2005-11-24 15:06:32 -05:00
|
|
|
$OpenBSD: patch-INSTALL,v 1.11 2005/11/24 20:06:32 sturm Exp $
|
2005-06-09 12:52:04 -04:00
|
|
|
--- INSTALL.orig Tue Jun 7 16:13:18 2005
|
2005-11-24 15:06:32 -05:00
|
|
|
+++ INSTALL Thu Nov 24 20:59:28 2005
|
|
|
|
@@ -77,7 +77,7 @@ as sudo.
|
2004-05-07 16:46:59 -04:00
|
|
|
## user is in.)
|
2003-06-23 15:11:10 -04:00
|
|
|
|
|
|
|
NOTE: DO MAKE SURE that the lock file is in a directory that is writable by
|
|
|
|
- the user "news". Leafnode will have dropped root privileges when it tries
|
|
|
|
+ the user "_news". Leafnode will have dropped root privileges when it tries
|
|
|
|
to obtain the lock file, and it needs write access. The new default (as of
|
|
|
|
1.9.37) should be fine in most cases.
|
|
|
|
|
2005-11-24 15:06:32 -05:00
|
|
|
@@ -98,16 +98,16 @@ as sudo.
|
2003-06-23 15:11:10 -04:00
|
|
|
|
|
|
|
All tests must pass, otherwise, ask on the leafnode mailing list for help.
|
|
|
|
|
|
|
|
-3a. (as root) Create a "news" user if you don't have one.
|
|
|
|
+3a. (as root) Create a "_news" user if you don't have one.
|
|
|
|
|
|
|
|
3b. (as root) Create an alias in your mail system to forward mail addressed to
|
|
|
|
- "news" to the real user who looks after leafnode.
|
|
|
|
+ "_news" to the real user who looks after leafnode.
|
|
|
|
|
2005-06-09 12:52:04 -04:00
|
|
|
If you run qmail: get and install the fastforward package.
|
|
|
|
It is available from qmail distribution sites.
|
2003-06-23 15:11:10 -04:00
|
|
|
|
|
|
|
Find your aliases file (/etc/aliases or /etc/mail/aliases), add a line
|
|
|
|
- "news: joe" (assuming joe looks after your leafnode) and then type
|
|
|
|
+ "_news: joe" (assuming joe looks after your leafnode) and then type
|
|
|
|
|
|
|
|
newaliases.
|
|
|
|
|
2005-11-24 15:06:32 -05:00
|
|
|
@@ -160,12 +160,12 @@ as sudo.
|
2005-06-09 12:52:04 -04:00
|
|
|
different postings clash and other troubles. See one of the README-FQDN*
|
|
|
|
files for details.
|
2003-06-23 15:11:10 -04:00
|
|
|
|
2005-06-09 12:52:04 -04:00
|
|
|
-8. (as news) Set up a cron job to run texpire every night or at least every
|
|
|
|
+8. (as _news) Set up a cron job to run texpire every night or at least every
|
|
|
|
week. Here is my crontab line, which runs nightly:
|
2003-06-23 15:11:10 -04:00
|
|
|
|
|
|
|
0 4 * * * /usr/local/sbin/texpire
|
|
|
|
|
|
|
|
- I did "crontab -u news -e" as root to edit the crontab file, and added this
|
|
|
|
+ I did "crontab -u _news -e" as root to edit the crontab file, and added this
|
|
|
|
line. Substituting "1" for the third "*", thus:
|
|
|
|
|
|
|
|
0 4 * * 1 /usr/local/sbin/texpire
|
2005-11-24 15:06:32 -05:00
|
|
|
@@ -174,9 +174,9 @@ as sudo.
|
2003-06-23 15:11:10 -04:00
|
|
|
details.
|
|
|
|
|
|
|
|
9. Make sure fetchnews is run at the appropriate time. If you have a
|
|
|
|
- full-time link, run it from cron (as "news" again), if not, run it when
|
|
|
|
+ full-time link, run it from cron (as "_news" again), if not, run it when
|
|
|
|
your connection to the net is established. If it is run as root, it will
|
|
|
|
- change its user ID to "news" automatically. If you use PPP, you can
|
|
|
|
+ change its user ID to "_news" automatically. If you use PPP, you can
|
|
|
|
probably run fetchnews from /etc/ppp/ip-up.local or /etc/ppp/ip-up.
|
|
|
|
|
|
|
|
10. (as root) Edit /etc/hosts.deny to add a line:
|
2005-11-24 15:06:32 -05:00
|
|
|
@@ -225,12 +225,11 @@ as sudo.
|
2003-05-21 02:51:43 -04:00
|
|
|
incoming NNTP connections. Here is my inetd.conf line (insert it at the
|
|
|
|
leftmost column, without leading spaces!):
|
1998-07-25 02:16:10 -04:00
|
|
|
|
2002-09-23 20:24:19 -04:00
|
|
|
- nntp stream tcp nowait news /usr/sbin/tcpd /usr/local/sbin/leafnode
|
2005-06-09 12:52:04 -04:00
|
|
|
+ nntp stream tcp nowait _news /usr/sbin/tcpd /usr/local/sbin/leafnode
|
2000-06-10 15:00:14 -04:00
|
|
|
|
2002-09-23 20:24:19 -04:00
|
|
|
This starts leafnode for all connections on the nntp port, subject to
|
|
|
|
- /etc/hosts.allow and /etc/hosts.deny screening. If you don't have
|
|
|
|
- /usr/sbin/tcpd, fetch the tcp_wrappers package and install it.
|
2005-06-09 12:52:04 -04:00
|
|
|
-
|
2002-09-23 20:24:19 -04:00
|
|
|
+ /etc/hosts.allow and /etc/hosts.deny screening.
|
2005-06-09 12:52:04 -04:00
|
|
|
+
|
2003-05-21 02:51:43 -04:00
|
|
|
Using leafnode without tcpd is not supported and opens your computer to
|
|
|
|
abuse (even happens on modem lines that are only connected during the
|
2005-06-09 12:52:04 -04:00
|
|
|
fetch!)
|
2005-11-24 15:06:32 -05:00
|
|
|
@@ -267,7 +266,7 @@ as sudo.
|
2003-06-23 15:11:10 -04:00
|
|
|
socket_type = stream
|
2003-11-08 16:55:50 -05:00
|
|
|
protocol = tcp
|
2003-06-23 15:11:10 -04:00
|
|
|
wait = no
|
|
|
|
- user = news
|
|
|
|
+ user = _news
|
2003-11-08 16:55:50 -05:00
|
|
|
server = /usr/sbin/tcpd
|
2003-06-23 15:11:10 -04:00
|
|
|
server_args = /usr/local/sbin/leafnode
|
2003-11-08 16:55:50 -05:00
|
|
|
instances = 7
|
2005-11-24 15:06:32 -05:00
|
|
|
@@ -333,7 +332,7 @@ as sudo.
|
2003-06-23 15:11:10 -04:00
|
|
|
#! /bin/sh
|
|
|
|
exec 2>&1
|
|
|
|
exec /usr/local/bin/tcpserver -c10 -l0 -H -v 127.0.0.1 119 \
|
|
|
|
- /usr/local/bin/setuidgid news /usr/local/bin/argv0 /usr/sbin/tcpd \
|
|
|
|
+ /usr/local/bin/setuidgid _news /usr/local/bin/argv0 /usr/sbin/tcpd \
|
|
|
|
/usr/local/sbin/leafnode
|
|
|
|
|
|
|
|
You may need to adjust the paths if your software is in a non-standard
|
2005-11-24 15:06:32 -05:00
|
|
|
@@ -349,7 +348,7 @@ as sudo.
|
2003-06-23 15:11:10 -04:00
|
|
|
exec 2>&1
|
|
|
|
exec /usr/local/bin/tcpserver -c10 -l0 -H -v -x nntp.cdb \
|
|
|
|
127.0.0.1 119 \
|
|
|
|
- /usr/local/bin/setuidgid news /usr/local/sbin/leafnode
|
|
|
|
+ /usr/local/bin/setuidgid _news /usr/local/sbin/leafnode
|
|
|
|
|
|
|
|
As above, adjust the paths and the IP.
|
|
|
|
|
2005-11-24 15:06:32 -05:00
|
|
|
@@ -384,7 +383,7 @@ as sudo.
|
2003-06-23 15:11:10 -04:00
|
|
|
svscan should notice the new leafnode service within 5 seconds and
|
|
|
|
start it.
|
|
|
|
|
|
|
|
-12. (as root or news) Run fetchnews. The first run will take some time since
|
|
|
|
+12. (as root or _news) Run fetchnews. The first run will take some time since
|
|
|
|
fetchnews reads a list of all newsgroups from your upstream server. With
|
|
|
|
an 28.8 modem, it can take as long as 60 minutes (depending on how many
|
|
|
|
newsgroups your provider offers). To see fetchnews working, run it with
|
2005-11-24 15:06:32 -05:00
|
|
|
@@ -411,7 +410,7 @@ as sudo.
|
2003-06-23 15:11:10 -04:00
|
|
|
After this, you should have empty files in
|
|
|
|
/var/spool/news/interesting.groups/ for every group you want to read.
|
|
|
|
|
|
|
|
-14. (as root or news) Run fetchnews again. This run should pick up all the
|
|
|
|
+14. (as root or _news) Run fetchnews again. This run should pick up all the
|
|
|
|
groups you want to read.
|
|
|
|
|
|
|
|
15. Note: for access from remote sites, outside of your LAN, additional
|