Книга: Linux Network Administrator Guide, Second Edition
The nnrp.access file
The nnrp.access file
We mentioned earlier that newsreaders, and in fact any host not listed in the hosts.nntp, that connect to the INN news server are handled by the nnrpd program. nnrpd uses the /etc/news/nnrp.access file to determine who is allowed to make use of the news server, and what permissions they should have.
The nnrp.access file has a similar structure to the other configuration files we've looked at. It comprises a set of patterns used to match against the connecting host's domain name or IP address, and fields that determine what access and permission it should be given. Each entry should appear on a line by itself, and fields are separated by colons. The last entry in this file that matches the connecting host will be the one used, so again, you should put general patterns first and follow them with more specific ones later in the file. The five fields of each entry in the order they should appear are:
Hostname or IP address
This field conforms to wildmat(3) pattern-matching rules. It is a pattern that describes the connecting host's name or IP address.
Permissions
This field determines what permissions the matching host should be granted. There are two permissons you may configure: R gives read permissions, and P gives posting permissions.
Username
This field is optional and allows you to specify a username that an NNTP client must log into the server before being allowed to post news articles. This field may be left blank. No user authentication is required to read articles.
Password
This field is optional and is the password accompanying the username field. Leaving this field blank means that no password is required to post articles.
Newsgroups
This field is a pattern specifying which newsgroups the client is allowed to access. The pattern follows the same rules as those used in the newsfeeds file. The default for this field is no newsgroups, so you would normally have a pattern configured here.
In the virtual brewery example, we will allow any NNTP client in the Virtual Brewery domain to both read and post to all newsgroups. We will allow any NNTP client read-only access to all newsgroups except our private internal newsgroup. Our nnrp.access file will look like this:
# Virtual Brewery - nnrp.access
# We will allow public reading of all newsgroups except our private one.
*:R:::*,!rec.crafts.brewing.private
# Any host with the Virtual Brewery domain may Read and Post to all
# newsgroups
*.vbrew.com:RP::*
Оглавление книги
- Controlling Newsreader Access
- Практическая работа 53. Запуск Access. Работа с объектами базы данных
- Shared Cache file
- Безопасность внешних таблиц. Параметр EXTERNAL FILE DIRECTORY
- 4.4.4 The Dispatcher
- About the author
- Chapter 7. The state machine
- Chapter 13. rc.firewall file
- Appendix E. Other resources and links
- Example NAT machine in theory
- The final stage of our NAT machine
- Compiling the user-land applications