Authentication blues

Zenon Panoussis oracle at xs4all.nl
Sat Feb 24 22:05:01 UTC 2001 


With the following configuration, clients from <localnet> can connect, 
see all newsgroups and read, while clients from anywhere else are asked 
to authenticate themselves. The authentication procedure works fine, 
but then the server replies "no newsgroups". 

If I add the line 
    default: "<localnet>"
to the auth "cleared" group, then authentication is skipped completely 
and yet no active list is given to the client. 

This is what things look like to begin with:

readers.conf:

auth "cleared" {
     hosts:    "*"
     auth:     "ckpasswd -f /usr/local/news/etc/passwords"
}

access "cleared" {
     users:      "<cleared>"
     read:       "*"
}

auth "localnet" {
    hosts: "localhost, 127.0.0.1, stdin, 192.168.0.3"
    default: "<localnet>"
}

access "localnet" {
    users: "<localnet>"
    read: "*"
}



TIN:

*** Posting not allowed ***
archive.freewinds.cx InterNetNews NNRP server INN 2.3.1 ready (no posting).
Server expects authentication.
    Please enter username: ****** 
    Please enter password: 
Authorized for user: ******
Your server does not have Xref: in its XOVER information.
Tin will try to use XHDR XREF instead (slows down things a bit).
Reading input history file...
Reading groups from active file... 
servers active-file contains no newsgroups. Exiting.

news.notice:

Feb 24 23:26:18 goat nnrpd[1533]: xs4.xs4all.nl connect
Feb 24 23:26:24 goat nnrpd[1533]: xs4.xs4all.nl user zenon
Feb 24 23:26:28 goat nnrpd[1533]: xs4.xs4all.nl times user 0.010 system 0.040
elapsed 10.737


Reading Jeffrey's posting a bit further up, I begun to suspect 
that successfully authenticated users are labelled "ok", so 
I tried adding 

access "ok" {
     users:      "*"
     read:       "*"
}

to readers.conf (the rest unchanged). Now TIN started behaving 
differently and for a moment it looked as if it was going to get 
the active list. However, it didn't: 

*** Posting not allowed ***
archive.freewinds.cx InterNetNews NNRP server INN 2.3.1 ready (no posting).
Server expects authentication.
    Please enter username: ****** 
    Please enter password: 
Authorized for user: ******
Reading input history file...
Reading groups from active file... 
Checking for new groups...
Reading attributes file...
Reading newsgroups file... 
Reading newsrc file...

                  Group Selection (server.domain.dom  0)

                              <snip>
                         *** No groups ***



Any ideas? 

Z


-- 
oracle at everywhere: The ephemeral source of the eternal truth...

More information about the inn-workers mailing list