(Process Usenet control messages to maintain a database)




process-control processes Usenet control messages, applying the rules from a control.ctl file in the same format used by INN, and maintains a database of active groups with descriptions. It also archives control messages in gzip format in a central archive and logs all of its actions to a log file.

It expects to receive on standard input file names and message IDs, one pair of file name and message ID per line. The message ID is optional, but is used for logging until the message has been parsed and therefore omitting it may result in log messages that have no associated ID. The file is deleted when it has been successfully processed.

Messages are considered invalid and are discarded (with a log message) if:

All other messages will be archived. newgroup and rmgroup control messages will be archived in a file named hierarchy/group.gz, where group is the affected group and hierarchy is its first component (the part up to the first period in the name, if any). checkgroups control messages will be archived in other.ctl/checkgroups.year where year is the current year.

Messages will also be checked against the rules from a control.ctl file and messages that, according to the rules in that file, should be acted on will result in updates to a database of active groups. That database is a Berkeley DB hash file with keys equal to the group names and values of the group mode, a single space, and then the group description. It is locked against concurrent updates.

Messages that control.ctl indicates need to be checked using PGP will be passed through GnuPG using the same algorithm as pgpverify and will only be processed if the signer matches the required signer in control.ctl.

newgroup messages must have a For your newsgroups file: line in the body, followed by a line suitable for a checkgroups message (the group name, some whitespace, and the description, containing no control characters). (Moderated) will be added to the description if not present for a moderated group, and will be removed if present for an unmoderated group. For a newgroup message to be acted on, it must also not contain any component longer than 30 characters.

The same constraints on group names mentioned above are also applied to the group names in the body of a checkgroups message, and any groups not fitting those requirements will be ignored, as will any group that does not have a description. In a checkgroups message, the moderation status of the group will be determined by the presence or absence of (Moderated) at the end of the description.

Even if a newsgroup already exists, its description and mode will be checked and updated by any applicable newgroup or checkgroups message.

All changes made to the database will be logged, starting with the word ACTION:.



The database of active groups, updated as described above. It is locked against simultaneous access by using fcntl locking on a file by the same name but with .lock appended.


The root of the control message archive. It is locked against simultaneous writers by using fcntl locking on a file named .lock at the top level.


The control.ctl file used to determine which control messages should be applied to the active newsgroups database.


The keyring used to verify PGP-signed control messages. The user IDs on the keys stored in this keyring must match the user IDs expected according to the rules in control.ctl.


Where actions are logged. %Y is replaced by the current four-digit year and %m by the current two digit month.


Used for temporary files for PGP verification.


Written by Russ Allbery <>, based very heavily on controlchan by Marco d'Itri. Portions based on pgpverify by David Lawrence.


export-control(1), update-control(1)

This script is part of the control-archive package. The control-archive web page at <> will have the current version of the package.

Last spun 2022-12-12 from POD modified 2019-01-07