"simple" problem with post-access in nnrpd_auth.pl

Marcel Bruch bruch.m at dni.de
Thu Nov 15 11:39:17 UTC 2001


"Jeffrey M. Vinocur" wrote:
> 
> you can use pamckpasswd (URL below) and a pam/ldap module.

I need a way to return a list of allowed newsgroups. My
LDAP-Server containts a dynamical list of newsgroups and a list
of users allowed to read/post or not to these different groups.
As far as i can see, pamckpasswd only returns 0 || 1 for
"allowed" or "not allowed" - thats unfortunately not enough.
Thats the reason why i need nnrpd_auth.pl - this program is the
only way to support dynamical newsgroups access, i think (?)
 
> > On my local machine it works fine, but if other hosts start a
> > request they are not allowed to post (the "new message"-icon in
> > netscape is grey).
> 
> And you don't distinguish in any way based on host?

No.
In this simple test I send "authneeded" to everyone and the grant
access to everyone who submits a username and password (that's
indeed not the way it should work later, but it describes my
problem in an easy way). There is no access-rule host-based in
nnrp.access (as far as I know - if perl_auth is activated, the
contents of nnrp.access are ignored) - or is there something I
don't know about how nnrpd_auth.pl works ? Are there any
configuration-problems in my news-server ? I don't think so,
because of the two simple tests below i've made.

But this simple test fails in the described way - remote users
can't post new articles.

sub authenticate {
 return ($authcodes{'allowed'}, 1,1, $defaultgroups,undef);
}
# works correct - all users can post
--

sub authenticate {
 if ($attributes{type} eq "connect") {
  return ($connectcodes{'authneeded'}, undef, undef, undef, undef
);
 } elsif ($attributes{type} eq "authenticate") {
  return ($authcodes{'allowed'}, 1,1,$defaultgroups,undef);
 }
[...]
# works not like expected - remote users are allowed to read -
not to post 
> You didn't seem to get to an actual question...?

What do you mean with actual question ?


regards,
Marcel


More information about the inn-workers mailing list