Hi Pierrick,
On Friday 03 September 2010 12:59:42 Pierrick Hanlet wrote:
> In the access security file, can one use ip addresses instead of names for
> the hosts? If so, can one use wildcards. In my example, I want to have
> give an entire subnet READ access, so I want to have
>
> HAG(hag) {123.45.678.*}
>
> I couldn't find the answer in chapter 8 of the Application Developer's
> Guide.
When parsing the access security file, all host-names get converted to lower-
case and then added as a key to a hash table, to make it very efficient to
look up the HAG from the host-name whenever a new CA client connects to the
IOC at runtime. The client host-name that it looks up is provided by the CA
client machine, I think it's usually the same as the output from 'uname -n' or
'hostname' run on the client machine. The name does get lower-cased before
the hash lookup, but that's the only flexibility you have with the name
matching â if the client's host-name is domain-qualified, your access security
file must include the domain in the name too.
This means that you can add lots of host-names to your HAGs without slowing
the IOC down, but you can't use IP addresses or any kind of wild-card in the
access security file. I have clarified this for the next release of the
AppDevGuide.
There is a make rule in the EPICS build system that allows you to
- Andrew
--
The best FOSS code is written to be read by other humans -- Harald Welte
- References:
- access security file Pierrick Hanlet
- Navigate by Date:
- Prev:
access security file Pierrick Hanlet
- Next:
Re: access security file Andrew Johnson
- Index:
1994
1995
1996
1997
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
<2010>
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
- Navigate by Thread:
- Prev:
access security file Pierrick Hanlet
- Next:
Re: access security file Andrew Johnson
- Index:
1994
1995
1996
1997
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
<2010>
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
|