mods to readers.conf?

Russ Allbery rra at stanford.edu
Mon Apr 10 09:48:00 UTC 2000


Keith Lewis <keithl at mukluk.cc.monash.edu.au> writes:

> I'm needing pointers and a reality check here.

> What I would like to do is to combine our Collabra news server into our
> INN setup.

> The problem is that various managers have become attached to their ACLs
> that are stored in the LDAP server.

> I would like to add that functionality to INN.  

> Is this a sane thing to do?

Yes, definitely, if you're comfortable doing some programming.  I'd very
much like to see this, and it was in the original plan for readers.conf
that authenticators could return additional information like this.  The
problem is that at this point, that code is all rather ugly and badly
needs to be rewritten.

> For some time now I've been using a perl script called from an `auth'
> realm in readers.conf to determine if a user is valid.  (By binding to
> LDAP with their authinfo usercode and password).  This seems to be good.

> So I was wondering if it would be a worthwhile project to make it
> possible to call out from an `access' realm to an external program?
> Which would presumably return two strings: post and read.  i.e. a list
> of groups for which this user may post and a list of groups this user
> may read.

This sounds to me like a reasonable start.  Note that any comprehensive
changes to perm.c may end up needing rewriting down the road along with
the rest of the parsing structure, but I'm not sure when that will
happen.

-- 
Russ Allbery (rra at stanford.edu)             <http://www.eyrie.org/~eagle/>



More information about the inn-workers mailing list