hosts.hfaxd - HylaFAX
client access control list
in the HylaFAX
spooling area specifies the
hosts and users that are permitted to access services through the
This file must exist for client access; if it is not present then
will deny all requests for service.
Note also that this file must be readable only by the ``fax'' user; i.e.
it should have mode 600 and be owned by ``fax''.
is managed through use of the
tools or the ``SITE ADDUSER'' and ``SITE DELUSER'' functions through an administrative client.
However, some features are not accessible through those tools and
will require direct editing to use those features. In particular, the order of entries in
may need manipulation as
uses the first-matched entry (read top-down).
Each newline-terminated entry is a set of colon (:) separated fields,
all but the first of which are optional.
Trailing null fields and their separators may be omitted.
The most general form is:
is a regular expression to be matched against a string
``user@host'' that is formed from the
string passed to
command and the official
name or the
Internet address, specified in ``dot notation''.
does not contain an ``@'' then, for backwards compatibility,
it is treated as a host for which any user may have access;
i.e. it is automatically converted to the regular expression
Comments are introduced with the ``#'' character and extend
to the end of the line.
Any whitespace immediately preceding a comment is also ignored.
has a leading ``!'', then it is interpreted as a class of
hosts and users to which access is to be
That is, if the pattern matches the client information,
then access is denied.
Note that regular expressions are
That is, a regular expression may match a substring
of the ``user@host'' string.
Thus `pb@.*\.cl\.cam\.ac\.uk' matches
Use ``^'' to match the start of the string and ``$'' to
match the end.
are optional and specify the following:
The numerical user ID to assign to clients that use the entry
to control access to server resources such as jobs and documents
(the value is used to set the group ID of files created by a client).
Multiple clients/users may share the same
or unique IDs may be created for each client.
User IDs may be any number in the range [0..60002]
with 60002 used, by convention, for entries that do not have a
The encrypted password.
If this field is empty (null) then no password will be demanded when
a client logs in; i.e. the
command does not need to be followed by a
The encrypted password for this user to gain administrative privileges.
If this field is empty (null) then the user is not permitted to have
The following is a sample hosts.hfaxd file.
Note that the first entry that matches
is taken, so more-specific entries should be placed first.
# pb on a machine directly in cl.cam.ac.uk can
# administer if an admin pw is given
127.0.0.1 # anyone on local host uses the default uid
192.168.[0-9]+.[0-9]+ # anyone on the LAN uses the default uid
^sam@flake.*sgi\.com$ # Sam on his work machine
^sam@oxford.*Berkeley.*# Sam on any machine starting oxford and containing
# Berkeley, e.g. email@example.com
^.*@.*.\.esd\. # anyone in an esd domain
!^tom@ # Tom Davis is denied access
.*\.sgi\.com$ # but anyone else at sgi is ok