Readers.conf: help needed (was: my distaste for readers.conf grows)
Aidan Cully
aidan at panix.com
Mon Apr 10 15:23:10 UTC 2000
On Mon, Apr 10, 2000 at 01:20:09AM, Russ Allbery said:
> Elena Samsonova <E.Samsonova at planetinternet.nl> writes:
>
> > 1) IP authentication: allow unlimited access to the server for anyone
> > coming from 123.45.67/19.
>
> > 2) If the person did not come through 1), then have him send you his
> > user name and password which you can then catch with another program
> > (i.e. authenticate against Radius or LDAP).
>
> Aidan, could you check me on this? I'm pretty sure that the following
> will do it:
It looks like it.
You might also be able to get away with getting rid of the
'default: <FAIL>' line in the 'remote' section, and not providing an
'access fail' block. I think Panix took that approach...
--aidan
> auth local {
> hosts: 123.45.67.0/19
> default: <LOCAL>
> }
>
> auth remote {
> auth: "ckpasswd -f /path/to/username/passwd/database"
> default: <FAIL>
> }
>
> access full {
> users: "*, !<FAIL>"
> newsgroups: *
> }
>
> access fail {
> users: <FAIL>
> newsgroups: !*
> }
--
Aidan Cully "She's a diamond that wants to stay coal..."
Not Panix Staff -- Tom Waits
aidan at panix.com
More information about the inn-workers
mailing list