INN2 user authentication against system users

Julien ÉLIE julien at trigofacile.com
Fri Feb 12 18:50:47 UTC 2021


Hi Kevin,
>> Wouldn't "ckpasswd -s" be what you are looking for?
>>
> I have to change ckpasswd to setgid shadow,
> and i works on GNU/Linux, don't konow if it works for other OSes.

Did you try Russ' suggestion of '"ckpasswd" without the "-s" option?
It would permit to remove the setgid bit you set.

See the EXAMPLES section in 
https://www.eyrie.org/~eagle/software/inn/docs/ckpasswd.html to see how 
PAM can be configured.


>> Which part of the EXAMPLES section at the end of the man page would you like to emphasize more?
>>    https://www.eyrie.org/~eagle/software/inn/docs/readers.conf.html
>
> I think just plain User/Password authentication over nntps should be easy. :-)

Oh, I also see that the readers.conf example file shipped with INN does 
not contain any example of ckpasswd use...

So, I suggest to:
- improve the basic readers.conf example file to add an example of 
"ckpasswd" (PAM) and "ckpasswd -f" (file) uses;
- change the examples in the readers.conf man page to use "ckpasswd" 
instead of "ckpasswd -s" (and just say in a sentence the difference);
- change the examples in the readers.conf man page to use "ckpasswd -f" 
instead of "ckpasswd -d" (using a plain file is far more easier);
- add a "QUICK START" section near the beginning of the readers.conf man 
page to just document these two most frequent uses.

Do you see any other way to improve that documentation?

-- 
Julien ÉLIE

« L'homme a imaginé le cercle avant de savoir que la terre était ronde.
   Ça prouve quand même une certaine faculté d'invention. » (Jacques
   Sternberg)


More information about the inn-workers mailing list