Readers.conf and auth access

Boryan Yotov yotov at
Tue Aug 5 20:53:44 UTC 2003


maybe it's a good idea to read carefully the readers.conf
man page (at least twice) :)

Ok, I'll try to explain where you went wrong ... see the
comments inside your mail below...

News Administrator wrote:

>Hi all,
>i'm trying to setup auth access for INN 2.4 on Linux, but i'm getting errors
>trying to access with authentication. My readers.conf is setup as below:
>auth "authusers" {
>        hosts: *
Here you match all host which are trying to connect

>        auth: "/usr/lib/news/bin/auth/passwd/ckpasswd -f /etc/news/innauth"
Now you are trying to assign identity to the user using
a user/password authentication. This because Inn at the
begining only knows the host name of the connecting
machine but nothing about an user name or password.
Once the user authenticates with a valid pair it will
have an identity assigned with it .F or example for user
name "stefano" and correct password it should have
identity "<stefano at>". where the host name is assigned
depending on the host from which the connection was

>        default: "<authusers>"
Look here. If your auth: or res: authentication get failed
for the connecting news reader then the "default:"
identity will be assigned. E.g. if you fail to authenticate in
your example you'll automatically be assigned to user
identity "<authusers>"

>access "authusers" {
>        users: "<authusers>"
And what hapens here. You are permiting access only to user
which fails to authenticate ... but not to the users which are properly
authenticated (like "<stefano at>")

Actually instead of

users: "<authusers>"

you need a line like this:

users: "stefano at"


users: "*"

>        read: "*, !junk, !control*, !local*"
>        post: "*"
And of course your unathenticated user has read access to near all folder
and post access to all of them.

>The strange thing it's that if i try to auth myself i don't get access. If i
>try to connect without authentication i can get full access. Maybe it's a
Yes, this is the correct behaviour with the readers.conf you use.

Boryan Yotov

>simple mistake in my configuration, but i've tried many configuration
>without success. .... Who can help me?
>Thanks and Regards
>Stefano Cislaghi [SC1791-RIPE]
> News Administrator
>newsadmin at
>Peering? We're looking for comp.* and news.* peers - Contact us for more
>Please reports any abuse to: abuse at

More information about the inn-workers mailing list