INN commit: trunk (4 files)

INN Commit rra at isc.org
Wed May 14 17:52:15 UTC 2014


    Date: Wednesday, May 14, 2014 @ 10:52:14
  Author: iulius
Revision: 9631

Document already existing res blocks functionality in readers.conf

* Document res blocks, their log: and program: keywords, and the include
directive in readers.conf man page.

* Recognize res blocks and their keywords in inncheck.

* Do not consider as errors in daily reports the lines logged in
news.notice by the log: keyword in readers.conf.

* Also teach other known lines to innreport (especially the use of
"ctlinnd xexec" and normal rejection of nnrpd connections during
news.daily operations).

* Typo in readers.conf man page (access instead of auth).

Modified:
  trunk/doc/pod/news.pod
  trunk/doc/pod/readers.conf.pod
  trunk/scripts/inncheck.in
  trunk/scripts/innreport_inn.pm

--------------------------+
 doc/pod/news.pod         |   10 +++++++++-
 doc/pod/readers.conf.pod |   40 +++++++++++++++++++++++++++++++++++++++-
 scripts/inncheck.in      |   10 ++++++++--
 scripts/innreport_inn.pm |    8 ++++++++
 4 files changed, 64 insertions(+), 4 deletions(-)

Modified: doc/pod/news.pod
===================================================================
--- doc/pod/news.pod	2014-05-14 17:39:56 UTC (rev 9630)
+++ doc/pod/news.pod	2014-05-14 17:52:14 UTC (rev 9631)
@@ -182,6 +182,12 @@
 
 =item *
 
+A test has been improved in F<innwatch.ctl> so that B<innwatch> no
+longer throttles B<innd> when no overview directory exists.  You should
+manually update your F<innwatch.ctl> file to get this improvement.
+
+=item *
+
 Fixed a long-standing limitation on how B<controlchan> and B<pgpverify>
 were checking the signer of control messages.  They now properly handle
 the case of several UIDs being defined on a single PGP key, as well
@@ -293,7 +299,9 @@
 
 =item *
 
-Other minor bug fixes and documentation improvements.
+Other minor bug fixes and documentation improvements (like the addition
+in the F<readers.conf> man page of the log: and program: parameters in
+res blocks, and the include directive).
 
 =back
 

Modified: doc/pod/readers.conf.pod
===================================================================
--- doc/pod/readers.conf.pod	2014-05-14 17:39:56 UTC (rev 9630)
+++ doc/pod/readers.conf.pod	2014-05-14 17:52:14 UTC (rev 9631)
@@ -185,13 +185,21 @@
 full e-mail address (including a domain), so you may want to set up your
 system that way.
 
+Configuration files can be included in other configuration files via
+the syntax:
+
+    include <filename>
+
+The file named <filename> is then included.  This syntax is allowed
+only at top-level.
+
 Below is the full list of allowable parameters for auth groups and access
 groups, and after that are some examples that may make this somewhat
 clearer.
 
 =head1 AUTH GROUP PARAMETERS
 
-An access group without at least one of the res:, auth:, perl_auth:,
+An auth group without at least one of the res:, auth:, perl_auth:,
 python_auth:, or default: parameters makes no sense (and in practice will
 just be ignored).
 
@@ -239,6 +247,36 @@
 in the order they're listed.  The results of the first successful one
 will be used.
 
+Alternatively, a res block can be used instead of a res: paramater.
+The recognized parameters in such res blocks are:
+
+=over 3
+
+=item B<log:>
+
+A string to log in I<pathlog>/news.notice (with C<res also-log:>
+prepended) before the resolver is tried.  One res group can have multiple
+log: parameters, and they will be logged in the order they're listed.
+
+=item B<program:>
+
+This parameter is mandatory in a res block.  Its meaning is the same
+as the res: parameter used directly in an auth block.
+
+    auth <auth-name> {
+        res: <res-program>
+    }
+
+is therefore equivalent to:
+
+    auth <auth-name> {
+        res <res-name> {
+            program: <res-program>
+        }
+    }
+
+=back
+
 =item B<auth:>
 
 A simple command line for a user authenticator (shell metacharacters are

Modified: scripts/inncheck.in
===================================================================
--- scripts/inncheck.in	2014-05-14 17:39:56 UTC (rev 9630)
+++ scripts/inncheck.in	2014-05-14 17:52:14 UTC (rev 9631)
@@ -214,8 +214,9 @@
             $parse_error = 0;
 
             eprint "$file:$line: cannot nest $word in $group->{'type'}!\n"
-                unless ($group->{'type'} eq 'group'
-                    ||  $group->{'type'} eq '<global scope>');
+                unless (($group->{'type'} eq 'group'
+                      or $group->{'type'} eq '<global scope>')
+                     or ($word eq 'res' and $group->{'type'} eq 'auth'));
             push @groups, $group;
             $group = { 'type' => $word, 'line' => $line };
 
@@ -975,11 +976,16 @@
                 'spoolfirst'            => 'boolean',
                 'strippostcc'           => 'boolean',
             },
+            'res'       => {
+                'log'      => 'string',
+                'program'  => 'string',
+            },
             '<multi>'   => { # hack: "don't warn about duplicates for these keys"
                 'res'           => 1,
                 'auth'          => 1,
                 'perl_auth'     => 1,
                 'python_auth'   => 1,
+                'log'           => 1,
             },
             '<include>' => { 'include' => 'ignore' },
         }

Modified: scripts/innreport_inn.pm
===================================================================
--- scripts/innreport_inn.pm	2014-05-14 17:39:56 UTC (rev 9630)
+++ scripts/innreport_inn.pm	2014-05-14 17:52:14 UTC (rev 9631)
@@ -781,6 +781,8 @@
       $innd_control{"shutdown"}++;
       return 1;
     }
+    # re-executed
+    return 1 if $left =~ m/^SERVER execv /o;
     # SERVER servermode paused
     return 1 if ($left =~ /(\S+) servermode paused$/o);
     # SERVER servermode running
@@ -1499,6 +1501,12 @@
     return 1 if $left =~ /^python: dynamic access module successfully hooked into nnrpd$/o;
     return 1 if $left =~ /^python: dynamic authorization access for read access granted$/o;
     return 1 if $left =~ /^python: dynamic authorization access type is not known: /o;
+    # during scanlogs
+    return 1 if $left =~ /^\S+ rejected Flushing log and syslog files$/o;
+    return 1 if $left =~ /^\S+ rejected Snapshot log and syslog files$/o;
+    # other logs that should not be reported as errors
+    return 1 if $left =~ /^\S+ auth also-log: /o;
+    return 1 if $left =~ /^\S+ res also-log: /o;
     # connect
     if ($left =~ /(\S+) (\([0-9a-fA-F:.]*\) )?connect(?: - port \d+)?$/o) {
       my $cust = $1;



More information about the inn-committers mailing list