Differences

This shows you the differences between two versions of the page.

--- openbsd:irc:znc [2020/03/19 12:00]
jrmu
+++ openbsd:irc:znc [2020/08/01 09:02] (current)
baytuch
@@ Line 18: / Line 18: @@
 Shell:       /sbin/nologin
 OK? (y/n) [y]: y
+</code>
 I am not sure if this is necessary, but in /etc/login.conf, I add the following:
@@ Line 39: / Line 40: @@
 </code>
-There should be a line with znc that looks like this (I check to make sure znc has the right login class):
+There should be a line with znc that looks like this (I check to make sure znc has the right login class; the '1001' is the uid, which you may find to be different from this example, but it should not be changed):
 <code>
-znc:*:1001:1001::0:0:znc:/home/znc:/bin/sh
+znc:*:1001:1001:znc:0:0:znc:/home/znc:/sbin/nologin
 </code>
@@ Line 48: / Line 49: @@
 <code>
-cap_mkdb /etc/login.conf
+$ doas cap_mkdb /etc/login.conf
 </code>
+Now change znc shell to /bin/ksh , then continue with the steps below.
 <code>
@@ Line 65: / Line 68: @@
 </code>
-I then set the default shell to /sbin/nologin:
+I then set the default shell to /sbin/nologin (note: the '1001' is the uid, which you may find to be different from this example, but it should not be changed.):
 <code>
@@ Line 75: / Line 79: @@
 </code>
-Run this install script (tested for OpenBSD 6.6 and znc-1.7.4) as root to put znc inside the chroot at /home/znc:
+Run this install script (tested for OpenBSD 6.7 and znc-1.7.5) as root to put znc inside the chroot at /home/znc:
 <code>
@@ Line 87: / Line 91: @@
 mknod -m 644 /home/znc/dev/urandom c 45 2
 mknod -m 666 /home/znc/dev/null c 2 2
-cp /usr/lib/libc++.so.3.0      /home/znc/usr/lib/libc++.so.3.0
+cp /usr/lib/libc++.so.4.0      /home/znc/usr/lib/libc++.so.4.0
-cp /usr/lib/libc++abi.so.1.0   /home/znc/usr/lib/libc++abi.so.1.0
+cp /usr/lib/libc++abi.so.2.1   /home/znc/usr/lib/libc++abi.so.2.1
-cp /usr/lib/libc.so.95.1       /home/znc/usr/lib/libc.so.95.1
+cp /usr/lib/libc.so.96.0       /home/znc/usr/lib/libc.so.96.0
-cp /usr/lib/libcrypto.so.45.5  /home/znc/usr/lib/libcrypto.so.45.5
+cp /usr/lib/libcrypto.so.46.1  /home/znc/usr/lib/libcrypto.so.46.1
 cp /usr/lib/libm.so.10.1       /home/znc/usr/lib/libm.so.10.1
 cp /usr/lib/libpthread.so.26.1 /home/znc/usr/lib/libpthread.so.26.1
-cp /usr/lib/libssl.so.47.6     /home/znc/usr/lib/libssl.so.47.6
+cp /usr/lib/libssl.so.48.1     /home/znc/usr/lib/libssl.so.48.1
 cp /usr/lib/libz.so.5.0        /home/znc/usr/lib/libz.so.5.0
 cp /usr/libexec/ld.so          /home/znc/usr/libexec/ld.so
@@ Line 107: / Line 111: @@
 <code>
-# HOME=/home/znc/
+# export HOME=/home/znc/
 # chroot -u znc -g znc /home/znc znc --makeconf
 </code>
@@ Line 148: / Line 152: @@
 # export HOME=/home/znc
 # /usr/sbin/chroot -u znc -g znc /home/znc znc >>/var/log/znc.log 2>&1 &
+</code>
+Creating a start script:
+<code>
+doas touch /etc/rc.d/znc
+doas chmod +x /etc/rc.d/znc
+</code>
+File contents:
+<code>
+#!/bin/ksh
+#
+# $OpenBSD: znc,v 1.2 2018/01/11 19:27:07 rpe Exp $
+daemon_pidfile="/home/znc/home/znc/.znc/znc.pid"
+daemon="env HOME=/home/znc /usr/sbin/chroot -u znc -g znc /home/znc znc"
+service_stop() {
+  if [ -f $daemon_pidfile ]; then
+    pid=$(sed 's/[^0-9]*//g' $daemon_pidfile)
+    kill $pid
+  fi
+}
+case "$1" in
+  stop)
+    service_stop
+    ;;
+esac
+. /etc/rc.d/rc.subr
+rc_reload=NO
+rc_cmd $1
+</code>
+<code>
+doas rcctl start znc
+doas rcctl stop znc
 </code>
@@ Line 178: / Line 224: @@
 <code>
-AnonIPLimit = 200
+AnonIPLimit = 10000
 AuthOnlyViaModule = false
 ConfigWriteDelay = 0
@@ Line 194: / Line 240: @@
 SSLDHParamFile = /home/znc/.znc/dhparam.pem
 SSLKeyFile = /home/znc/.znc/my.example.com.key
+PidFile = /home/znc/.znc/znc.pid
 ServerThrottle = 30
-Version = 1.7.4
+Version = 1.7.5
 <Listener listener0>
@@ Line 203: / Line 250: @@
         IPv4 = true
         IPv6 = false
-        Port = 6697
+        Port = 1337
-        SSL = true
+        SSL = false
         URIPrefix = /
 </Listener>
 <Listener listener1>
+        AllowIRC = true
+        AllowWeb = false
+        Host = 192.168.1.1
+        IPv4 = true
+        IPv6 = false
+        Port = 31337
+        SSL = true
+        URIPrefix = /
+</Listener>
+<Listener listener2>
         AllowIRC = true
         AllowWeb = false
@@ Line 214: / Line 272: @@
         IPv4 = false
         IPv6 = true
-        Port = 6697
+        Port = 1337
+        SSL = false
+        URIPrefix = /
+</Listener>
+<Listener listener3>
+        AllowIRC = true
+        AllowWeb = false
+        Host = 2001:db8::
+        IPv4 = false
+        IPv6 = true
+        Port = 31337
         SSL = true
         URIPrefix = /
 </Listener>
-<Listener listener2>
+<Listener listener4>
+        AllowIRC = true
+        AllowWeb = false
+        Host = 127.0.0.1
+        IPv4 = true
+        IPv6 = false
+        Port = 1337
+        SSL = false
+        URIPrefix = /
+</Listener>
+<Listener listener5>
         AllowIRC = false
         AllowWeb = true
@@ Line 225: / Line 305: @@
         IPv4 = true
         IPv6 = false
-        Port = 6669
+        Port = 1338
         SSL = false
         URIPrefix = /
@@ Line 233: / Line 313: @@
 We will load the identfile module by default. This is necessary to provide proper ident using [[openbsd:irc:oidentd|oidentd]]. Please follow the instructions in the link to configure ident.
-I have znc bind to port 6669 without SSL for the web server. I will later use [[openbsd:net:relayd|relayd]] to provide TLS acceleration on port 443.
+I have znc bind to port 1338 without SSL for the web server. I will later use [[openbsd:net:relayd|relayd]] to provide TLS acceleration on port 443.
 Replace with your own IP addresses. Then, on your irc client logged into the bouncer:
@@ Line 249: / Line 329: @@
 <code>
 HOME=/home/znc
-*/5     *       *       *       *       /usr/sbin/chroot -u znc -g znc /home/znc znc >/var/log/znc.log 2>&1 &
+*/5     *       *       *       *       /usr/sbin/chroot -u znc -g znc /home/znc znc >>/var/log/znc.log 2>&1 &
 </code>
@@ Line 255: / Line 335: @@
 <code>
-$ openssl s_client -connect my.example.com:6697
+$ openssl s_client -connect my.example.com:31337
 </code>

IRCNow

Page Tools

Site Tools

User Tools

Differences