Clemens, sorry to contact you this way, and I hope you are seeing this through GMANE - your dnsalias.org address is dysfunctional, so my mail bounced. In de.comm.software.newsserver are complains - and I could verify them - that authentication is broken in the lua version of leafnode. I suppose that this is an artifact of an incomplete groupauth implementation. The detailed complaint is that the luascript version of leafnode will behave as though no authentication is required, i. e. lets users see all groups, post everywhere, without authentication. Can you please see to that: - with --disable-lua, traditional leafnode behaviour is reinstated, i. e. global authentication required for mostly everything that affects groups or articles - in the absense of Lua scripts, traditional leafnode behaviour is reinstated, same conditions as above I have, in the meanwhile, fixed some paths for the scripting, but I seem to be unable to get groupauthentication running. There is a want_* variable in scripthooks.lua, but it does not appear to be used anywhere else. Reading the C code, I do not see where leafnode would fall back to traditional authentication behaviour for SCRIPT_UNAVAILABLE or --disable-lua code. Please contact me with a valid sender address that is not based on dynamic DNS off-list. Thanks. In the meanwhile, I will prepare a non-scripting release of leafnode so that people can get authentication (PAM or built-in) back. Best regards Matthias
Attachment:
signature.asc
Description: OpenPGP digital signature
-- _______________________________________________ leafnode-list mailing list leafnode-list@xxxxxxxxxxxxxxxxxxxxxxxxxxxx https://www.dt.e-technik.uni-dortmund.de/mailman/listinfo/leafnode-list http://leafnode.sourceforge.net/