cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
542240d822
openbsd-ports/news/leafnode/patches/patch-INSTALL
giovanni 09760b193b Update to 1.11.6 
Tweaks and ok by jasper@
2009-02-12 13:33:07 +00:00

140 lines
6.3 KiB
Plaintext
Raw Blame History

$OpenBSD: patch-INSTALL,v 1.12 2009/02/12 13:33:07 giovanni Exp $
--- INSTALL.orig Sun Feb 25 12:28:08 2007
+++ INSTALL Sun Feb 8 10:28:54 2009
@@ -70,14 +70,14 @@ as sudo.
the lock file (defaults to leaf.node/lock.file below the spooldir).
## Since 1.9.52, you can also configure the user and group account that
- ## leafnode switches to when started as "news", by means of the --with-user
+ ## leafnode switches to when started as "_news", by means of the --with-user
## and --with-group options. DO MAKE SURE that the --with-user is a member of
## the group you give to the --with-group option (on most systems, the "id" or
## "groups" command with a user account name should tell you what groups the
## user is in.)
NOTE: DO MAKE SURE that the lock file is in a directory that is writable by
- the user "news". Leafnode will have dropped root privileges when it tries
+ the user "_news". Leafnode will have dropped root privileges when it tries
to obtain the lock file, and it needs write access. The new default (as of
1.9.37) should be fine in most cases.
@@ -100,11 +100,11 @@ as sudo.
3a. (as root) Create a "news" group if you don't have one.
-3b. (as root) Create a "news" user if you don't have one. Its primary group
+3b. (as root) Create a "_news" user if you don't have one. Its primary group
should be "news", with no supplemental groups.
3c. (as root) Create an alias in your mail system to forward mail addressed to
- "news" to the real user who looks after leafnode.
+ "_news" to the real user who looks after leafnode.
If you run qmail: get and install the fastforward package.
It is available from qmail distribution sites.
@@ -112,7 +112,7 @@ as sudo.
Common choices are Postfix, Exim and Courier.
Find your aliases file (/etc/aliases or /etc/mail/aliases), add a line
- "news: joe" (assuming joe looks after your leafnode) and then type
+ "_news: joe" (assuming joe looks after your leafnode) and then type
newaliases.
@@ -165,17 +165,17 @@ as sudo.
different postings clash and other troubles. See one of the README-FQDN*
files for details.
-8. (as news) Set up a cron job to run texpire every night or at least every
+8. (as _news) Set up a cron job to run texpire every night or at least every
week. Here is my crontab line, which runs nightly:
0 4 * * * /usr/local/sbin/texpire
- On some systems, you may need to allow the user "news" to install/edit
+ On some systems, you may need to allow the user "_news" to install/edit
crontabs, some of these use the file /etc/cron.allow to store this
information. Check the information for your cron system, man cron or man
crontab should provide you with details.
- I did "su news -c 'crontab -e'" as root to edit the crontab file, and added
+ I did "su _news -c 'crontab -e'" as root to edit the crontab file, and added
this line. Substituting "1" for the third "*", thus:
0 4 * * 1 /usr/local/sbin/texpire
@@ -184,9 +184,9 @@ as sudo.
details.
9. Make sure fetchnews is run at the appropriate time. If you have a
- full-time link, run it from cron (as "news" again), if not, run it when
+ full-time link, run it from cron (as "_news" again), if not, run it when
your connection to the net is established. If it is run as root, it will
- change its user ID to "news" automatically. If you use PPP, you can
+ change its user ID to "_news" automatically. If you use PPP, you can
probably run fetchnews from /etc/ppp/ip-up.local or /etc/ppp/ip-up.
10. (as root) Edit /etc/hosts.deny to add a line:
@@ -236,12 +236,11 @@ as sudo.
incoming NNTP connections. Here is my inetd.conf line (insert it at the
leftmost column, without leading spaces!):
- nntp stream tcp nowait news /usr/sbin/tcpd /usr/local/sbin/leafnode
+ nntp stream tcp nowait _news /usr/libexec/tcpd /usr/local/sbin/leafnode
This starts leafnode for all connections on the nntp port, subject to
- /etc/hosts.allow and /etc/hosts.deny screening. If you don't have
- /usr/sbin/tcpd, fetch the tcp_wrappers package and install it.
-
+ /etc/hosts.allow and /etc/hosts.deny screening.
+
Using leafnode without tcpd is not supported and opens your computer to
abuse (even happens on modem lines that are only connected during the
fetch!)
@@ -278,8 +277,8 @@ as sudo.
socket_type = stream
protocol = tcp
wait = no
- user = news
- server = /usr/sbin/tcpd
+ user = _news
+ server = /usr/libexec/tcpd
server_args = /usr/local/sbin/leafnode
instances = 7
per_source = 3
@@ -349,7 +348,7 @@ as sudo.
#! /bin/sh
exec 2>&1
exec /usr/local/bin/tcpserver -c10 -l0 -H -v 127.0.0.1 119 \
- /usr/local/bin/setuidgid news /usr/local/bin/argv0 /usr/sbin/tcpd \
+ /usr/local/bin/setuidgid _news /usr/local/bin/argv0 /usr/libexec/tcpd \
/usr/local/sbin/leafnode
You may need to adjust the paths if your software is in a non-standard
@@ -365,7 +364,7 @@ as sudo.
exec 2>&1
exec /usr/local/bin/tcpserver -c10 -l0 -H -v -x nntp.cdb \
127.0.0.1 119 \
- /usr/local/bin/setuidgid news /usr/local/sbin/leafnode
+ /usr/local/bin/setuidgid _news /usr/local/sbin/leafnode
As above, adjust the paths and the IP.
@@ -400,7 +399,7 @@ as sudo.
svscan should notice the new leafnode service within 5 seconds and
start it.
-12. (as root or news) Run fetchnews. The first run will take some time since
+12. (as root or _news) Run fetchnews. The first run will take some time since
fetchnews reads a list of all newsgroups from your upstream server. With
an 28.8 modem, it can take as long as 60 minutes (depending on how many
newsgroups your provider offers). To see fetchnews working, run it with
@@ -427,7 +426,7 @@ as sudo.
After this, you should have empty files in
/var/spool/news/interesting.groups/ for every group you want to read.
-14. (as root or news) Run fetchnews again. This run should pick up all the
+14. (as root or _news) Run fetchnews again. This run should pick up all the
groups you want to read.
15. Note: for access from remote sites, outside of your LAN, additional
Reference in New Issue View Git Blame Copy Permalink