INN commit: trunk/doc/pod (readers.conf.pod)
INN Commit
Russ_Allbery at isc.org
Mon Nov 10 22:35:34 UTC 2008
Date: Monday, November 10, 2008 @ 14:35:33
Author: eagle
Revision: 8155
Add another readers.conf example, this one showing a hierarchy that's
restricted to authenticated users.
Modified:
trunk/doc/pod/readers.conf.pod
------------------+
readers.conf.pod | 27 +++++++++++++++++++++++++++
1 file changed, 27 insertions(+)
Modified: readers.conf.pod
===================================================================
--- readers.conf.pod 2008-11-10 21:47:24 UTC (rev 8154)
+++ readers.conf.pod 2008-11-10 22:35:33 UTC (rev 8155)
@@ -657,6 +657,33 @@
provided the newsgroups: lines differ; the access group with no users:
line needs to be first, with the "users: <LOCAL>" group after.
+Here's an example of another common case: a server that only allows
+connections from a local domain and has an additional hierarchy that's
+password-restricted.
+
+ auth "example.com" {
+ hosts: "*.example.com"
+ auth: "ckpasswd -d <pathdb in inn.conf>/newsusers"
+ default: "anonymous"
+ }
+
+ access regular {
+ newsgroups: "*,!example.restricted.*"
+ }
+
+ access full {
+ users: "*,!anonymous"
+ newsgroups: *
+ }
+
+In this example, unauthenticated users get the identity C<anonymous>,
+which matches only the first access group and hence doesn't get access
+to the example.restricted.* hierarchy. Anyone who authenticates using
+a password in the F<newsusers> file gets full access to all groups.
+However, note that the only authentication block is limited to hostnames
+in the example.com domain; connections outside of that domain will never
+be allowed access or an opportunity to authenticate.
+
Here's a very complicated example. This is for an organization that has
an internal hierarchy "example.*" only available to local shell users, who
are on machines where identd can be trusted. Dialup users must provide a
More information about the inn-committers
mailing list