2.3exp: help with readers.conf

Aidan Cully aidan at panix.com
Fri Aug 13 21:28:08 UTC 1999 

To answer both at once:

> John P Speno wrote:
> 
> > I'm trying to configure my readers.conf file to allow the following access
> > in INN 2.3exp:
> > 
> > 1. readers from *.foo.com may read and post without authentication.
> > 
> > 2. readers from {list of many hosts in foo.com} may read but not post by
> > default. If they choose to authenticate themselves they can read and post. 
> > 
> > 3. readers from everywhere else MUST authenticate (using radius), and once
> > authenticated, may read and post.
> > 
> > I've tried several things to get parts 1 and 3 working, but haven't had any
> > success.

auth "foo" {
	hosts: "*.foo.com"
	default: "<foo-user>"
}

auth "badfoo" {
	hosts: "host1.foo.com, host2.foo.com"
	default: "<restricted-foo>"
}

auth "outside" {
	hosts: "*"
	auth: "radius -f /news/etc/authrad.conf"
	# NO DEFAULT USER, in order to force authentication.
}

access "foo" {
	users: "*"
	# '*' matches <foo-user> as well.
	newsgroups: "*"
	access: "Read Post"
}

access "badfoo" {
	users: "<restricted-foo>"
	read: "*"
	post: ""
}

> Just to avoid you people ignoring the man because he posted a question
> twice (with the second version even lacking `Thanks'), this is something
> I've been trying to get to work too.
> 
> My problem with readers.conf is that I can't find out how to respond with
> a `411 Authentication required' by default.
> 
> I guess that this needs to be different:
> 
> access "none" {
> 	newsgroups: "!*"
> 	users: "<no-user>"
> }
> 
> However, I can't see how to tell nnrpd not to immediately quit with `No
> access' or respond `No such group' until a valid name+password has been
> given but said 411 instead, as everything up until 2.2 would.
> 
> The examples are pretty abstract as well...

auth "default" {
	hosts: "*"
	auth: "radius -f /news/etc/authrad.conf"
	# NO DEFAULT USER!
}

access "default" {
	users: "*"
	newsgroups: "*"
	access: "Read Post"
}

These are untested, but I think they'll work.

--aidan
-- 
Aidan Cully       "Congratulation."
Not Panix Staff      -- Blade of Fury
aidan at panix.com

More information about the inn-workers mailing list