1 .\"
2 .\"Copyright (c) 2016 Martijn van Duren <martijn@openbsd.org>
3 .\"Copyright (c) 2015 Ted Unangst <tedu@openbsd.org>
4 .\"
5 .\"Permission to use, copy, modify, and distribute this software for any
6 .\"purpose with or without fee is hereby granted, provided that the above
7 .\"copyright notice and this permission notice appear in all copies.
8 .\"
9 .\"THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 .\"WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 .\"MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 .\"ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 .\"WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 .\"ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 .\"OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 .Dd $Mdocdate: September 2 2016 $
17 .Dt VIAS.CONF 5
18 .Os
19 .Sh NAME
20 .Nm vias.conf
21 .Nd vias configuration file
22 .Sh SYNOPSIS
23 .Nm /etc/vias.conf
24 .Sh DESCRIPTION
25 The
26 .Xr vias 1
27 utility allows a user to edit any file as their own user according to the rules
28 in the
29 .Nm
30 configuration file.
31 .Pp
32 The rules have the following format:
33 .Bd -ragged -offset indent
34 .Ic permit Ns | Ns Ic deny
35 .Op Ar options
36 .Ar identity
37 .Op Ic as Ar target
38 .Op Ic edit Op ...
39 .Ed
40 .Pp
41 Rules consist of the following parts:
42 .Bl -tag -width 11n
43 .It Ic permit Ns | Ns Ic deny
44 The action to be taken if this rule matches.
45 .It Ar options
46 Options are:
47 .Bl -tag -width keepenv
48 .It Ic nopass
49 The user is not required to enter a password.
50 .It Ic persist
51 After the user successfully authenticates, do not ask for a password
52 again for some time.
53 .El
54 .It Ar identity
55 The username to match.
56 Groups may be specified by prepending a colon
57 .Pq Sq \&: .
58 Numeric IDs are also accepted.
59 .It Ic as Ar target
60 The
61 .Ar target
62 user who opens the file.
63 This can be used as an extra restriction on the rule.
64 If no
65 .Ar target
66 is specified the file will be opened as root.
67 .It Ic edit Op ...
68 A space separated list of files to be matched.
69 A file needs to be the full pathname without symlinks as produced by
70 .Xr realpath 3 .
71 If the filename ends in a slash it allows access on that entire subtree.
72 When using the directory syntax it is advised to set
73 .Ar target .
74 .El
75 .Pp
76 The last matching rule determines the action taken.
77 If no rule matches, the action is denied.
78 .Pp
79 Comments can be put anywhere in the file using a hash mark
80 .Pq Sq # ,
81 and extend to the end of the current line.
82 .Pp
83 The following quoting rules apply:
84 .Bl -dash
85 .It
86 The text between a pair of double quotes
87 .Pq Sq \&"
88 is taken as is.
89 .It
90 The backslash character
91 .Pq Sq \e
92 escapes the next character, including new line characters, outside comments;
93 as a result, comments may not be extended over multiple lines.
94 .It
95 If quotes or backslashes are used in a word,
96 it is not considered a keyword.
97 .El
98 .Sh SEE ALSO
99 .Xr vias 1
100 .Sh AUTHORS
101 .An Martijn van Duren Aq Mt martijn@openbsd.org