NNRP.ACCESS(5)

NNRP.ACCESS(5)

nfs Home Page File Formats Index nntpsend.ctl 

NAME
       nnrp.access - access file for on-campus NNTP sites

DESCRIPTION
       The  file  /etc/news/nnrp.access specifies the access con-
       trol for those NNTP sites that are not handled by the main
       InterNetNews daemon innd(8).  The nnrpd(8) server reads it
       when first spawned by innd.

       Comments begin with a number  sign  (``#'')  and  continue
       through the end of the line.  Blank lines and comments are
       ignored.  All other lines should consist  of  five  fields
       separated by colons:
              hosts:perms:username:password:patterns

       The  first  field is a wildmat(3)-style pattern specifying
       the names or Internet address of a set of hosts.  Before a
       match  is  checked, the client's hostname (or its Internet
       address if gethostbyaddr(3) fails) is converted to  lower-
       case.  Each line is matched in turn, and the last success-
       ful match is taken as the correct one.

       The second field is a set of letters specifying  the  per-
       missions  granted to the client.  The perms should be cho-
       sen from the following set:
              R    The client can retrieve articles
              P    The client can post articles

       The third and fourth fields specify the username and pass-
       word  that  the client must use to authenticate themselves
       before the server will accept any articles.  Note that  no
       authentication  (other then a matching entry in this file)
       is required for newsreading.  If they are empty,  then  no
       password  is  required.   Whitespace  in these fields will
       result in the client being unable to properly authenticate
       themselves and may be used to disable access.

       The fifth field is a set of patterns identifying the news-
       groups that the client is allowed to access.  The patterns
       are  interpreted  in  the  same manner as the newsfeeds(5)
       file.  The default, however, denies access to all  groups.

       The  access  file  is  normally used to provide host-level
       access control for reading and  posting  articles.   There
       are  times, however, when this is not sufficient and user-
       level  access  control  is  needed.   Whenever   an   NNTP
       ``authinfo''  command  is  used, the nnrpd server re-reads
       this file and looks for a matching username and  password.
       If   the  local  newsreaders  are  modified  to  send  the
       ``authinfo'' command, then all host entries  can  have  no
       access  and  specific users can be granted the appropriate
       read and post access.

       For example:
              ##  host:perm:user:pass:groups
              ## Default is no access.
              *::  -no-  :  -no-  :!*
              ##  FOO hosts have no password, can read anything.
              *.foo.com:Read Post:::*
              ##  A related workstation can't access FOO newsgroups.
              lenox.foo.net:RP:martha:hiatt:*,!foo.*

       If the file contains passwords, it should  not  be  world-
       readable.

HISTORY
       Written  by  Rich  $alz lt;rsalz@uunet.uu.net for InterNet-
       News.  This is revision 1.11, dated 1996/09/06.

SEE ALSO
       innd(8) newsfeeds(5) nnrpd(8) wildmat(3).
nfs Home Page File Formats Index nntpsend.ctl