readers.conf question
Russ Allbery
rra at stanford.edu
Sat Mar 3 07:38:18 UTC 2001
Bettina Fink <laura at hydrophil.de> writes:
> I think even the absence of an "users:" parameter doesn't catch an
> "empty" identity.
And yup, you're right.
> And BTW, this is the authentication example from the new man page,
> Katsuhiro (?) just added a default identity:
> auth all {
> auth: "ckpasswd -d /usr/local/news/db/newsusers"
> auth: "ckpasswd -s"
> default: <NOPASSWD>
> }
> access fail {
> newsgroups: !*
> }
> access full {
> users: *
> newsgroups: *
> }
> But with a default identity, the "full" access realm matches hosts that
> don't authenticate or fail authentication (they get / keep the default
> identity), and this realm is the last matching realm ...
Right. I've now changed this to:
auth all {
auth: "ckpasswd -d /usr/local/news/db/newsusers"
auth: "ckpasswd -s"
}
access full {
users: *
newsgroups: *
}
which does work as intended and is even shorter. This works fine for
folks who don't want to provide any access at all to users until they
authenticate.
> And the explanations for the authentication example now is completely
> wrong ...
Should be right now. I just checked in various fixes to the
documentation. Thanks very much for pointing out my mistake!
--
Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>
More information about the inn-workers
mailing list