doc/manual.docbook
changeset 147 b29a7088b132
parent 146 04e74d4b3822
child 148 5da43b596bac
--- a/doc/manual.docbook	Thu Oct 15 10:35:31 2009 +0100
+++ b/doc/manual.docbook	Thu Oct 15 10:38:13 2009 +0100
@@ -181,19 +181,6 @@
 </listitem>
 </itemizedlist>
 <para>
-When considering a request, mercurial-server steps through all the rules in <filename>/etc/mercurial-server/access.conf</filename> and then all the rules in <filename>access.conf</filename> in <literal>hgadmin</literal> looking for a rule which matches on every condition.  If it does not find such a rule, it denies the request; otherwise it checks whether the rule grants sufficient privilege to allow it.
-</para>
-<para>
-By default, <filename>/etc/mercurial-server/access.conf</filename> has the following rules:
-</para>
-<programlisting>init user=root/**
-deny repo=hgadmin
-write user=users/**
-</programlisting>
-<para>
-These rules ensure that root users can do any operation on any repository, that no other users can access the <literal>hgadmin</literal> repository, and that those with keys in <filename class='directory'>keys/users</filename> can read or write to any repository but not create repositories.
-</para>
-<para>
 A condition is a globpattern matched against a relative path. The two most
 important conditions are
 </para>
@@ -210,6 +197,19 @@
 want. More precisely, "*" matches zero or more characters not including "/"
 while "**" matches zero or more characters including "/".
 </para>
+<para>
+When considering a request, mercurial-server steps through all the rules in <filename>/etc/mercurial-server/access.conf</filename> and then all the rules in <filename>access.conf</filename> in <literal>hgadmin</literal> looking for a rule which matches on every condition.  If it does not find such a rule, it denies the request; otherwise it checks whether the rule grants sufficient privilege to allow it.
+</para>
+<para>
+By default, <filename>/etc/mercurial-server/access.conf</filename> has the following rules:
+</para>
+<programlisting>init user=root/**
+deny repo=hgadmin
+write user=users/**
+</programlisting>
+<para>
+These rules ensure that root users can do any operation on any repository, that no other users can access the <literal>hgadmin</literal> repository, and that those with keys in <filename class='directory'>keys/users</filename> can read or write to any repository but not create repositories.
+</para>
 </section>
 <section>
 <title>/etc/mercurial-server and hgadmin</title>