"simple" problem with post-access in nnrpd_auth.pl

Jeffrey M. Vinocur jeff at litech.org
Thu Nov 15 23:50:20 UTC 2001


On Thu, 15 Nov 2001, Marcel Bruch wrote:

> I need a way to return a list of allowed newsgroups. My
> LDAP-Server containts a dynamical list of newsgroups and a list
> of users allowed to read/post or not to these different groups.
> As far as i can see, pamckpasswd only returns 0 || 1 for
> "allowed" or "not allowed" - thats unfortunately not enough.

Ahh.  Yes, you may need to write your own.  (Using readers.conf e.g. with
pamckpasswd doesn't allow the LDAP server to specify the allowed groups,
but it does give finer granularity than "deny" or "let in to everything";
if you just have a small number of classes of users you may be able to get
by with the builtin mechanisms.)


> > And you don't distinguish in any way based on host?
>
> No.

Huh.  I don't know anything about perlauth or really even ldap, maybe
somebody else...?


> There is no access-rule host-based in nnrp.access (as far as I know -
> if perl_auth is activated, the contents of nnrp.access are ignored) -
> or is there something I don't know about how nnrpd_auth.pl works ?

Are you using INN 2.2 or 2.3?  If it's 2.2, you'll definitely need to
write a script; you need 2.3 for readers.conf and pamckpasswd.


-- 
Jeffrey M. Vinocur
jeff at litech.org



More information about the inn-workers mailing list