This file is indexed.

/etc/news/readers.conf is in inn2 2.6.1-2.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below.

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
##  $Id: readers.conf 7828 2008-05-07 07:58:22Z iulius $
##
##  readers.conf - Access control and configuration for nnrpd
##
##  Format:
##	auth "<name>" {
##		hosts: "<hostlist>"
##		auth: "<authprog>"
##		res: "<resprog>"
##		default: "<identity>"
##		default-domain: "<email-domain>"
##	}
##	access "<name>" {
##		users: "<userlist>"
##		newsgroups: "<newsgroups>"
##		read: "<read>"
##		post: "<post>"
##		access: "<perm>"
##	}
##
##  Other parameters are possible.  See readers.conf(5) for all the
##  details.  Only one of newsgroups or read/post may be used in a single
##  access group.
##
##  If the connecting host is not matched by any hosts: parameter of any
##  auth group, it will be denied access.  auth groups assign an identity
##  string to connections, access groups grant privileges to identity
##  strings matched by their users: parameters.
##
##  In all cases, the last match found is used, so put defaults first.
##
##  For a news server that allows connections from anyone within a
##  particular domain or IP address range, just uncomment the "local" auth
##  group and the "local" access group below and adjust the hosts: and
##  default: parameters of the auth group and the users: parameter of the
##  access group for your local network and domain name.  That's all there
##  is to it.
##
##  For more complicated configurations, read the comments on the examples
##  and also see the examples and explanations in readers.conf(5).  The
##  examples in readers.conf(5) include setups that require the user to
##  log in with a username and password (the example in this file only
##  uses simple host-based authentication).
##
##  NOTE: Unlike in previous versions of INN, nnrpd will now refuse any
##  post from anyone to a moderated newsgroup that contains an Approved:
##  header unless their access block has an access: key containing the
##  "A" flag.  This is to prevent abuse of moderated groups, but it means
##  that if you support any newsgroup moderators, you need to make sure
##  to add such a line to the access group that affects them.  See the
##  access group for localhost below for an example.

# The only groups enabled by default (the rest of this file is
# commented-out examples).  This assigns the identity of <localhost> to
# the local machine

auth "localhost" {
    hosts: "localhost, 127.0.0.1, ::1, stdin"
    default: "<localhost>"
}

# Grant that specific identity access to read and post to any newsgroup
# and allow it to post articles with Approved: headers to moderated
# groups.

access "localhost" {
    users: "<localhost>"
    newsgroups: "*"
    access: RPA
}


# This auth group matches all connections from example.com or machines in
# the example.com domain and gives them the identity <local>@example.com.
# Instead of using wildmat patterns to match machine names, you could also
# put a wildmat pattern matching IP addresses or an IP range specified
# using CIDR notation (like 10.10.10.0/24) here.

#auth "local" {
#    hosts: "*.example.com, example.com"
#    default: "<local>@example.com"
#}

# This auth group matches a subset of machines and assigns connections
# from there an identity of "<read>@example.com"; these systems should
# only have read access, no posting privileges.

#auth "read-only" {
#    hosts: "*.newuser.example.com"
#    default: "<read>@example.com"
#}

# This auth group matches the systems at a guest institution that should
# be allowed to read the example.events.* hierarchy but nothing else.

#auth "events-only" {
#    hosts: "*.example.org"
#    default: "<events-only>@example.org"
#}

# Finally, this auth group matches some particular systems which have been
# abusing the server.  Note that it doesn't assign them an identity at
# all; the "empty" identity created in this fashion won't match any users:
# parameters.  Note also that it's last, so anything matching this entry
# will take precedent over everything above it.

#auth "abusers" {
#    hosts: "badguy-dsl.example.com, kiosk.public-access.example.com"
#}


# Now for the access groups.  All of our access groups should have users:
# parameters so there are no access groups that match connections without
# an identity (such as are generated by the "abusers" entry above).
# First, the default case of local users, who get to read and post to
# everything.

#access "local" {
#    users: "<local>@example.com"
#    newsgroups: "*"
#}

# Now, the read-only folks, who only get to read everything.

#access "read-only" {
#    users: "<read>@example.com"
#    read: "*"
#}

# Finally, the events-only people who get to read and post but only to a
# specific hierarchy.

#access "events-only" {
#    users: "<events-only>@example.org"
#    newsgroups: "example.events.*"
#}