X-Git-Url: https://arthur.barton.de/cgi-bin/gitweb.cgi?p=ngircd-alex.git;a=blobdiff_plain;f=INSTALL;h=fa73bd7172a6aa7d60f5401d36dff25f32efc0ee;hp=ae4abf40a514cf6e624c452a3c3f0087cef56f16;hb=571b1a8b83bee56a75728d44d2586a816401d434;hpb=194f18c8e69e42ea7476f21514642833e090c426 diff --git a/INSTALL b/INSTALL index ae4abf40..fa73bd71 100644 --- a/INSTALL +++ b/INSTALL @@ -1,75 +1,359 @@ ngIRCd - Next Generation IRC Server + http://ngircd.barton.de/ - (c)2001 by Alexander Barton, - alex@barton.de, http://www.barton.de/ + (c)2001-2015 Alexander Barton and Contributors. + ngIRCd is free software and published under the + terms of the GNU General Public License. - ngIRCd ist freie Software und steht unter - der GNU General Public License. + -- INSTALL -- - -- INSTALL / Installation -- +I. Upgrade Information +~~~~~~~~~~~~~~~~~~~~~~ -ngIRCd ist fuer UNIXoide-Systeme konzipiert. Dieser Text beschreibt den -"Standardfall": ein UNIX bzw. UNIX-aehnliches System, das von GNU automake -und GNU autoconf ("configure") unterstuetzt wird. +Differences to version 22.x +- The default value of the SSL "CipherList" variable has been changed to + "HIGH:!aNULL:@STRENGTH:!SSLv3" (OpenSSL) and "SECURE128:-VERS-SSL3.0" + (GnuTLS) to disable the old SSLv3 protocol by default. + To enable connections of clients still requiring the weak SSLv3 protocol, + the "CipherList" must be set to its old value (not recommended!), which + was "HIGH:!aNULL:@STRENGTH" (OpenSSL) and "SECURE128" (GnuTLS), see below. -I. Quick Start -~~~~~~~~~~~~~~ +Differences to version 20.x -In der Regel sind folgende Schritte ausreichend: +- Starting with ngIRCd 21, the ciphers used by SSL are configurable and + default to "HIGH:!aNULL:@STRENGTH" (OpenSSL) or "SECURE128" (GnuTLS). + Previous version were using the OpenSSL or GnuTLS defaults, "DEFAULT" + and "NORMAL" respectively. - 1) ./autogen.sh [nur erforderlich, wenn ueber CVS bezogen] - 2) ./configure - 3) make +- When adding GLINE's or KLINE's to ngIRCd 21 (or newer), all clients matching + the new mask will be KILL'ed. This was not the case with earlier versions + that only added the mask but didn't kill already connected users. +Differences to version 19.x -zu 1) autogen.sh: +- Starting with ngIRCd 20, users can "cloak" their hostname only when the + configuration variable "CloakHostModeX" (introduced in 19.2) is set. + Otherwise, only IRC operators, other servers, and services are allowed to + set mode +x. This prevents regular users from changing their hostmask to + the name of the IRC server itself, which confused quite a few people ;-) -Der erste Schritt, autogen.sh, ist nur notwendig, wenn das configure-Script -noch nicht vorhanden ist. Dies ist nie bei offiziellen ("stabilen") Versionen -in tar.gz-Archiven der Fall, jedoch nie, wenn der Source-Code ueber CVS -bezogen wurde. +Differences to version 17 -Dieser Absatz ist also eigentlich ausschliesslich fuer Entwickler interessant. +- Support for ZeroConf/Bonjour/Rendezvous service registration has been + removed. The configuration option "NoZeroconf" is no longer available. -autogen.sh erzeugt die fuer das configure-Script notwendigen Makefile.in's -sowie das configure-Script selber und weitere fuer den make-Lauf erforderliche -Dateien. Dazu wird sowohl GNU automake als auch GNU autoconf (in aktuellen -Versionen!) benoetigt. +- The structure of ngircd.conf has been cleaned up and three new configuration + sections have been introduced: [Limits], [Options], and [SSL]. + Lots of configuration variables stored in the [Global] section are now + deprecated there and should be stored in one of these new sections (but + still work in [Global]): + "AllowRemoteOper" -> [Options] + "ChrootDir" -> [Options] + "ConnectIPv4" -> [Options] + "ConnectIPv6" -> [Options] + "ConnectRetry" -> [Limits] + "MaxConnections" -> [Limits] + "MaxConnectionsIP" -> [Limits] + "MaxJoins" -> [Limits] + "MaxNickLength" -> [Limits] + "NoDNS" -> [Options], and renamed to "DNS" + "NoIdent" -> [Options], and renamed to "Ident" + "NoPAM" -> [Options], and renamed to "PAM" + "OperCanUseMode" -> [Options] + "OperServerMode" -> [Options] + "PingTimeout" -> [Limits] + "PongTimeout" -> [Limits] + "PredefChannelsOnly" -> [Options] + "SSLCertFile" -> [SSL], and renamed to "CertFile" + "SSLDHFile" -> [SSL], and renamed to "DHFile" + "SSLKeyFile" -> [SSL], and renamed to "KeyFile" + "SSLKeyFilePassword" -> [SSL], and renamed to "KeyFilePassword" + "SSLPorts" -> [SSL], and renamed to "Ports" + "SyslogFacility" -> [Options] + "WebircPassword" -> [Options] + You should adjust your ngircd.conf and run "ngircd --configtest" to make + sure that your settings are correct and up to date! -(nochmal: "Endanwender" mussen diesen Schritt i.d.R. nicht ausfuehren!) +Differences to version 16 +- Changes to the "MotdFile" specified in ngircd.conf now require a ngircd + configuration reload to take effect (HUP signal, REHASH command). -zu 2) ./configure: +Differences to version 0.9.x -Mit dem configure-Script wird ngIRCd, wie GNU Software meistens, an das -lokale System angepasst und die erforderlichen Makefile's erzeugt. +- The option of the configure script to enable support for Zeroconf/Bonjour/ + Rendezvous/WhateverItIsNamedToday has been renamed: + --with-rendezvous -> --with-zeroconf -Im Optimalfall sollte configure alle benoetigten Libraries, Header etc. selber -erkennen und entsprechend reagieren. Sollte dies einmal nicht der Fall sein, -so zeigt "./configure --help" moegliche Optionen. +Differences to version 0.8.x +- The maximum length of passwords has been raised to 20 characters (instead + of 8 characters). If your passwords are longer than 8 characters then they + are cut at an other position now. -zu 3) make: +Differences to version 0.6.x -Der make-Befehl bearbeitet die vom configure-Script erzeugten Makefile's und -uebersetzt die comBase-Library und die Testprogramme. +- Some options of the configure script have been renamed: + --disable-syslog -> --without-syslog + --disable-zlib -> --without-zlib + Please call "./configure --help" to review the full list of options! +Differences to version 0.5.x -II. Nuetzliche make-Targets -~~~~~~~~~~~~~~~~~~~~~~~~~~~ +- Starting with version 0.6.0, other servers are identified using asynchronous + passwords: therefore the variable "Password" in [Server]-sections has been + replaced by "MyPassword" and "PeerPassword". -Die vom configure-Script erzeugten Makefile's enthalten immer die folgenden -nuetzlichen Targets: +- New configuration variables, section [Global]: MaxConnections, MaxJoins + (see example configuration file "doc/sample-ngircd.conf"!). - - clean: alle Erzeugnisse des Compilers/Linkers loeschen. - Naechster Schritt: -> make - - distclean: zusaetzliche alle Makefile's loeschen. - Naechster Schritt: -> ./configure +II. Standard Installation +~~~~~~~~~~~~~~~~~~~~~~~~~ - - maintainer-clean: alle automat. erzeugten Dateien loeschen. - Naechster Schritt: -> ./autogen.sh +ngIRCd is developed for UNIX-based systems, which means that the installation +on modern UNIX-like systems that are supported by GNU autoconf and GNU +automake ("configure") should be no problem. +The normal installation procedure after getting (and expanding) the source +files (using a distribution archive or GIT) is as following: + + 0) Satisfy prerequisites + 1) ./autogen.sh [only necessary when using GIT] + 2) ./configure + 3) make + 4) make install + +(Please see details below!) + +Now the newly compiled executable "ngircd" is installed in its standard +location, /usr/local/sbin/. + +The next step is to configure and afterwards starting the daemon. Please +have a look at the ngircd(8) and ngircd.conf(5) manual pages for details +and all possible options -- and don't forget to run "ngircd --configtest" +to validate your configuration file! + +If no previous version of the configuration file exists (the standard name +is /usr/local/etc/ngircd.conf), a sample configuration file containing all +possible options will be installed there. You'll find its template in the +doc/ directory: sample-ngircd.conf. + + +0): Satisfy prerequisites + +When building from source, you'll need some other software to build ngIRCd: +for example a working C compiler, make tool, GNU automake and autoconf (only +when not using a distribution archive), and a few libraries depending on the +features you want to compile in (like IDENT support, SSL, and PAM). + +If you are using one of the "big" operating systems or Linux distributions, +you can use the following commands to install all the required packages to +build the sources including all optional features and to run the test suite: + +* RedHat / Fedora based distributions: + + yum install \ + autoconf automake expect gcc glibc-devel gnutls-devel \ + libident-devel make pam-devel tcp_wrappers-devel telnet zlib-devel + +* Debian / Ubuntu based distributions: + + apt-get install \ + autoconf automake build-essential expect libgnutls-dev \ + libident-dev libpam-dev libwrap0-dev libz-dev telnet + + +1): "autogen.sh" + +The first step, autogen.sh, is only necessary if the configure-script isn't +already generated. This never happens in official ("stable") releases in +tar.gz-archives, but when using GIT. + +This step is therefore only interesting for developers. + +autogen.sh produces the Makefile.in's, which are necessary for the configure +script itself, and some more files for make. To run autogen.sh you'll need +GNU autoconf and GNU automake: at least autoconf 2.61 and automake 1.10 are +requird, newer is better. But don't use automake 1.12 or newer for creating +distribution archives: it will work but lack "de-ANSI-fication" support in the +generated Makefile's! Stick with automake 1.11.x for this purpose ... +So automake 1.11.x and autoconf 2.67+ is recommended. + +Again: "end users" do not need this step and neither need GNU autoconf nor GNU +automake at all! + + +2): "./configure" + +The configure-script is used to detect local system dependencies. + +In the perfect case, configure should recognize all needed libraries, header +files and so on. If this shouldn't work, "./configure --help" shows all +possible options. + +In addition, you can pass some command line options to "configure" to enable +and/or disable some features of ngIRCd. All these options are shown using +"./configure --help", too. + +Compiling a static binary will avoid you the hassle of feeding a chroot dir +(if you want use the chroot feature). Just do something like: + CFLAGS=-static ./configure [--your-options ...] +Then you can use a void directory as ChrootDir (like OpenSSH's /var/empty). + + +3): "make" + +The make command uses the Makefiles produced by configure and compiles the +ngIRCd daemon. + + +4): "make install" + +Use "make install" to install the server and a sample configuration file on +the local system. Normally, root privileges are necessary to complete this +step. If there is already an older configuration file present, it won't be +overwritten. + +These files and folders will be installed by default: + +- /usr/local/sbin/ngircd: executable server +- /usr/local/etc/ngircd.conf: sample configuration (if not already present) +- /usr/local/share/doc/ngircd/: documentation +- /usr/local/share/man/: manual pages + + +III. Additional features +~~~~~~~~~~~~~~~~~~~~~~~~ + +The following optional features can be compiled into the daemon by passing +options to the "configure" script. Most options can handle a argument +which will be used to search for the required libraries and header files in +the given paths ("/lib/...", "/include/...") in addition to the +standard locations. + +* Syslog Logging (autodetected by default): + --with-syslog[=] / --without-syslog + + Enable (disable) support for logging to "syslog", which should be + available on most modern UNIX-like operating systems by default. + +* ZLib Compression (autodetected by default): + --with-zlib[=] / --without-zlib + + Enable (disable) support for compressed server-server links. + The Z compression library ("libz") is required for this option. + +* IO Backend (autodetected by default): + --with-select[=] / --without-select + --with-poll[=] / --without-poll + --with-devpoll[=] / --without-devpoll + --with-epoll[=] / --without-epoll + --with-kqueue[=] / --without-kqueue + + ngIRCd can use different IO "backends": the "old school" select() and poll() + API which should be supported by most UNIX-like operating systems, or the + more efficient and flexible epoll() (Linux >=2.6), kqueue() (BSD) and + /dev/poll APIs. + By default the IO backend is autodetected, but you can use "--without-xxx" + to disable a more enhanced API. + When using the epoll() API, support for select() is compiled in as well by + default to enable the binary to run on older Linux kernels (<2.6), too. + +* IDENT-Support: + --with-ident[=] + + Include support for IDENT ("AUTH") lookups. The "ident" library is + required for this option. + +* TCP-Wrappers: + --with-tcp-wrappers[=] + + Include support for Wietse Venemas "TCP Wrappers" to limit client access + to the daemon, for example by using "/etc/hosts.{allow|deny}". + The "libwrap" is required for this option. + +* PAM: + --with-pam[=] + + Enable support for PAM, the Pluggable Authentication Modules library. + See doc/PAM.txt for details. + +* SSL: + --with-openssl[=] + --with-gnutls[=] + + Enable support for SSL/TLS using OpenSSL or gnutls libraries. + See doc/SSL.txt for details. + +* IPv6: + --enable-ipv6 + + Adds support for version 6 of the Internet Protocol. + + +IV. Useful make-targets +~~~~~~~~~~~~~~~~~~~~~~~ + +The Makefile produced by the configure-script contains always these useful +targets: + + - clean: delete every product from the compiler/linker + next step: -> make + + - distclean: the above plus erase all generated Makefiles + next step: -> ./configure + + - maintainer-clean: erase all automatic generated files + next step: -> ./autogen.sh + + +V. Sample configuration file ngircd.conf +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +In the sample configuration file, there are comments beginning with "#" OR +";" -- this is only for the better understanding of the file. + +The file is separated in five blocks: [Global], [Features], [Operator], +[Server], and [Channel]. + +In the [Global] section, there is the main configuration like the server +name and the ports, on which the server should be listening. Options in +the [Features] section enable or disable functionality in the daemon. +IRC operators of this server are defined in [Operator] blocks, remote +servers are configured in [Server] sections, and [Channel] blocks are +used to configure pre-defined ("persistent") IRC channels. + +The meaning of the variables in the configuration file is explained in the +"doc/sample-ngircd.conf", which is used as sample configuration file in +/usr/local/etc after running "make install" (if you don't already have one) +and in the ngircd.conf(5) manual page. + + +VI. Command line options +~~~~~~~~~~~~~~~~~~~~~~~~ + +These parameters could be passed to the ngIRCd: + +-f, --config + The daemon uses the file as configuration file rather than + the standard configuration /usr/local/etc/ngircd.conf. + +-n, --nodaemon + ngIRCd should be running as a foreground process. + +-p, --passive + Server-links won't be automatically established. + +-t, --configtest + Reads, validates and dumps the configuration file as interpreted + by the server. Then exits. + +Use "--help" to see a short help text describing all available parameters +the server understands, with "--version" the ngIRCd shows its version +number. In both cases the server exits after the output. + +Please see the ngircd(8) manual page for complete details!