inn.conf - Configuration data for InterNetNews programs
inn.conf in pathetc is the primary general configuration file for all InterNetNews programs. Settings which control the general operation of various programs, as well as the paths to all portions of the news installation, are found here. The INNCONF environment variable, if set, specifies an alternate path to inn.conf.
Blank lines and lines starting with a number sign (#
) are ignored. All
other lines specify parameters, and should be of the following form:
<name>: <value>
(Any amount of whitespace can be put after the colon and is optional.)
Everything after the colon and optional whitespace up to the end of the
line is taken as the value. Multi-word values should not be put in
quotes; if they are, the quotes will be taken as part of the value, not as
delimiters. <name> is case-sensitive; server
is not the same as
Server
or SERVER
. (inn.conf parameters are generally all in
lowercase.)
If <name> occurs more than once in the file, the first value is used. Some parameters specified in the file may be overridden by environment variables. Most parameters have default values if not specified in inn.conf; those defaults are noted in the description of each parameter.
For the time being, it is strongly recommended to include every parameter in inn.conf even if it is set to the default value, since some shell scripts don't correctly handle missing keys that they care about. This is a difficult-to-fix bug in the current parser that will be fixed in future versions of INN.
Many parameters take a boolean value. For all such parameters, the value
may be specified as true
, yes
, or on
to turn it on and may be any
of false
, no
, or off
to turn it off. The case of these values is
not significant.
This file is intended to be fairly static. Any changes made to it will
generally not affect any running programs until they restart. Unlike
nearly every other configuration file, inn.conf cannot be reloaded
dynamically using ctlinnd(8); innd(8)
must be stopped and restarted for
relevant changes to inn.conf to take effect (ctlinnd xexec innd
is
the fastest way to do this.)
This documentation is extremely long and organized as a reference manual rather than as a tutorial. If this is your first exposure to INN and these parameters, it would be better to start by reading other man pages and referring to this one only when an inn.conf parameter is explicitly mentioned.
These parameters are used by a wide variety of different components of INN.
GetFQDN()
routine in libinn(3)
cannot get the fully-qualified
domain name by using either the gethostname(3)
or gethostbyname(3)
calls.
The check is very simple; if either routine returns a name with a period
in it, then it is assumed to have the full domain name. The default value
is unset.
innd(8)
for details on the
possible flags. The default value is unset.
%s
, if present, will be replaced
by the e-mail address of the moderator. It's strongly recommended for
this command to include %s
on the command line rather than use the
addresses in the To: and Cc: headers of the message, since the latter
approach allows the news server to be abused as a mechanism to send mail
to arbitrary addresses and will result in unexpected behavior. There is
no default value for this parameter; it must be set in inn.conf or a
fatal error message will be logged via syslog.
For most systems, /usr/lib/sendmail -oi -oem %s
(adjusted for the
correct path to sendmail) is a good choice.
nnrpd(8)
tries to hand off
locally-posted articles through an INET domain socket to this server.
actsync(8), nntpget(8), and getlist(8)
also use this value as the default
server to connect to. In the latter cases, the value of the NNTPSERVER
environment variable, if it exists, overrides this. The default value is
unset.
These parameters govern incoming and outgoing feeds: what size of articles are accepted, what filtering and verification is performed on them, whether articles in groups not carried by the server are still stored and propagated, and other similar settings.
/remember/
line in expire.ctl.
The default value is 10
.
innd(8)
should bind itself to. This must be in
dotted-quad format (nnn.nnn.nnn.nnn). If set to all
or not set, innd
defaults to listening on all interfaces. The value of the
INND_BIND_ADDRESS environment variable, if set, overrides this setting.
The default value is unset.
0
, a hash of recently received message IDs
is kept in memory to speed history lookups. The value is the amount of
memory to devote to the cache in kilobytes. The cache is only used for
incoming feeds and a small cache can hold quite a few message IDs, so
large values aren't necessarily useful unless you have incoming feeds that
are badly delayed. A good value for a system with more than one incoming
feed is 256
; systems with only one incoming feed should probably leave
this at 0
. The default value is 0
.
This setting is ignored unless the timecaf storage method is used.
0
, the line count of the article is
checked against the Lines: header of the article (if present) and the
artice is rejected if the values differ by more than this amount. A
reasonable setting is 5
, which is the standard maximum signature length
plus one (some injection software calculates the Lines: header before
adding the signature). The default value is 0
, which tells INN not to
check the Lines: header of incoming articles.
0
allows any size of article. The
default value is 1000000
(approximately 1MB). See also
localmaxartsize.
innd(8)
will accept. The
default value is 50
.
innd(8)
should listen on. The default value is 119
, the
standard NNTP port.
<cancel.
. This message ID convention is widely followed by spam
cancellers, so the vast majority of such articles will be cancels of spam.
This check, if enabled, is done before the history check and the message
ID is not written to the history file. This is a boolean value and the
default is false.
This is a somewhat messy, inefficient, and inexact way of refusing spam
cancels. A much better way is to ask all of your upstream peers to not
send to you any articles with cyberspam
in the Path: header (usually
accomplished by having them mark cyberspam
as an alias for your machine
in their feed configuration). The filtering enabled by this parameter is
hard-coded; general filtering of message IDs can be done via the embedded
filtering support.
innd(8)
records rejected articles in history so that, if
offered the same article again, it can be refused before it is sent. If
you wish to disable this behavior, set this to false. This can cause a
substantial increase in the amount of bandwidth consumed by incoming news
if you have several peers and reject a lot of articles, so be careful with
it. Even if this is set to true, INN won't log some rejected articles to
history if there's reason to believe the article might be accepted if
offered by a different peer, so there is usually no reason to set this to
false (although doing so can decrease the size of the history file). This
is a boolean value and the default is true.
innxmit(8)
among other programs). This must be in dotted-quad format
(nnn.nnn.nnn.nnn). If set to all
or not set, the operating system will
choose the source IP address for outgoing connections. The default value
is unset.
controlchan(8)
in newsfeeds(5)
and ensure that the group control.cancel
exists on your
server. You may also have to do a few additional things to allow
controlchan to work correctly; see controlchan(8)
for the details. This
is a boolean value and the default is false.
junk
newsgroup rather
than rejecting them. This is sometimes useful for a transit news server
that needs to propagate articles in all newsgroups regardless if they're
carried locally. This is a boolean value and the default is false.
5
and probably doesn't need to be changed.
10
and probably doesn't need to be changed.
These parameters affect how articles are stored on disk.
0
, the claimed size of articles in CNFS
cycbuffs is checked against maxartsize plus this value, and if larger,
the CNFS cycbuff is considered corrupt. This can be useful as a sanity
check after a system crash, but be careful using this parameter if you
have changed maxartsize recently. The default value is 0
.
to.*
groups in the pseudonewsgroup
to
. If this is set to true, the newsgroup to
must exist in the
active file or INN will not start. This is a boolean value and the
default is false.
tradindexed
, and this is set to a value other than 0
, INN will keep
around and open that many recently written-to overview files in case more
articles come in for those newsgroups. Every overview cache slot consumes
two file descriptors, so be careful not to set this value too high. You
may be able to use the limit
command to see how many open file
descriptors your operating system allows. innd(8)
also uses an open file
descriptor for each incoming feed and outgoing channel or batch file, and
if it runs out of open file descriptors it may throttle and stop accepting
new news. The default value is 15
(which is probably way too low if
you have a large number of file descriptors available).
This setting is ignored unless ovmethod is set to tradindexed
.
tradindexed
, buffindexed
, and ovdb
. There is no default value;
this parameter must be set if enableoverview is true (the default).
buffindexed
buffindexed
never
consumes additional disk space beyond that allocated to these buffers.
tradindexed
ovdb
ovdb(5)
man page.
innd(8)
internally through libstorage(3).
If set to false, innd create overview data by itself. If set to true,
innd does not create. In the case, you need to run overchan(8)
by
creating entry in newsfeeds(5). Setting to true may be useful, if innd
can not keep up with incoming feed and the bottle neck is creating overview
data within innd. This is a boolean value and the default is false.
These parameters affect the behavior of INN for readers. Most of them are used by nnrpd(8). There are some special sets of settings that are broken out separately after the initial alphabetized list.
mmap()
articles. Setting this to true will give
better performance on most systems, but some systems have problems with
mmap(). If this is set to false, articles will be read into memory before
being sent to readers. This is a boolean value and the default is false.
3600
(an hour). The default value is 600
(ten minutes).
nnrpd(8)
should check the existence of an article before listing
it as present in response to an NNTP command. The primary use of this
setting is to prevent nnrpd from returning information about articles
which are no longer present on the server but which still have overview
data available. Checking the existence of articles before returning
overview information slows down the overview commands, but reduces the
number of ``article is missing'' errors seen by the client. This is a
boolean value and the default is true.
nnrpd(8)
to authenticate readers. If this
is enabled, normal readers.conf(5) authentication will not be used, and
instead the Perl hook will be called to authenticate connections. This is
a boolean value and the default is false.
nnrpd(8)
to authenticate readers. If
this is enabled, normal readers.conf(5) authentication will not be used,
and instead the python hook will be called to authenticate connections.
This is a boolean value and the default is false.
innd(8)
will fork a copy of nnrpd(8)
for all incoming
connections from hosts not listed in incoming.conf. If this parameter
is set to true, those connections will instead be rejected with a 502
error code. This should be set to true for a transit-only server that
doesn't support readers, if nnrpd is being started out of inetd, or if
nnrpd is run in daemon mode. This is a boolean value and the default is
false.
nnrpd(8)
is spawned from innd(8)
rather than run out of inetd or in daemon mode. This is a boolean value
and the default is false.
INN has optional support for generating keyword information automatically from article body text and putting that information in overview for the use of clients that know to look for it. The following parameters control that feature.
This may be too slow if you're taking a substantial feed, and probably will not be useful for the average news reader; enabling this is not recommended unless you have some specific intention to take advantage of it.
FIXME: Currently, support for keyword generation is configured into INN semi-randomly (based on whether configure found the regex library); it should be an option to configure and that option should be mentioned here.
100000
(approximately 100KB).
512
.
250
.
These parameters are only used by nnrpd(8), inews(1), and other programs that accept or generate postings. There are some special sets of settings that are broken out separately after the initial alphabetized list.
>
, |
, or :
. This is a
boolean value and the default is false.
usenet
, doesn't contain @
, the
address will consist of the newsmaster, a @
, and the value of
fromhost.)
usenet
by default). This
setting will also be used by mailpost(8)
to fully qualify addresses and by
inews(1)
to generate the Sender: header (and From: header if missing).
The value of the FROMHOST environment variable, if set, overrides this
setting. The default is the fully-qualified domain name of the local
host.
1000000
(approximately 1MB).
%s@moderators.isc.org
is a good value for this parameter (%s
is
expanded into a form of the newsgroup name). See moderators(5)
for more
details about the syntax. The default is unset. If this parameter isn't
set and an article is posted to a moderated group that does not have a
matching entry in the moderators file, the posting will be rejected
with an error.
nnrpd(8)
and rnews(1)
will pass all locally posted articles to the
specified host rather than trying to inject them locally. This should
always be set if xrefslave is true. The default value is unset.
119
.
nnrpd(8)
will spool new articles rather than attempting to send
them to innd(8). If false, nnrpd will spool articles only if it receives
an error trying to send them to innd. Setting this to true can be useful
if nnrpd must respond as fast as possible to the client; however, when
set, articles will not appear to readers until they are given to innd.
nnrpd won't do this; rnews -U
must be run periodically to take the
spooled articles and post them. This is a boolean value and the default
is false.
%s
and honors it, so
this is generally no longer needed. This is a boolean value and the
default is false.
nnrpd(8)
has support for controlling high-volume posters via an
exponential backoff algorithm, as configured by the following parameters.
Exponential posting backoff works as follows: News clients are indexed by
IP address (or username, see backoffauth below). Each time a post is
received from an IP address, the time of posting is stored (along with the
previous sleep time, see below). After a configurable number of posts in
a configurable period of time, nnrpd(8)
will activate posting backoff and
begin to sleep for increasing periods of time before actually posting
anything. Posts will still be accepted, but an increasingly reduced rate.
After backoff has been activated, the length of time to sleep is computed based on the difference in time between the last posting and the current posting. If this difference is less than backoffpostfast, the new sleep time will be 1 + (previous sleep time * backoffk). If this difference is less than backoffpostslow but greater than backoffpostfast, then the new sleep time will equal the previous sleep time. If this difference is greater than backoffpostslow, the new sleep time is zero and posting backoff is deactivated for this poster.
Exponential posting backoff will not be enabled unless backoffdb is set and backoffpostfast and backoffpostslow are set to something other than their default values.
Here are the parameters that control exponential posting backoff:
nnrpd(8)
for a value of true
to have any meaning. This is a boolean value and the default is false.
2
will double the sleep time for each
excessive post. The default value is 1
.
0
.
1
.
10000
.
These parameters control the behavior of innwatch(8), the program that monitors INN and informs the news administrator if anything goes wrong with it.
innwatch(8)
from rc.news. This is a boolean value, and
the default is true.
inndf(8)
output units, at which innd(8)
will be throttled by innwatch(8), assuming a default innwatch.ctl(5). The
default value is 800
.
inndf(8)
output units, at which innd(8)
will
be throttled by innwatch(8), assuming a default innwatch.ctl(5). The
default value is 25000
.
innd(8)
will be restarted by innwatch(8)
(undoing a previous pause or throttle), assuming a default
innwatch.ctl(5). The default value is 1000
.
innd(8)
will be throttled by innwatch(8),
assuming a default innwatch.ctl(5). The default value is 2000
.
innd(8)
will be paused by innwatch(8),
assuming a default innwatch.ctl(5). The default value is 1500
.
innwatch(8)
will sleep between each check of INN.
The default value is 600
.
innd(8)
will be throttled by
innwatch(8), assuming a default innwatch.ctl(5). The default value is
200
.
inndf(8)
output
units, at which innd(8)
will be throttled by innwatch(8), assuming a
default innwatch.ctl(5). The default value is 8000
.
These parameters control what information INN logs.
cnfsstat(8)
when innd(8)
is started. cnfsstat will log
the status of all CNFS cycbuffs to syslog on a periodic basis. This is a
boolean value and the default is false.
ctlinnd cancel
commands to syslog. This is a
boolean value and the default is false.
scanlogs(8)
keeps. scanlogs(8)
is generally run by
news.daily(8) and will archive compressed copies of this many days worth
of old logs. The default value is 3
.
newsfeeds(5)
for more
information. This is a boolean value and the default is true.
200
.
FIXME: This is a rather unintuitive name for this parameter.
innd(8)
should write out a status report. The
report is written to pathhttp/inn_status.html. If this is set to 0
or
false
, status reporting is disabled. The default value is 0
.
innd(8)
should report performance timings to
syslog. If this is set to 0
or false
, performance timing is
disabled. Enabling this is highly recommended, and innreport(8)
can
produce a nice summary of the timings. The default value is 0
.
The following parameters can be modified to tune the low-level operation of INN. In general, you shouldn't need to modify any of them except possibly rlimitnofile unless the server is having difficulty.
5
.
innd(8)
will
wait for an increasing number of seconds before trying it again. This is
the multiplier for the sleep time. If you're having trouble with channel
feeds not keeping up, it may be good to change this value to 2
or 3
,
since then when the channel fills INN will try again in a couple of
seconds rather than waiting two minutes. The default value is 120
.
600
.
300
.
10
.
fork(2)
before giving up. The default value
is 10.
0
, all child processes of innd(8)
will
have this nice(2)
value. This is usually used to give all child processes
of innd(8)
a lower priority (higher nice value) so that innd(8)
can get
the lion's share of the CPU when it needs it. The default value is 4
.
0
, all nnrpd(8)
processes that receive
and process a NEWNEWS command will nice(2)
themselves to this value
(giving other nnrpd processes a higher priority). The default value is
0
. Note that this value will be ignored if set to a lower value than
nicennrpd (or nicekids if nnrpd(8)
is spawned from innd(8)).
0
, all nnrpd(8)
processes will nice(1)
themselves to this value. This gives other news processes a higher
priority and can help overchan(8)
keep up with incoming news (if that's
the object, be sure overchan(8)
isn't also set to a lower priority via
nicekids). The default value is 0
, which will cause nnrpd(8)
processes spawned from innd(8)
to use the value of nicekids and
nnrpd(8)
run as a daemon to use the system default priority. Note that
for nnrpd(8)
processes spawned from innd(8), this value will be ignored if
set to a value lower than nicekids.
300
.
innd(8)
incoming channel may be inactive before
innd closes it. The default value is 3600
(an hour).
innd(8)
or innfeed(8)
can have
open at once. If innd(8)
or innfeed(8)
attempts to open more file
descriptors than this value, it is possible the program may throttle or
otherwise suffer reduced functionality. The number of open file
descriptors is roughly the maximum number of incoming feeds and outgoing
batches for innd(8)
and the number of outgoing streams for innfeed(8). If
this parameter is set to a negative value, the default limit of the
operating system will be used; this will normally be adequate on systems
other than Solaris. Nearly all operating systems have some hard maximum
limit beyond which this value cannot be raised, usually either 128, 256,
or 1024. The default value of this parameter is -1. Setting it to 256 on
Solaris systems is highly recommended.
controlchan(8)
(usecontrolchan is set), the code for handling each
separate type of control message is located here. If you are using INN's
built-in control message handling, each executable file in this directory
represents a handler for the Control: message with the same name as that
file. Be very careful what you put in this directory executable, as it
can potentially be a severe security risk. The default value is
pathbin/control.
rnews(1)
to work correctly. The default value is set at configure time
and defaults to pathnews/tmp.
Here is a very minimalist example that only sets those parameters that are required.
mta: /usr/lib/sendmail -oi -oem %s ovmethod: tradindexed pathhost: news.example.com pathnews: /usr/local/news
For a more comprehensive example, see the sample inn.conf distributed with INN and installed as a starting point; it contains all of the default values for reference.
Written by Rich $alz <rsalz@uunet.uu.net> for InterNetNews and since modified, updated, and reorganized by innumerable other people.
$Id: inn.conf_5.html,v 1.1.1.1 2003/03/01 20:21:37 rw Exp $
inews(1), innd(8), innwatch(8), nnrpd(8), rnews(1).
Nearly every program in INN uses this file to one degree or another. The above are just the major and most frequently mentioned ones.