How to Set Up a Private Newsgroup Server with INN2 on Debian
This guide explains how to set up the InterNetNews (INN) newsgroup server to host "local" or "private" newsgroups. This means groups that are hosted locally and aren't part of Usenet. This is useful, for example, if you want to set up a private on-line community, or private discussion boards at a business.
This guide assumes no prior familiarity with the INN software or the NNTP protocol, but basic familiarity with using and configuring GNU/Linux is assumed. The guide is written for Debian Squeeze (6.0), but should be easy to adapt to other GNU/Linux distributions.
Goals
This tutorial will result in a news server with the following features. The group prefix "l3vel", and group names "l3vel.general", "l3vel.test", and "l3vel.private" are placeholders for the ones you choose.
- Everyone on the Internet has read-only access to the groups l3vel.general, l3vel.test, but not l3vel.private.
- Posts to l3vel.test expire after 7 days.
- Everyone on the Internet can register a CECIL-ID (explained later) so they can post to l3vel.general and l3vel.test, as well as cancel messages they post. Users cannot cancel messages posted by other users.
- Users with Linux accounts on the server can read and post to l3vel.general, l3vel.test, and l3vel.private.
In the above goals, there are three levels of authentication. Users who have neither an account on the server nor a CECIL-ID are called public users. Users who have a CECIL-ID, but not an account on the server are called cecil users. Users who have an account on the server are called private users.
Installing InterNetNews
Installing INN 2 on Debian Squeeze is easy.
apt-get install inn2
On other systems, you may have to compile it yourself. If you do, be sure to include the perl hooks functionality.
InterNetNews Overview
INN is actually composed of multiple daemons. The ones we need to be concerned about are:
-
nnrpd
NNRPD is the daemon that communicates with clients. It does user authentication, accepts posts, distributes posts, etc. (
man nnrpd
).An NNRPD process is spawned when a client connects. It only reads the config files once, when it starts, so in order to force config changes to take effect for connected clients, you have to kill all of the nnrpd processes (
killall nnrpd
). -
innd
INND is the main InterNetNews daemon. It handles all incoming connections, coordinates storage, retransmission, communicates with nnrpd, etc. (
man nnrpd
).
The following files and folders are important to INN.
-
/etc/news/
The main configuration folder.
- /etc/news/inn.conf — The main configuration file (
man inn.conf
). - /etc/news/readers.conf — User authentication configuration (
man readers.conf
). - /etc/news/filter/ — The perl scripts used to implement authentication and filtering hooks.
- /etc/news/inn.conf — The main configuration file (
-
/var/lib/news
Current newsgroup information.
- /var/lib/news/newsgroups — Newsgroup descriptions (
man newsgroups)
. - /var/lib/news/active — List of newsgroups carried by the server (
man active
).
- /var/lib/news/newsgroups — Newsgroup descriptions (
-
/usr/lib/news/bin/
INN configuration programs (this is not normally in PATH).
- /usr/lib/news/bin/ctlinnd — A program for controlling and configuring INN (
man ctlinnd
).
- /usr/lib/news/bin/ctlinnd — A program for controlling and configuring INN (
-
/var/log/news/
INN logs. You can look in /var/log/syslog as well.
Creating Newsgroups
Before we add newsgroups, we need to tell INN what our organization, domain name, etc. is. Set the following options in inn.conf.
pathhost: news.example.com
domain: example.com
Now we can add the newsgroups. This takes two steps. First, we use the ctlinnd program to create the groups, then give them descriptions in /var/lib/news/newsgroups.
Ok
# ctlinnd newgroup l3vel.test
Ok
# ctlinnd newgroup l3vel.private
Ok
The same could be accomplished by editing the /usr/lib/news/active file, but it is safer to use the tool.
Now give them descriptions in /var/lib/news/newsgroups.
l3vel.test A newsgroup for testing
l3vel.private Private discussion
There must be at least one tab between the group name and the description, so make sure your editor isn't expanding tabs to spaces.
That's all there is to it! The newsgroups now exist are ready to be read and posted to, but by default, only localhost has permission to do so, so next, we set up user authentication.