Dico |
|
GNU Dictionary Server |
Sergey Poznyakoff |
4.3.12.1 Database Visibility
A property called database visibility is associated with each
dictionary database. It determines whether the database appears in
the output of SHOW DB
command, and takes part in dictionary
searches.
By default, all databases are defined as publicly visible. You can hide a database permanently by using the ‘visible no’ statement in its definition. You can also limit its visibility on global as well as on per-directory basis. This can be achieved using visibility ACLs.
In general, the visibility of a database is controlled by two access control lists: a global visibility ACL and a database visibility ACL. The latter takes precedence over the former.
Both ACLs are defined using the visibility-acl
statement:
- Configuration: visibility-acl acl-name
Sets name of the ACL that controls the database visibility. When used in global scope, this statement sets the global visibility ACL. If used within a
database
block, it sets the visibility ACL for that particular database.
Consider the following example:
acl glob-vis { allow authenticated; deny all; } acl local-nets { allow from (192.168.10.0/24, /tmp/dicod.sock); } visibility-acl glob-vis; database { name "terms"; visibility-acl local-nets; }
In this configuration, the ‘terms’ database is visible to everybody coming from the ‘192.168.10.0/24’ network and from the UNIX socket /tmp/dicod.sock, without authorization. It is not visible to users coming from elsewhere, unless they authenticate themselves.
This document was generated on September 4, 2020 using makeinfo.
Verbatim copying and distribution of this entire article is permitted in any medium, provided this notice is preserved.