hostconfig (5)
NAME
hostconfig - GNU finger host configuration file
DESCRIPTION
The file hostconfig in the GNU finger directory (fingerdir) contains
information about various aspects of the setup of a collection of fin-
ger daemons. All information is organized as pairs of attribute key-
words and associated values, one per line:
keyword value
keyword is the first word of non-whitespace characters on the line,
whereas value is taken to be everything following, stripped of any
leading and trailing whitespace. Keyword matching is case-insensitive.
A pound sign (#) as the first non-whitespace character on the line
marks the text following as a comment that is ignored. Empty lines are
likewise ignored.
In cases where only one instance of an attribute value is meaningful
only the first one is significant.
ATTRIBUTES
The following are all the keywords currently used by the various pro-
grams in the GNU finger system, with their associated semantics.
server value is the name of a host where finger requests that
access global information (such as last logins) should be
forwarded to. This host should run a fingerd(8) daemon set
up to globally gather finger information. This attribute
has to be specified for proper operation of all finger pro-
grams.
lserver value is the name of host running a local finger daemon,
polling a subset of hosts and possibly being polled by oth-
ers as a gateway. This attribute is only required on the
host in question and if different from server.
smtphost The value is a hostname or IP address pointing to a mail
server machine running an SMTP server such as sendmail(8).
It is used by in.fingerd(8) to check mail aliases. (If a
user's username resolves to itself as per SMTP then it is
assumed that the user's local mailbox can be checked for
incoming messages.) An empty value field defaults to the
local host. A missing smtphost suppresses mail alias
lookup altogether.
domainname Overrides the local domain name that would be determined
otherwise. In the absence of this attribute, finger tries
to consult resolv.conf(5), gethostname(2) (if the hostname
appears to be fully qualified) or getdomainname(2), in that
order. The domain is used to normalize and/or strip local
hostnames.
localnet This attribute can be used repeatedly to specify prefixes
of IP numbers (e.g., 123.45.67.) that identify `local'
certain hosts. Hosts can be specified either as hostnames,
full IP numbers, domain suffixes (with a leading dot), or
IP number prefixes (with a trailing dot). Note that host-
names or IP number are not interchangeable; rather, IP num-
bers are used only if the peer's address cannot be resolved
to a hostname.
denyuser This attribute directs in.fingerd to deny connections from
certain users. The user is given by its login name on the
remote system. This feature is not reliable since it
relies on support for the RFC 931 identification protocol;
it may be useful to prevent access by certain information
gathering services like netfind(1).
authenticate
An attribute that specifies hosts or subdomains (in the
manner of denyhost) for which in.fingerd should attempt to
query the remote user name through the auth/ident protocol
implemented by identd(8). In particular, specifying the
attribute without a value enables remote user identifica-
tion for all connections.
longoutput An attribute that specifies hosts or subdomains (in the
manner of denyhost) for which in.fingerd should generate
``long'' output by default when indivdual users are fin-
gered. Long output typically includes information about
mail status, .project and .plan files, etc.
logconnect This attribute directs in.fingerd to log connections from
certain hosts, along with the input lines given to the fin-
ger daemon. Hosts are specified as for denyhost.
allowindirect
This attribute tells in.fingerd that a certain host or
domain is allowed to perform `indirect' fingering through
the local host, using multiple `@' characters in the finger
target. This allows the local host to be a stepping stone
for connections from other hosts to third party hosts, and
maybe used to circumvent access restrictions. The rules
for hostname specification are as for denyhost; specifying
"localnet" tells finger to allow indirect fingering for all
`local' connections (as per localnet).
acctfile The value is the name of a file from which finger tries to
glean the name of the last command run by a user. By
default this is the standard system accounting file, unless
the functionality has been disabled entirely at compile
time. An empty value disables accounting file lookups.
printwidths This sets a global default for the -widths option to fin-
ger(1). The value of this attribute must conform to the
same syntax as the option argument.
defaultlocal, defaultremote
Specifies a default target (special finger or user name) to
use if none was passed by the finger client, for local and
remote connections, respectively. This defaults to .all in
client value specifies a client host for polling by fingerd(8).
The specification may take on several forms.
hostname The named host is polled for its local
logins.
IP-address The host with the given IP address is polled
for its local logins.
:local The finger daemon polls the local host
internally (without establishing a connec-
tion with in.cfingerd).
:local host The finger daemon polls the specified host's
login records internally through the file
system. (This is currently only supported
in HP-UX clustered environments.) host can
be either a hostname or an IP address.
:gateway host The host is assumed to be running another
finger daemon and polled for all login
records in that daemon's database. This
allows a hierarchical (or mutual) multi-
level polling scheme to be set up (cf. the
lserver attibute above). host can be either
a hostname of IP address.
:alias alias host
The host (either hostname or IP address) is
polled, but packets returned from it are
assumed to contain the name alias. This is
useful if a client is accessed under a sec-
ondary name or address. Not using this fea-
ture in such a case is not critical, however
old finger packets will not be removed when
the host is down.
Attributes that perform hostname or IP number matching also allow
entries to be `negated.' An entry starting with a `!' is matched as
usual (without the leading character) and produces a negative result if
successful, thus preventing following entries from matching. For exam-
ple
logconnect !.Berkeley.EDU
logconnect
would log all connections from outside the Berkeley.EDU domain.
FILES
/usr/ccrma/share/finger/hostconfig
SEE ALSO
finger(1), fingerd(8), cfingerd(8), identd(8).
$Date: 1999/03/29 06:06:00 $ hostconfig(5)