blob: a7db37a3363a8a16831b7a47a9ffba09935d9a92 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
|
# htt.conf sample file.
## NOTICE to TCP wrapper users:
## This file controls the aceess to htt_server(htt).
## But by default, htt is linked with libwrap, therefore
## htt is controled by hosts_access(5) as well. Because the
## service name is "htt", the following entry in the hosts_access:
## htt : ALL : deny
## denies any accesses to htt_server(htt).
#
## NOTICE to PAM users:
## htt uses PAM in order to check user's account and password if it
## is enabled. But in many environments, PAM authentications are
## disabled for unregisterd services by default. In this case,
## you have to register "htt" service to the PAM configuration of your
## system.
## When AllowSystemUser directive is "password", "account" and "auth"
## modules are used for authentication. When the directive is "permit",
## "account" modules are used. Thus, whether the system requires
## password checking depends also on the configuration of PAM.
## ListenAddress <address>
# <address> := <Any characters valid for hostname(cf. RFC1123)> [":" <service-name>]
#
# "ListenAddress" directive specifies local address where
# htt_sever listens. Note that it can listen on multiple
# addresses by specifying multiple "ListenAddress" directives.
ListenAddress localhost:9010
#ListenAddress localhost:9011
## DefaultPermission (permit|checkuser|password|deny)
#
# "DefaultPermission" directive specifies the default permission.
# It is applied if the access dose not match with any patterns of
# "AccessControl" derectives.
# permit ..... Permit the access. htt does not require any other
# authentications.
# checkuser .. htt requires a valid username.
# password ... htt requires a valid username and password.
# deny ....... Deny the access.
DefaultPermission checkuser
## AccessControl (permit|checkuser|password|deny) <pattern>
# <pattern> := <IPv4Addr_pattern> | <IPv6Addr_pattern> | <host_pattern>
# <IPv4Addr_pattern> := 3*(IPv4Addr_pe ".") IPv4Addr_pe ["/" DIGITS]
# <IPv6Addr_pattern> := 7*(IPv6Addr_pe ".") IPv6Addr_pe ["/" DIGITS]
# IPv4Addr_pe := 1*3DIGIT
# IPv6Addr_pe := 1*4HEX
# DIGIT = "0" | "1" | ... | "9"
# HEX = "0" | "1" | ... | "9" | "a" | ... | "f"
# <host_pattern> := *(<host_pe> ".")<host_pe>
# <host_pe> := *(<Any characters valid for hostname(cf. RFC1123)>
# | "*" | "$$" | "$(" <symname> ")" )
# <symname> := "DOMAINNAME" | "HOSTNAME"
#
# "AccessControl" directive controls the access by the clients' hostname
# or network address. When the client hostname or address matches with the
# specified <pattern>, htt applies this directive. htt starts matching
# operations in the order of "AccessControl" directives.
# permit ..... Permit the access from the specified clients.
# htt does not require any other authentications.
# checkuser .. htt requires a valid username from the specified clients.
# password ... htt requires a valid username and password.
# from the specified clients.
# deny ....... Deny all the accesses from the specified clients.
#
# "*" is a wild card character that matches any string.
# $(HOSTNAME) in <host_pe> is replaced with the hostname where htt runs.
# $(DOMAINNAME) in <host_pe> is replaced with the domainname where htt runs.
# "$$" is replaced with "$".
AccessControl permit 127.0.0.1
#AccessControl permit *.$(DOMAINNAME)
#AccessControl permit 172.16.0.0/16
#AccessControl password *.foo.com
#AccessControl deny *.bar.com
## AllowSystemUser (permit|password|deny)
#
# "AllowSystemUser" directive controls whether htt allows system's user
# to access the server.
# permit ..... Permit the access of system's user. htt dose not require
# any passwords.
# password ... Permit the access of system's user if the user sends a
# valid password.
# deny ....... Deny the access of system's user.
AllowSystemUser password
## UserPermission (permit|password|deny) <username>[:<encrypted-password>]
#
# "UserPermission" directive controls the specified users' permission.
# <username> must be a valid username.
# <encrypted-password> must be a valid password entry encrypted by crypt().
# If the system dose not support crypt(), all password matchings fail.
# permit ..... Permit the access of the specified users. htt dose not require
# any passwords.
# password ... Permit the access of the specified user if the user sends a
# valid password.
# deny ....... Deny the access of the specified users.
#UserPermission password guest1:/a6BKSXLLSgPE guest2:/a6BNlakdSgPE
#UserPermission permit test
#UserPermission deny root
|
GitWeb