1
0

INSTALL 13 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367
  1. ngIRCd - Next Generation IRC Server
  2. http://ngircd.barton.de/
  3. (c)2001-2017 Alexander Barton and Contributors.
  4. ngIRCd is free software and published under the
  5. terms of the GNU General Public License.
  6. -- INSTALL --
  7. I. Upgrade Information
  8. ~~~~~~~~~~~~~~~~~~~~~~
  9. Differences to version 22.x
  10. - The "NoticeAuth" ngircd.conf configuration variable has been renamed to
  11. "NoticeBeforeRegistration". The old "NoticeAuth" variable still works but
  12. is deprecated now.
  13. - The default value of the SSL "CipherList" variable has been changed to
  14. "HIGH:!aNULL:@STRENGTH:!SSLv3" (OpenSSL) and "SECURE128:-VERS-SSL3.0"
  15. (GnuTLS) to disable the old SSLv3 protocol by default.
  16. To enable connections of clients still requiring the weak SSLv3 protocol,
  17. the "CipherList" must be set to its old value (not recommended!), which
  18. was "HIGH:!aNULL:@STRENGTH" (OpenSSL) and "SECURE128" (GnuTLS), see below.
  19. Differences to version 20.x
  20. - Starting with ngIRCd 21, the ciphers used by SSL are configurable and
  21. default to "HIGH:!aNULL:@STRENGTH" (OpenSSL) or "SECURE128" (GnuTLS).
  22. Previous version were using the OpenSSL or GnuTLS defaults, "DEFAULT"
  23. and "NORMAL" respectively.
  24. - When adding GLINE's or KLINE's to ngIRCd 21 (or newer), all clients matching
  25. the new mask will be KILL'ed. This was not the case with earlier versions
  26. that only added the mask but didn't kill already connected users.
  27. - The "PredefChannelsOnly" configuration variable has been superseded by the
  28. new "AllowedChannelTypes" variable. It is still supported and translated to
  29. the appropriate "AllowedChannelTypes" setting but is deprecated now.
  30. Differences to version 19.x
  31. - Starting with ngIRCd 20, users can "cloak" their hostname only when the
  32. configuration variable "CloakHostModeX" (introduced in 19.2) is set.
  33. Otherwise, only IRC operators, other servers, and services are allowed to
  34. set mode +x. This prevents regular users from changing their hostmask to
  35. the name of the IRC server itself, which confused quite a few people ;-)
  36. Differences to version 17.x
  37. - Support for ZeroConf/Bonjour/Rendezvous service registration has been
  38. removed. The configuration option "NoZeroconf" is no longer available.
  39. - The structure of ngircd.conf has been cleaned up and three new configuration
  40. sections have been introduced: [Limits], [Options], and [SSL].
  41. Lots of configuration variables stored in the [Global] section are now
  42. deprecated there and should be stored in one of these new sections (but
  43. still work in [Global]):
  44. "AllowRemoteOper" -> [Options]
  45. "ChrootDir" -> [Options]
  46. "ConnectIPv4" -> [Options]
  47. "ConnectIPv6" -> [Options]
  48. "ConnectRetry" -> [Limits]
  49. "MaxConnections" -> [Limits]
  50. "MaxConnectionsIP" -> [Limits]
  51. "MaxJoins" -> [Limits]
  52. "MaxNickLength" -> [Limits]
  53. "NoDNS" -> [Options], and renamed to "DNS"
  54. "NoIdent" -> [Options], and renamed to "Ident"
  55. "NoPAM" -> [Options], and renamed to "PAM"
  56. "OperCanUseMode" -> [Options]
  57. "OperServerMode" -> [Options]
  58. "PingTimeout" -> [Limits]
  59. "PongTimeout" -> [Limits]
  60. "PredefChannelsOnly" -> [Options]
  61. "SSLCertFile" -> [SSL], and renamed to "CertFile"
  62. "SSLDHFile" -> [SSL], and renamed to "DHFile"
  63. "SSLKeyFile" -> [SSL], and renamed to "KeyFile"
  64. "SSLKeyFilePassword" -> [SSL], and renamed to "KeyFilePassword"
  65. "SSLPorts" -> [SSL], and renamed to "Ports"
  66. "SyslogFacility" -> [Options]
  67. "WebircPassword" -> [Options]
  68. You should adjust your ngircd.conf and run "ngircd --configtest" to make
  69. sure that your settings are correct and up to date!
  70. Differences to version 16.x
  71. - Changes to the "MotdFile" specified in ngircd.conf now require a ngircd
  72. configuration reload to take effect (HUP signal, REHASH command).
  73. Differences to version 0.9.x
  74. - The option of the configure script to enable support for Zeroconf/Bonjour/
  75. Rendezvous/WhateverItIsNamedToday has been renamed:
  76. --with-rendezvous -> --with-zeroconf
  77. Differences to version 0.8.x
  78. - The maximum length of passwords has been raised to 20 characters (instead
  79. of 8 characters). If your passwords are longer than 8 characters then they
  80. are cut at an other position now.
  81. Differences to version 0.6.x
  82. - Some options of the configure script have been renamed:
  83. --disable-syslog -> --without-syslog
  84. --disable-zlib -> --without-zlib
  85. Please call "./configure --help" to review the full list of options!
  86. Differences to version 0.5.x
  87. - Starting with version 0.6.0, other servers are identified using asynchronous
  88. passwords: therefore the variable "Password" in [Server]-sections has been
  89. replaced by "MyPassword" and "PeerPassword".
  90. - New configuration variables, section [Global]: MaxConnections, MaxJoins
  91. (see example configuration file "doc/sample-ngircd.conf"!).
  92. II. Standard Installation
  93. ~~~~~~~~~~~~~~~~~~~~~~~~~
  94. ngIRCd is developed for UNIX-based systems, which means that the installation
  95. on modern UNIX-like systems that are supported by GNU autoconf and GNU
  96. automake ("configure") should be no problem.
  97. The normal installation procedure after getting (and expanding) the source
  98. files (using a distribution archive or GIT) is as following:
  99. 0) Satisfy prerequisites
  100. 1) ./autogen.sh [only necessary when using GIT]
  101. 2) ./configure
  102. 3) make
  103. 4) make install
  104. (Please see details below!)
  105. Now the newly compiled executable "ngircd" is installed in its standard
  106. location, /usr/local/sbin/.
  107. The next step is to configure and afterwards starting the daemon. Please
  108. have a look at the ngircd(8) and ngircd.conf(5) manual pages for details
  109. and all possible options -- and don't forget to run "ngircd --configtest"
  110. to validate your configuration file!
  111. If no previous version of the configuration file exists (the standard name
  112. is /usr/local/etc/ngircd.conf), a sample configuration file containing all
  113. possible options will be installed there. You'll find its template in the
  114. doc/ directory: sample-ngircd.conf.
  115. 0): Satisfy prerequisites
  116. When building from source, you'll need some other software to build ngIRCd:
  117. for example a working C compiler, make tool, GNU automake and autoconf (only
  118. when not using a distribution archive), and a few libraries depending on the
  119. features you want to compile in (like IDENT support, SSL, and PAM).
  120. If you are using one of the "big" operating systems or Linux distributions,
  121. you can use the following commands to install all the required packages to
  122. build the sources including all optional features and to run the test suite:
  123. * Red Hat / Fedora based distributions:
  124. yum install \
  125. autoconf automake expect gcc glibc-devel gnutls-devel \
  126. libident-devel make pam-devel tcp_wrappers-devel telnet zlib-devel
  127. * Debian / Ubuntu based distributions:
  128. apt-get install \
  129. autoconf automake build-essential expect libgnutls-dev \
  130. libident-dev libpam-dev libwrap0-dev libz-dev telnet
  131. 1): "autogen.sh"
  132. The first step, autogen.sh, is only necessary if the configure-script isn't
  133. already generated. This never happens in official ("stable") releases in
  134. tar.gz-archives, but when using GIT.
  135. This step is therefore only interesting for developers.
  136. autogen.sh produces the Makefile.in's, which are necessary for the configure
  137. script itself, and some more files for make. To run autogen.sh you'll need
  138. GNU autoconf and GNU automake: at least autoconf 2.61 and automake 1.10 are
  139. required, newer is better. But don't use automake 1.12 or newer for creating
  140. distribution archives: it will work but lack "de-ANSI-fication" support in the
  141. generated Makefile's! Stick with automake 1.11.x for this purpose ...
  142. So automake 1.11.x and autoconf 2.67+ is recommended.
  143. Again: "end users" do not need this step and neither need GNU autoconf nor GNU
  144. automake at all!
  145. 2): "./configure"
  146. The configure-script is used to detect local system dependencies.
  147. In the perfect case, configure should recognize all needed libraries, header
  148. files and so on. If this shouldn't work, "./configure --help" shows all
  149. possible options.
  150. In addition, you can pass some command line options to "configure" to enable
  151. and/or disable some features of ngIRCd. All these options are shown using
  152. "./configure --help", too.
  153. Compiling a static binary will avoid you the hassle of feeding a chroot dir
  154. (if you want use the chroot feature). Just do something like:
  155. CFLAGS=-static ./configure [--your-options ...]
  156. Then you can use a void directory as ChrootDir (like OpenSSH's /var/empty).
  157. 3): "make"
  158. The make command uses the Makefiles produced by configure and compiles the
  159. ngIRCd daemon.
  160. 4): "make install"
  161. Use "make install" to install the server and a sample configuration file on
  162. the local system. Normally, root privileges are necessary to complete this
  163. step. If there is already an older configuration file present, it won't be
  164. overwritten.
  165. These files and folders will be installed by default:
  166. - /usr/local/sbin/ngircd: executable server
  167. - /usr/local/etc/ngircd.conf: sample configuration (if not already present)
  168. - /usr/local/share/doc/ngircd/: documentation
  169. - /usr/local/share/man/: manual pages
  170. III. Additional features
  171. ~~~~~~~~~~~~~~~~~~~~~~~~
  172. The following optional features can be compiled into the daemon by passing
  173. options to the "configure" script. Most options can handle a <path> argument
  174. which will be used to search for the required libraries and header files in
  175. the given paths ("<path>/lib/...", "<path>/include/...") in addition to the
  176. standard locations.
  177. * Syslog Logging (autodetected by default):
  178. --with-syslog[=<path>] / --without-syslog
  179. Enable (disable) support for logging to "syslog", which should be
  180. available on most modern UNIX-like operating systems by default.
  181. * ZLib Compression (autodetected by default):
  182. --with-zlib[=<path>] / --without-zlib
  183. Enable (disable) support for compressed server-server links.
  184. The Z compression library ("libz") is required for this option.
  185. * IO Backend (autodetected by default):
  186. --with-select[=<path>] / --without-select
  187. --with-poll[=<path>] / --without-poll
  188. --with-devpoll[=<path>] / --without-devpoll
  189. --with-epoll[=<path>] / --without-epoll
  190. --with-kqueue[=<path>] / --without-kqueue
  191. ngIRCd can use different IO "backends": the "old school" select() and poll()
  192. API which should be supported by most UNIX-like operating systems, or the
  193. more efficient and flexible epoll() (Linux >=2.6), kqueue() (BSD) and
  194. /dev/poll APIs.
  195. By default the IO backend is autodetected, but you can use "--without-xxx"
  196. to disable a more enhanced API.
  197. When using the epoll() API, support for select() is compiled in as well by
  198. default to enable the binary to run on older Linux kernels (<2.6), too.
  199. * IDENT-Support:
  200. --with-ident[=<path>]
  201. Include support for IDENT ("AUTH") lookups. The "ident" library is
  202. required for this option.
  203. * TCP-Wrappers:
  204. --with-tcp-wrappers[=<path>]
  205. Include support for Wietse Venemas "TCP Wrappers" to limit client access
  206. to the daemon, for example by using "/etc/hosts.{allow|deny}".
  207. The "libwrap" is required for this option.
  208. * PAM:
  209. --with-pam[=<path>]
  210. Enable support for PAM, the Pluggable Authentication Modules library.
  211. See doc/PAM.txt for details.
  212. * SSL:
  213. --with-openssl[=<path>]
  214. --with-gnutls[=<path>]
  215. Enable support for SSL/TLS using OpenSSL or gnutls libraries.
  216. See doc/SSL.txt for details.
  217. * IPv6:
  218. --enable-ipv6
  219. Adds support for version 6 of the Internet Protocol.
  220. IV. Useful make-targets
  221. ~~~~~~~~~~~~~~~~~~~~~~~
  222. The Makefile produced by the configure-script contains always these useful
  223. targets:
  224. - clean: delete every product from the compiler/linker
  225. next step: -> make
  226. - distclean: the above plus erase all generated Makefiles
  227. next step: -> ./configure
  228. - maintainer-clean: erase all automatic generated files
  229. next step: -> ./autogen.sh
  230. V. Sample configuration file ngircd.conf
  231. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  232. In the sample configuration file, there are comments beginning with "#" OR
  233. ";" -- this is only for the better understanding of the file.
  234. The file is separated in five blocks: [Global], [Features], [Operator],
  235. [Server], and [Channel].
  236. In the [Global] section, there is the main configuration like the server
  237. name and the ports, on which the server should be listening. Options in
  238. the [Features] section enable or disable functionality in the daemon.
  239. IRC operators of this server are defined in [Operator] blocks, remote
  240. servers are configured in [Server] sections, and [Channel] blocks are
  241. used to configure pre-defined ("persistent") IRC channels.
  242. The meaning of the variables in the configuration file is explained in the
  243. "doc/sample-ngircd.conf", which is used as sample configuration file in
  244. /usr/local/etc after running "make install" (if you don't already have one)
  245. and in the ngircd.conf(5) manual page.
  246. VI. Command line options
  247. ~~~~~~~~~~~~~~~~~~~~~~~~
  248. These parameters could be passed to the ngIRCd:
  249. -f, --config <file>
  250. The daemon uses the file <file> as configuration file rather than
  251. the standard configuration /usr/local/etc/ngircd.conf.
  252. -n, --nodaemon
  253. ngIRCd should be running as a foreground process.
  254. -p, --passive
  255. Server-links won't be automatically established.
  256. -t, --configtest
  257. Reads, validates and dumps the configuration file as interpreted
  258. by the server. Then exits.
  259. Use "--help" to see a short help text describing all available parameters
  260. the server understands, with "--version" the ngIRCd shows its version
  261. number. In both cases the server exits after the output.
  262. Please see the ngircd(8) manual page for complete details!