diff options
| author | Daniel Salzman <daniel.salzman@nic.cz> | 2023-12-08 09:14:44 +0100 |
|---|---|---|
| committer | Daniel Salzman <daniel.salzman@nic.cz> | 2023-12-08 09:29:33 +0100 |
| commit | e4e2b2503f76a8737996d6cae4d75c2a9387bab3 (patch) | |
| tree | 481c545bdae477c58305d03ff6eafe8adc1f8b06 /doc | |
| parent | quic: add check to avoid possible NULL dereference (diff) | |
| download | knot-e4e2b2503f76a8737996d6cae4d75c2a9387bab3.tar.xz knot-e4e2b2503f76a8737996d6cae4d75c2a9387bab3.zip | |
acl: extend 'update-owner-match' with a 'pattern' mode
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/man/knot.conf.5in | 7 | ||||
| -rw-r--r-- | doc/reference.rst | 6 |
2 files changed, 11 insertions, 2 deletions
diff --git a/doc/man/knot.conf.5in b/doc/man/knot.conf.5in index 3ba37e419..5490c3205 100644 --- a/doc/man/knot.conf.5in +++ b/doc/man/knot.conf.5in @@ -1398,7 +1398,7 @@ acl: deny: BOOL update\-type: STR ... update\-owner: key | zone | name - update\-owner\-match: sub\-or\-equal | equal | sub + update\-owner\-match: sub\-or\-equal | equal | sub | pattern update\-owner\-name: STR ... .ft P .fi @@ -1515,6 +1515,11 @@ name set by \fI\%update\-owner\fP\&. .IP \(bu 2 \fBsub\fP — The owner of each updated RR must be a subdomain of, but MUST NOT be equal to at least one domain name set by \fI\%update\-owner\fP\&. +.IP \(bu 2 +\fBpattern\fP — The owner of each updated RR must match a pattern specified by +\fI\%update\-owner\fP\&. The pattern can be an arbitrary FQDN or non\-FQDN +domain name. If a label consists of one \fB*\fP (asterisk) character, it +matches any label. More asterisk labels can be specified. .UNINDENT .sp \fIDefault:\fP \fBsub\-or\-equal\fP diff --git a/doc/reference.rst b/doc/reference.rst index b4aaca427..b8b30c191 100644 --- a/doc/reference.rst +++ b/doc/reference.rst @@ -1525,7 +1525,7 @@ and dynamic DNS update) which are allowed to be processed or denied. deny: BOOL update-type: STR ... update-owner: key | zone | name - update-owner-match: sub-or-equal | equal | sub + update-owner-match: sub-or-equal | equal | sub | pattern update-owner-name: STR ... .. _acl_id: @@ -1662,6 +1662,10 @@ Possible values: name set by :ref:`acl_update-owner`. - ``sub`` — The owner of each updated RR must be a subdomain of, but MUST NOT be equal to at least one domain name set by :ref:`acl_update-owner`. +- ``pattern`` — The owner of each updated RR must match a pattern specified by + :ref:`acl_update-owner`. The pattern can be an arbitrary FQDN or non-FQDN + domain name. If a label consists of one ``*`` (asterisk) character, it + matches any label. More asterisk labels can be specified. *Default:* ``sub-or-equal`` |