NNRP.ACCESS(5)NNRP.ACCESS(5)NAMEnnrp.access - access file for on-campus NNTP sites
The file /var/spool/news/data/nnrp.access specifies the access control
for those NNTP sites that are not handled by the main InterNetNews dae‐
mon innd(8). The nnrpd(8) server reads it when first spawned by innd.
Comments begin with a number sign (``#'') and continue through the end
of the line. Blank lines and comments are ignored. All other lines
should consist of five fields separated by colons:
The first field is a wildmat(3)-style pattern specifying the names or
Internet address of a set of hosts. Before a match is checked, the
client's hostname (or its Internet address if gethostbyaddr(3) fails)
is converted to lowercase. Each line is matched in turn, and the last
successful match is taken as the correct one.
The second field is a set of letters specifying the permissions granted
to the client. The perms should be chosen from the following set:
R The client can retrieve articles
P The client can post articles
The third and fourth fields specify the username and password that the
client must use to authenticate themselves before the server will
accept any articles. Note that no authentication (other then a match‐
ing entry in this file) is required for newsreading. If they are
empty, then no password is required. Whitespace in these fields will
result in the client being unable to properly authenticate themselves
and may be used to disable access.
The fifth field is a set of patterns identifying the newsgroups that
the client is allowed to access. The patterns are interpreted in the
same manner as the newsfeeds(5) file. The default, however, denies
access to all groups.
The access file is normally used to provide host-level access control
for reading and posting articles. There are times, however, when this
is not sufficient and user-level access control is needed. Whenever an
NNTP ``authinfo'' command is used, the nnrpd server re-reads this file
and looks for a matching username and password. If the local newsread‐
ers are modified to send the ``authinfo'' command, then all host
entries can have no access and specific users can be granted the appro‐
priate read and post access.
## Default is no access.
*:: -no- : -no- :!*
## FOO hosts have no password, can read anything.
## A related workstation can't access FOO newsgroups.
If the file contains passwords, it should not be world-readable.
Written by Rich $alz <email@example.com> for InterNetNews. This is
revision 1.9, dated 1992/08/19.
SEE ALSOinnd(8), newsfeeds(5), nnrpd(8), wildmat(3).