Mercurial > noffle
comparison docs/noffle.conf.5 @ 288:c02c4eb95f95 noffle
[svn] * src/configfile.h,src/configfile.c,docs/noffle.conf.5: Add noffle-user
and noffle-group configs.
* src/configfile.c,src/fetch.c,src/fetchlist.c,src/protocol.c,
src/server.c: Replace strcpy() with Utl_cpyStr() where appropriate.
See Debian bug 168128.
* src/control.c,src/configfile.c,src/noffle.c: Replace [s]scanf("%s")
with [s]scanf(MAXCHAR_FMT).
* src/noffle.c: Log warning if noffle.conf is world readable.
* src/noffle.c: Restrict most options to news admins; i.e. those who
are root or news on running Noffle.
* Makefile.in,acconfig.h,aclocal.m4,config.h.in,configure,configure.in,
docs/Makefile.in,docs/noffle.conf.5,packages/Makefile.in,
packages/redhat/Makefile.in,src/Makefile.am,src/Makefile.in,
src/authenticate.c,src/authenticate.h,src/noffle.c,src/server.c:
Add basic authentication using either Noffle-specific user file
or authenticating via PAM (service 'noffle'). PAM authentication
needs to run as root, so a Noffle server that needs PAM
must be started by root. Helpful (?) error messages will be logged
if not. Noffle will switch ruid and euid to 'news' (or whatever
is configured) ASAP.
* src/noffle.c: Add uid checking.
author | bears |
---|---|
date | Fri, 10 Jan 2003 23:25:45 +0000 |
parents | 0340b9c17edc |
children | f35a7d45efd5 |
comparison
equal
deleted
inserted
replaced
287:01755687c565 | 288:c02c4eb95f95 |
---|---|
1 .TH noffle.conf 5 | 1 .TH noffle.conf 5 |
2 .\" $Id: noffle.conf.5 381 2002-05-14 14:25:45Z mirkol $ | 2 .\" $Id: noffle.conf.5 420 2003-01-10 23:25:45Z bears $ |
3 | 3 |
4 .SH NAME | 4 .SH NAME |
5 noffle.conf \- Configuration file for NOFFLE news server | 5 noffle.conf \- Configuration file for NOFFLE news server |
6 | 6 |
7 .SH DESCRIPTION | 7 .SH DESCRIPTION |
96 (to the debug facility) and additionally to stderr when running | 96 (to the debug facility) and additionally to stderr when running |
97 interactively. The available categories for logging are | 97 interactively. The available categories for logging are |
98 .BR all , | 98 .BR all , |
99 .BR none , | 99 .BR none , |
100 .BR config , | 100 .BR config , |
101 .BR auth , | |
101 .BR control , | 102 .BR control , |
102 .BR expire , | 103 .BR expire , |
103 .BR fetch , | 104 .BR fetch , |
104 .BR filter , | 105 .BR filter , |
105 .BR newsbase , | 106 .BR newsbase , |
202 article number of the information article every time it is read. | 203 article number of the information article every time it is read. |
203 .br | 204 .br |
204 Default: yes | 205 Default: yes |
205 | 206 |
206 .TP | 207 .TP |
208 .B authenticate-client yes|no | |
209 Insist that clients authenticate themselves using the NNTP | |
210 AUTHINFO USER/AUTHINFO PASS transaction before any news is served. | |
211 The form of the authentication is determined at compile time; either | |
212 PAM is used (with a service name "noffle"), or the userlist | |
213 file is scanned. This file, by default \fI/etc/noffle.users\fP, | |
214 is a text file. Spaces, comments starting with '#' and blank lines are | |
215 ignored. Other lines must contain space-separated 'username password' | |
216 pairs. For security reasons the userlist file must be a regular file, | |
217 not a link, and must be owner readable only. Finally, note that the | |
218 NNTP AUTHINFO USER/AUTHINFO PASS transaction is not encrypted in any | |
219 way, and so must itself be considered insecure. | |
220 .br | |
221 Default: no | |
222 | |
223 .TP | |
207 .B post-locally yes|no | 224 .B post-locally yes|no |
208 Place articles posted to external servers in the local aticle database | 225 Place articles posted to external servers in the local aticle database |
209 immediately. Some servers may rewrite Message-IDs, which will cause | 226 immediately. Some servers may rewrite Message-IDs, which will cause |
210 duplicate postings of this option is enabled. Also, if for some reason | 227 duplicate postings of this option is enabled. Also, if for some reason |
211 the post to the remote server fails, the article still exists in the local | 228 the post to the remote server fails, the article still exists in the local |
255 The default expiry period, in days. An expiry period of 0 means "never". | 272 The default expiry period, in days. An expiry period of 0 means "never". |
256 .br | 273 .br |
257 Default: 14 | 274 Default: 14 |
258 | 275 |
259 .TP | 276 .TP |
277 .B noffle-user <n> | |
278 The username under which NOFFLE normally runs. If NOFFLE is invoked by | |
279 root, it will drop its real and effective UID to this user as soon as | |
280 possible. | |
281 .br | |
282 Default: news | |
283 | |
284 .TP | |
285 .B noffle-group <n> | |
286 The group under which NOFFLE normally runs. NOFFLE will change to this | |
287 real and effective GID as soon as possible. | |
288 .br | |
289 Default: news | |
290 | |
291 .TP | |
260 .B expire <group pattern> <n> | 292 .B expire <group pattern> <n> |
261 The expiry period for a newsgroup or set of newsgroups, in days. The | 293 The expiry period for a newsgroup or set of newsgroups, in days. The |
262 expiry pattern can contain \fIwildcards\fP, and there can be multiple | 294 expiry pattern can contain \fIwildcards\fP, and there can be multiple |
263 .B expire | 295 .B expire |
264 lines. When checking the expiry period for a group, the expiry | 296 lines. When checking the expiry period for a group, the expiry |
285 | 317 |
286 .B NOFFLE | 318 .B NOFFLE |
287 uses a wildcard format that closely matches filename-style wildcards. | 319 uses a wildcard format that closely matches filename-style wildcards. |
288 \fIalt.binaries.*\fP, for example, matches all newsgroups under the | 320 \fIalt.binaries.*\fP, for example, matches all newsgroups under the |
289 .I alt.binaries | 321 .I alt.binaries |
290 hierarchy. A full description of the fomat (known as | 322 hierarchy. A full description of the format (known as |
291 .B wildmat | 323 .B wildmat |
292 patterns) is as follows. | 324 patterns) is as follows. |
293 | 325 |
294 .TP | 326 .TP |
295 .BI \e x | 327 .BI \e x |