readers.conf with python_access and python_auth
David Hláčik
david at hlacik.eu
Sat Jun 7 15:58:05 UTC 2008
What is wrong :(
Whatever else instead of result {'read' : '*' , 'post' : '*'} returns
error which i mentioned :(
Thanks
David
On Sat, Jun 7, 2008 at 5:26 PM, David Hláčik <david at hlacik.eu> wrote:
> Julien i have investigated problem,
> seems like access method and authenticate method can not be located in
> same file nnrpd_auth.py , i have created nnrpd_access.py with access
> method only and nnrpd_auth.py with authenticate method only.
> I will see in log :
> python: n_a access() invoked: hostname david-nb.net.hlacik.eu,
> ipaddress 10.10.10.199, interface 10.10.10.183, user boss
> Jun 7 17:23:06 dev01 nnrpd[1378]: python: acess groups defined
>
> Alltought, what i am getting in my Windows Mail on windows vista now is :
>
> Windows Mail was unable to retrieve list of newsgroups located on
> server message ,
> with error string called wird =========BACKTRACE==================
> What does it means?
>
> And how it is possible that nnrpd_auth.py is shiped as a sample with
> both auth and access when it needs to be in separated files, can it be
> bug of inn2.4.3 which i am using on Centos 5.1?
>
> Thanks
>
>
> On Sat, Jun 7, 2008 at 5:00 PM, David Hláčik <david at hlacik.eu> wrote:
>> Yes of course i have method access in my nnrpd_auth.py I am using it
>> also with python_auth parameter and calling method auth. I have also
>> tested it with my test.py to see if access returns correct values.
>> Honestly i am starting to giving up whole think. I am currently on my
>> 4th whole day working on nnrpd_auth.py and there is just so many
>> issues (import modules not work and so) :(
>>
>> This is what i have :
>> class AUTH:
>> """Provide authentication and authorization callbacks to nnrpd."""
>> def __init__(self):
>> """This is a good place to initialize variables or open a
>> database connection.
>> """
>> # Create a list of NNTP codes to respond on connect
>> self.connectcodes = { 'READPOST':200,
>> 'READ':201,
>> 'AUTHNEEDED':480,
>> 'PERMDENIED':502
>> }
>>
>> # Create a list of NNTP codes to respond on authentication
>> self.authcodes = { 'ALLOWED':281,
>> 'DENIED':502
>> }
>>
>> syslog('notice', 'nnrpd authentication class instance created')
>>
>> def authenticate(self, attributes):
>> """Called when python_auth is encountered in readers.conf"""
>>
>> # just for debugging purposes
>> syslog('notice', 'n_a authenticate() invoked: hostname %s,
>> ipaddress %s, interface %s, user %s' % (\
>> attributes['hostname'], \
>> attributes['ipaddress'], \
>> attributes['interface'], \
>> attributes['user']))
>>
>> # do username passworld authentication
>> #if 'foo' == str(attributes['user']) \
>> # and 'foo' == str(attributes['pass']):
>> # syslog('notice', 'authentication by username succeeded')
>> # return ( self.authcodes['ALLOWED'], 'No error', 'default_user')
>> #else:
>> # syslog('notice', 'authentication by username failed')
>> # return ( self.authcodes['DENIED'], 'Access Denied!')
>>
>> import os
>> result = int(os.popen("%s %s %s"
>> %("/opt/pdg/newsauth.py",str(attributes['user']),str(attributes['pass'])),
>> "r").read())
>> if result == 1:
>> syslog('notice', 'authentication by username succeeded')
>> return(self.authcodes['ALLOWED'], 'OK')
>> else:
>> syslog('notice', 'authentication by username failed')
>> return ( self.authcodes['DENIED'], 'FAILED')
>>
>> def access(self, attributes):
>> """Called when python_access is encountered in readers.conf"""
>>
>> # just for debugging purposes
>> syslog('notice', 'n_a access() invoked: hostname %s, ipaddress
>> %s, interface %s, user %s' % (\
>> attributes['hostname'], \
>> attributes['ipaddress'], \
>> attributes['interface'], \
>> attributes['user']))
>>
>> # allow newsreading from specific host only
>> #if '127.0.0.1' == str(attributes['ipaddress']):
>> # syslog('notice', 'authentication by IP address succeeded')
>> # return {'read':'*','post':'*'}
>> #else:
>> # syslog('notice', 'authentication by IP address failed')
>> # return {'read':'!*','post':'!*'}
>> import os
>> groups = os.popen("%s %s %s"
>> %("/opt/pdg/newsaccess.py",str(attributes['user']),str(attributes['pass'])),
>> "r").read().split("\n")
>> result = {}
>> result['read'] = ",".join(groups)
>> result['post'] = ",".join(groups)
>> syslog('notice', 'acess groups defined')
>> return result
>>
>> def dynamic(self, attributes):
>> """Called when python_dynamic was reached in the processing of
>> readers.conf and a reader requests either read or post
>> permission for particular newsgroup.
>> """
>> # just for debugging purposes
>> syslog('notice', 'n_a dyanmic() invoked against type %s,
>> hostname %s, ipaddress %s, interface %s, user %s' % (\
>> attributes['type'], \
>> attributes['hostname'], \
>> attributes['ipaddress'], \
>> attributes['interface'], \
>> attributes['user']))
>>
>> # Allow reading of any newsgroup but not posting
>> if 'post' == str(attributes['type']):
>> syslog('notice', 'authorization for post access denied')
>> return "no posting for you"
>> elif 'read' == str(attributes['type']):
>> syslog('notice', 'authorization for read access granted')
>> return None
>> else:
>> syslog('notice', 'authorization type is not known: %s' %
>> attributes['type'])
>> return "Internal error";
>>
>>
>> #
>> # The rest is used to hook up the auth module on nnrpd. It is unlikely
>> # you will ever need to modify this.
>> #
>>
>> # Import functions exposed by nnrpd. This import must succeed, or nothing
>> # will work!
>> from nnrpd import *
>>
>> # Create a class instance
>> myauth = AUTH()
>>
>> # ...and try to hook up on nnrpd. This would make auth object methods visible
>> # to nnrpd.
>> try:
>> set_auth_hook(myauth)
>> syslog('notice', "authentication module successfully hooked into nnrpd")
>> except Exception, errmsg:
>> syslog('error', "Cannot obtain nnrpd hook for authentication
>> method: %s" % errmsg[0])
>>
>>
>> #
>> # The rest is used to hook up the auth module on nnrpd. It is unlikely
>> # you will ever need to modify this.
>> #
>>
>> # Import functions exposed by nnrpd. This import must succeed, or nothing
>> # will work!
>> from nnrpd import *
>>
>> # Create a class instance
>> myauth = AUTH()
>>
>> # ...and try to hook up on nnrpd. This would make auth object methods visible
>> # to nnrpd.
>> try:
>> set_auth_hook(myauth)
>> syslog('notice', "authentication module successfully hooked into nnrpd")
>> except Exception, errmsg:
>> syslog('error', "Cannot obtain nnrpd hook for authentication
>> method: %s" % errmsg[0])
>>
>>
>> On Sat, Jun 7, 2008 at 4:36 PM, Julien ÉLIE <julien at trigofacile.com> wrote:
>>> Hi David,
>>>
>>>> And what this means?
>>>> Jun 7 16:21:34 dev01 nnrpd[2787]: python access method not defined
>>>
>>> It means that the access method is not found in your nnrpd_auth.py file.
>>> According to the sample shipped with INN, it should be something like:
>>>
>>>
>>> class AUTH:
>>> def access(self, attributes):
>>> syslog('notice', 'n_a access() invoked: hostname %s, ipaddress %s,
>>> interface %s, user %s' % (\
>>> attributes['hostname'], \
>>> attributes['ipaddress'], \
>>> attributes['interface'], \
>>> attributes['user']))
>>>
>>> if '127.0.0.1' == str(attributes['ipaddress']):
>>> syslog('notice', 'authentication by IP address succeeded')
>>> return {'read':'*','post':'*'}
>>> else:
>>> syslog('notice', 'authentication by IP address failed')
>>> return {'read':'!*','post':'!*'}
>>>
>>> from nnrpd import *
>>> myauth = AUTH()
>>>
>>> try:
>>> set_auth_hook(myauth)
>>> syslog('notice', "authentication module successfully hooked into nnrpd")
>>> except Exception, errmsg:
>>> syslog('error', "Cannot obtain nnrpd hook for authentication method: %s" %
>>> errmsg[0])
>>>
>>>
>>>
>>>
>>> Does this mere sample work on your news server?
>>> (I have not tested.)
>>>
>>> --
>>> Julien ÉLIE
>>>
>>> « Quand je raconterai mon odyssée, personne ne me croira ! » (Astérix)
>>>
>>>
>>
>
More information about the inn-workers
mailing list