domain(8) [suse man page]
DOMAIN(8) InterNetNews Documentation DOMAIN(8) NAME
domain - nnrpd domain resolver SYNOPSIS
domain domainname DESCRIPTION
This program can be used in readers.conf to grant access based on the subdomain part of the remote hostname. In particular, it only returns success if the remote hostname ends in domainname. (A leading dot on domainname is optional; even without it, the argument must match on dot-separated boundaries). The "username" returned is whatever initial part of the remote hostname remains after domainname is removed. It is an error if there is no initial part (that is, if the remote hostname is exactly the specified domainname). EXAMPLE
The following readers.conf(5) fragment grants access to hosts with internal domain names: auth internal { res: "domain .internal" default-domain: "example.com" } access internal { users: "*@example.com" newsgroups: example.* } Access is granted to the example.* groups for all connections from hosts that resolve to hostnames ending in ".internal"; a connection from "foo.internal" would match access groups as "foo@example.com". BUGS
It seems the code does not confirm that the matching part is actually at the end of the remote hostname (e.g., "domain: example.com" would match the remote host "foo.example.com.org" by ignoring the trailing ".org" part). Does this resolver actually provide any useful functionality not available by using wildcards in the readers.conf(5) hosts parameter? If so, the example above should reflect this functionality. HISTORY
This documentation was written by Jeffrey M. Vinocur <jeff@litech.org>. $Id: domain.pod 8200 2008-11-30 13:31:30Z iulius $ SEE ALSO
nnrpd(8), readers.conf(5) INN 2.5.2 2009-05-21 DOMAIN(8)
Check Out this Related Man Page
IDENT(8) InterNetNews Documentation IDENT(8) NAME
ident - nnrpd ident resolver SYNOPSIS
ident [-p port] [-t] DESCRIPTION
This program attempts to resolve usernames for nnrpd by using the ident protocol to query the remote host. It contacts the remote host using either IPv4 or IPv6 depending on which protocol was used for the incoming NNTP connection. OPTIONS
-p port If this option is given, attempt to contact identd on the specified remote port (which can be a numeric or symbolic specification). Non-numeric values will be looked up using getservbyname(3). The default value is the result of "getservbyname("ident")" if available, or port 113 otherwise. -t If this option is given, the identity returned will never have a domain part. That is, if the remote server returns a result containing an "@" character, ident truncates the response at the "@". This is useful to allow the default-domain parameter in reaers.conf to override the domain supplied by the remote host (particularly if the supplied domain part is an unqualified local machine name rather than a full domain name). EXAMPLE
The following readers.conf(5) fragment tells nnrpd to trust ident information for hosts on a local network, but to replace the domain returned from the ident query: auth LAN { hosts: "192.168/16" res: "ident -t" default-domain: "internal.example.com" } access LAN { users: "*@internal.example.com" newsgroups: example.* } Access is granted to the example.* groups for all users on the local network whose machines respond to ident queries. HISTORY
This documentation was written by Jeffrey M. Vinocur <jeff@litech.org>. $Id: ident.pod 8200 2008-11-30 13:31:30Z iulius $ SEE ALSO
nnrpd(8), readers.conf(5) INN 2.5.2 2009-05-21 IDENT(8)