Package: libwrap0
Version: 7.6.q-35
Severity: minor
Tags: patch
* What led up to the situation?
Checking for defects with a new version
test-[g|n]roff -mandoc -t -K utf8 -rF0 -rHY=0 -rCHECKSTYLE=10 -ww -z < "man
page"
[Use "groff -e ' $' -e '\\~$' <file>" to find obvious trailing spaces.]
["test-groff" is a script in the repository for "groff"; is not shipped]
(local copy and "troff" slightly changed by me).
[The fate of "test-nroff" was decided in groff bug #55941.]
* What was the outcome of this action?
Output from "test-groff -mandoc -t -K utf8 -rF0 -rHY=0 -rCHECKSTYLE=10 -ww -z
":
an.tmac:<stdin>:1: style: .TH missing third argument; consider document
modification date in ISO 8601 format (YYYY-MM-DD)
an.tmac:<stdin>:1: style: .TH missing fourth argument; consider package/project
name and version (e.g., "groff 1.23.0")
troff:<stdin>:130: warning: trailing space in the line
troff:<stdin>:155: warning: trailing space in the line
troff:<stdin>:185: warning: trailing space in the line
* What outcome did you expect instead?
No output (no warnings).
-.-
General remarks and further material, if a diff-file exist, are in the
attachments.
-- System Information:
Debian Release: trixie/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 6.12.12-amd64 (SMP w/2 CPU threads; PREEMPT)
Locale: LANG=is_IS.iso88591, LC_CTYPE=is_IS.iso88591 (charmap=ISO-8859-1),
LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: sysvinit (via /sbin/init)
Versions of packages libwrap0 depends on:
ii libc6 2.40-6
libwrap0 recommends no packages.
libwrap0 suggests no packages.
-- no debconf information
Input file is hosts_options.5
Output from "mandoc -T lint hosts_options.5": (shortened list)
1 missing date, using "": TH
2 whitespace at end of input line
-.-.
Output from "test-groff -mandoc -t -ww -z hosts_options.5": (shortened list)
3 trailing space in the line
-.-.
Remove space characters (whitespace) at the end of lines.
Use "git apply ... --whitespace=fix" to fix extra space issues, or use
global configuration "core.whitespace".
Number of lines affected is
3
-.-.
Change a HYPHEN-MINUS (code 0x2D) to a minus(-dash) (\-),
if it
is in front of a name for an option,
is a symbol for standard input,
is a single character used to indicate an option,
or is in the NAME section (man-pages(7)).
N.B. - (0x2D), processed as a UTF-8 file, is changed to a hyphen
(0x2010, groff \[u2010] or \[hy]) in the output.
81:spawn (/usr/sbin/safe_finger -l @%h | /usr/bin/mail root) &
85:-l @%h | mail root" after replacing %h by the name or address of the
-.-.
Wrong distance between sentences in the input file.
Separate the sentences and subordinate clauses; each begins on a new
line. See man-pages(7) ("Conventions for source file layout") and
"info groff" ("Input Conventions").
The best procedure is to always start a new sentence on a new line,
at least, if you are typing on a computer.
Remember coding: Only one command ("sentence") on each (logical) line.
E-mail: Easier to quote exactly the relevant lines.
Generally: Easier to edit the sentence.
Patches: Less unaffected text.
Search for two adjacent words is easier, when they belong to the same line,
and the same phrase.
The amount of space between sentences in the output can then be
controlled with the ".ss" request.
Mark a final abbreviation point as such by suffixing it with "\&".
Some sentences (etc.) do not begin on a new line.
The number of lines affected can be too large to be in a patch.
17:An option is of the form "keyword" or "keyword value". Options are
18:processed in the specified order. Some options are subjected to
19:%<letter> substitutions. For the sake of backwards compatibility with
24:Change the severity level at which the event will be logged. Facility
26:with older syslog implementations. The severity option can be used
31:Grant (deny) service. These options must appear at the end of a rule.
60:conversation with the client host. Example:
77:conversation with the client host. Example:
90:server. The "safe_finger" command is part of the daemon wrapper
97:the client process. This option must appear at the end of a rule.
104:in.ftpd : ... : twist /bin/echo 421 Some bounce message
115:in.telnetd : ... : twist PATH=/some/other; exec in.telnetd
124:connection is considered broken when the client does not respond. The
136:RFC 931 (IDENT, etc.) -compliant daemon, and may cause noticeable
138:optional. If no timeout is specified a compile-time defined default
144:contents to the client. Newline characters are replaced by
157:Place a (name, value) pair into the process environment. The value is
164:Like the umask command that is built into the shell. An umask of 022
170:"kmem"). The first form is useful with inetd implementations that run
171:all services with root privilege. The second form is useful for
185:Den Dolech 2, P.O. Box 513,
-.-.
The name of a man page is typeset in bold and the section in roman
(see man-pages(7)).
6:in the hosts_access(5) document.
13:The first two fields are described in the hosts_access(5) manual page.
57:performing the %<letter> expansions described in the hosts_access(5)
74:performing the %<letter> expansions described in the hosts_access(5)
96:hosts_access(5) manual page. Stdin, stdout and stderr are connected to
119:the standard I/O or the read(2)/write(2) routines to communicate with
146:the hosts_access(5) manual page).
178:hosts_access(5), the default access control language
-.-.
Remove quotes when there is a printable
but no space character between them
and the quotes are not for emphasis (markup),
for example as an argument to a macro.
29:.IP "allow"
30:.IP "deny"
122:.IP "keepalive"
-.-.
Output from "test-groff -mandoc -t -K utf8 -rF0 -rHY=0 -rCHECKSTYLE=10 -ww -z
":
an.tmac:<stdin>:1: style: .TH missing third argument; consider document
modification date in ISO 8601 format (YYYY-MM-DD)
an.tmac:<stdin>:1: style: .TH missing fourth argument; consider package/project
name and version (e.g., "groff 1.23.0")
troff:<stdin>:130: warning: trailing space in the line
troff:<stdin>:155: warning: trailing space in the line
troff:<stdin>:185: warning: trailing space in the line
-.-.
Additionally:
Added a '\&' after an abbreviation point.
Added a '.' in front of '\"' to eliminate an empty line in output.
--- hosts_options.5 2025-02-10 20:34:26.953628436 +0000
+++ hosts_options.5.new 2025-02-10 20:50:27.527771794 +0000
@@ -3,14 +3,18 @@
hosts_options \- host access control language extensions
.SH DESCRIPTION
This document describes extensions to the language described
-in the hosts_access(5) document.
+in the
+.BR hosts_access (5)
+document.
.PP
The extensible language uses the following format:
.sp
.ti +3
daemon_list : client_list : option : option ...
.PP
-The first two fields are described in the hosts_access(5) manual page.
+The first two fields are described in the
+.BR hosts_access (5)
+manual page.
The remainder of the rules is a list of zero or more options. Any ":"
characters within options should be protected with a backslash.
.PP
@@ -26,8 +30,8 @@ names (such as mail) are optional, and a
with older syslog implementations. The severity option can be used
to emphasize or to ignore specific events.
.SH ACCESS CONTROL
-.IP "allow"
-.IP "deny"
+.IP allow
+.IP deny
Grant (deny) service. These options must appear at the end of a rule.
.PP
The \fIallow\fR and \fIdeny\fR keywords make it possible to keep all
@@ -54,7 +58,8 @@ Notice the leading dot on the domain nam
.SH RUNNING OTHER COMMANDS
.IP "aclexec shell_command"
Execute, in a child process, the specified shell command, after
-performing the %<letter> expansions described in the hosts_access(5)
+performing the %<letter> expansions described in the
+.BR hosts_access (5)
manual page. The command is executed with stdin, stdout and stderr
connected to the null device, so that it won't mess up the
conversation with the client host. Example:
@@ -71,18 +76,19 @@ The connection will be allowed or refuse
command returns a true or false exit status.
.IP "spawn shell_command"
Execute, in a child process, the specified shell command, after
-performing the %<letter> expansions described in the hosts_access(5)
+performing the %<letter> expansions described in the
+.BR hosts_access (5)
manual page. The command is executed with stdin, stdout and stderr
connected to the null device, so that it won't mess up the
conversation with the client host. Example:
.sp
.nf
.ti +3
-spawn (/usr/sbin/safe_finger -l @%h | /usr/bin/mail root) &
+spawn (/usr/sbin/safe_finger \-l @%h | /usr/bin/mail root) &
.fi
.sp
executes, in a background child process, the shell command "safe_finger
--l @%h | mail root" after replacing %h by the name or address of the
+\-l @%h | mail root" after replacing %h by the name or address of the
remote host.
.sp
The example uses the "safe_finger" command instead of the regular
@@ -93,7 +99,8 @@ the data sent by the remote host.
.IP "twist shell_command"
Replace the current process by an instance of the specified shell
command, after performing the %<letter> expansions described in the
-hosts_access(5) manual page. Stdin, stdout and stderr are connected to
+.BR hosts_access (5)
+manual page. Stdin, stdout and stderr are connected to
the client process. This option must appear at the end of a rule.
.sp
To send a customized bounce message to the client instead of
@@ -116,10 +123,12 @@ in.telnetd : ... : twist PATH=/some/othe
.fi
.sp
Warning: in case of UDP services, do not twist to commands that use
-the standard I/O or the read(2)/write(2) routines to communicate with
+the standard I/O or the
+.BR read (2)/ write (2)
+routines to communicate with
the client process; UDP requires other I/O primitives.
.SH NETWORK OPTIONS
-.IP "keepalive"
+.IP keepalive
Causes the server to periodically send a message to the client. The
connection is considered broken when the client does not respond. The
keepalive option can be useful when users turn off their machine while
@@ -127,13 +136,13 @@ it is still connected to a server. The
for datagram (UDP) services.
.IP "linger number_of_seconds"
Specifies how long the kernel will try to deliver not-yet delivered
-data after the server process closes a connection.
+data after the server process closes a connection.
.SH USERNAME LOOKUP
.IP "rfc931 [ timeout_in_seconds ]"
Look up the client user name with the RFC 931 (TAP, IDENT, RFC 1413)
protocol. This option is silently ignored in case of services based on
transports other than TCP. It requires that the client system runs an
-RFC 931 (IDENT, etc.) -compliant daemon, and may cause noticeable
+RFC 931 (IDENT, etc.\&) -compliant daemon, and may cause noticeable
delays with connections from non-UNIX clients. The timeout period is
optional. If no timeout is specified a compile-time defined default
value is taken.
@@ -143,7 +152,9 @@ Look for a file in `/some/directory\' wi
process (for example in.telnetd for the telnet service), and copy its
contents to the client. Newline characters are replaced by
carriage-return newline, and %<letter> sequences are expanded (see
-the hosts_access(5) manual page).
+the
+.BR hosts_access (5)
+manual page).
.sp
The tcp wrappers source code distribution provides a sample makefile
(Banners.Makefile) for convenient banner maintenance.
@@ -152,7 +163,7 @@ Warning: banners are supported for conne
services only.
.IP "nice [ number ]"
Change the nice value of the process (default 10). Specify a positive
-value to spend more CPU resources on other processes.
+value to spend more CPU resources on other processes.
.IP "setenv name value"
Place a (name, value) pair into the process environment. The value is
subjected to %<letter> expansions and may contain whitespace (but
@@ -175,13 +186,14 @@ When a syntax error is found in an acces
is reported to the syslog daemon; further options will be ignored,
and service is denied.
.SH SEE ALSO
-hosts_access(5), the default access control language
+.BR hosts_access (5),
+the default access control language
.SH AUTHOR
.na
.nf
Wietse Venema ([email protected])
Department of Mathematics and Computing Science
Eindhoven University of Technology
-Den Dolech 2, P.O. Box 513,
+Den Dolech 2, P.O.\& Box 513,
5600 MB Eindhoven, The Netherlands
-\" @(#) hosts_options.5 1.10 94/12/28 17:42:28
+.\" @(#) hosts_options.5 1.10 94/12/28 17:42:28
Any program (person), that produces man pages, should check the output
for defects by using (both groff and nroff)
[gn]roff -mandoc -t -ww -b -z -K utf8 <man page>
The same goes for man pages that are used as an input.
For a style guide use
mandoc -T lint
-.-
Any "autogenerator" should check its products with the above mentioned
'groff', 'mandoc', and additionally with 'nroff ...'.
It should also check its input files for too long (> 80) lines.
This is just a simple quality control measure.
The "autogenerator" may have to be corrected to get a better man page,
the source file may, and any additional file may.
Common defects:
Not removing trailing spaces (in in- and output).
The reason for these trailing spaces should be found and eliminated.
Not beginning each input sentence on a new line.
Line length should thus be reduced.
The script "reportbug" uses 'quoted-printable' encoding when a line is
longer than 1024 characters in an 'ascii' file.
See man-pages(7), item "semantic newline".
-.-
The difference between the formatted output of the original and patched file
can be seen with:
nroff -mandoc <file1> > <out1>
nroff -mandoc <file2> > <out2>
diff -d -u <out1> <out2>
and for groff, using
\"printf '%s\n%s\n' '.kern 0' '.ss 12 0' | groff -mandoc -Z - \"
instead of 'nroff -mandoc'
Add the option '-t', if the file contains a table.
Read the output from 'diff -d -u ...' with 'less -R' or similar.
-.-.
If 'man' (man-db) is used to check the manual for warnings,
the following must be set:
The option \"-warnings=w\"
The environmental variable:
export MAN_KEEP_STDERR=yes (or any non-empty value)
or
(produce only warnings):
export MANROFFOPT=\"-ww -b -z\"
export MAN_KEEP_STDERR=yes (or any non-empty value)
-.-
