INN commit: trunk (4 files)
INN Commit
rra at isc.org
Wed May 14 17:52:15 UTC 2014
Date: Wednesday, May 14, 2014 @ 10:52:14
Author: iulius
Revision: 9631
Document already existing res blocks functionality in readers.conf
* Document res blocks, their log: and program: keywords, and the include
directive in readers.conf man page.
* Recognize res blocks and their keywords in inncheck.
* Do not consider as errors in daily reports the lines logged in
news.notice by the log: keyword in readers.conf.
* Also teach other known lines to innreport (especially the use of
"ctlinnd xexec" and normal rejection of nnrpd connections during
news.daily operations).
* Typo in readers.conf man page (access instead of auth).
Modified:
trunk/doc/pod/news.pod
trunk/doc/pod/readers.conf.pod
trunk/scripts/inncheck.in
trunk/scripts/innreport_inn.pm
--------------------------+
doc/pod/news.pod | 10 +++++++++-
doc/pod/readers.conf.pod | 40 +++++++++++++++++++++++++++++++++++++++-
scripts/inncheck.in | 10 ++++++++--
scripts/innreport_inn.pm | 8 ++++++++
4 files changed, 64 insertions(+), 4 deletions(-)
Modified: doc/pod/news.pod
===================================================================
--- doc/pod/news.pod 2014-05-14 17:39:56 UTC (rev 9630)
+++ doc/pod/news.pod 2014-05-14 17:52:14 UTC (rev 9631)
@@ -182,6 +182,12 @@
=item *
+A test has been improved in F<innwatch.ctl> so that B<innwatch> no
+longer throttles B<innd> when no overview directory exists. You should
+manually update your F<innwatch.ctl> file to get this improvement.
+
+=item *
+
Fixed a long-standing limitation on how B<controlchan> and B<pgpverify>
were checking the signer of control messages. They now properly handle
the case of several UIDs being defined on a single PGP key, as well
@@ -293,7 +299,9 @@
=item *
-Other minor bug fixes and documentation improvements.
+Other minor bug fixes and documentation improvements (like the addition
+in the F<readers.conf> man page of the log: and program: parameters in
+res blocks, and the include directive).
=back
Modified: doc/pod/readers.conf.pod
===================================================================
--- doc/pod/readers.conf.pod 2014-05-14 17:39:56 UTC (rev 9630)
+++ doc/pod/readers.conf.pod 2014-05-14 17:52:14 UTC (rev 9631)
@@ -185,13 +185,21 @@
full e-mail address (including a domain), so you may want to set up your
system that way.
+Configuration files can be included in other configuration files via
+the syntax:
+
+ include <filename>
+
+The file named <filename> is then included. This syntax is allowed
+only at top-level.
+
Below is the full list of allowable parameters for auth groups and access
groups, and after that are some examples that may make this somewhat
clearer.
=head1 AUTH GROUP PARAMETERS
-An access group without at least one of the res:, auth:, perl_auth:,
+An auth group without at least one of the res:, auth:, perl_auth:,
python_auth:, or default: parameters makes no sense (and in practice will
just be ignored).
@@ -239,6 +247,36 @@
in the order they're listed. The results of the first successful one
will be used.
+Alternatively, a res block can be used instead of a res: paramater.
+The recognized parameters in such res blocks are:
+
+=over 3
+
+=item B<log:>
+
+A string to log in I<pathlog>/news.notice (with C<res also-log:>
+prepended) before the resolver is tried. One res group can have multiple
+log: parameters, and they will be logged in the order they're listed.
+
+=item B<program:>
+
+This parameter is mandatory in a res block. Its meaning is the same
+as the res: parameter used directly in an auth block.
+
+ auth <auth-name> {
+ res: <res-program>
+ }
+
+is therefore equivalent to:
+
+ auth <auth-name> {
+ res <res-name> {
+ program: <res-program>
+ }
+ }
+
+=back
+
=item B<auth:>
A simple command line for a user authenticator (shell metacharacters are
Modified: scripts/inncheck.in
===================================================================
--- scripts/inncheck.in 2014-05-14 17:39:56 UTC (rev 9630)
+++ scripts/inncheck.in 2014-05-14 17:52:14 UTC (rev 9631)
@@ -214,8 +214,9 @@
$parse_error = 0;
eprint "$file:$line: cannot nest $word in $group->{'type'}!\n"
- unless ($group->{'type'} eq 'group'
- || $group->{'type'} eq '<global scope>');
+ unless (($group->{'type'} eq 'group'
+ or $group->{'type'} eq '<global scope>')
+ or ($word eq 'res' and $group->{'type'} eq 'auth'));
push @groups, $group;
$group = { 'type' => $word, 'line' => $line };
@@ -975,11 +976,16 @@
'spoolfirst' => 'boolean',
'strippostcc' => 'boolean',
},
+ 'res' => {
+ 'log' => 'string',
+ 'program' => 'string',
+ },
'<multi>' => { # hack: "don't warn about duplicates for these keys"
'res' => 1,
'auth' => 1,
'perl_auth' => 1,
'python_auth' => 1,
+ 'log' => 1,
},
'<include>' => { 'include' => 'ignore' },
}
Modified: scripts/innreport_inn.pm
===================================================================
--- scripts/innreport_inn.pm 2014-05-14 17:39:56 UTC (rev 9630)
+++ scripts/innreport_inn.pm 2014-05-14 17:52:14 UTC (rev 9631)
@@ -781,6 +781,8 @@
$innd_control{"shutdown"}++;
return 1;
}
+ # re-executed
+ return 1 if $left =~ m/^SERVER execv /o;
# SERVER servermode paused
return 1 if ($left =~ /(\S+) servermode paused$/o);
# SERVER servermode running
@@ -1499,6 +1501,12 @@
return 1 if $left =~ /^python: dynamic access module successfully hooked into nnrpd$/o;
return 1 if $left =~ /^python: dynamic authorization access for read access granted$/o;
return 1 if $left =~ /^python: dynamic authorization access type is not known: /o;
+ # during scanlogs
+ return 1 if $left =~ /^\S+ rejected Flushing log and syslog files$/o;
+ return 1 if $left =~ /^\S+ rejected Snapshot log and syslog files$/o;
+ # other logs that should not be reported as errors
+ return 1 if $left =~ /^\S+ auth also-log: /o;
+ return 1 if $left =~ /^\S+ res also-log: /o;
# connect
if ($left =~ /(\S+) (\([0-9a-fA-F:.]*\) )?connect(?: - port \d+)?$/o) {
my $cust = $1;
More information about the inn-committers
mailing list