access question
Nick Edwards
nick.z.edwards at gmail.com
Wed Sep 10 01:24:52 UTC 2014
On 9/10/14, Nick Edwards <nick.z.edwards at gmail.com> wrote:
> On 9/10/14, Julien ÉLIE <julien at trigofacile.com> wrote:
>> Hi Nick,
>>
>>> I think I have the access file sorted but to make sure, our readers.conf
>>> is
>>>
>>> auth "localhost" {
>>> hosts: "localhost, 127.0.0.1, ::1, stdin"
>>> default: "<localhost>"
>>> }
>>>
>>> access "localhost" {
>>> users: "<localhost>"
>>> newsgroups: "*"
>>> access: RPA
>>> }
>>>
>>>
>>> auth custs {
>>> hosts: "IP.RA.NG.E/CIDR, *.anotherdomain, *.yetanotherdomain"
>>> default: <custs>
>>> }
>>>
>>> access custs {
>>> newsgroups: *
>>> }
>>>
>>>
>>> If my reading on man is right, this appear secure, but is it
>>> appropriate? Do we need a users: line or is it implied ?
>>
>> Hmm... Though I have not tested your example, I believe it does not
>> work the way you would like.
>> Keep in mind that the last matching auth group is used. Similarly, the
>> last matching access group is also used. So I believe "access custs"
>> will always be used.
>> I for one add the key: parameter to make sure my groups are correctly
>> configured (use the same key: parameter for localhost, and the same for
>> custs).
>>
>> Documentation is here:
>> http://www.eyrie.org/~eagle/software/inn/docs/readers.conf.html
>>
>> The users: parameter is not necessary (it defaults to "*").
>>
>>
> Ahh OK, I was close, I think, so, default: <custs> should in fact be
> <LOCAL>
> Just trying to get my head around the linking of the two, rather steep
> learning curve compared to what I'm used to ( a singe line:
> *.example.com:read,post:::* ) need to allocate bit more time to
> understand access I think :-)
>
> Nik
scrub that, <LOCAL> says transit mode, not wjhat I what Im sure, need
some sleep I think
More information about the inn-workers
mailing list