diff --git a/INSTALL b/INSTALL index 151c781..4652a2a 100644 --- a/INSTALL +++ b/INSTALL @@ -146,10 +146,10 @@ OVERVIEW: Direct links to a specifc domain use the following format: http://BASE_URL/ezmlm-web?domain=foo - Note that since version 3.3 webusers file has to explictly let users create - and manage lists. If you are relying on the user beeing able to create lists - if no webusers file exists, then you will have to explicitly create one with - the appropiate permissions. + Note that since version 3.3 webusers file has to explicitly allow certain + users to create and manage lists. If you are relying on the user beeing able + to create lists if no webusers file exists, then you will have to explicitly + create one with the appropiate permissions. 7. Copy the stylesheet files (/usr/local/share/ezmlm-web/www-data/*.css) to a location of your choice. It has to be accessible by an URL - maybe diff --git a/README b/README index ca9972e..31bae93 100644 --- a/README +++ b/README @@ -91,9 +91,8 @@ You can download clearsilver (a templating engine) from http://clearsilver.net. III. Multi-Level Access ======================= Ezmlm-web has a multi-level access system. This depends on a file called -webusers being present in $LIST_DIR. If the file is not present, then ANY -valid user has access to all lists. If, however, this file exists a number -of constraints come into place. +webusers being present in $LIST_DIR. If the file is not present, then NO +user has access to any list. In other words: this file is mandatory. - The webusers file is scanned for either the list name (case insensitive) or an ALL (case sensitive) entry. @@ -108,9 +107,9 @@ through the web interface, as this depends on your authentication system. The format of a webusers file is as follows: -list1: user1 user2 user3 -ALL: user1 user2 -list2: ALL + list1: user1 user2 user3 + ALL: user1 user2 + list2: ALL Once this file exists, the ezmlm-web script will allow the list users to configure their access lists along with any other options. @@ -118,7 +117,7 @@ configure their access lists along with any other options. You can permit some users to create lists by adding a line similar to the following to your webusers file: -ALLOW_CREATE: user2 user3 + ALLOW_CREATE: user2 user3 If there is no line starting with "ALLOW_CREATE:" in the webusers file, then no one will be allowed to create lists. This behaviour is new for ezmlm-web @@ -130,6 +129,12 @@ the same effect in a cleaner way. You find the details of the format of webusers (5) file in the respective manpage. +If you just want to have the most simply (and most dangerous) access settings, +then you could just use the following as a starter: + + ALL: ALL + ALLOW_CREATE: ALL + IV. Multilingual interface ========================== diff --git a/man/webusers.5 b/man/webusers.5 index 4561c06..31bc8ad 100644 --- a/man/webusers.5 +++ b/man/webusers.5 @@ -1,4 +1,4 @@ -.TH webusers 5 "April 02007" "ezmlm-web" "access configuration file" +.TH webusers 5 "January 02010" "ezmlm-web" "access configuration file" .SH NAME webusers \- define the access permissions for a directory of lists .SH DESCRIPTION @@ -6,12 +6,15 @@ webusers \- define the access permissions for a directory of lists \fBwebusers\fR contains the access definitions for the lists below a certain directory. .PP -This file is optional. The actions of users are unrestricted, if the -\fBwebusers\fR file does not exist. Be careful when using this setting. +This file is required for every installation. Otherwise no lists are available. +This behaviour was introduced in ezmlm-web v3.3. .PP -A webusers file is only useful if you can request some kind of authentication +A webusers file is most useful if you can request some kind of authentication from the user. Usually this should be done via http-authentication. See the INSTALL file for more details. +.PP +Below you find an example of a \fBwebusers\fR file, that grants full access to +everyone. Be careful when using this setup. .SH LOCATION By default the \fBwebusers\fR file is located in the same directory as the mailing lists. This can be adjusted with the setting \fIWEBUSERS_FILE\fR in @@ -19,7 +22,6 @@ the configuration file ezmlmwebrc (5). Read its manpage for details. .SH FILE FORMAT .IP "The file consists of lines of the following form:" .sp -.nf LISTNAME: USER1 USER2 .PP Empty lines and lines starting with a '#' are ignored. The same goes for @@ -44,17 +46,24 @@ users: arb members: ALL ALL: root ALLOW_CREATE: root guy +.fi +.IP "A simple setup without restrictions (dangerous!):" +.sp +.nf +ALL: ALL +ALLOW_CREATE: ALL +.fi .PP In the example above, the users \fIroot\fR and \fIguy\fR are allowed to create new lists. .PP -Every authenticated user may configure the list \fImembers\fR. +Everyone may configure the list \fImembers\fR. .PP -The user \fIroot\fR can manage all mailing lists. +The user \fIroot\fR can manage and create every mailing list. .SH AUTHOR Written by Lars Kruse .SH "REPORTING BUGS" Report bugs to .SH COPYRIGHT -Copyright \(co 02007 Lars Kruse +Copyright \(co 02010 Lars Kruse