[ < ] [ > ]   [ << ] [ Up ] [ >> ]         [Top] [Contents] [Index] [ ? ]

4. Configuration

The behavior of GNU Anubis is controlled by two configuration files. The system configuration file, ‘/etc/anubisrc’, specifies system-wide options that affect all users. This file is usually owned by root. The user configuration file specifies what GNU Anubis should do for a particular user. By default it is located in ‘~/.anubisrc’. This location can be changed in auth mode. To protect your passwords in the configuration files, use the 0600 (u=rw,g=,o=) permissions, otherwise GNU Anubis won't accept them.

Lexical Structure

Both configuration files use simple line-oriented syntax. Each line introduces a single statement. A statement consists of words, each word being defined as a contiguous sequence of non-whitespace symbols. A word may be composed of alphanumeric characters and any of the following punctuation symbols: ‘_’, ‘.’, ‘/’, ‘-’. Any arbitrary sequence of characters enclosed in a pair of double quotes is also recognized as a word. Such a sequence is called quoted string.

Quoted strings follow the same syntax rules as in C language. A backslash character ‘\’ alters the meaning of the character following it. This special construct is called escape sequence. When processing an escape sequence, Anubis removes it from the string and replaces it with a single character as described in the following table:

\a

Audible bell character (ASCII 7)

\b

Backspace (ASCII 8)(5)

\e

Escape character (ASCII 27)

\f

Form feed (ASCII 12)

\n

Newline (ASCII 10)

\r

Carriage return (ASCII 13)

\t

Horizontal tab (ASCII 9)

\d

(where ‘d’ represents a single decimal digit) Reproduced verbatim.

A backslash followed by any character not listed above is replaced by the character alone. This can be used for inserting ‘"’ character within a string, as in the example below:

 
"This string contains \"quoted string\"."

Similarly, backslash followed by a newline is replaced by the newline itself. Thus, the following two strings are equivalent:

 
"This string is split\nover two lines"

"This string is split\
over two lines"

The familiar shell here document syntax may be used to produce a word containing several lines of text. The syntax is:

 
<<[-]delimiter
    text
delimiter

If “here document” starts with ‘<<-’, then all leading tab characters are stripped from input lines and the line containing delimiter. This allows to indent here-document in a natural fashion.

To summarize all the above, let's consider the example:

 
first-word "second word" <<-EOT
                            Third word
                            containing several
                            lines of text
                            EOT

This line contains three words: ‘first-word’, ‘second word’ and the third one composed of the three lines between the ‘EOT’ markers.

If a statement is very long, it may be split among several lines of text. To do so, precede the newline characters with a backslash ‘\’, e.g.:

 
a very long statement\
  occupying several lines\
  of text
 

A ‘#’ in a line starts a comment. It and the rest of the line are ignored. Comments may appear on any of the lines in the configuration file, except on a commands and within a “here-document” construction. A line containing just a comment (with perhaps spaces before it) is effectively blank, and is ignored. For example:

 
# This is a comment
if header[Subject] :re "No.*"  # This is also a comment
  guile-process action-name This # is not a comment!!!
fi

Logical Structure

The statements within a configuration file are grouped into sections. Each section has its name. A section begins with one of the following constructs:

 
BEGIN name
---BEGIN name---

and ends with one of the following constructs:

 
END
---END---

Notice, that both ‘BEGIN’ and ‘END’ must be uppercase. When using the second form, any amount of whitespace is allowed between the three dashes and the word.

The sections cannot be nested.

There are five predefined sections, whose names are uppercase. The user may define his own sections, which may then be referred to from the RULE section as subroutines (see section Call Action).

The predefined section names are:

AUTH

Controls authentication mechanisms.

CONTROL

This section specifies the basic GNU Anubis behavior. Its presence is required in the system configuration file. It may be used in the user configuration file to override the system-wide settings.

TRANSLATION

This section specifies a translation map for remapping remote or local users. It may be used only in the system-wide configuration file.

GUILE

Contains the settings of the Guile interpreter. The section is allowed in both configuration files.

RULE

Defines the rules that are used to alter the contents of the messages (conditional and unconditional rules).


[ < ] [ > ]   [ << ] [ Up ] [ >> ]         [Top] [Contents] [Index] [ ? ]

This document was generated by Sergey Poznyakoff on December, 20 2008 using texi2html 1.78.