INN commit: trunk (4 files)
INN Commit
rra at isc.org
Tue Jul 14 16:43:56 UTC 2015
Date: Tuesday, July 14, 2015 @ 09:43:55
Author: iulius
Revision: 9922
Improve a few default values for inn.conf
- Make use of the vastly expanded storage and RAM commonly available
today: datamovethreshold (from 8192 to 16384), msgidcachesize (from
16000 to 64000), overcachesize (from 64 to 128), wireformat (now enabled
by default).
- Enable the generation of status reports and performance timings:
logstatus and nnrpdoverstats parameters, with a frequency of 10 minutes
(status and timer parameters).
- Fix the definition of runasgroup and runasuser: they are not
necessarily "news" as they can be specified at configure time.
- Say that the default value of dontrejectfiltered is false.
- Say that the default value of pgpverify is false, if not present
in inn.conf.
- Say that the default value of logcycles should remain 3 because of
privacy impact.
Modified:
trunk/doc/pod/inn.conf.pod
trunk/doc/pod/news.pod
trunk/lib/innconf.c
trunk/samples/inn.conf.in
----------------------+
doc/pod/inn.conf.pod | 70 +++++++++++++++++++++++++++----------------------
doc/pod/news.pod | 12 ++++++++
lib/innconf.c | 22 +++++++++------
samples/inn.conf.in | 16 +++++------
4 files changed, 72 insertions(+), 48 deletions(-)
Modified: doc/pod/inn.conf.pod
===================================================================
--- doc/pod/inn.conf.pod 2015-07-12 15:14:25 UTC (rev 9921)
+++ doc/pod/inn.conf.pod 2015-07-14 16:43:55 UTC (rev 9922)
@@ -111,12 +111,14 @@
=item I<runasgroup>
The group under which the news server will run. The default is C<news>
-and should not normally need to be changed.
+(or the group specified at configure time) and should not normally need
+to be changed.
=item I<runasuser>
The user under which the news server will run. The default is C<news>
-and should not normally need to be changed.
+(or the user specified at configure time) and should not normally need
+to be changed.
=item I<server>
@@ -174,12 +176,13 @@
=item I<dontrejectfiltered>
-Normally innd(8) rejects incoming articles when directed to do so by any
-enabled article filters (Perl or Python). However, this parameter causes
-such articles I<not> to be rejected; instead filtering can be applied on
-outbound articles. If this parameter is set, all articles will be
-accepted on the local machine, but articles rejected by the filter will
-I<not> be fed to any peers specified in F<newsfeeds> with the C<Af> flag.
+Normally innd(8) rejects incoming articles when directed to do so by
+any enabled article filters (Perl or Python). However, this parameter
+causes such articles I<not> to be rejected; instead filtering can be
+applied on outbound articles. If this parameter is set, all articles
+will be accepted on the local machine, but articles rejected by the
+filter will I<not> be fed to any peers specified in F<newsfeeds> with
+the C<Af> flag. The default value is false.
=item I<hiscachesize>
@@ -261,8 +264,10 @@
=item I<pgpverify>
Whether to enable PGP verification of control messages other than cancel.
-This is a boolean value and the default is based on whether configure found
-pgp, pgpv, or gpgv.
+This is a boolean value and the default in the F<inn.conf> sample file
+is based on whether configure found pgp, pgpv, pgpgpg, gpgv or gpgv2.
+Note that if the parameter is not present in the configuration file,
+it defaults to false.
=item I<port>
@@ -544,7 +549,7 @@
descriptors your operating system allows. innd(8) also uses an open file
descriptor for each incoming feed and outgoing channel or batch file, and
if it runs out of open file descriptors, it may throttle and stop accepting
-new news. The default value is C<64> (which is probably still too low if
+new news. The default value is C<128> (which is probably still too low if
you have a large number of file descriptors available).
This setting is ignored unless I<ovmethod> is set to C<tradindexed>.
@@ -618,7 +623,7 @@
old existing software that looks around in the spool and doesn't
understand how to read wire format. Storage methods other than tradspool
always store articles in wire format. This is a boolean value and the
-default is false.
+default is true.
=item I<xrefslave>
@@ -692,7 +697,7 @@
etc.), nnrpd(8) can cache the storage token associated with a message-ID
and save the cost of looking it up in the F<history> file; for some
configurations, setting this parameter can save more than 90% of the
-wall clock time for a session. The default value is C<16000>.
+wall clock time for a session. The default value is C<64000>.
=item I<nfsreader>
@@ -837,11 +842,11 @@
=item I<addinjectionpostingaccount>
-Whether to add a posting-account attribute to the Injection-Info:
-header to all local posts giving the username assigned to the user at
-connection time or after authentication. This is a boolean value and
-the default is false. There is no intrinsic support for obfuscating the
-value. That has to be done with a user-written Perl filter, if desired.
+Whether to add a posting-account attribute to the Injection-Info: header
+to all local posts giving the username assigned to the user at connection
+time or after authentication. This is a boolean value and the default
+is false. There is no intrinsic support for obfuscating the value.
+That has to be done with a user-written Perl filter, if desired.
=item I<addinjectionpostinghost>
@@ -1252,7 +1257,7 @@
Whether B<innd> should write a shortened version of its status report
to syslog every I<status> seconds. This is a boolean value and the default
-is false. If set to true, see the I<status> parameter for more details
+is true. If set to true, see the I<status> parameter for more details
on how to enable status reporting.
=item I<logtrash>
@@ -1266,7 +1271,7 @@
Whether nnrpd overview statistics should be logged via syslog. This can
be useful for measuring overview performance. This is a boolean value and
-the default is false.
+the default is true.
=item I<nntplinklog>
@@ -1283,19 +1288,22 @@
=item I<status>
-How frequently (in seconds) innd(8) should write out a status report. The
-report is written to I<pathhttp>/inn_status.html or I<pathlog>/inn.status
-depending on the value of I<htmlstatus>. If this is set to C<0> or
-C<false>, status reporting is disabled. The default value is C<0>.
+How frequently (in seconds) innd(8) should write out a status
+report. The report is written to I<pathhttp>/inn_status.html or
+I<pathlog>/inn.status depending on the value of I<htmlstatus>. If this
+is set to C<0> or C<false>, status reporting is disabled. The default
+value is C<600> (that is to say reports are written every 10 minutes).
=item I<timer>
-How frequently (in seconds) innd(8) should report performance timings to
-syslog. If this is set to C<0>, performance timing is disabled. Enabling
-this is highly recommended, and innreport(8) can produce a nice summary of
-the timings. If set to C<0>, performance timings in nnrpd(8) are also
-disabled, although nnrpd always reports statistics on exit and therefore
-any non-zero value is equivalent for it. The default value is C<0>.
+How frequently (in seconds) innd(8) should report performance timings
+to syslog. If this is set to C<0>, performance timing is disabled.
+Enabling this is highly recommended, and innreport(8) can produce a nice
+summary of the timings. If set to C<0>, performance timings in nnrpd(8)
+are also disabled, although B<nnrpd> always reports statistics on exit
+and therefore any non-zero value is equivalent for it. The default
+value is C<600> (that is to say performance timings are reported every
+10 minutes).
=back
@@ -1338,7 +1346,7 @@
NNTP data. Increasing this value may improve performance, but it should
not be increased on Systems with insufficient memory. Permitted values
are between C<0> and C<1048576> (out of range values are treated as
-C<1048576>) and the default value is C<8192>.
+C<1048576>) and the default value is C<16384>.
=item I<icdsynccount>
Modified: doc/pod/news.pod
===================================================================
--- doc/pod/news.pod 2015-07-12 15:14:25 UTC (rev 9921)
+++ doc/pod/news.pod 2015-07-14 16:43:55 UTC (rev 9922)
@@ -86,6 +86,18 @@
only for F<inn.conf>; a manual change will therefore be needed for
F<readers.conf>, if these parameters are overridden in this file.
+=item *
+
+The default values of a few F<inn.conf> parameters have changed to make
+use of the vastly expanded storage and RAM commonly available today:
+datamovethreshold (from 8192 to 16384), msgidcachesize (from 16000
+to 64000), overcachesize (from 64 to 128), and wireformat (now enabled
+by default).
+
+The generation of status reports and performance timings are now also
+enabled by default: logstatus and nnrpdoverstats parameters, with a
+frequency of 10 minutes (status and timer parameters).
+
=back
If you are upgrading from a version prior to S<INN 2.5>, see also
Modified: lib/innconf.c
===================================================================
--- lib/innconf.c 2015-07-12 15:14:25 UTC (rev 9921)
+++ lib/innconf.c 2015-07-14 16:43:55 UTC (rev 9922)
@@ -126,7 +126,7 @@
{ K(server), STRING (NULL) },
{ K(sourceaddress), STRING (NULL) },
{ K(sourceaddress6), STRING (NULL) },
- { K(timer), UNUMBER (0) },
+ { K(timer), UNUMBER (600) },
{ K(runasuser), STRING (RUNASUSER) },
{ K(runasgroup), STRING (RUNASGROUP) },
@@ -156,7 +156,7 @@
{ K(blockbackoff), UNUMBER (120) },
{ K(chaninacttime), UNUMBER (600) },
{ K(chanretrytime), UNUMBER (300) },
- { K(datamovethreshold), UNUMBER (8192) },
+ { K(datamovethreshold), UNUMBER (16384) },
{ K(dontrejectfiltered), BOOL (false) },
{ K(hiscachesize), UNUMBER (256) },
{ K(htmlstatus), BOOL (true) },
@@ -168,7 +168,7 @@
{ K(logcancelcomm), BOOL (false) },
{ K(logipaddr), BOOL (true) },
{ K(logsitename), BOOL (true) },
- { K(logstatus), BOOL (false) },
+ { K(logstatus), BOOL (true) },
{ K(logtrash), BOOL (true) },
{ K(maxartsize), UNUMBER (1000000) },
{ K(maxconnections), UNUMBER (50) },
@@ -184,7 +184,7 @@
{ K(refusecybercancels), BOOL (false) },
{ K(remembertrash), BOOL (true) },
{ K(stathist), STRING (NULL) },
- { K(status), UNUMBER (0) },
+ { K(status), UNUMBER (600) },
{ K(verifycancels), BOOL (false) },
{ K(verifygroups), BOOL (false) },
{ K(wanttrash), BOOL (false) },
@@ -213,7 +213,7 @@
{ K(keywords), BOOL (false) },
{ K(localmaxartsize), UNUMBER (1000000) },
{ K(maxcmdreadsize), UNUMBER (BUFSIZ) },
- { K(msgidcachesize), UNUMBER (16000) },
+ { K(msgidcachesize), UNUMBER (64000) },
{ K(moderatormailer), STRING (NULL) },
{ K(nfsreader), BOOL (false) },
{ K(nfsreaderdelay), UNUMBER (60) },
@@ -222,7 +222,7 @@
{ K(nnrpdflags), STRING ("") },
{ K(nnrpdauthsender), BOOL (false) },
{ K(nnrpdloadlimit), UNUMBER (16) },
- { K(nnrpdoverstats), BOOL (false) },
+ { K(nnrpdoverstats), BOOL (true) },
{ K(organization), STRING (NULL) },
{ K(readertrack), BOOL (false) },
{ K(spoolfirst), BOOL (false) },
@@ -250,12 +250,12 @@
{ K(keepmmappedthreshold), UNUMBER (1024) },
{ K(nfswriter), BOOL (false) },
{ K(nnrpdcheckart), BOOL (true) },
- { K(overcachesize), UNUMBER (64) },
+ { K(overcachesize), UNUMBER (128) },
{ K(ovgrouppat), STRING (NULL) },
{ K(storeonxref), BOOL (true) },
{ K(tradindexedmmap), BOOL (true) },
{ K(useoverchan), BOOL (false) },
- { K(wireformat), BOOL (false) },
+ { K(wireformat), BOOL (true) },
/* The following settings are specific to the history subsystem. */
{ K(hismethod), STRING (NULL) },
@@ -276,7 +276,11 @@
{ K(innwatchspoolnodes), UNUMBER (200) },
{ K(innwatchspoolspace), UNUMBER (25000) },
- /* The following settings are specific to scanlogs. */
+ /* The following settings are specific to scanlogs.
+ * Keep a low value by default as it has a privacy impact; three days
+ * should be enough to diagnose the most common cases of malfunction
+ * and abuse. Where more is needed, it is easy for the news admin
+ * to increase it. */
{ K(logcycles), UNUMBER (3) },
};
Modified: samples/inn.conf.in
===================================================================
--- samples/inn.conf.in 2015-07-12 15:14:25 UTC (rev 9921)
+++ samples/inn.conf.in 2015-07-14 16:43:55 UTC (rev 9922)
@@ -69,11 +69,11 @@
groupbaseexpiry: true
mergetogroups: false
nfswriter: false
-overcachesize: 64
+overcachesize: 128
#ovgrouppat:
storeonxref: true
useoverchan: false
-wireformat: false
+wireformat: true
xrefslave: false
# Reading
@@ -82,7 +82,7 @@
articlemmap: true
clienttimeout: 1800
initialtimeout: 10
-msgidcachesize: 16000
+msgidcachesize: 64000
nfsreader: false
nfsreaderdelay: 60
nnrpdcheckart: true
@@ -167,13 +167,13 @@
logcycles: 3
logipaddr: true
logsitename: true
-logstatus: false
+logstatus: true
logtrash: true
-nnrpdoverstats: false
+nnrpdoverstats: true
nntplinklog: false
#stathist:
-status: 0
-timer: 0
+status: 600
+timer: 600
# System Tuning
@@ -181,7 +181,7 @@
blockbackoff: 120
chaninacttime: 600
chanretrytime: 300
-datamovethreshold: 8192
+datamovethreshold: 16384
icdsynccount: 10
keepmmappedthreshold: 1024
#maxcmdreadsize:
More information about the inn-committers
mailing list