NAME

     nnrp.access - access file for on-campus NNTP sites

DESCRIPTION

     The  file  /usr/local/news/etc/nnrp.access   specifies   the
     access  control for those NNTP sites that are not handled by
     the main InterNetNews daemon innd(8).  The  nnrpd(8)  server
     reads it when first spawned by innd.

     Comments begin with  a  number  sign  (``#'')  and  continue
     through  the  end of the line.  Blank lines and comments are
     ignored.  All other lines  should  consist  of  five  fields
     separated by colons:
          hosts:perms:username:password:patterns

     The first field is a wildmat(3)-style pattern specifying the
     names or Internet address of a set of hosts.  Before a match
     is checked, the client's hostname (or its  Internet  address
     if  gethostbyaddr(3) fails) is converted to lowercase.  Each
     line is matched in turn, and the last  successful  match  is
     taken as the correct one.

     The second field is a set of letters specifying the  permis-
     sions  granted  to  the  client.  The perms should be chosen
     from the following set:
          R    The client can retrieve articles
          P    The client can post articles

     The third and fourth fields specify the username  and  pass-
     word  that  the  client  must use to authenticate themselves
     before the server will accept any articles.   Note  that  no
     authentication (other then a matching entry in this file) is
     required for newsreading.  If they are empty, then no  pass-
     word is required.  Whitespace in these fields will result in
     the client being unable to properly authenticate  themselves
     and may be used to disable access.

     The fifth field is a set of patterns identifying  the  news-
     groups  that  the client is allowed to access.  The patterns
     are interpreted in the same manner as the newsfeeds(5) file.
     The default, however, denies access to all groups.

     The access file  is  normally  used  to  provide  host-level
     access  control for reading and posting articles.  There are
     times, however, when this is not sufficient  and  user-level
     access  control  is  needed.   Whenever an NNTP ``authinfo''
     command is used, the nnrpd server  re-reads  this  file  and
     looks  for  a  matching username and password.  If the local
     newsreaders are modified to send the  ``authinfo''  command,
     then  all host entries can have no access and specific users
     can be granted the appropriate read and post access.

     For example:
          ##  host:perm:user:pass:groups
          ## Default is no access.
          *::  -no-  :  -no-  :!*
          ##  FOO hosts have no password, can read anything.
          *.foo.com:Read Post:::*
          ##  A related workstation can't access FOO newsgroups.
          lenox.foo.net:RP:martha:hiatt:*,!foo.*

     If the file contains passwords,  it  should  not  be  world-
     readable.

HISTORY

     Written by Rich $alz <rsalz@uunet.uu.net> for  InterNetNews.
     This is revision 1.11, dated 1996/09/06.

SEE ALSO

     innd(8), newsfeeds(5), nnrpd(8), wildmat(3).
Man(1) output converted with man2html