nnrp.access - access file for on-campus NNTP sites
The file /etc/news/nnrp.access
specifies the access control for those
NNTP sites that are not handled by the main InterNetNews daemon
(8). The nnrpd
(8) server reads it when first spawned by
Comments begin with a number sign (``#'') and continue through the end of the
line. Blank lines and comments are ignored. All other lines should consist of
five fields separated by colons:
The first field is a wildmat
(3)-style pattern specifying the names or
Internet address of a set of hosts
. Before a match is checked, the
client's hostname (or its Internet address if gethostbyaddr
is converted to lowercase. Each line is matched in turn, and the last
successful match is taken as the correct one.
The second field is a set of letters specifying the permissions granted to the
client. The perms
should be chosen from the following set:
R The client can retrieve articles
P The client can post articles
The third and fourth fields specify the username
the client must use to authenticate themselves before the server will accept
any articles. Note that no authentication (other then a matching entry in this
file) is required for newsreading. If they are empty, then no password is
required. Whitespace in these fields will result in the client being unable to
properly authenticate themselves and may be used to disable access.
The fifth field is a set of patterns identifying the newsgroups that the client
is allowed to access. The patterns are interpreted in the same manner as the
(5) file. The default, however, denies access to all groups.
The access file is normally used to provide host-level access control for
reading and posting articles. There are times, however, when this is not
sufficient and user-level access control is needed. Whenever an NNTP
``authinfo'' command is used, the nnrpd
server re-reads this file and
looks for a matching username and password. If the local newsreaders are
modified to send the ``authinfo'' command, then all host entries can have no
access and specific users can be granted the appropriate read and post access.
## Default is no access.
*:: -no- : -no- :!*
## FOO hosts have no password, can read anything.
## A related workstation can't access FOO newsgroups.
If the file contains passwords, it should not be world-readable.
Written by Rich $alz <email@example.com> for InterNetNews. This is
revision 1.11, dated 1996/09/06.
innd(8), newsfeeds(5), nnrpd(8), wildmat(3).