1 .\"
2 .\"Copyright (c) 2016 Martijn van Duren <vias@imperialat.at>
3 .\"Copyright (c) 2015 Ted Unangst <tedu@openbsd.org>
4 .\"
5 .\"Permission to use, copy, modify, and distribute this software for any
6 .\"purpose with or without fee is hereby granted, provided that the above
7 .\"copyright notice and this permission notice appear in all copies.
8 .\"
9 .\"THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 .\"WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 .\"MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 .\"ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 .\"WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 .\"ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 .\"OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 .Dd $Mdocdate: September 2 2016 $
17 .Dt VIAS.CONF 5
18 .Os
19 .Sh NAME
20 .Nm vias.conf
21 .Nd vias configuration file
22 .Sh SYNOPSIS
23 .Nm /etc/vias.conf
24 .Sh DESCRIPTION
25 The
26 .Xr vias 1
27 utility allows a user to edit any file as their own user according to the rules
28 in the
29 .Nm
30 configuration file.
31 .Pp
32 The rules have the following format:
33 .Bd -ragged -offset indent
34 .Ic permit Ns | Ns Ic deny
35 .Op Ar options
36 .Ar identity
37 .Op Ic as Ar target
38 .Op Ic edit Op ...
39 .Ed
40 .Pp
41 Rules consist of the following parts:
42 .Bl -tag -width 11n
43 .It Ic permit Ns | Ns Ic deny
44 The action to be taken if this rule matches.
45 .It Ar options
46 Options are:
47 .Bl -tag -width keepenv
48 .It Ic nopass
49 The user is not required to enter a password.
50 .El
51 .It Ar identity
52 The username to match.
53 Groups may be specified by prepending a colon
54 .Pq Sq \&: .
55 Numeric IDs are also accepted.
56 .It Ic as Ar target
57 The
58 .Ar target
59 user who opens the file.
60 This can be used as an extra restriction on opening certain files.
61 The system will try to open the file as that user if all other checks match.
62 The default is root.
63 .It Ic edit Op ...
64 A space separated list of files to be matched.
65 A file needs to be the full pathname without symlinks as produced by
66 .Xr realpath 3 .
67 If the filename ends in a slash it allows access on that entire subtree.
68 When using the directory syntax it is advised to set
69 .Ar target .
70 .El
71 .Pp
72 The last matching rule determines the action taken.
73 If no rule matches, the action is denied.
74 .Pp
75 Comments can be put anywhere in the file using a hash mark
76 .Pq Sq # ,
77 and extend to the end of the current line.
78 .Pp
79 The following quoting rules apply:
80 .Bl -dash
81 .It
82 The text between a pair of double quotes
83 .Pq Sq \&"
84 is taken as is.
85 .It
86 The backslash character
87 .Pq Sq \e
88 escapes the next character, including new line characters, outside comments;
89 as a result, comments may not be extended over multiple lines.
90 .It
91 If quotes or backslashes are used in a word,
92 it is not considered a keyword.
93 .El
94 .Sh SEE ALSO
95 .Xr vias 1
96 .Sh AUTHORS
97 .An Martijn van Duren Aq Mt vias@imperialat.at