Permissions(4)Permissions(4)NAMEPermissions - Contains information about the permissions that remote
computers have with respect to login, file access, and command execu‐
tion
SYNOPSIS
/usr/lib/uucp/Permissions
DESCRIPTION
The /usr/lib/uucp/Permissions file contains information about the ways
in which the remote computers listed in the Systems file are allowed to
carry out uucico and uuxqt transactions with a local system.
Be aware that entries in a Permissions file do not affect a remote sys‐
tem user with a valid login on the local computer.
Note that you must have root user authority to edit the Permissions
file, which is owned by the uucp login ID.
The Permissions file has two types of entries: LOGNAME specifies the
permissions that take effect when a remote system logs in. These
entries begin with LOGNAME. MACHINE specifies permissions that take
effect when your system calls a remote system. These entries begin with
MACHINE.
Both type of entries consist of option-value pairs. You can have as
many of these option-value pairs as you want and can write entries for
all or only some of the remote sites.
Options
Specifies whether the remote system can request to set up file trans‐
fers from your system. The default is not to allow such requests. This
option can be used in either LOGNAME or MACHINE entries.
Specifies whether your system can send the work queued for the remote
system when the remote system initiates the call. The default is call;
that is, the queued files are sent only when the local system calls the
remote system. This option is used in LOGNAME entries. Specifies from
which directories uucico can read. The default is the /usr/spool/uucp‐
public directory. This option can be used in either LOGNAME or MACHINE
entries. If multiple pathnames are specified, separate them with a
colon (:). Specifies to which directories uucico can write. The
default is the /usr/spool/uucpublic directory. This option can be used
in either LOGNAME or MACHINE entries. If multiple pathnames are speci‐
fied, separate them with a colon (:). Specify exceptions to the READ
and WRITE options. These options can be used in either LOGNAME or
MACHINE entries. If multiple pathnames are specified, separate them
with a colon (:). Specifies the commands that a remote system can
request to be executed on the local system. The default is rmail com‐
mand. If multiple commands are specified, separate them with a
colon(:). This option is used in MACHINE entries. Specifies whether
any transactions can occur without the local system calling the remote
system. The default is no, that is, the local system must initiate the
call to the remote system before any transactions are allowed. If both
the remote and local systems use CALLBACK, they will not be able to
initiate any jobs. This option can be used in LOGNAME entries. Used to
verify the calling system's identity. The values for this option should
be the system name or the names of systems allowed to log in using the
name specified by LOGNAME. If a system other than those specified in
VALIDATE tries to use the name specified by LOGNAME, the connection
will be refused. If multiple systems are specified, separate them with
a colon (:). This option is used with the LOGNAME entries.
Rules for Writing Permissions File Entries
The following rules apply for writing Permissions file entries: Each
option-value pair has the following format: option=value
Blank spaces are not allowed before or after the equal sign. A
blank space is used to separate option-value pairs. If an option
has one or more values, the values are separated with a colon.
Comment lines begin with a number sign (#) and end with a new
line. The backslash (\) is used as a continuation character to
continue a line on to the next line on the screen. Blank lines
are ignored. All login IDs used by remote systems must appear
in one and only one LOGNAME entry. If you do not want to grant
permissions to each system by name, the entry MACHINE=OTHER will
assign permissions to any system not mentioned by name. You can
combine MACHINE and LOGNAME entries into a single entry if the
options are the same.
EXAMPLES
The following example allows remote system buck to log in with login ID
Luucp1. The VALIDATE option means that the login ID uucp1 can only be
used by remote system buck. The REQUEST option means that remote sys‐
tem buck can request files to be transferred from the local system.
The SENDFILES option means that any requests queued on the local system
for work on the remote system will be sent to the remote system during
the current session if allowed by remote system buck. The READ and
WRITE options mean that remote system can read and write from and to
any directory that has proper permissions.
LOGNAME=uucp1 REQUEST=yes SENDFILES=yes \ VALIDATE=buck READ=/ WRITE=/
MACHINE=buck \ REQUEST=yes COMMANDS=ALL READ=/ WRITE=/ The following
example has all the default values of the options, which are as fol‐
lows: REQUEST=no, SENDFILES=call READ and WRITE=/usr/spool/uucppublic
COMMANDS=rmail CALLBACK=no
The remote system cannot ask to receive any queued files con‐
taining work that users on the local system have requested to be
executed on the remote system. The local system cannot send
queued work to the remote system when that system has completed
its current operations. Instead, the queued work can be sent
only when the local system contacts the remote system. The
remote system can send (write) files to and transfer (read)
files from only the uucp public directory (/usr/spool/uucppub‐
lic/system_name) on the local system. Users on the remote sys‐
tem can execute only the default command (rmail) on the local
system.
LOGNAME=uucp2 MACHINE=buck:bigguy The following example is simi‐
lar to the first. However, this entry allows the remote users of
systems waldo and buck to execute only the rmail and
/usr/lbin/rnews commands:
LOGNAME=uucp3 VALIDATE=waldo:buck REQUEST=yes \ SENDFILES=yes
READ=/ WRITE=/ \ MACHINE=waldo:buck REQUEST=yes \ COM‐
MANDS=rmail:/usr/lbin/rnews READ=/ WRITE=\ The following example
specifies that all remote systems using the uucp4 login ID that
are not included in existing MACHINE entries can execute the
rmail (mail) and /usr/bin/lint commands on the local system:
LOGNAME=uucp4 MACHINE=OTHER COMMANDS=rmail:/usr/bin/lint The
following example shows how the MACHINE and LOGNAME entry can be
combined into one entry. The remote host is darla. The remote
system darla should use the login ID xuucp to log in to local
system. The rest of the options have the same meaning as
explained in the first example.
MACHINE=darla LOGNAME=xuucp READ=/ WRITE=/ \ REQUEST=yes SEND‐
FILES=yes
FILES
Contains all the configuration files for the UNIX-to-UNIX Copy Program
(UUCP), including the Devices file. Describes accessible remote sys‐
tems.
RELATED INFORMATION
Files: Systems(4) delim off
Permissions(4)