mirror of
https://github.com/osmarks/ngircd.git
synced 2024-12-13 18:30:27 +00:00
d21afce2b6
Allow users to "cloak" their hostname only when the configuration variable "CloakHostModeX" (introduced in 19.2) is set. Otherwise, only IRC opertators, other servers, and services are allowed to set mode +x. This prevents regular users from changing their hostmask to the name of the IRC server itself, which confused quite a few people ;-) This fixes bug #133.
340 lines
12 KiB
Plaintext
340 lines
12 KiB
Plaintext
|
|
ngIRCd - Next Generation IRC Server
|
|
http://ngircd.barton.de/
|
|
|
|
(c)2001-2012 Alexander Barton and Contributors.
|
|
ngIRCd is free software and published under the
|
|
terms of the GNU General Public License.
|
|
|
|
-- INSTALL --
|
|
|
|
|
|
I. Upgrade Information
|
|
~~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
Differences to version 19.x
|
|
|
|
- Starting with ngIRCd 20, users can "cloak" their hostname only when the
|
|
configuration variable "CloakHostModeX" (introduced in 19.2) is set.
|
|
Otherwise, only IRC opertators, other servers, and services are allowed to
|
|
set mode +x. This prevents regular users from changing their hostmask to
|
|
the name of the IRC server itself, which confused quite a few people ;-)
|
|
|
|
Differences to version 17
|
|
|
|
- Support for ZeroConf/Bonjour/Rendezvous service registration has been
|
|
removed. The configuration option "NoZeroconf" is no longer available.
|
|
|
|
- The structure of ngircd.conf has been cleaned up and three new configuration
|
|
sections have been introduced: [Limits], [Options], and [SSL].
|
|
Lots of configuration variables stored in the [Global] section are now
|
|
deprecated there and should be stored in one of these new sections (but
|
|
still work in [Global]):
|
|
"AllowRemoteOper" -> [Options]
|
|
"ChrootDir" -> [Options]
|
|
"ConnectIPv4" -> [Options]
|
|
"ConnectIPv6" -> [Options]
|
|
"ConnectRetry" -> [Limits]
|
|
"MaxConnections" -> [Limits]
|
|
"MaxConnectionsIP" -> [Limits]
|
|
"MaxJoins" -> [Limits]
|
|
"MaxNickLength" -> [Limits]
|
|
"NoDNS" -> [Options], and renamed to "DNS"
|
|
"NoIdent" -> [Options], and renamed to "Ident"
|
|
"NoPAM" -> [Options], and renamed to "PAM"
|
|
"OperCanUseMode" -> [Options]
|
|
"OperServerMode" -> [Options]
|
|
"PingTimeout" -> [Limits]
|
|
"PongTimeout" -> [Limits]
|
|
"PredefChannelsOnly" -> [Options]
|
|
"SSLCertFile" -> [SSL], and renamed to "CertFile"
|
|
"SSLDHFile" -> [SSL], and renamed to "DHFile"
|
|
"SSLKeyFile" -> [SSL], and renamed to "KeyFile"
|
|
"SSLKeyFilePassword" -> [SSL], and renamed to "KeyFilePassword"
|
|
"SSLPorts" -> [SSL], and renamed to "Ports"
|
|
"SyslogFacility" -> [Options]
|
|
"WebircPassword" -> [Options]
|
|
You should adjust your ngircd.conf and run "ngircd --configtest" to make
|
|
sure that your settings are correct and up to date!
|
|
|
|
Differences to version 16
|
|
|
|
- Changes to the "MotdFile" specified in ngircd.conf now require a ngircd
|
|
configuration reload to take effect (HUP signal, REHASH command).
|
|
|
|
Differences to version 0.9.x
|
|
|
|
- The option of the configure script to enable support for Zeroconf/Bonjour/
|
|
Rendezvous/WhateverItIsNamedToday has been renamed:
|
|
--with-rendezvous -> --with-zeroconf
|
|
|
|
Differences to version 0.8.x
|
|
|
|
- The maximum length of passwords has been raised to 20 characters (instead
|
|
of 8 characters). If your passwords are longer than 8 characters then they
|
|
are cut at an other position now.
|
|
|
|
Differences to version 0.6.x
|
|
|
|
- Some options of the configure script have been renamed:
|
|
--disable-syslog -> --without-syslog
|
|
--disable-zlib -> --without-zlib
|
|
Please call "./configure --help" to review the full list of options!
|
|
|
|
Differences to version 0.5.x
|
|
|
|
- Starting with version 0.6.0, other servers are identified using asynchronous
|
|
passwords: therefore the variable "Password" in [Server]-sections has been
|
|
replaced by "MyPassword" and "PeerPassword".
|
|
|
|
- New configuration variables, section [Global]: MaxConnections, MaxJoins
|
|
(see example configuration file "doc/sample-ngircd.conf"!).
|
|
|
|
|
|
II. Standard Installation
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
ngIRCd is developed for UNIX-based systems, which means that the installation
|
|
on modern UNIX-like systems that are supported by GNU autoconf and GNU
|
|
automake ("configure") should be no problem.
|
|
|
|
The normal installation procedure after getting (and expanding) the source
|
|
files (using a distribution archive or GIT) is as following:
|
|
|
|
0) Satisfy prerequisites
|
|
1) ./autogen.sh [only necessary when using GIT]
|
|
2) ./configure
|
|
3) make
|
|
4) make install
|
|
|
|
(Please see details below!)
|
|
|
|
Now the newly compiled executable "ngircd" is installed in its standard
|
|
location, /usr/local/sbin/.
|
|
|
|
The next step is to configure and afterwards starting the daemon. Please
|
|
have a look at the ngircd(8) and ngircd.conf(5) manual pages for details
|
|
and all possible options -- and don't forget to run "ngircd --configtest"
|
|
to validate your configuration file!
|
|
|
|
If no previous version of the configuration file exists (the standard name
|
|
is /usr/local/etc/ngircd.conf), a sample configuration file containing all
|
|
possible options will be installed there. You'll find its template in the
|
|
doc/ directory: sample-ngircd.conf.
|
|
|
|
|
|
0): Satisfy prerequisites
|
|
|
|
When building from source, you'll need some other software to build ngIRCd:
|
|
for example a working C compiler, make tool, GNU automake and autoconf (only
|
|
when not using a distribution archive), and a few libraries depending on the
|
|
features you want to compile in (like IDENT support, SSL, and PAM).
|
|
|
|
If you are using one of the "big" operating systems or Linux distributions,
|
|
you can use the following commands to install all the required packages to
|
|
build the sources including all optional features and to run the test suite:
|
|
|
|
* RedHat / Fedora based distributions:
|
|
|
|
yum install \
|
|
autoconf automake expect gcc glibc-devel gnutls-devel \
|
|
libident-devel make pam-devel tcp_wrappers-devel telnet zlib-devel
|
|
|
|
* Debian / Ubuntu based distributions:
|
|
|
|
apt-get install \
|
|
autoconf automake build-essential expect libgnutls-dev \
|
|
libident-dev libpam-dev libwrap0-dev libz-dev telnet
|
|
|
|
|
|
1): "autogen.sh"
|
|
|
|
The first step, autogen.sh, is only necessary if the configure-script isn't
|
|
already generated. This never happens in official ("stable") releases in
|
|
tar.gz-archives, but when using GIT.
|
|
|
|
This step is therefore only interesting for developers.
|
|
|
|
autogen.sh produces the Makefile.in's, which are necessary for the configure
|
|
script itself, and some more files for make. To run autogen.sh you'll need
|
|
GNU autoconf and GNU automake: at least autoconf 2.61 and automake 1.10 are
|
|
requird, newer is better. But don't use automake 1.12 or newer for creating
|
|
distribution archives: it will work but lack "de-ANSI-fucation" support in the
|
|
generated Makefile's! Stick with automake 1.11.x for this purpose ...
|
|
So automake 1.11.x and autoconf 2.67+ is recommended.
|
|
|
|
Again: "end users" do not need this step and neither need GNU autoconf nor GNU
|
|
automake at all!
|
|
|
|
|
|
2): "./configure"
|
|
|
|
The configure-script is used to detect local system dependencies.
|
|
|
|
In the perfect case, configure should recognize all needed libraries, header
|
|
files and so on. If this shouldn't work, "./configure --help" shows all
|
|
possible options.
|
|
|
|
In addition, you can pass some command line options to "configure" to enable
|
|
and/or disable some features of ngIRCd. All these options are shown using
|
|
"./configure --help", too.
|
|
|
|
Compiling a static binary will avoid you the hassle of feeding a chroot dir
|
|
(if you want use the chroot feature). Just do something like:
|
|
CFLAGS=-static ./configure [--your-options ...]
|
|
Then you can use a void directory as ChrootDir (like OpenSSH's /var/empty).
|
|
|
|
|
|
3): "make"
|
|
|
|
The make command uses the Makefiles produced by configure and compiles the
|
|
ngIRCd daemon.
|
|
|
|
|
|
4): "make install"
|
|
|
|
Use "make install" to install the server and a sample configuration file on
|
|
the local system. Normally, root privileges are necessary to complete this
|
|
step. If there is already an older configuration file present, it won't be
|
|
overwritten.
|
|
|
|
These files and folders will be installed by default:
|
|
|
|
- /usr/local/sbin/ngircd: executable server
|
|
- /usr/local/etc/ngircd.conf: sample configuration (if not already present)
|
|
- /usr/local/share/doc/ngircd/: documentation
|
|
- /usr/local/share/man/: manual pages
|
|
|
|
|
|
III. Additional features
|
|
~~~~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
The following optional features can be compiled into the daemon by passing
|
|
options to the "configure" script. Most options can handle a <path> argument
|
|
which will be used to search for the required libraries and header files in
|
|
the given paths ("<path>/lib/...", "<path>/include/...") in addition to the
|
|
standard locations.
|
|
|
|
* Syslog Logging (autodetected by default):
|
|
--with-syslog[=<path>] / --without-syslog
|
|
|
|
Enable (disable) support for logging to "syslog", which should be
|
|
available on most modern UNIX-like operating systems by default.
|
|
|
|
* ZLib Compression (autodetected by default):
|
|
--with-zlib[=<path>] / --without-zlib
|
|
|
|
Enable (disable) support for compressed server-server links.
|
|
The Z compression library ("libz") is required for this option.
|
|
|
|
* IO Backend (autodetected by default):
|
|
--with-select[=<path>] / --without-select
|
|
--with-poll[=<path>] / --without-poll
|
|
--with-devpoll[=<path>] / --without-devpoll
|
|
--with-epoll[=<path>] / --without-epoll
|
|
--with-kqueue[=<path>] / --without-kqueue
|
|
|
|
ngIRCd can use different IO "backends": the "old school" select() and poll()
|
|
API which should be supported by most UNIX-like operating systems, or the
|
|
more efficient and flexible epoll() (Linux >=2.6), kqueue() (BSD) and
|
|
/dev/poll APIs.
|
|
By default the IO backend is autodetected, but you can use "--without-xxx"
|
|
to disable a more enhanced API.
|
|
When using the epoll() API, support for select() is compiled in as well by
|
|
default to enable the binary to run on older Linux kernels (<2.6), too.
|
|
|
|
* IDENT-Support:
|
|
--with-ident[=<path>]
|
|
|
|
Include support for IDENT ("AUTH") lookups. The "ident" library is
|
|
required for this option.
|
|
|
|
* TCP-Wrappers:
|
|
--with-tcp-wrappers[=<path>]
|
|
|
|
Include support for Wietse Venemas "TCP Wrappers" to limit client access
|
|
to the daemon, for example by using "/etc/hosts.{allow|deny}".
|
|
The "libwrap" is required for this option.
|
|
|
|
* PAM:
|
|
--with-pam[=<path>]
|
|
|
|
Enable support for PAM, the Pluggable Authentication Modules library.
|
|
See doc/PAM.txt for details.
|
|
|
|
* SSL:
|
|
--with-openssl[=<path>]
|
|
--with-gnutls[=<path>]
|
|
|
|
Enable support for SSL/TLS using OpenSSL or gnutls libraries.
|
|
See doc/SSL.txt for details.
|
|
|
|
* IPv6:
|
|
--enable-ipv6
|
|
|
|
Adds support for version 6 of the Internet Protocol.
|
|
|
|
|
|
IV. Useful make-targets
|
|
~~~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
The Makefile produced by the configure-script contains always these useful
|
|
targets:
|
|
|
|
- clean: delete every product from the compiler/linker
|
|
next step: -> make
|
|
|
|
- distclean: the above plus erase all generated Makefiles
|
|
next step: -> ./configure
|
|
|
|
- maintainer-clean: erase all automatic generated files
|
|
next step: -> ./autogen.sh
|
|
|
|
|
|
V. Sample configuration file ngircd.conf
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
In the sample configuration file, there are comments beginning with "#" OR
|
|
";" -- this is only for the better understanding of the file.
|
|
|
|
The file is separated in five blocks: [Global], [Features], [Operator],
|
|
[Server], and [Channel].
|
|
|
|
In the [Global] section, there is the main configuration like the server
|
|
name and the ports, on which the server should be listening. Options in
|
|
the [Features] section enable or disable functionality in the daemon.
|
|
IRC operators of this server are defined in [Operator] blocks, remote
|
|
servers are configured in [Server] sections, and [Channel] blocks are
|
|
used to configure pre-defined ("persistent") IRC channels.
|
|
|
|
The meaning of the variables in the configuration file is explained in the
|
|
"doc/sample-ngircd.conf", which is used as sample configuration file in
|
|
/usr/local/etc after running "make install" (if you don't already have one)
|
|
and in the ngircd.conf(5) manual page.
|
|
|
|
|
|
VI. Command line options
|
|
~~~~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
These parameters could be passed to the ngIRCd:
|
|
|
|
-f, --config <file>
|
|
The daemon uses the file <file> as configuration file rather than
|
|
the standard configuration /usr/local/etc/ngircd.conf.
|
|
|
|
-n, --nodaemon
|
|
ngIRCd should be running as a foreground process.
|
|
|
|
-p, --passive
|
|
Server-links won't be automatically established.
|
|
|
|
-t, --configtest
|
|
Reads, validates and dumps the configuration file as interpreted
|
|
by the server. Then exits.
|
|
|
|
Use "--help" to see a short help text describing all available parameters
|
|
the server understands, with "--version" the ngIRCd shows its version
|
|
number. In both cases the server exits after the output.
|
|
|
|
Please see the ngircd(8) manual page for complete details!
|