Сервер Red Hat Linux 7.1, Red Hat Linux 9.0
Настройки сервера новостей shrek.technet
Сервер новостей inn v.2.3.4-2
Здесь указаны файлы, которые надо менять.
/etc/news/inn.conf
/etc/news/expire.ctl
/etc/news/incoming.conf
/etc/news/storage.conf
/etc/news/readers.conf
Дополнительная информация
Конфигурационный файл /etc/news/inn.conf
[root@shrek /root]# less /etc/news/inn.conf ## $Id: inn.conf.in,v 1.41.2.1 2000/07/17 06:46:17 rra Exp $ ## ## inn.conf -- INN configuration data ## ## Format: ## <parameter>:<whitespace><value> ## ## Blank values are allowed for certain parameters. ## ## See the inn.conf(5) man page for a full description of each of these ## options. This sample file is divided into two sections; first, there ## are the parameters that must be set (or should be set in nearly all ## cases), and then all parameters are given with their defaults for ## reference in the same order and with the same organization as the ## inn.conf(5) documentation. # The following parameters are most likely to need setting, although the # defaults generated by configure may be reasonable. mta: /usr/sbin/sendmail -oi -oem %s organization: A poorly-installed InterNetNews site ovmethod: tradindexed #pathhost: localhost pathnews: /usr/lib/news # General Settings domain: technet innflags: mailcmd: /usr/lib/news/bin/innmail server: shrek # Feed Configuration artcutoff: 100 bindaddress: hiscachesize: 0 ignorenewsgroups: false immediatecancel: false linecountfuzz: 0 maxartsize: 1000000 maxconnections: 50 pathalias: pgpverify: false port: 119 refusecybercancels: false remembertrash: true sourceaddress: usecontrolchan: true verifycancels: false wanttrash: false wipcheck: 5 wipexpire: 10 # Article Storage cnfscheckfudgesize: 0 enableoverview: true groupbaseexpiry: true mergetogroups: false overcachesize: 15 ovgrouppat: storeonxref: false useoverchan: false wireformat: false xrefslave: false # Reading allownewnews: true articlemmap: false clienttimeout: 1800 nnrpdcheckart: true nnrpperlauth: false nnrppythonauth: false noreader: false readerswhenstopped: false readertrack: false # Reading -- Keyword Support # # Enabling this without stopping innd and deleting the existing overview # database and adding will probably confuse a lot of things. You must # have compiled this support in too. keywords: false keyartlimit: 100000 keylimit: 512 keymaxwords: 250 # Posting addnntppostingdate: true addnntppostinghost: true checkincludedtext: false complaints: fromhost: localmaxartsize: 1000000 moderatormailer: nnrpdauthsender: false nnrpdposthost: nnrpdpostport: 119 spoolfirst: false strippostcc: false # Posting -- Exponential Backoff backoffauth: false backoffdb: backoffk: 1 backoffpostfast: 0 backoffpostslow: 1 backofftrigger: 10000 # Monitoring doinnwatch: false innwatchbatchspace: 800 innwatchlibspace: 25000 innwatchloload: 1000 innwatchhiload: 2000 innwatchpauseload: 1500 innwatchsleeptime: 600 innwatchspoolnodes: 200 innwatchspoolspace: 8000 # Logging docnfsstat: false logartsize: true logcancelcomm: false logcycles: 3 logipaddr: true logsitename: true nnrpdoverstats: false nntpactsync: 200 nntplinklog: false status: 0 timer: 0 # System Tuning badiocount: 5 blockbackoff: 120 chaninacttime: 600 chanretrytime: 300 icdsynccount: 1000 maxforks: 10 nicekids: 0 nicenewnews: 0 nicennrpd: 0 pauseretrytime: 300 peertimeout: 3600 rlimitnofile: -1 # Paths patharchive: /var/spool/news/archive patharticles: /var/spool/news/articles pathbin: /usr/lib/news/bin pathcontrol: /usr/lib/news/bin/control pathdb: /var/lib/news pathetc: /etc/news pathfilter: /usr/lib/news/bin/filter pathhttp: /var/log/news pathincoming: /var/spool/news/incoming pathlog: /var/log/news pathoutgoing: /var/spool/news/outgoing pathoverview: /var/spool/news/overview pathrun: /var/run/news pathspool: /var/spool/news pathtmp: /var/lib/news/tmp [root@shrek /root]#
Конфигурационный файл /etc/news/expire.ctl
[root@shrek /root]# less /etc/news/expire.ctl ## $Revision: 1.2.2.2 $ ## expire.ctl - expire control file ## Format: ## /remember/:<keep> ## <class>:<keep>:<default>:<purge> ## <wildmat>:<flag>:<keep>:<default>:<purge> ## First line gives history retention; second line specifies expiration ## for classes; third line specifies expiration for group if groupbaseexpiry ## is true ## <class> class specified in storage.conf ## <wildmat> wildmat-style patterns for the newsgroups ## <keep> Mininum number of days to keep article ## <default> Default number of days to keep the article ## <purge> Flush article after this many days ## <keep>, <default>, and <purge> can be floating-point numbers or the ## word "never." Times are based on when received unless -p is used; ## see expire.8 ## If article expires before 10 days, we still remember it for 10 days in ## case we get offered it again. Depending on what you use for the innd ## -c flag and how paranoid you are about old news, you might want to ## make this 28, 30, etc, but it's probably safe to reduce it to 7 in most ## cases if you want to keep your history file smaller. /remember/:100 ## Keep for 1-10 days, allow Expires headers to work. This entry uses ## the syntax appropriate when groupbaseexpiry is true in inn.conf. *:A:1:100:never ## Keep for 1-10 days, allow Expires headers to work. This is an entry ## based on storage class, used when groupbaseexpiry is false. #0:1:10:never [root@shrek /root]#
Конфигурационный файл /etc/news/incoming.conf
[root@shrek /root]# less /etc/news/incoming.conf
## $Revision: 1.6 $
## incoming.conf - names and addresses that feed us news
##
## This file consists of three types of entries: key/value, peer and group.
## Comments are taken from the hash character ``#'' to the end of the line.
## Blank lines are ignored.
##
## Key/value entries are a keyword immediatly followed by a colon, at least
## one blank and a value. For example:
##
## max-connections: 10
##
## A legal key contains nor blanks, nor colon, nor ``#''.
## There are 5 different type of values: integers, booleans, and strings.
## Integers are as to be expected. A boolean value is either ``true'' or
## ``false'' (case is significant). A string value is any other sequence of
## characters. If the string needs to contain whitespace, then it must be
## quoted with double quotes.
##
## Peer entries look like:
##
## peer <name> {
## # body
## }
##
## The word ``peer'' is required. <name> is a label for this peer. It is
## any string valid as a key. The body of a peer entry contains some number
## of key/value entries.
##
## Group entries look like:
##
## group <name> {
## # body
## }
##
## The word ``group'' is required. The ``<name>'' is any string valid as a
## key. The body of a group entry contains any number of the three types of
## entries. So key/value pairs can be defined inside a group, and peers can
## be nested inside a group, and other groups can be nested inside a group.
##
## Key/value entries that are defined outside of all peer and group entries
## are said to be at ``global scope''. Global key/value entries act as
## defaults for peers. When innd looks for a specific value in a peer entry
## (for example, the maximum number of connections to allow), if the value
## is not defined in the peer entry, then the enclosing groups are examined
## for the entry (starting at the closest enclosing group). If there are no
## enclosing groups, or the enclosing groups don't define the key/value,
## then the value at global scope is used.
##
## A small example could be:
##
## # Global value applied to all peers that have no value of their own.
## max-connections: 5
##
## # A peer definition.
## peer uunet {
## hostname: usenet1.uu.net
## }
##
## peer vixie {
## hostname: gw.home.vix.com
## max-connections: 10 # override global value.
## }
##
## # A group of two peers who can open more connections than normal
## group fast-sites {
## max-connections: 15
##
## # Another peer. The ``max-connections'' value from the
## # ``fast-sites'' group scope is used.
## peer data.ramona.vix.com {
## hostname: data.ramona.vix.com
## }
##
## peer bb.home.vix.com {
## hostname: bb.home.vix.com
## max-connections: 20 # he can really cook.
## }
## }
##
## Given the above configuration file, the defined peers would have the
## following values for the ``max-connections'' key.
##
## uunet 5
## vixie 10
## data.ramona.vix.com 15
## bb.home.vix.com 20
##
## Height keys are allowed:
##
## hostname:
## This key is mandatory in a peer block. The value is a string representing
## a list of hostnames separated by a comma. A hostname is the host's FQDN,
## or the dotted quad ip-address of the peer.
##
## streaming:
## This key requires a boolean value. It defines whether streaming commands
## are allowed from this peer. (default=true)
##
## max-connections:
## This key requires positive integer value. It defines the maximum number
## of connections allowed. A value of zero specifies an unlimited number
## of maximum connections (``unlimited'' or ``none'' can be used as synonym).
## (default=0)
##
## hold-time:
## This key requires positive integer value. It defines the hold time before
## close, if the connection is over max-connections. A value of zero
## specifies immediate close. (default=0)
##
## password:
## This key requires a string value. It is used if you wish to require a peer
## to supply a password. (default=no password)
##
## patterns:
## This key requires a string value. It is a list of newsfeeds(5)-style list
## of newsgroups which are to be accepted from this host. (default="*")
##
## email:
## This key requires a string value. Reserved for future use. (default=empty)
##
## comment:
## This key requires a string value. Reserved for future use. (default=empty)
##
## skip:
## This key requires a boolean value. Setting this entry causes this peer
## to be skipped. Reserved for future use. (default=false)
##
## noresendid:
## This key requires a boolean value. It defines whether innd should send
## "431 RESENDID" (stream mode) or "436 Retry later" (non-stream mode)
## responses if a message is offered that is already received from another
## peer. This can be useful for peers that resend messages right away,
## as innfeed does. (default=false)
##
streaming: true # streaming allowed by default
max-connections: 12 # per feed
peer ME {
hostname: "localhost, 127.0.0.1"
}
peer local {
hostname: "shrek, 172.18.1.200"
}
[root@shrek /root]#
Конфигурационный файл /etc/news/storage.conf
[root@shrek /root]# less /etc/news/storage.conf
# This file is used to determine which storage method articles are sent to
# to be stored and which storage class they are stored as.
#
# Sample for the ``timehash'' storage method:
#
# method <methodname> {
# newsgroups: <wildmat>
# class: <storage class #>
# size: <minsize>[,<maxsize>]
# expires: <mintime>[,<maxtime>]
# options: <options>
# }
#
#method timehash {
# newsgroups: *
# class: 0
#}
#method timehash {
# newsgroups: alt.binaries.*
# class: 1
# size: 2,32000
#}
#method timehash {
# newsgroups: alt.*
# class: 2
# size: 1
#}
#
# Sample for the ``cnfs'' storage method:
#
# methodname:wildmat:storage class #:minsize:maxsize:metacycbuffname
# method cnfs {
# newsgroups: <wildmat>
# class: <storage class #>
# size: <minsize>[,<maxsize>]
# expires: <mintime>[,<maxtime>]
# options: <metacycbuffname>
# }
#
#method cnfs {
# newsgroups: *
# class: 1
# size: 0,3999
# expires: 4d1s
# options: FAQS
#}
#method cnfs {
# newsgroups: *
# class: 2
# size: 0,3999
# expires: 0s,4d
# options: SMALLAREA
#}
#method cnfs {
# newsgroups: *
# class: 3
# size: 4000,1000000
# options: BIGAREA
#}
method tradspool {
newsgroups: utep.*
class: 1
}
[root@shrek /root]#
Конфигурационный файл /etc/news/readers.conf
[root@shrek /root]# less /etc/news/readers.conf
## $Id: readers.conf,v 1.4.2.1 2001/01/16 15:36:37 rra Exp $
##
## readers.conf - Access control and configuration for nnrpd
##
## Format:
## auth "<name>" {
## hosts: "<hostlist>"
## auth: "<authprog>"
## res: "<resprog>"
## default: "<identity>"
## default-domain: "<email-domain>"
## }
## access "<name>" {
## users: "<userlist>"
## newsgroups: "<newsgroups>"
## read: "<read>"
## post: "<post>"
## access: "<perm>"
## }
##
## Other parameters are possible. See readers.conf(5) for all the
## details. Only one of newsgroups or read/post may be used in a single
## access group.
##
## If the connecting host is not matched by any hosts: parameter of any
## auth group, it will be denied access. auth groups assign an identity
## string to connections, access groups grant privileges to identity
## strings matched by their users: parameters.
##
## In all cases, the last match found is used, so put defaults first.
##
## For a news server that allows connections from anyone within a
## particular domain or IP address range, just uncomment the "local" auth
## group and the "local" access group below and adjust the hosts: and
## default: parameters of the auth group and the users: parameter of the
## access group for your local network and domain name. That's all there
## is to it.
##
## For more complicated configurations, read the comments on the examples
## and also see the examples and explanations in readers.conf(5). The
## examples in readers.conf(5) include setups that require the user to
## log in with a username and password (the example in this file only
## uses simple host-based authentication).
##
## NOTE: Unlike in previous versions of INN, nnrpd will now refuse any
## post from anyone to a moderated newsgroup that contains an Approved:
## header unless their access block has an access: key containing the
## "A" flag. This is to prevent abuse of moderated groups, but it means
## that if you support any newsgroup moderators, you need to make sure
## to add such a line to the access group that affects them. See the
## access group for localhost below for an example.
# The only groups enabled by default (the rest of this file is
# commented-out examples). This assigns the identity of <localhost> to
# the local machine
auth "localhost" {
hosts: "localhost, 127.0.0.1, stdin"
default: "<localhost>"
}
# Grant that specific identity access to read and post to any newsgroup
# and allow it to post articles with Approved: headers to moderated
# groups.
access "localhost" {
users: "<localhost>"
newsgroups: "*"
access: RPA
}
auth default {
hosts: "172.18.1.0/255.255.255.0"
default: "<LOCAL>"
}
access full {
users: *
newsgroups: utep.*
access: RP
}
#auth w2ksrv {
# hosts: "172.18.1.1"
# default: "suntech"
#}
#access full {
# users: *
# newsgroups: utep.*
# access: RP
#}
# This auth group matches all connections from example.com or machines in
# the example.com domain and gives them the identity <local>@example.com.
# Instead of using wildmat patterns to match machine names, you could also
# put a wildmat pattern matching IP addresses or an IP range specified
# using CIDR notation (like 10.10.10.0/24) here.
#auth "local" {
# hosts: "*.example.com, example.com"
# default: "<local>@example.com"
#}
# This auth group matches a subset of machines and assigns connections
# from there an identity of "<read>@example.com"; these systems should
# only have read access, no posting privileges.
#auth "read-only" {
# hosts: "*.newuser.example.com"
# default: "<read>@example.com"
#}
# This auth group matches the systems at a guest institution that should
# be allowed to read the example.events.* hierarchy but nothing else.
#auth "events-only" {
# hosts: "*.example.org"
# default: "<events-only>@example.org"
#}
# Finally, this auth group matches some particular systems which have been
# abusing the server. Note that it doesn't assign them an identity at
# all; the "empty" identity created in this fashion won't match any users:
# parameters. Note also that it's last, so anything matching this entry
# will take precedent over everything above it.
#auth "abusers" {
# hosts: "badguy-dsl.example.com, kiosk.public-access.example.com"
#}
# Now for the access groups. All of our access groups should have users:
# parameters so there are no access groups that match connections without
# an identity (such as are generated by the "abusers" entry above).
# First, the default case of local users, who get to read and post to
# everything.
#access "local" {
# users: "<local>@example.com"
# newsgroups: "*"
#}
# Now, the read-only folks, who only get to read everything.
#access "read-only" {
# users: "<read>@example.com"
# read: "*"
#}
# Finally, the events-only people who get to read and post but only to a
# specific hierarchy.
#access "events-only" {
# users: "<events-only>@example.org"
# newsgroups: "example.events.*"
#}
[root@shrek /root]#
Если при попытке запустить процесс командой:
/etc/init.d/innd start
выдается следующее сообщение:
"Перед запуском innd необходимо выполнить makehistory и/или makedbz."
или
"Please run makehistory and/or makedbz before starting innd."
то необходибо выполнить следующие 2 команды:
/usr/lib/news/bin/makehistory
и
/usr/lib/news/bin/makedbz -i -o
после первой появится файл:
/var/lib/news/history
после второй появятся файлы:
/var/lib/news/history.dir
/var/lib/news/history.index
/var/lib/news/history.hash
где "/var/lib/news/" = pathdb
необходимо проверить, кто является владельцем на созданные файлы:
ls -l /etc/news/*
ls -l /var/lib/news/*
ls -l /var/spool/news/tradspool.map
ls -l /var/spool/news/overview/group.index
если пользователь не news, то необходимо выполнить следующее:
chown news /etc/news/*
chgrp news /etc/news/*
chown news /var/lib/news/history*
chgrp news /var/lib/news/history*
chown news /var/spool/news/tradspool.map
chgrp news /var/spool/news/tradspool.map
chown news /var/spool/news/overview/group.index
chgrp news /var/spool/news/overview/group.index
Команды:
[root@shrek /root]# ctlinnd newgroup utep.talk y SunTechnic
[root@shrek /root]# ctlinnd newgroup utep.test y SunTechnic
После этого в файлах active и active.times (/var/lib/news/active и /var/lib/news/active.times) появятся соответсвующие строчки и создадутся соответсвующие каталорги по пути указанному в переменной patharticles
/var/spool/news/articles/utep/talk
/var/spool/news/articles/utep/test
Настройки сервера новостей pups.it.ru
Сервер новостей взят из дистрибутива Red Hat 7.1. inn v.2.3.2-12
Здесь также указаны файлы, которые надо менять.
/etc/news/inn.conf
/etc/news/expire.ctl
/etc/news/incoming.conf
/etc/news/storage.conf
/etc/news/readers.conf
Дополнительная информация (как и в inn v.2.3.4-2)
/var/lib/news/newsgroups
Конфигурационный файл /etc/news/inn.conf
[root@pups /root]# less /etc/news/inn.conf ## $Id: inn.conf.in,v 1.41.2.1 2000/07/17 06:46:17 rra Exp $ ## ## inn.conf -- INN configuration data ## ## Format: ##Конфигурационный файл /etc/news/expire.ctl: ## ## Blank values are allowed for certain parameters. ## ## See the inn.conf(5) man page for a full description of each of these ## options. This sample file is divided into two sections; first, there ## are the parameters that must be set (or should be set in nearly all ## cases), and then all parameters are given with their defaults for ## reference in the same order and with the same organization as the ## inn.conf(5) documentation. # The following parameters are most likely to need setting, although the # defaults generated by configure may be reasonable. mta: /usr/sbin/sendmail -oi -oem %s organization: A poorly-installed InterNetNews site ovmethod: tradindexed #pathhost: localhost pathnews: /usr # General Settings domain: it.ru innflags: mailcmd: /usr/bin/innmail server: pups # Feed Configuration artcutoff: 100 bindaddress: hiscachesize: 0 ignorenewsgroups: false immediatecancel: false linecountfuzz: 0 maxartsize: 1000000 maxconnections: 50 pathalias: pgpverify: false port: 119 refusecybercancels: false remembertrash: true sourceaddress: usecontrolchan: true verifycancels: false wanttrash: false wipcheck: 5 wipexpire: 10 # Article Storage cnfscheckfudgesize: 0 enableoverview: true groupbaseexpiry: true mergetogroups: false overcachesize: 15 ovgrouppat: storeonxref: false useoverchan: false wireformat: false xrefslave: false # Reading allownewnews: true articlemmap: false clienttimeout: 1800 nnrpdcheckart: true nnrpperlauth: false nnrppythonauth: false noreader: false readerswhenstopped: false readertrack: false # Reading -- Keyword Support # # Enabling this without stopping innd and deleting the existing overview # database and adding will probably confuse a lot of things. You must # have compiled this support in too. keywords: false keyartlimit: 100000 keylimit: 512 keymaxwords: 250 # Posting addnntppostingdate: true addnntppostinghost: true checkincludedtext: false complaints: fromhost: localmaxartsize: 1000000 moderatormailer: nnrpdauthsender: false nnrpdposthost: nnrpdpostport: 119 spoolfirst: false strippostcc: false # Posting -- Exponential Backoff backoffauth: false backoffdb: backoffk: 1 backoffpostfast: 0 backoffpostslow: 1 backofftrigger: 10000 # Monitoring doinnwatch: false innwatchbatchspace: 800 innwatchlibspace: 25000 innwatchloload: 1000 innwatchhiload: 2000 innwatchpauseload: 1500 innwatchsleeptime: 600 innwatchspoolnodes: 200 innwatchspoolspace: 8000 # Logging docnfsstat: false logartsize: true logcancelcomm: false logcycles: 3 logipaddr: true logsitename: true nnrpdoverstats: false nntpactsync: 200 nntplinklog: false status: 0 timer: 0 # System Tuning badiocount: 5 blockbackoff: 120 chaninacttime: 600 chanretrytime: 300 icdsynccount: 1000 maxforks: 10 nicekids: 0 nicenewnews: 0 nicennrpd: 0 pauseretrytime: 300 peertimeout: 3600 rlimitnofile: -1 # Paths patharchive: /var/spool/news/archive patharticles: /var/spool/news/articles pathbin: /usr/bin pathcontrol: /usr/bin/control pathdb: /var/lib/news pathetc: /etc/news pathfilter: /usr/bin/filter pathhttp: /var/log/news pathincoming: /var/spool/news/incoming pathlog: /var/log/news pathoutgoing: /var/spool/news/outgoing pathoverview: /var/spool/news/overview pathrun: /var/run/news pathspool: /var/spool/news pathtmp: /var/lib/news/tmp [root@pups /root]#
[root@pups /root]# less /etc/news/expire.ctl ## $Revision: 1.2.2.2 $ ## expire.ctl - expire control file ## Format: ## /remember/:## : : : ## : : : : ## First line gives history retention; second line specifies expiration ## for classes; third line specifies expiration for group if groupbaseexpiry ## is true ## class specified in storage.conf ## wildmat-style patterns for the newsgroups ## Mininum number of days to keep article ## Default number of days to keep the article ## Flush article after this many days ## , , and can be floating-point numbers or the ## word "never." Times are based on when received unless -p is used; ## see expire.8 ## If article expires before 10 days, we still remember it for 10 days in ## case we get offered it again. Depending on what you use for the innd ## -c flag and how paranoid you are about old news, you might want to ## make this 28, 30, etc, but it's probably safe to reduce it to 7 in most ## cases if you want to keep your history file smaller. /remember/:100 ## Keep for 1-10 days, allow Expires headers to work. This entry uses ## the syntax appropriate when groupbaseexpiry is true in inn.conf. *:A:1:100:never ## Keep for 1-10 days, allow Expires headers to work. This is an entry ## based on storage class, used when groupbaseexpiry is false. #0:1:10:never [root@pups /root]#
Конфигурационный файл /etc/news/incoming.conf
[root@pups /root]# less /etc/news/incoming.conf ## $Revision: 1.6 $ ## incoming.conf - names and addresses that feed us news ## ## This file consists of three types of entries: key/value, peer and group. ## Comments are taken from the hash character ``#'' to the end of the line. ## Blank lines are ignored. ## ## Key/value entries are a keyword immediatly followed by a colon, at least ## one blank and a value. For example: ## ## max-connections: 10 ## ## A legal key contains nor blanks, nor colon, nor ``#''. ## There are 5 different type of values: integers, booleans, and strings. ## Integers are as to be expected. A boolean value is either ``true'' or ## ``false'' (case is significant). A string value is any other sequence of ## characters. If the string needs to contain whitespace, then it must be ## quoted with double quotes. ## ## Peer entries look like: ## ## peer{ ## # body ## } ## ## The word ``peer'' is required. is a label for this peer. It is ## any string valid as a key. The body of a peer entry contains some number ## of key/value entries. ## ## Group entries look like: ## ## group { ## # body ## } ## ## The word ``group'' is required. The `` '' is any string valid as a ## key. The body of a group entry contains any number of the three types of ## entries. So key/value pairs can be defined inside a group, and peers can ## be nested inside a group, and other groups can be nested inside a group. ## ## Key/value entries that are defined outside of all peer and group entries ## are said to be at ``global scope''. Global key/value entries act as ## defaults for peers. When innd looks for a specific value in a peer entry ## (for example, the maximum number of connections to allow), if the value ## is not defined in the peer entry, then the enclosing groups are examined ## for the entry (starting at the closest enclosing group). If there are no ## enclosing groups, or the enclosing groups don't define the key/value, ## then the value at global scope is used. ## ## A small example could be: ## ## # Global value applied to all peers that have no value of their own. ## max-connections: 5 ## ## # A peer definition. ## peer uunet { ## hostname: usenet1.uu.net ## } ## ## peer vixie { ## hostname: gw.home.vix.com ## max-connections: 10 # override global value. ## } ## ## # A group of two peers who can open more connections than normal ## group fast-sites { ## max-connections: 15 ## ## # Another peer. The ``max-connections'' value from the ## # ``fast-sites'' group scope is used. ## peer data.ramona.vix.com { ## hostname: data.ramona.vix.com ## } ## ## peer bb.home.vix.com { ## hostname: bb.home.vix.com ## max-connections: 20 # he can really cook. ## } ## } ## ## Given the above configuration file, the defined peers would have the ## following values for the ``max-connections'' key. ## ## uunet 5 ## vixie 10 ## data.ramona.vix.com 15 ## bb.home.vix.com 20 ## ## Height keys are allowed: ## ## hostname: ## This key is mandatory in a peer block. The value is a string representing ## a list of hostnames separated by a comma. A hostname is the host's FQDN, ## or the dotted quad ip-address of the peer. ## ## streaming: ## This key requires a boolean value. It defines whether streaming commands ## are allowed from this peer. (default=true) ## ## max-connections: ## This key requires positive integer value. It defines the maximum number ## of connections allowed. A value of zero specifies an unlimited number ## of maximum connections (``unlimited'' or ``none'' can be used as synonym). ## (default=0) ## ## hold-time: ## This key requires positive integer value. It defines the hold time before ## close, if the connection is over max-connections. A value of zero ## specifies immediate close. (default=0) ## ## password: ## This key requires a string value. It is used if you wish to require a peer ## to supply a password. (default=no password) ## ## patterns: ## This key requires a string value. It is a list of newsfeeds(5)-style list ## of newsgroups which are to be accepted from this host. (default="*") ## ## email: ## This key requires a string value. Reserved for future use. (default=empty) ## ## comment: ## This key requires a string value. Reserved for future use. (default=empty) ## ## skip: ## This key requires a boolean value. Setting this entry causes this peer ## to be skipped. Reserved for future use. (default=false) ## ## noresendid: ## This key requires a boolean value. It defines whether innd should send ## "431 RESENDID" (stream mode) or "436 Retry later" (non-stream mode) ## responses if a message is offered that is already received from another ## peer. This can be useful for peers that resend messages right away, ## as innfeed does. (default=false) ## streaming: true # streaming allowed by default max-connections: 12 # per feed peer ME { hostname: "localhost, 127.0.0.1" } peer local { hostname: "pups, 172.18.157.2" } [root@pups /root]#
Конфигурационный файл /etc/news/storage.conf
[root@pups /root]# less /etc/news/storage.conf # This file is used to determine which storage method articles are sent to # to be stored and which storage class they are stored as. # # Sample for the ``timehash'' storage method: # # method{ # newsgroups: # class: # size: [, ] # expires: [, ] # options: # } # #method timehash { # newsgroups: * # class: 0 #} #method timehash { # newsgroups: alt.binaries.* # class: 1 # size: 2,32000 #} #method timehash { # newsgroups: alt.* # class: 2 # size: 1 #} # # Sample for the ``cnfs'' storage method: # # methodname:wildmat:storage class #:minsize:maxsize:metacycbuffname # method cnfs { # newsgroups: # class: # size: [, ] # expires: [, ] # options: # } # #method cnfs { # newsgroups: * # class: 1 # size: 0,3999 # expires: 4d1s # options: FAQS #} #method cnfs { # newsgroups: * # class: 2 # size: 0,3999 # expires: 0s,4d # options: SMALLAREA #} #method cnfs { # newsgroups: * # class: 3 # size: 4000,1000000 # options: BIGAREA #} method tradspool { newsgroups: pups.* class: 1 } [root@pups /root]#
Конфигурационный файл /etc/news/readers.conf
[root@pups /root]# less /etc/news/readers.conf ## $Id: readers.conf,v 1.4.2.1 2001/01/16 15:36:37 rra Exp $ ## ## readers.conf - Access control and configuration for nnrpd ## ## Format: ## auth "" { ## hosts: " " ## auth: " " ## res: " " ## default: " " ## default-domain: " " ## } ## access " " { ## users: " " ## newsgroups: " " ## read: " " ## post: " " ## access: " " ## } ## ## Other parameters are possible. See readers.conf(5) for all the ## details. Only one of newsgroups or read/post may be used in a single ## access group. ## ## If the connecting host is not matched by any hosts: parameter of any ## auth group, it will be denied access. auth groups assign an identity ## string to connections, access groups grant privileges to identity ## strings matched by their users: parameters. ## ## In all cases, the last match found is used, so put defaults first. ## ## For a news server that allows connections from anyone within a ## particular domain or IP address range, just uncomment the "local" auth ## group and the "local" access group below and adjust the hosts: and ## default: parameters of the auth group and the users: parameter of the ## access group for your local network and domain name. That's all there ## is to it. ## ## For more complicated configurations, read the comments on the examples ## and also see the examples and explanations in readers.conf(5). The ## examples in readers.conf(5) include setups that require the user to ## log in with a username and password (the example in this file only ## uses simple host-based authentication). ## ## NOTE: Unlike in previous versions of INN, nnrpd will now refuse any ## post from anyone to a moderated newsgroup that contains an Approved: ## header unless their access block has an access: key containing the ## "A" flag. This is to prevent abuse of moderated groups, but it means ## that if you support any newsgroup moderators, you need to make sure ## to add such a line to the access group that affects them. See the ## access group for localhost below for an example. # The only groups enabled by default (the rest of this file is # commented-out examples). This assigns the identity of to # the local machine auth "localhost" { hosts: "localhost, 127.0.0.1, stdin" default: " " } # Grant that specific identity access to read and post to any newsgroup # and allow it to post articles with Approved: headers to moderated # groups. access "localhost" { users: " " newsgroups: "*" access: RPA } auth default { hosts: "172.18.1.0/255.255.255.0" default: " " } access full { users: * newsgroups: pups.* access: RP } # This auth group matches all connections from example.com or machines in # the example.com domain and gives them the identity@example.com. # Instead of using wildmat patterns to match machine names, you could also # put a wildmat pattern matching IP addresses or an IP range specified # using CIDR notation (like 10.10.10.0/24) here. #auth "local" { # hosts: "*.example.com, example.com" # default: " @example.com" #} # This auth group matches a subset of machines and assigns connections # from there an identity of " @example.com"; these systems should # only have read access, no posting privileges. #auth "read-only" { # hosts: "*.newuser.example.com" # default: " @example.com" #} # This auth group matches the systems at a guest institution that should # be allowed to read the example.events.* hierarchy but nothing else. #auth "events-only" { # hosts: "*.example.org" # default: " @example.org" #} # Finally, this auth group matches some particular systems which have been # abusing the server. Note that it doesn't assign them an identity at # all; the "empty" identity created in this fashion won't match any users: # parameters. Note also that it's last, so anything matching this entry # will take precedent over everything above it. #auth "abusers" { # hosts: "badguy-dsl.example.com, kiosk.public-access.example.com" #} # Now for the access groups. All of our access groups should have users: # parameters so there are no access groups that match connections without # an identity (such as are generated by the "abusers" entry above). # First, the default case of local users, who get to read and post to # everything. #access "local" { # users: " @example.com" # newsgroups: "*" #} # Now, the read-only folks, who only get to read everything. #access "read-only" { # users: " @example.com" # read: "*" #} # Finally, the events-only people who get to read and post but only to a # specific hierarchy. #access "events-only" { # users: " @example.org" # newsgroups: "example.events.*" #} [root@pups /root]#
Файл /var/lib/news/newsgroups
[root@pups /root]# less /var/lib/news/newsgroups control Various control messages (no posting). control.cancel Cancel messages (no posting). control.checkgroups Hierarchy check control messages (no posting). control.newgroup Newsgroup creation control messages (no posting). control.rmgroup Newsgroup removal control messages (no posting). junk Unfiled articles (no posting). pups.talk Talking pups.test Testing [root@pups /root]#
Настройки сервера новостей grossb.it.ru
Сервер новостей взят из дистрибутива Red Hat 6.2. inn v.2.2.2-3
Здесь также указаны файлы, которые надо менять.
/etc/news/inn.conf
/etc/news/expire.ctl
/etc/news/incoming.conf
/etc/news/nnrp.access
/var/lib/news/newsgroups
/var/lib/news/active
/var/lib/news/active.times
Конфигурационный файл /etc/news/inn.conf
[root@grossb /root]# less /etc/news/inn.conf ## $Revision: 1.24.2.2 $ ## inn.conf -- inn configuration data ## Format: ## <parameter>:<whitespace><value> ## ## See the inn.conf(5) man page for a full description of each ## of these options ## ## Blank values are allowed for certain parameters ## --------------------------------- # All parameters must exist # organization: InterNetNews site server: grossb.it.ru pathhost: localhost moderatormailer: domain: it.ru fromhost: pathalias: complaints: mta: /usr/sbin/sendmail -oi %s mailcmd: /usr/bin/innmail checkincludedtext: false maxforks: 10 maxartsize: 1000000 nicekids: 0 nicenewnews: 0 verifycancels: true logcancelcomm: true wanttrash: false remembertrash: true linecountfuzz: 0 peertimeout: 3600 clienttimeout: 1800 allownewnews: true localmaxartsize: 1000000 logartsize: true logipaddr: true logsitename: true maxconnections: 50 artcutoff: 70 icdsynccount: 1000 hiscachesize: 0 readertrack: false strippostcc: false status: 0 timer: 0 readerswhenstopped: false noreader: false extendeddbz: false nnrpdoverstats: false storeonxref: true nnrpdcheckart: true storemsgid: true usecontrolchan: true mergetogroups: false backoffauth: false backoffdb: /var/lib/news/backoff backoffpostfast: 0L backoffpostslow: 1L backofftrigger: 10000L mimeversion: mimecontenttype: mimeencoding: refusecybercancels: false activedenable: true activedupdate: 30 activedport: 1119 nnrpperlauth: false # # # These options are unlikely to need changing in most situations # chaninacttime: 600 chanretrytime: 300 pauseretrytime: 300 nntplinklog: false nntpactsync: 200 badiocount: 5 blockbackoff: 120 # # --------------------------------- # Changing these options can have an effect on the way articles are # stored and may require recreating the spool and/or database files # wireformat: false xrefslave: false nnrpdposthost: nnrpdpostport: 1999 spoolfirst: false writelinks: true storageapi: false articlemmap: false overviewmmap: true bindaddress: all sourceaddress: any port: 1999 # ## Keywords-in-overview options ## Enabling this without stopping innd and deleting the existing overview ## database and adding will probably confuse a lot of things. You must ## have compiled this support in too. # keywords: false keylimit: 512 keyartlimit: 100000 keymaxwords: 250 # # Other options innflags: doinnwatch: false innwatchsleeptime: 600 pgpverify: false controlfailnotice: false logcycles: 3 innwatchpauseload: 1500 innwatchhiload: 2000 innwatchloload: 1000 innwatchspoolspace: 8000 innwatchbatchspace: 800 innwatchlibspace: 25000 innwatchspoolnodes: 200 docnfsstat: false # # --------------------------------- # Paths to various aspects of the news system # pathnews: /usr pathbin: /usr/bin pathfilter: /usr/bin/filter pathcontrol: /usr/bin/control pathdb: /var/lib/news pathetc: /etc/news pathrun: /var/run/news pathlog: /var/log/news pathhttp: /var/log/news pathtmp: /usr/tmp pathspool: /var/spool/news patharticles: /var/spool/news/articles pathoverview: /var/spool/news/overview pathoutgoing: /var/spool/news/outgoing pathincoming: /var/spool/news/incoming patharchive: /var/spool/news/archive pathuniover: /var/spool/news/uniover overviewname: .overview # # --------------------------------- # [root@grossb /root]#
Конфигурационный файл /etc/news/expire.ctl
[root@grossb /root]# less /etc/news/expire.ctl ## $Revision: 1.1.1.1 $ ## expire.ctl - expire control file ## Format: ## /remember/:<keep> ## <patterns>:<modflag>:<keep>:<default>:<purge> ## First line gives history retention; other lines specify expiration ## for newsgroups. Must have a "*:A:..." line which is the default. ## <patterns> wildmat-style patterns for the newsgroups ## <modflag> Pick one of M U A -- modifies pattern to be only ## moderated, unmoderated, or all groups ## <keep> Mininum number of days to keep article ## <default> Default number of days to keep the article ## <purge> Flush article after this many days ## <keep>, <default>, and <purge> can be floating-point numbers or the ## word "never." Times are based on when received unless -p is used; ## see expire.8 ## If article expires before 14 days, we still remember it for 14 days in ## case we get offered it again. Depending on what you use for the innd ## -c flag and how paranoid you are about old news, you might want to ## make this 28, 30, etc. /remember/:100 ## Keep for 1-10 days, allow Expires headers to work. *:A:1:100:never ## Some particular groups stay forever. # Keep FAQ's for a month, so they're always available *.answers:M:1:35:90 news.announce.*:M:1:35:90 # Some other recommendations. Uncomment if you want # .announce groups tend to be low-traffic, high signal. # *.announce:M:1:30:90 # Weather forecasts # *.weather:A:1:2:7 # test posts # *.test:A:1:1:1 ## Some particular groups stay forever. # dc.dining*:A:never:never:never # uunet*:A:never:never:never [root@grossb /root]#
Конфигурационный файл /etc/news/incoming.conf
[root@grossb /root]# less /etc/news/incoming.conf
## $Revision: 1.3.4.2 $
## incoming.conf - names and addresses that feed us news
##
## This file consists of three types of entries: key/value, peer and group.
## Comments are taken from the hash character ``#'' to the end of the line.
## Blank lines are ignored.
##
## Key/value entries are a keyword immediatly followed by a colon, at least
## one blank and a value. For example:
##
## max-connections: 10
##
## A legal key contains nor blanks, nor colon, nor ``#''.
## There are 5 different type of values: integers, booleans, and strings.
## Integers are as to be expected. A boolean value is either ``true'' or
## ``false'' (case is significant). A string value is any other sequence of
## characters. If the string needs to contain whitespace, then it must be
## quoted with double quotes.
##
## Peer entries look like:
##
## peer <name> {
## # body
## }
##
## The word ``peer'' is required. <name> is a label for this peer. It is
## any string valid as a key. The body of a peer entry contains some number
## of key/value entries.
##
## Group entries look like:
##
## group <name> {
## # body
## }
##
## The word ``group'' is required. The ``<name>'' is any string valid as a
## key. The body of a group entry contains any number of the three types of
## entries. So key/value pairs can be defined inside a group, and peers can
## be nested inside a group, and other groups can be nested inside a group.
##
## Key/value entries that are defined outside of all peer and group entries
## are said to be at ``global scope''. Global key/value entries act as
## defaults for peers. When innd looks for a specific value in a peer entry
## (for example, the maximum number of connections to allow), if the value
## is not defined in the peer entry, then the enclosing groups are examined
## for the entry (starting at the closest enclosing group). If there are no
## enclosing groups, or the enclosing groups don't define the key/value,
## then the value at global scope is used.
##
## A small example could be:
##
## # Global value applied to all peers that have no value of their own.
## max-connections: 5
##
## # A peer definition.
## peer uunet {
## hostname: usenet1.uu.net
## }
##
## peer vixie {
## hostname: gw.home.vix.com
## max-connections: 10 # override global value.
## }
##
## # A group of two peers who can open more connections than normal
## group fast-sites {
## max-connections: 15
##
## # Another peer. The ``max-connections'' value from the
## # ``fast-sites'' group scope is used.
## peer data.ramona.vix.com {
## hostname: data.ramona.vix.com
## }
##
## peer bb.home.vix.com {
## hostname: bb.home.vix.com
## max-connections: 20 # he can really cook.
## }
## }
##
## Given the above configuration file, the defined peers would have the
## following values for the ``max-connections'' key.
##
## uunet 5
## vixie 10
## data.ramona.vix.com 15
## bb.home.vix.com 20
##
## Height keys are allowed:
##
## hostname:
## This key is mandatory in a peer block. The value is a string representing
## a list of hostnames separated by a comma. A hostname is the host's FQDN,
## or the dotted quad ip-address of the peer.
##
## streaming:
## This key requires a boolean value. It defines whether streaming commands
## are allowed from this peer. (default=true)
##
## max-connections:
## This key requires positive integer value. It defines the maximum number
## of connections allowed. A value of zero specifies an unlimited number
## of maximum connections (``unlimited'' or ``none'' can be used as synonym).
## (default=0)
##
## password:
## This key requires a string value. It is used if you wish to require a peer
## to supply a password. (default=no password)
##
## patterns:
## This key requires a string value. It is a list of newsfeeds(5)-style list
## of newsgroups which are to be accepted from this host. (default="*")
##
## email:
## This key requires a string value. Reserved for future use. (default=empty)
##
## comment:
## This key requires a string value. Reserved for future use. (default=empty)
##
## skip:
## This key requires a boolean value. Setting this entry causes this peer
## to be skipped. Reserved for future use. (default=false)
##
## noresendid:
## This key requires a boolean value. It defines whether innd should send
## "431 RESENDID" (stream mode) or "436 Retry later" (non-stream mode)
## responses if a message is offered that is already received from another
## peer. This can be useful for peers that resend messages right away,
## as innfeed does. (default=false)
##
streaming: true # streaming allowed by default
max-connections: 50 # per feed
peer ME {
hostname: "localhost, 127.0.0.1"
}
peer local {
hostname: "grossb.it.ru, 172.18.84.5"
streaming: true
}
[root@grossb /root]#
Конфигурационный файл /etc/news/nnrp.access
[root@grossb /root]# less /etc/news/nnrp.access # Default to no access *:: -no- : -no- :!* # Allow access from localhost localhost:Read Post:::* # Allow access from frendly hosts 172.18.16.62:Read Post:ignat:eva:it.* 172.18.33.4:Read Post:alone:mind:it.* 172.18.33.26:Read Post:sablin:browse:it.* 172.18.33.28:Read Post:sablin:browse:it.* 172.18.34.2:Read Post:intra:go:it.* 172.18.34.5:Read Post:sb:immortal:it.* 172.18.64.193:Read Post:kpn:shved1:it.* 172.18.84.47:Read Post:sandy:candy:it.* 172.18.84.49:Read Post:lstrunnikova:peufive:it.* 172.18.87.18:Read Post:inna:platina:it.* 172.18.87.33:Read Post:dtimirov:haron:it.* 172.18.92.43:Read Post:014:trinitron:it.* 172.18.92.48:Read Post:petr:sharck:it.* 172.18.92.174:Read Post:022:ghjnjrf:it.* 172.18.94.2:Read Post:olk:father:it.* 172.18.94.3:Read Post:esa:digger:it.* 172.18.94.7:Read Post:suntechnic:freedom:it.* 172.18.94.19:Read Post:rob:robot:it.* 172.18.94.20:Read Post:pgv:dtghm:it.* 172.18.94.21:Read Post:lsa:9111:it.* 172.18.94.22:Read Post:idvorkina:idd:it.* 172.18.94.25:Read Post:krack:smash:it.* 172.18.95.4:Read Post:blackshade:pwd4news:it.* #172.18.155.155:Read Post:aridov:fuckoff:it.* 172.18.155.211:Read Post:novikov:post:it.* 172.18.223.13:Read Post:andry:diablo:it.* 172.18.223.20:Read Post:andys:rfk<fcf:it.* 172.18.223.21:Read Post:log:pas:it.* 172.18.223.28:Read Post:lexa:gad:it.* 172.18.223.29:Read Post:novik:pen:it.* 172.18.223.110:Read Post:jvasilyeva:julia:it.* [root@grossb /root]#
Файл /var/lib/news/newsgroups
[root@grossb /root]# less /var/lib/news/newsgroups control Usenet control messages - DO NOT REMOVE control.cancel Usenet control messages - DO NOT REMOVE junk Articles for missing newsgroups - DO NOT REMOVE test A place for test posts - DO NOT REMOVE to Special Group for INN use - DO NOT REMOVE it.talking Talking it.mmx Multimedia it.midnight Midnight it.mobile Mobile it.commerce Commerce it.hardnsoft Hard and Soft it.automoto Auto and Moto it.sport Sport [root@grossb /root]#
Файл /var/lib/news/active
[root@grossb /root]# less /var/lib/news/active control 0000000000 0000000001 y control.cancel 0000000005 0000000006 y junk 0000000000 0000000001 y test 0000000002 0000000003 y to 0000000002 0000000003 y it.talking 0000000314 0000000311 y it.mmx 0000000042 0000000043 y it.midnight 0000000022 0000000022 y it.test 0000000066 0000000067 y it.mobile 0000000053 0000000053 y it.commerce 0000000005 0000000006 y it.hardnsoft 0000000019 0000000020 y it.automoto 0000000004 0000000005 y it.sport 0000000010 0000000011 y [root@grossb /root]#
Файл /var/lib/news/active.times
[root@grossb /root]# less /var/lib/news/active.times it.talking 1072177103 SunTechnic it.mmx 1072177110 SunTechnic it.midnight 1072177130 SunTechnic it.test 1072181273 SunTechnic it.mobile 1072266182 SunTechnic it.commerce 1072266189 SunTechnic it.hardnsoft 1072266501 SunTechnic it.automoto 1072266756 SunTechnic it.sport 1072267623 SunTechnic [root@grossb /root]#