, + toki_syslog_syslog= 0x00000049, + toki_syslog_user= 0x0000004a, + toki_syslog_uucp= 0x0000004b, + toki_syslog_local0= 0x0000004c, + toki_syslog_local1= 0x0000004d, + toki_syslog_local2= 0x0000004e, + toki_syslog_local3= 0x0000004f, + toki_syslog_local4= 0x00000050, + toki_syslog_local5= 0x00000051, + toki_syslog_local6= 0x00000052, + toki_syslog_local7= 0x00000053, + toki_word_read= 0x00000054, + toki_word_write= 0x00000055, + toki_ordinal= 0x00000056, + toki_fdrange= 0x00000057, + toki_fdstoend= 0x00000058, + toki_dollar= 0x00000059, + toki_lwsp= 0x0000005a, + toki_newline= 0x0000005b, + toki_barestring= 0x0000005c, + toki_quotedstring= 0x0000005d, + toki_eof= 0x0000005e, + toki_quit= 0x0000005f, + toki_error= 0x00000060, + toki_openparen= 0x00000061, + toki_closeparen= 0x00000062, + toki_not= 0x00000063, + toki_and= 0x00000064, + toki_or= 0x00000065, + toki_word_error= 0x00000066, + + tokv_word_reject= tokt_directive|tokt_execmode|tokr_word|toki_word_reject, + tokv_word_executefromdirectory=tokt_directive|tokt_execmode|tokr_word|toki_word_executefromdirectory, + tokv_word_executefrompath= tokt_directive|tokt_execmode|tokr_word|toki_word_executefrompath, + tokv_word_executebuiltin= tokt_directive|tokt_execmode|tokr_word|toki_word_executebuiltin, + tokv_word_errorstostderr= tokt_directive|tokt_ehandlemode|tokr_word|toki_word_errorstostderr, + tokv_word_errorstosyslog= tokt_directive|tokt_ehandlemode|tokr_word|toki_word_errorstosyslog, + tokv_word_errorstofile= tokt_directive|tokt_ehandlemode|tokr_word|toki_word_errorstofile, + tokv_word_requirefd= tokt_directive|tokr_word|toki_word_requirefd, + tokv_word_allowfd= tokt_directive|tokr_word|toki_word_allowfd, + tokv_word_nullfd= tokt_directive|tokr_word|toki_word_nullfd, + tokv_word_rejectfd= tokt_directive|tokr_word|toki_word_rejectfd, + tokv_word_ignorefd= tokt_directive|tokr_word|toki_word_ignorefd, + tokv_word_setenvironment= tokt_directive|tokr_word|toki_word_setenvironment, + tokv_word_nosetenvironment= tokt_directive|tokr_word|toki_word_nosetenvironment, + tokv_word_suppressargs= tokt_directive|tokr_word|toki_word_suppressargs, + tokv_word_nosuppressargs= tokt_directive|tokr_word|toki_word_nosuppressargs, + tokv_word_disconnecthup= tokt_directive|tokr_word|toki_word_disconnecthup, + tokv_word_nodisconnecthup= tokt_directive|tokr_word|toki_word_nodisconnecthup, + tokv_word_cd= tokt_directive|tokr_word|toki_word_cd, + tokv_word_userrcfile= tokt_directive|tokr_word|toki_word_userrcfile, + tokv_word_include= tokt_directive|tokr_word|toki_word_include, + tokv_word_includeifexist= tokt_directive|tokr_word|toki_word_includeifexist, + tokv_word_includelookup= tokt_directive|tokr_word|toki_word_includelookup, + tokv_word_includelookupall= tokt_directive|tokr_word|toki_word_includelookupall, + tokv_word_includedirectory= tokt_directive|tokr_word|toki_word_includedirectory, + tokv_word_message= tokt_directive|tokr_word|toki_word_message, + tokv_word_includesysconfig= tokt_directive|tokt_internal|tokr_word|toki_word_includesysconfig, + tokv_word_includeuserrcfile= tokt_directive|tokt_internal|tokr_word|toki_word_includeuserrcfile, + tokv_word_includeclientconfig=tokt_directive|tokt_internal|tokr_word|toki_word_includeclientconfig, + tokv_word_quit= tokt_directive|tokr_word|toki_word_quit, + tokv_word_eof= tokt_directive|tokr_word|toki_word_eof, + tokv_word_if= tokt_directive|tokt_controlstart|tokr_word|toki_word_if, + tokv_word_catchquit= tokt_directive|tokt_controlstart|tokr_word|toki_word_catchquit, + tokv_word_errorspush= tokt_directive|tokt_controlstart|tokr_word|toki_word_errorspush, + tokv_word_elif= tokt_controlend|tokt_controlstart|tokr_word|toki_word_elif, + tokv_word_else= tokt_controlend|tokt_controlstart|tokr_word|toki_word_else, + tokv_word_fi= tokt_controlend|tokr_word|toki_word_fi, + tokv_word_hctac= tokt_controlend|tokr_word|toki_word_hctac, + tokv_word_srorre= tokt_controlend|tokr_word|toki_word_srorre, + tokv_word_glob= tokt_parmcondition|tokr_word|toki_word_glob, + tokv_word_range= tokt_parmcondition|tokr_word|toki_word_range, + tokv_word_grep= tokt_parmcondition|tokr_word|toki_word_grep, + tokv_word_environment= tokt_builtinservice|tokr_word|toki_word_environment, + tokv_word_parameter= tokt_builtinservice|tokr_word|toki_word_parameter, + tokv_word_version= tokt_builtinservice|tokr_word|toki_word_version, + tokv_word_toplevel= tokt_builtinservice|tokr_word|toki_word_toplevel, + tokv_word_override= tokt_builtinservice|tokr_word|toki_word_override, + tokv_word_reset= tokt_builtinservice|tokt_directive|tokr_word|toki_word_reset, + tokv_word_execute= tokt_builtinservice|tokt_directive|tokt_execmode|tokr_word|toki_word_execute, + tokv_word_help= tokt_builtinservice|tokr_word|toki_word_help, + tokv_word_service= tokt_parameter|tokr_word|toki_word_service, + tokv_word_callinguser= tokt_parameter|tokr_word|toki_word_callinguser, + tokv_word_callinggroup= tokt_parameter|tokr_word|toki_word_callinggroup, + tokv_word_callingusershell= tokt_parameter|tokr_word|toki_word_callingusershell, + tokv_word_serviceuser= tokt_parameter|tokr_word|toki_word_serviceuser, + tokv_word_servicegroup= tokt_parameter|tokr_word|toki_word_servicegroup, + tokv_word_serviceusershell= tokt_parameter|tokr_word|toki_word_serviceusershell, + tokv_syslog_debug= tokt_loglevel|tokr_word|toki_syslog_debug, + tokv_syslog_info= tokt_loglevel|tokr_word|toki_syslog_info, + tokv_syslog_notice= tokt_loglevel|tokr_word|toki_syslog_notice, + tokv_syslog_warning= tokt_loglevel|tokr_word|toki_syslog_warning, + tokv_syslog_err= tokt_loglevel|tokr_word|toki_syslog_err, + tokv_syslog_crit= tokt_loglevel|tokr_word|toki_syslog_crit, + tokv_syslog_alert= tokt_loglevel|tokr_word|toki_syslog_alert, + tokv_syslog_emerg= tokt_loglevel|tokr_word|toki_syslog_emerg, + tokv_syslog_authpriv= tokt_logfacility|tokr_word|toki_syslog_authpriv, + tokv_syslog_cron= tokt_logfacility|tokr_word|toki_syslog_cron, + tokv_syslog_daemon= tokt_logfacility|tokr_word|toki_syslog_daemon, + tokv_syslog_kern= tokt_logfacility|tokr_word|toki_syslog_kern, + tokv_syslog_lpr= tokt_logfacility|tokr_word|toki_syslog_lpr, + tokv_syslog_mail= tokt_logfacility|tokr_word|toki_syslog_mail, + tokv_syslog_news= tokt_logfacility|tokr_word|toki_syslog_news, + tokv_syslog_syslog= tokt_logfacility|tokr_word|toki_syslog_syslog, + tokv_syslog_user= tokt_logfacility|tokr_word|toki_syslog_user, + tokv_syslog_uucp= tokt_logfacility|tokr_word|toki_syslog_uucp, + tokv_syslog_local0= tokt_logfacility|tokr_word|toki_syslog_local0, + tokv_syslog_local1= tokt_logfacility|tokr_word|toki_syslog_local1, + tokv_syslog_local2= tokt_logfacility|tokr_word|toki_syslog_local2, + tokv_syslog_local3= tokt_logfacility|tokr_word|toki_syslog_local3, + tokv_syslog_local4= tokt_logfacility|tokr_word|toki_syslog_local4, + tokv_syslog_local5= tokt_logfacility|tokr_word|toki_syslog_local5, + tokv_syslog_local6= tokt_logfacility|tokr_word|toki_syslog_local6, + tokv_syslog_local7= tokt_logfacility|tokr_word|toki_syslog_local7, + tokv_word_read= tokt_readwrite|tokr_word|toki_word_read, + tokv_word_write= tokt_readwrite|tokr_word|toki_word_write, + tokv_ordinal= tokt_number|tokt_fdrange|tokr_word|toki_ordinal, + tokv_fdrange= tokt_fdrange|tokr_punct|toki_fdrange, + tokv_fdstoend= tokt_fdrange|tokr_punct|toki_fdstoend, + tokv_dollar= tokt_misc|tokr_punct|toki_dollar, + tokv_lwsp= tokt_misc|tokr_nonstring|toki_lwsp, + tokv_newline= tokt_misc|tokr_nonstring|toki_newline, + tokv_barestring= tokt_string|tokr_string|toki_barestring, + tokv_quotedstring= tokt_string|tokr_string|toki_quotedstring, + tokv_eof= tokt_exception|tokr_nonstring|toki_eof, + tokv_quit= tokt_exception|tokr_nonstring|toki_quit, + tokv_error= tokt_exception|tokr_nonstring|toki_error, + tokv_openparen= tokt_condop|tokr_punct|toki_openparen, + tokv_closeparen= tokt_condop|tokr_punct|toki_closeparen, + tokv_not= tokt_condop|tokr_punct|toki_not, + tokv_and= tokt_condop|tokr_punct|toki_and, + tokv_or= tokt_condop|tokr_punct|toki_or, + tokv_word_error= tokt_directive|tokt_loglevel|tokr_word|toki_word_error, + +}; + +#endif + -- 2.30.2

+User service daemon and client specification - chapter 2 +Client program usage + +

+User service daemon and client specification - chapter 4 +Service-side configuration +

+User service daemon and client specification - chapter 3 +Execution environment of the service program +

+User service daemon and client specification - chapter 1 +Introduction +

+User service daemon and client specification - chapter 5 +Information passed through the client/daemon combination +

+User service daemon and client specification - chapter 6 +Applications and notes on use +

User service daemon and client specification - footnotes

User service daemon and client specification

+User service daemon and client specification - chapter 2
+Client program usage + +

+User service daemon and client specification - chapter 4
+Service-side configuration +

+User service daemon and client specification - chapter 3
+Execution environment of the service program +

+User service daemon and client specification - chapter 1
+Introduction +

+User service daemon and client specification - chapter 5
+Information passed through the client/daemon combination +

+User service daemon and client specification - chapter 6
+Applications and notes on use +