From e9be60c490674ee7590f8a241a51e6b8317b894c Mon Sep 17 00:00:00 2001 From: ian Date: Mon, 6 Mar 2000 18:14:46 +0000 Subject: [PATCH] @@ -1,8 +1,10 @@ userv (1.0.0) unstable; urgency=low - * Released out of beta (version number increased). + * Manpage userv(1) from Ben Harris. (Debian bug #33777.) + * Released out of beta (version number change). + * Added a couple of things to .cvsignore. - -- Ian Jackson Mon, 6 Mar 2000 17:13:13 +0000 + -- Ian Jackson Mon, 6 Mar 2000 18:13:49 +0000 userv (0.95.0) unstable; urgency=low --- .cvsignore | 1 + INSTALL | 4 +- Makefile.in | 14 +- README | 4 +- debian/.cvsignore | 3 + debian/changelog | 6 +- debian/copyright | 3 +- debian/rules | 11 +- servexec.c | 2 +- spec.html/ch-client.html | 2 +- spec.html/ch-config.html | 2 +- spec.html/ch-envir.html | 2 +- spec.html/ch-intro.html | 2 +- spec.html/ch-ipass.html | 2 +- spec.html/ch-notes.html | 2 +- spec.html/footnotes.html | 2 +- spec.html/index.html | 2 +- spec.ps | 152 ++++++------- spec.sgml | 2 +- userv.1 | 463 +++++++++++++++++++++++++++++++++++++++ 20 files changed, 581 insertions(+), 100 deletions(-) create mode 100644 debian/.cvsignore create mode 100644 userv.1 diff --git a/.cvsignore b/.cvsignore index f7324d1..e363f66 100644 --- a/.cvsignore +++ b/.cvsignore @@ -24,3 +24,4 @@ slash-etc shipcheck userv-*.tar.gz +build diff --git a/INSTALL b/INSTALL index 1399ae8..681b61d 100644 --- a/INSTALL +++ b/INSTALL @@ -231,7 +231,9 @@ COPYRIGHT This file, INSTALL, contains installation instructions and other details for userv. -userv is Copyright (C)1996-9 Ian Jackson . +userv is +Copyright (C)1996-2000 Ian Jackson . +Copyright (C)2000 Ben Harris userv is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free diff --git a/Makefile.in b/Makefile.in index eb16251..0b430e8 100644 --- a/Makefile.in +++ b/Makefile.in @@ -39,6 +39,8 @@ INSTALL_DATA=@INSTALL_DATA@ $(INSTALL_FLAGS) prefix=@prefix@ exec_prefix=$(prefix) bindir=$(exec_prefix)/bin +mandir=$(prefix)/man +man1dir=$(mandir)/man1 sbindir=$(exec_prefix)/sbin etcdir=/etc etcsubdir=$(etcdir)/userv @@ -46,7 +48,9 @@ docdir=$(prefix)/userv TARGETS= daemon client TARGETS_DOC_PS= spec.ps overview.ps -TARGETS_DOC= spec.html $(TARGETS_DOC_PS) +TARGETS_DOC_RM= $(TARGETS_DOC_PS) spec.html +TARGETS_DOC= $(TARGETS_DOC_PS) spec.html/index.html +MAN1PAGES= userv.1 SOURCES= Makefile.in configure.in acconfig.h \ client.c common.h \ @@ -79,14 +83,16 @@ install-strip: install-doc: $(TARGETS_DOC) $(INSTALL) -d -m 2755 $(docdir) $(docdir)/spec.html + $(INSTALL) -d -m 2755 $(mandir) $(man1dir) $(INSTALL_DATA) -m 644 $(TARGETS_DOC_PS) $(docdir)/. $(INSTALL_DATA) -m 644 spec.html/*.html $(docdir)/spec.html/. + $(INSTALL_DATA) -m 644 $(MAN1PAGES) $(man1dir) uninstall: rm -f $(bindir)/userv $(sbindir)/uservd uninstall-doc: - cd $docdir && rm -rf $(TARGETS_DOC) + cd $docdir && rm -rf $(TARGETS_DOC_RM) daemon: overlord.o process.o servexec.o parserlexer.o debug.o lib.o both.o $(CC) $(LDFLAGS) -o $@ $^ $(LDLIBS) @@ -168,8 +174,8 @@ dist: dist-prep distclean linecount: $(SOURCES) wc -l $^ -%.html: %.sgml - debiandoc2html $< +%.html/index.html: %.sgml + debiandoc2html $< %.ps: %.sgml debiandoc2ps -1 -O $< >$@.new && mv $@.new $@ diff --git a/README b/README index 55fe762..3b6a57d 100644 --- a/README +++ b/README @@ -21,7 +21,9 @@ userv-maint@chiark.greenend.org.uk, or to the userv-discuss mailing list if you are subscribed to it. -userv is Copyright (C)1996-9 Ian Jackson . +userv is +Copyright (C)1996-2000 Ian Jackson . +Copyright (C)2000 Ben Harris userv is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free diff --git a/debian/.cvsignore b/debian/.cvsignore new file mode 100644 index 0000000..19fbb51 --- /dev/null +++ b/debian/.cvsignore @@ -0,0 +1,3 @@ +tmp +substvars +files diff --git a/debian/changelog b/debian/changelog index 55c7216..db776d2 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,8 +1,10 @@ userv (1.0.0) unstable; urgency=low - * Released out of beta (version number increased). + * Manpage userv(1) from Ben Harris. (Debian bug #33777.) + * Released out of beta (version number change). + * Added a couple of things to .cvsignore. - -- Ian Jackson Mon, 6 Mar 2000 17:13:13 +0000 + -- Ian Jackson Mon, 6 Mar 2000 18:13:49 +0000 userv (0.95.0) unstable; urgency=low diff --git a/debian/copyright b/debian/copyright index e0c6649..f2265a2 100644 --- a/debian/copyright +++ b/debian/copyright @@ -12,7 +12,8 @@ scheme, by adding various debian/* files and arranging for the uservd daemon to be started automatically. -Copyright (C)1996-1999 Ian Jackson . +Copyright (C)1996-2000 Ian Jackson . +Copyright (C)2000 Ben Harris . userv is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free diff --git a/debian/rules b/debian/rules index f58644d..569161e 100755 --- a/debian/rules +++ b/debian/rules @@ -5,8 +5,7 @@ package=userv build: $(checkdir) ./configure --prefix=/usr - $(MAKE) - $(MAKE) spec.html + $(MAKE) all docs touch build clean: @@ -33,14 +32,16 @@ binary-arch: checkroot build chmod +x debian/tmp/DEBIAN/{postinst,prerm,postrm} chmod +x debian/tmp/etc/init.d/userv $(MAKE) LDFLAGS=-s INSTALL_PROGRAM='install -c -s' \ - prefix=debian/tmp/usr etcdir=debian/tmp/etc install + prefix=debian/tmp/usr etcdir=debian/tmp/etc \ + docdir=debian/tmp/usr/doc/userv \ + install install-doc cp debian/copyright debian/tmp/usr/doc/$(package)/. cp debian/changelog debian/tmp/usr/doc/$(package)/changelog cp README debian/tmp/usr/doc/$(package)/README.upstream cp system.default system.override debian/tmp/usr/doc/$(package)/examples - gzip -9v debian/tmp/usr/doc/$(package)/changelog ln -s changelog.gz debian/tmp/usr/doc/$(package)/changelog.Debian.gz - cp -a spec.html debian/tmp/usr/doc/$(package)/ + gzip -9v debian/tmp/usr/doc/$(package)/changelog debian/tmp/usr/man/man1/*.1 + rm debian/tmp/usr/doc/userv/*.ps dpkg-shlibdeps daemon client dpkg-gencontrol chown -R root.root debian/tmp diff --git a/servexec.c b/servexec.c index ad877f4..82b89e5 100644 --- a/servexec.c +++ b/servexec.c @@ -71,7 +71,7 @@ void bisexec_version(const char *const *argv) { const unsigned char *p; int i; - printf("uservd version " VERSION VEREXT "; copyright (C)1996-1997 Ian Jackson.\n" + printf("uservd version " VERSION VEREXT "; copyright (C)1996-2000 Ian Jackson.\n" #ifdef DEBUG "DEBUGGING VERSION" #else diff --git a/spec.html/ch-client.html b/spec.html/ch-client.html index 6cee73e..7ec4c71 100644 --- a/spec.html/ch-client.html +++ b/spec.html/ch-client.html @@ -315,7 +315,7 @@ user will be the real calling user. User service daemon and client specification
-0.95.0
+1.0.0
Ian Jackson ian@davenant.greenend.org.uk
diff --git a/spec.html/ch-config.html b/spec.html/ch-config.html index b14959f..4e8da1e 100644 --- a/spec.html/ch-config.html +++ b/spec.html/ch-config.html @@ -586,7 +586,7 @@ quit User service daemon and client specification
-0.95.0
+1.0.0
Ian Jackson ian@davenant.greenend.org.uk
diff --git a/spec.html/ch-envir.html b/spec.html/ch-envir.html index 53b8cd5..8920ac6 100644 --- a/spec.html/ch-envir.html +++ b/spec.html/ch-envir.html @@ -182,7 +182,7 @@ user). User service daemon and client specification
-0.95.0
+1.0.0
Ian Jackson ian@davenant.greenend.org.uk
diff --git a/spec.html/ch-intro.html b/spec.html/ch-intro.html index b3ef6c0..bcf44e4 100644 --- a/spec.html/ch-intro.html +++ b/spec.html/ch-intro.html @@ -58,7 +58,7 @@ each other in any unexpected ways. User service daemon and client specification
-0.95.0
+1.0.0
Ian Jackson ian@davenant.greenend.org.uk
diff --git a/spec.html/ch-ipass.html b/spec.html/ch-ipass.html index 1a527a8..8297319 100644 --- a/spec.html/ch-ipass.html +++ b/spec.html/ch-ipass.html @@ -134,7 +134,7 @@ and the service. User service daemon and client specification
-0.95.0
+1.0.0
Ian Jackson ian@davenant.greenend.org.uk
diff --git a/spec.html/ch-notes.html b/spec.html/ch-notes.html index d1a67bb..3954df5 100644 --- a/spec.html/ch-notes.html +++ b/spec.html/ch-notes.html @@ -215,7 +215,7 @@ administrators have made similar mistakes with programs like User service daemon and client specification
-0.95.0
+1.0.0
Ian Jackson ian@davenant.greenend.org.uk
diff --git a/spec.html/footnotes.html b/spec.html/footnotes.html index 5e9e8ce..2cb6cff 100644 --- a/spec.html/footnotes.html +++ b/spec.html/footnotes.html @@ -44,7 +44,7 @@ specified by the system administrator. User service daemon and client specification
-0.95.0
+1.0.0
Ian Jackson ian@davenant.greenend.org.uk
diff --git a/spec.html/index.html b/spec.html/index.html index 20321eb..007d2e6 100644 --- a/spec.html/index.html +++ b/spec.html/index.html @@ -101,7 +101,7 @@ Foundation, 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. User service daemon and client specification
-0.95.0
+1.0.0
Ian Jackson ian@davenant.greenend.org.uk
diff --git a/spec.ps b/spec.ps index b37092c..7f8ffe8 100644 --- a/spec.ps +++ b/spec.ps @@ -1,6 +1,6 @@ %!PS-Adobe-3.0 %%Creator: Basser Lout Version 3.10 (November 1996) -%%CreationDate: Tue Nov 9 23:32:19 1999 +%%CreationDate: Mon Mar 6 18:14:17 2000 %%DocumentData: Binary %%DocumentNeededResources: (atend) %%DocumentMedia: Plain 595 842 0 white () @@ -268,8 +268,8 @@ grestore 0.6953 1.0000 scale 200 fnt31 1031 -43()m grestore -240 fnt82 4235 12752(0.95.0)m -9066 609 0 609 240 240 60 0 11490 LoutGr2 +240 fnt82 4295 12755(1.0.0)m +9066 609 0 609 240 240 60 0 11495 LoutGr2 newpath 0 ysize 0.3 ft sub moveto xsize 0 rlineto 0 0.1 ft rlineto @@ -278,12 +278,12 @@ closepath fill grestore 320 fnt84 0 5(0.1.)m 628(Abstract)s grestore -0 11196(This)m 476(is)s +0 11201(This)m 476(is)s 686(a)s 852(speci\207cation)s 2117(for)s 2455(a)s 2621(Unix)s 3155(system)s 3879(f)s 2(acility)k 4606(to)s 4845(allo)s 6(w)k 5424(one)s 5826(program)s 6696(to)s 6935(in)s 9(v)k 4(ok)k 2(e)k -7628(another)s 8405(when)s 0 10956(only)m 480(limited)s 1214(trust)s -1698(e)s 3(xists)k 2290(between)s 3144(them.)s 9066 670 0 670 240 240 60 0 9932 LoutGr2 +7628(another)s 8405(when)s 0 10961(only)m 480(limited)s 1214(trust)s +1698(e)s 3(xists)k 2290(between)s 3144(them.)s 9066 670 0 670 240 240 60 0 9937 LoutGr2 newpath 0 ysize 0.3 ft sub moveto xsize 0 rlineto 0 0.1 ft rlineto @@ -294,53 +294,53 @@ grestore 0 66(0.2.)m 628(Copyright)s 2109(Notice)s grestore gsave -0 9692 translate +0 9697 translate 0.6953 1.0000 scale 240 fnt31 0 -52(userv)m grestore -560 9638(is)m 770(Cop)s 2(yright)k 1799(1996-1999)s 2889(Ian)s +560 9643(is)m 770(Cop)s 2(yright)k 1799(1996-1999)s 2889(Ian)s 3251(Jackson.)s gsave -0 9284 translate +0 9289 translate 0.6953 1.0000 scale 240 fnt31 0 -52(userv)m grestore -544 9230(is)m 737(free)s +544 9235(is)m 737(free)s 1146(softw)s 2(are;)k 2062(you)s 2460(can)s 2832(redistrib)s 4(ute)k 3955(it)s 4130(and/or)s 4784(modify)s 5512(it)s 5688(under)s 6276(the)s 6607(terms)s 7172(of)s 7426(the)s 7757(GNU)s -8315(General)s 0 8990(Public)m 659(License)s 1453(as)s 1698(published)s +8315(General)s 0 8995(Public)m 659(License)s 1453(as)s 1698(published)s 2682(by)s 2971(the)s 3314(Free)s 3789(Softw)s 2(are)k 4699(F)s 3(oundation;)k 5894(either)s 6492(v)s 3(ersion)k 7245(2)s 7414(of)s 7680(the)s 8023(License,)s 8867(or)s -0 8750(\(at)m 311(your)s 810(option\))s 1550(an)s 3(y)k -1947(later)s 2430(v)s 3(ersion.)k 0 8342(This)m 476(program)s +0 8755(\(at)m 311(your)s 810(option\))s 1550(an)s 3(y)k +1947(later)s 2430(v)s 3(ersion.)k 0 8347(This)m 476(program)s 1346(is)s 1556(distrib)s 4(uted)k 2632(in)s 2875(the)s 3223(hope)s 3745(that)s 4163(it)s 4355(will)s 4781(be)s -5063(useful,)s 5754(b)s 4(ut)k 240 fnt83 6116 8344(without)m -6898(any)s 7300(warr)s 3(anty)k 240 fnt82 8171 8342(;)m -8283(without)s 0 8101(e)m 6(v)k 3(en)k 500(the)s +5063(useful,)s 5754(b)s 4(ut)k 240 fnt83 6116 8349(without)m +6898(any)s 7300(warr)s 3(anty)k 240 fnt82 8171 8347(;)m +8283(without)s 0 8106(e)m 6(v)k 3(en)k 500(the)s 848(implied)s 1636(w)s 2(arranty)k 2537(of)s 240 fnt83 -2808 8103(mer)m 8(c)k 3(hantability)k 240 fnt82 4367 8101(or)m -240 fnt83 4626 8103(\207tness)m 5279(for)s 5623(a)s 5798(particular)s -6833(purpose)s 240 fnt82 7598 8101(.)m 7702(See)s 8103(the)s -8451(GNU)s 0 7861(General)m 811(Public)s 1475(License)s 2274(for)s -2612(more)s 3159(details.)s 0 7453(Y)m 26(ou)k 442(should)s +2808 8108(mer)m 8(c)k 3(hantability)k 240 fnt82 4367 8106(or)m +240 fnt83 4626 8108(\207tness)m 5279(for)s 5623(a)s 5798(particular)s +6833(purpose)s 240 fnt82 7598 8106(.)m 7702(See)s 8103(the)s +8451(GNU)s 0 7866(General)m 811(Public)s 1475(License)s 2274(for)s +2612(more)s 3159(details.)s 0 7458(Y)m 26(ou)k 442(should)s 1139(ha)s 4(v)k 3(e)k 1640(re)s 1821(cei)s 6(v)k 3(ed)k 2494(a)s 2660(cop)s 2(y)k 3178(of)s 3449(the)s 3797(GNU)s 4372(Gen)s 4768(er)s 4953(al)s 5180(Pub)s 5546(lic)s 5837(Li)s 6043(cense)s 6630(along)s 7215(with)s gsave -7697 7507 translate +7697 7512 translate 0.6953 1.0000 scale 240 fnt31 0 -52(userv)m grestore 8197(;)s 8309(if)s 8526(not,)s -0 7212(write)m 546(to)s 785(the)s 1133(Free)s 1613(Soft)s +0 7217(write)m 546(to)s 785(the)s 1133(Free)s 1613(Soft)s 2011(w)s 2(are)k 2529(F)s 3(oun)k 3016(da)s 3242(tion,)s 3721(59)s 4012(T)s 16(em)k 4434(ple)s 4782(Place)s 5355(-)s 5483(Suite)s 6030(330,)s 6497(Boston,)s -7283(MA)s 7726(02111-1307,)s 0 6972(USA.)m 9066 610 0 610 240 240 60 0 6008 LoutGr2 +7283(MA)s 7726(02111-1307,)s 0 6977(USA.)m 9066 610 0 610 240 240 60 0 6013 LoutGr2 newpath 0 ysize 0.3 ft sub moveto xsize 0 rlineto 0 0.1 ft rlineto @@ -350,55 +350,55 @@ grestore 320 fnt84 0 6(0.3.)m 628(Contents)s grestore -0 5714(1.)m 1200(Introduction)s 8962(3)s 0 5487(2.)m -1200(Client)s 1844(program)s 2714(usage)s 8952(4)s 0 5250(2.1.)m -1200(Options)s 8952(4)s 0 5013(2.2.)m 1200(Security-o)s 3(v)k 3(erriding)k -3118(options)s 8958(7)s 0 4776(3.)m 1200(Ex)s 3(ecution)k +0 5719(1.)m 1200(Introduction)s 8962(3)s 0 5492(2.)m +1200(Client)s 1844(program)s 2714(usage)s 8952(4)s 0 5255(2.1.)m +1200(Options)s 8952(4)s 0 5018(2.2.)m 1200(Security-o)s 3(v)k 3(erriding)k +3118(options)s 8958(7)s 0 4781(3.)m 1200(Ex)s 3(ecution)k 2224(en)s 9(vironment)k 3484(of)s 3755(the)s 4103(service)s -4835(program)s 8959(8)s 0 4539(3.1.)m 1200(File)s 1627(descriptors)s -8959(8)s 0 4302(3.2.)m 1200(En)s 9(vironment)k 8955(9)s -0 4075(4.)m 1200(Service-side)s 2436(con\207guration)s 8831(10)s 0 3838(4.1.)m -1200(Con\207guration)s 2587(\207le)s 2948(syntax)s 8831(10)s 0 3601(4.2.)m +4835(program)s 8959(8)s 0 4544(3.1.)m 1200(File)s 1627(descriptors)s +8959(8)s 0 4307(3.2.)m 1200(En)s 9(vironment)k 8955(9)s +0 4080(4.)m 1200(Service-side)s 2436(con\207guration)s 8831(10)s 0 3843(4.1.)m +1200(Con\207guration)s 2587(\207le)s 2948(syntax)s 8831(10)s 0 3606(4.2.)m 1200(Con\207guration)s 2587(\207le)s 2948(directi)s 6(v)k 3(es)k -8831(10)s 0 3363(4.3.)m 1200(Errors)s 1847(in)s 2090(the)s -2438(con\207guration)s 3771(\207le)s 8833(16)s 0 3125(4.4.)m 1200(Def)s 2(aults)k -8833(16)s 0 2898(5.)m 1200(Information)s 2398(passed)s 3094(through)s -3896(the)s 4244(client/daemon)s 5655(combination)s 8839(18)s 0 2660(6.)m +8831(10)s 0 3368(4.3.)m 1200(Errors)s 1847(in)s 2090(the)s +2438(con\207guration)s 3771(\207le)s 8833(16)s 0 3130(4.4.)m 1200(Def)s 2(aults)k +8833(16)s 0 2903(5.)m 1200(Information)s 2398(passed)s 3094(through)s +3896(the)s 4244(client/daemon)s 5655(combination)s 8839(18)s 0 2665(6.)m 1200(Applications)s 2473(and)s 2877(notes)s 3433(on)s 3730(use)s -8831(20)s 0 2422(6.1.)m 1200(Standard)s 2108(services)s 2928(and)s -3332(directory)s 4248(management)s 8831(20)s 0 2184(6.2.)m 1200(Reducing)s +8831(20)s 0 2427(6.1.)m 1200(Standard)s 2108(services)s 2928(and)s +3332(directory)s 4248(management)s 8831(20)s 0 2189(6.2.)m 1200(Reducing)s 2171(the)s 2519(number)s 3310(of)s 3581(absolutely)s 4618(pri)s 6(vile)k 3(ged)k -5636(subsystems)s 8831(20)s 0 1946(6.3.)m 1200(Do)s 1546(not)s +5636(subsystems)s 8831(20)s 0 1951(6.3.)m 1200(Do)s 1546(not)s 1912(gi)s 6(v)k 3(e)k 2371(a)s 3(w)k 2(ay)k 2925(e)s 3(xcessi)k 6(v)k 3(e)k 3885(pri)s 6(vile)k 3(ge)k 4781(to)s gsave -5020 2000 translate +5020 2005 translate 0.6953 1.0000 scale 240 fnt31 0 -52(userv)m grestore 5520(-using)s 6171(f)s 2(acilities)k -8831(20)s 0 1708(6.4.)m gsave -1200 1762 translate +8831(20)s 0 1713(6.4.)m gsave +1200 1767 translate 0.6953 1.0000 scale 240 fnt31 0 -52(userv)m grestore 1760(is)s 1970(not)s 2336(a)s 2502(replacement)s 3729(for)s gsave -4067 1762 translate +4067 1767 translate 0.6953 1.0000 scale 240 fnt31 0 -52(really)m grestore 4727(and)s gsave -5131 1762 translate +5131 1767 translate 0.6953 1.0000 scale 240 fnt31 0 -52(sudo)m grestore 8851(21)s -0 1469(6.5.)m 1200(Don')s 4(t)k 1814(gi)s 6(v)k 3(e)k +0 1474(6.5.)m 1200(Don')s 4(t)k 1814(gi)s 6(v)k 3(e)k 2273(access)s 2934(to)s 3173(general-purpose)s 4769(utilities)s 8851(21)s 0 52(User)m 511(service)s 1243(daemon)s 2058(and)s 2462(client)s -3052(speci\207cation)s 8471(0.95.0)s +3052(speci\207cation)s 8591(1.0.0)s grestore grestore @@ -435,7 +435,7 @@ gsave gsave 0 LoutMargSet grestore -240 fnt84 0 13842(2)m 240 fnt82 0 52(0.95.0)m 4809(User)s +240 fnt84 0 13842(2)m 240 fnt82 0 52(1.0.0)m 4809(User)s 5320(service)s 6052(daemon)s 6867(and)s 7271(client)s 7861(speci\207cation)s grestore @@ -523,7 +523,7 @@ grestore 0 10002(with)m 482(each)s 977(other)s 1528(in)s 1771(an)s 3(y)k 2168(une)s 3(xpected)k 3313(w)s 2(ays.)k 0 52(User)m 511(service)s 1243(daemon)s 2058(and)s 2462(client)s 3052(speci\207cation)s -8471(0.95.0)s +8591(1.0.0)s grestore grestore @@ -878,20 +878,20 @@ grestore 240 fnt31 0 -52(write)m grestore -1134 0 0 0 240 240 60 0 949 LoutGr2 +1134 0 0 0 240 240 60 0 947 LoutGr2 0 0 moveto xsize 0 lineto stroke grestore grestore -122 fnt82 0 754(1)m gsave -58 727 translate +122 fnt82 0 752(1)m gsave +58 725 translate 0.6953 1.0000 scale 192 fnt31 0 -42(userv)m grestore -192 fnt82 505 684(is)m 673(short)s 1103(for)s 1373(`user)s +192 fnt82 505 682(is)m 673(short)s 1103(for)s 1373(`user)s 1802(services',)s 2566(and)s 2890(is)s 3058(pronounced)s 4010(`you-serv)s 2(e'.)k -240 fnt82 0 52(0.95.0)m 4809(User)s 5320(service)s 6052(daemon)s +240 fnt82 0 52(1.0.0)m 4809(User)s 5320(service)s 6052(daemon)s 6867(and)s 7271(client)s 7861(speci\207cation)s grestore @@ -1373,7 +1373,7 @@ grestore 5015(the)s 5358(speci\207ed)s 6261(\207le)s 6616(descriptor;)s 240 fnt83 7678 835(action)m 240 fnt82 8325 833(must)m 8844(be)s 0 52(User)m 511(service)s 1243(daemon)s 2058(and)s 2462(client)s 3052(speci\207cation)s -8471(0.95.0)s +8591(1.0.0)s grestore grestore @@ -1715,7 +1715,7 @@ grestore 1693(calling)s 2396(process')s 13(s)k 3323(current)s 4059(directory)s 4975(name)s 5549(from)s 6073(being)s 6658(passed)s 7354(to)s 7593(the)s 7941(service;)s 8729(the)s 480 956(null)m 907(string)s -1504(will)s 1930(be)s 2212(passed)s 2908(instead.)s 0 52(0.95.0)m +1504(will)s 1930(be)s 2212(passed)s 2908(instead.)s 0 52(1.0.0)m 4809(User)s 5320(service)s 6052(daemon)s 6867(and)s 7271(client)s 7861(speci\207cation)s grestore @@ -1928,7 +1928,7 @@ grestore 7954(the)s 8302(service)s 480 5072(user)m 938(will)s 1364(be)s 1646(the)s 1994(real)s 2406(calling)s 3109(user)s 13(.)k 0 52(User)m 511(service)s 1243(daemon)s 2058(and)s 2462(client)s -3052(speci\207cation)s 8471(0.95.0)s +3052(speci\207cation)s 8591(1.0.0)s grestore grestore @@ -2185,7 +2185,7 @@ grestore 8175(for)s 8513(the)s 0 864(rele)m 6(v)k 6(ant)k 817(\207le)s 1178(descriptor)s 2193(in)s 2436(the)s 2784(client')s 13(s)k 3524(ar)s 4(guments.)k 4620(By)s 4954(def)s 2(ault)k -5675(writing)s 6418(\207ledescriptors)s 7822(remain)s 8542(open)s 0 52(0.95.0)m +5675(writing)s 6418(\207ledescriptors)s 7822(remain)s 8542(open)s 0 52(1.0.0)m 4809(User)s 5320(service)s 6052(daemon)s 6867(and)s 7271(client)s 7861(speci\207cation)s grestore @@ -2412,7 +2412,7 @@ grestore 3671(be)s 3953(set)s 4278(appropriately)s 5606(\(according)s 6681(to)s 6920(the)s 7268(details)s 7942(of)s 8213(the)s 0 5083(service)m 732(user\).)s 0 52(User)m 511(service)s 1243(daemon)s 2058(and)s -2462(client)s 3052(speci\207cation)s 8471(0.95.0)s +2462(client)s 3052(speci\207cation)s 8591(1.0.0)s grestore grestore @@ -2663,7 +2663,7 @@ grestore 628(Con\207guration)s 2618(\207le)s 3100(dir)s 5(ecti)k 3(v)k 3(es)k grestore -0 52(0.95.0)m 4809(User)s 5320(service)s 6052(daemon)s 6867(and)s +0 52(1.0.0)m 4809(User)s 5320(service)s 6052(daemon)s 6867(and)s 7271(client)s 7861(speci\207cation)s grestore @@ -3032,7 +3032,7 @@ grestore 3653(all)s 3941(the)s 4284(characters)s 5298(until)s 5786(the)s 6129(end)s 6528(of)s 6794(the)s 7137(line)s 7546(will)s 7967(be)s 8244(included)s 0 52(User)m 511(service)s 1243(daemon)s -2058(and)s 2462(client)s 3052(speci\207cation)s 8471(0.95.0)s +2058(and)s 2462(client)s 3052(speci\207cation)s 8591(1.0.0)s grestore grestore @@ -3338,7 +3338,7 @@ grestore 240 fnt82 2252 810(refers)m 2845(to)s 3084(a)s 3250(\207le)s 3611(one)s 4013(of)s 4284(whose)s 4952(lines)s 5454(is)s 5664(the)s 6012(v)s 6(alue)k 6580(of)s 6851(the)s -7199(parameter)s 8213(\(leading)s 0 52(0.95.0)m 4809(User)s 5320(service)s +7199(parameter)s 8213(\(leading)s 0 52(1.0.0)m 4809(User)s 5320(service)s 6052(daemon)s 6867(and)s 7271(client)s 7861(speci\207cation)s grestore @@ -3683,7 +3683,7 @@ grestore grestore 8490(after)s 0 52(User)m 511(service)s 1243(daemon)s 2058(and)s -2462(client)s 3052(speci\207cation)s 8471(0.95.0)s +2462(client)s 3052(speci\207cation)s 8591(1.0.0)s grestore grestore @@ -3985,7 +3985,7 @@ grestore 240 fnt31 0 -52(catch\211quit)m grestore -5645(\).)s 0 52(0.95.0)m 4809(User)s 5320(service)s +5645(\).)s 0 52(1.0.0)m 4809(User)s 5320(service)s 6052(daemon)s 6867(and)s 7271(client)s 7861(speci\207cation)s grestore @@ -4401,7 +4401,7 @@ grestore 2830(speci\207ed)s 3738(when)s 4314(the)s 4662(service)s 5394(is)s 5604(about)s 6196(to)s 6435(be)s 6717(in)s 9(v)k 4(ok)k 2(ed)k 7532(\(after)s 8107(the)s 0 52(User)m 511(service)s 1243(daemon)s -2058(and)s 2462(client)s 3052(speci\207cation)s 8471(0.95.0)s +2058(and)s 2462(client)s 3052(speci\207cation)s 8591(1.0.0)s grestore grestore @@ -4622,7 +4622,7 @@ grestore 2482(processing)s 3558(is)s 3768(as)s 4018(if)s 4235(the)s 4583(daemon)s 5398(were)s 5918(parsing)s 6675(an)s 6958(o)s 3(v)k 3(erall)k 7670(con\207guration)s 0 2506(\207le)m 361(whose)s 1029(contents)s 1877(were)s -2397(as)s 2647(follo)s 6(ws:)k 0 52(0.95.0)m 4809(User)s +2397(as)s 2647(follo)s 6(ws:)k 0 52(1.0.0)m 4809(User)s 5320(service)s 6052(daemon)s 6867(and)s 7271(client)s 7861(speci\207cation)s grestore @@ -4704,7 +4704,7 @@ grestore 0 -772(quit)m grestore 0 52(User)m 511(service)s -1243(daemon)s 2058(and)s 2462(client)s 3052(speci\207cation)s 8471(0.95.0)s +1243(daemon)s 2058(and)s 2462(client)s 3052(speci\207cation)s 8591(1.0.0)s grestore @@ -5002,7 +5002,7 @@ grestore 8188(v)s 6(ariable.)k 480 887(This)m 946(grants)s 1570(no)s 1852(special)s 2560(access)s 3210(to)s 3438(that)s 3846(directory)s 4751(unless)s 5389(it)s 5571(is)s 5770(a)s 5925(subdirectory)s -7164(of)s 7424(a)s 7579(directory)s 8484(which)s 0 52(0.95.0)m +7164(of)s 7424(a)s 7579(directory)s 8484(which)s 0 52(1.0.0)m 4809(User)s 5320(service)s 6052(daemon)s 6867(and)s 7271(client)s 7861(speci\207cation)s grestore @@ -5101,7 +5101,7 @@ grestore 6106(other)s 6657(information)s 7842(may)s 8308(pass)s 480 11379(between)m 1334(the)s 1682(caller)s 2271(and)s 2675(the)s 3023(service.)s 0 52(User)m 511(service)s 1243(daemon)s 2058(and)s 2462(client)s -3052(speci\207cation)s 8471(0.95.0)s +3052(speci\207cation)s 8591(1.0.0)s grestore grestore @@ -5396,7 +5396,7 @@ grestore 1287(daemon')s 13(s)k 2255(queues,)s 3027(and)s 3431(the)s 3779(daemon)s 4594(w)s 2(ould)k 5249(read)s 5718(the)s 6066(\207le)s 6427(later)s 6910(when)s 7486(it)s 7678(felt)s -8055(lik)s 2(e)k 8467(it.)s 0 52(0.95.0)m 4809(User)s +8055(lik)s 2(e)k 8467(it.)s 0 52(1.0.0)m 4809(User)s 5320(service)s 6052(daemon)s 6867(and)s 7271(client)s 7861(speci\207cation)s grestore @@ -5644,24 +5644,24 @@ grestore 1801(ha)s 4(v)k 3(e)k 2302(to)s 2541(say)s 2914(this)s 3310(here,)s 3828(b)s 4(ut)k 4190(ine)s 3(xperienced)k 5586(administrators)s 7003(ha)s 4(v)k 3(e)k 7504(made)s -8078(similar)s 1134 0 0 0 240 240 60 0 1179 LoutGr2 +8078(similar)s 1134 0 0 0 240 240 60 0 1177 LoutGr2 0 0 moveto xsize 0 lineto stroke grestore grestore -122 fnt82 0 984(1)m gsave -58 957 translate +122 fnt82 0 982(1)m gsave +58 955 translate 0.6953 1.0000 scale 192 fnt31 0 -42(sudo)m grestore -192 fnt82 425 914(is)m 593(a)s 726(program)s 1422(which)s +192 fnt82 425 912(is)m 593(a)s 726(program)s 1422(which)s 1936(allo)s 4(ws)k 2472(users)s 2905(to)s 3097(e)s 2(x)k 2(ecute)k 3723(certain)s 4289(programs)s 5052(as)s 5252(root,)s 5646(according)s 6444(to)s 6636(con\207guration)s 7703(\207les)s 8062(speci\207ed)s 8789(by)s -0 684(the)m 279(system)s 858(administrator)s 10(.)k 240 fnt82 +0 682(the)m 279(system)s 858(administrator)s 10(.)k 240 fnt82 0 52(User)m 511(service)s 1243(daemon)s 2058(and)s 2462(client)s -3052(speci\207cation)s 8471(0.95.0)s +3052(speci\207cation)s 8591(1.0.0)s grestore grestore @@ -5706,7 +5706,7 @@ grestore 240 fnt31 0 -52(sudo)m grestore -3133(.)s 0 52(0.95.0)m 4809(User)s 5320(service)s +3133(.)s 0 52(1.0.0)m 4809(User)s 5320(service)s 6052(daemon)s 6867(and)s 7271(client)s 7861(speci\207cation)s grestore diff --git a/spec.sgml b/spec.sgml index 9444d5a..e06e28e 100644 --- a/spec.sgml +++ b/spec.sgml @@ -3,7 +3,7 @@ User service daemon and client specification <author>Ian Jackson <email>ian@davenant.greenend.org.uk -<version>0.95.0</version> +<version>1.0.0</version> <abstract> This is a specification for a Unix system facility to allow one diff --git a/userv.1 b/userv.1 new file mode 100644 index 0000000..67a8b2b --- /dev/null +++ b/userv.1 @@ -0,0 +1,463 @@ +.\" +.\" This manpage is copyright, like the rest of userv, - see the +.\" copyright section, below. +.Dd November 3, 1999 +.Dt USERV 1 +.Os "userv 1.0.0" +.Sh NAME +.Nm userv +.Nd request user services +.Sh SYNOPSIS +.Nm userv +.Op Ar option ... +.Op Fl - +.Ar service-user +.Ar service-name +.Op Ar argument ... +.Nm userv +.Op Ar option ... +.Fl B | -builtin +.Op Fl - +.Ar builtin-service +.Bk -words +.Op Ar info-argument ... +.Ek +.Sh DESCRIPTION +.Nm userv +is used to have a task performed under different userid while +maintaining limited trust between caller and callee. + +.Ar service-user +specifies which user account is to perform the task. The user may be +a login name or a numeric uid, or +.Ql - +to indicate that the service user is to be the same as the calling +user. + +The service name is interpreted by the userv daemon on behalf of the +service user. This is controlled by configuration files in the +service user's filespace; consult the userv specification for details. +.Ss Options +Single-letter options may be combined as is usual with Unix programs, +and the value for such an option may appear in the same argument or in +the next. +.Bl -tag -width Fl +.It Fl B | -builtin +Requests that a builtin service be provided. This is equivalent to +using the +.Fl -override +option to specify a string consisting of +.Ql execute-builtin +followed by the +.Ar builtin-service +requested, and requesting a service user of +.Ql - +(indicating the calling user). + +If the builtin service being requested requires a +.Ar service-argument +then this must be supplied to the client in the +same argument as the +.Ar builtin-service . +See the specification, or the output of +.Bd -literal -offset indent -compact +userv -B help +.Ed +for details of the builtin services available, +and below for details of the +.Fl -override +options. + +The actual service name passed will be the +.Ar builtin-service ; +note +that this actual service name (as opposed to the override data) and +the +.Ar info-argument Ns s +supplied will be ignored by most builtin +services; the override mechanism and +.Ql execute-builtin +will be +used to ensure that the right builtin service is called with the right +.Ar service-argument Ns s . +.It Xo +.Fl f | -file +.Sm off +.Ar fd Oo Ar fdmodifiers Oc = Ar filename +.Sm on +.Xc +Requests that data be copied in and out of the service using pipes. +For each file or descriptor this will be done by creating a pipe, one +end of which is passed to the service program and the other end of +which is passed to a copy of +.Nm cat +invoked by the client; the other file descriptor passed to +.Nm cat +will be one inherited by the client program from the caller or one +opened by the client program on behalf of the caller. + +The descriptor in the service program that should be connected must be +specified as +.Ar fd , +either as a decimal number or as one of the +strings +.Ql stdin , +.Ql stdout +or +.Ql stderr . +The next argument is a filename which will be opened by the client +with the privileges of the calling user. + +.Ar modifiers +is used to specify whether the file or descriptor is to be read from +or written to. It consists of a series of words separated by commas. +A comma may separate the +.Ar modifiers +from +the +.Ar fd +and is required if +.Ar fd +is not numeric. +The modifier words are: +.Bl -tag -width Li +.It Ic read +.Dv O_RDONLY : +Allow reading and not writing. May not be used with +.Ql write +or things that imply it. +.It Ic write +.Dv O_WRONLY : +Allow writing and not reading. +.Em Doesn't truncate or create +without +.Ql truncate +or +.Ql create . +.Ql write +or things that imply it may not be used with +.Ql read . +.It Ic overwrite +Equivalent to +.Ql write,create,truncate . +.It Ic create , creat +.Dv O_CREAT : +Creates the file if necessary. Implies +.Ql write . +.It Ic exclusive , excl +.Dv O_TRUNC: +Truncate any existing file. Implies +.Ql write . +May not be used with +.Ql exclusive . +.It Ic append +.Dv O_APPEND : +All writes will append to the file. Implies +.Ql write +(but not +.Ql create ) . +.It Ic sync +.Dv O_SYNC : +Do writes synchronously. Implies +.Ql write . +.It Ic wait , nowait , close +These modifiers control the behaviour of the client, with respect to +the pipes carrying data to and from the service, when the service +terminates. See below. +.It Ic fd +The +.Ar filename +is not a filename but a numeric file descriptor. +One or both of +.Ql read +and +.Ql write +must be specified, and no +other words are allowed. The +.Ar filename +may also be +.Ql stdin , +.Ql stdout +or +.Ql stderr +for file descriptor 0, 1 or 2 respectively. +.El + +If no +.Ar modifiers +which imply +.Ql read +or +.Ql write +are used it is as if +.Ql write +had been specified, except that if the filedescriptor 0 of the service +is being opened (either specified numerically or with +.Ql stdin ) +it is as if +.Ql overwrite +had been specified (or +.Ql write +if only +.Ql fd +was specified). + +The client will also use +.Dv O_NOCTTY +when opening files specified by the caller, to avoid changing its +controlling terminal. + +By default +.Va stdin , +.Va stdout +and +.Va stderr +of the service will be connected to the corresponding descriptors on +the client. Diagnostics from the client and daemon will also appear +on +.Va stderr . + +If +.Ql wait +is specified, the client will wait for the pipe to be closed, and only +exit after this has happened. This means that either the receiving +end of the pipe connection was closed while data was still available +at the sending end, or that the end of file was reached on the reading +file descriptor. Errors encountered reading or writing in the client +at this stage will be considered a system error and cause the client +to exit with status 255, but will not cause disconnection at the +service side since the service has already exited. + +If +.Ql close +is specified the client will immediately close the pipe connection by +killing the relevant copy of +.Nm cat . +If the service uses the descriptor it will get +.Dv SIGPIPE +(or +.Er EPIPE ) +for a writing descriptor or end of file for a reading one; the +descriptor opened by or passed to the client will also be closed. + +If +.Ql nowait +is specified then the client will not wait and the +connection will remain open after the client terminates. Data may +continue to be passed between the inheritors of the relevant +descriptor on the service side and the corresponding file or +descriptor on the client side until either side closes their +descriptor. This should not usually be specified for +.Va stderr +(or +.Va stdout +if +.Ql "--signals stdout" +is used) since diagnostics from the service side may arrive after the +client has exited and be confused with expected output. + +The default is +.Ql wait +for writing file descriptors and +.Ql close +for reading ones. +.It Xo +.Fl w | -fdwait +.Ar fd Ns = Ns Ar action +.Xc +Sets the action on termination of the service for the specified file +descriptor; +.Ar action +must be +.Ql wait , +.Ql nowait +or +.Ql close +as described above. The file descriptor must be specified as open +when this option is encountered; this option is overridden by any +later +.Fl -file +or +.Fl -fdwait +option - even by a +.Fl -file +which does not specify an action on termination (in this case the +default will be used, as described above). +.It Xo +.Fl D | -defvar +.Ar name Ns = Ns Ar value +.Xc +Set a user-defined variable +.Ar name +to +.Ar value . +These +user-defined variables are made available in the configuration +language as the parameters +.Ql u- Ns Ar name +and are passed to the +service in environment variables +.Ev USERV_U_ Ns Ar name . +.Ar name +may contain only alphanumerics and underscores, and must start with a +letter. If several definitions are given for the same +.Ar name +then only the last is effective. +.It Fl t | -timeout Ar seconds +Time out the service if it takes longer than +.Ar seconds +seconds (a positive integer, in decimal). Timeout will produce a +diagnostic on stderr and an exit status of 255. If +.Ar seconds +is zero then no timeout will be implemented (this is the default). +.It Fl S | -signals Ar method +Affects the handling of the exit status when the service terminates +due to a signal. (The client will always finish by calling +.Fn _exit , +so that only numbers from 0 to 255 can be returned and not the full +range of numbers and signal indications which can be returned by the +.Fn wait +family of system calls.) + +The +.Ar method +may be one of the following: +.Bl -tag -width Li +.It Ar status +The client's exit status will be +.Ar status . +This will not be distinguishable from the service really having exited +with code +.Ar status . +This method is the default, with a +.Ar status +of 254. +.It Ic number , number-nocore +The client's exit status will be the number of the signal which caused +the termination of the service. If +.Ql number +is used rather than +.Ql number-nocore +then 128 will be added if the service dumped core. +.Ql number +is very like the exit code mangling done by the Bourne shell. +.It Ic highbit +The client's exit status will be the number of the signal with 128 +added. If the service exits normally with an exit code of greater +than 127 then 127 will be returned. +.It Ic stdout +The service's numeric wait status as two decimal numbers (high byte +first) and a textual description of its meaning will be printed to the +client's standard output. It will be preceded by a newline and +followed by an extra newline, and the numbers are separated from each +other and from the textual description by single spaces. The exit +status of the client will be zero, unless a system error occurs in +which case no exit status and description will be printed to +.Va stdout , +and an error message will be printed to +.Va stderr +as usual. + +Problems such as client usage errors, the service not being found or +permission being denied or failure of a system call are system errors. +An error message describing the problem will be printed on the +client's +.Va stderr , +and the client's exit status will be 255. If the client dies due to a +signal this should be treated as a serious system error. +.El +.It Fl H | -hidecwd +Prevents the calling process's current directory name from being +passed to the service; the null string will be passed instead. +.It Fl P | -sigpipe +If the service program is terminated due to a +.Dv SIGPIPE +the exit status of the client will be zero, even if it would have been +something else according to the exit status method specified. This +option has no effect on the code and description printed if the exit +status method +.Ql stdout +is in use. +.It Fl h | -help +Prints the client's usage message. +.It Fl -copyright +Prints the copyright and lack of warranty notice. +.El +.Ss Security-overriding options +There are also some options which are available for debugging and to +allow the system administrator to override a user's policy. These +options are available only if the client is called by root or if the +calling user is the same as the service user. +.Bl -tag -width Fl +.It Fl -override Ar configuration-data +.It Fl -override-file Ar file +Do not read the usual configuration files. Instead, the client sends +.Ar configuration-data +(followed by a newline) or the contents of +.Ar filename +(which is opened in the context of the client) to the daemon and the +daemon uses that data instead. The +.Ar configuration-data +must all be in one argument. It will have a single newline appended +so that a single directive can easily be given, but if more than one +directive is required it will have to contain one or more real +newlines. +.It Fl -spoof-user Ar user +Pretend to the service that it is being called by +.Ar user +(which may be a username or a uid). This will also affect the group +and supplementary groups supplied to the service; they will be the +standard group and supplementary groups for +.Ar user . +The +.Fl -spoof-user +option will +.Em not +affect which user is chosen if the service user is specified as just +.Ql - ; +in this case the service user will be the real calling user. +.El +.Sh ENVIRONMENT +.Bl -tag -width Ev +.It Ev LOGNAME , USER +These are used to determine the name of the calling user, to be passed +to the service in +.Ev USERV_USER . +Their values will only be used if they correspond to the calling UID. +.Sh FILES +.Bl -tag -width Pa +.It Pa /var/run/userv/socket +.Ux Ns -domain +socket used for communication between +.Nm +and +.Nm uservd . +.It Pa /var/run/userv/%x.%x.%x +Pipes used for connecting file descriptors in the client and the +service. +.El +.Sh SEE ALSO +.Xr uservd 8 +.Rs +.%T "User service daemon and client specification" +.%A Ian Jackson +.Re +.Sh COPYRIGHT +GNU userv is Copyright (C)1996-2000 Ian Jackson, except that this +manpage is Copyright (C)2000 Ben Harris. + +GNU userv is licensed under the terms of the GNU General Public +Licence, version 2 or (at your option) any later version, and it comes +with NO WARRANTY, not even the implied warranty of MERCHANTABILITY or +FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +for details. + +You should have received a copy of the GNU General Public License +along with userv, if not, write to the Free Software Foundation, 59 +Temple Place - Suite 330, Boston, MA 02111-1307, USA. +.Sh HISTORY +.Nm +was initially written in 1996 by Ian Jackson. It became +.Tn GNU +.Nm +in 1999, and version 1.0 was released in 2000. -- 2.30.2