Provided by: hylafax-server_6.0.7-3.1_amd64 bug


       hosts.hfaxd - HylaFAX client access control list


       The  ASCII file etc/hosts.hfaxd in the HylaFAX spooling area specifies the hosts and users
       that are permitted to access services through the hfaxd(8) process.  This file must  exist
       for  client  access;  if  it is not present then hfaxd will deny all requests for service.
       Note also that this file must be readable only by the ``fax'' user; i.e.  it  should  have
       mode 600 and be owned by ``fax''.

       Each newline-terminated entry is a set of colon (:) separated fields, all but the first of
       which are optional.  Trailing null fields and their separators may be omitted.   The  most
       general form is:


       client is a regular expression to be matched against a string ``user@host'' that is formed
       from the user string passed to hfaxd with the USER command and the official host  name  or
       the  DARPA Internet address, specified in ``dot notation''.  If client does not contain an
       ``@'' then, for backwards compatibility, it is treated as a host for which  any  user  may
       have access; i.e. it is automatically converted to the regular expression ``^.*@client$''.

       Comments  are  introduced with the ``#'' character and extend to the end of the line.  Any
       whitespace immediately preceding a comment is also ignored.

       If client has a leading ``!'', then it is interpreted as a class of  hosts  and  users  to
       which access is to be disallowed.  That is, if the pattern matches the client information,
       then access is denied.

       Note that regular expressions are not anchored.  That is, a regular expression may match a
       substring   of   the   ``user@host''   string.    Thus   `pb@.*\.cl\.cam\.ac\.uk'  matches
       `'.  Use ``^'' to match the start of the string  and  ``$''
       to match the end.

       Fields following client are optional and specify the following:

       uid       The numerical user ID to assign to clients that use the entry for access.  hfaxd
                 uses the uid to control access to server resources such as  jobs  and  documents
                 (the value is used to set the group ID of files created by a client).

                 Multiple  clients/users  may share the same uid or unique IDs may be created for
                 each client.  User IDs may be any number in  the  range  [0..60002]  with  60002
                 used, by convention, for entries that do not have a uid specified.

       passwd    The  encrypted password.  If this field is empty (null) then no password will be
                 demanded when a client logs in; i.e. the  USER  command  does  not  need  to  be
                 followed by a PASS command.

       adminwd   The encrypted password for this user to gain administrative privileges.  If this
                 field is empty (null) then the user is  not  permitted  to  have  administrative


       The  following  is  a  sample hosts.hfaxd file.  Note that the first entry that matches is
       taken, so more-specific entries should be placed first.
                                     # pb on a machine directly in can
                                     # administer if an admin pw is given
                  # anyone on local host uses the default uid
              ^sam@flake.*sgi\.com$  # Sam on his work machine
              ^sam@oxford.*Berkeley.*# Sam on any machine starting oxford and containing
                                     # Berkeley, e.g.
              ^.*@.*.\.esd\.         # anyone in an esd domain
              !^tom@                 # Tom Davis is denied access
              .*\.sgi\.com$          # but anyone else at sgi is ok


       sendfax(1), hfaxd(8), hylafax-server(5)

                                         January 18, 1996                          HOSTS.HFAXD(5)