HUP causes crashes [was: Error: ERROR: Tunnel-Password attribute in request]

[Phil Mayers]

Alan DeKok wrote:
> B Thompson <bt4 at york.ac.uk> wrote:
>> http://lists.freeradius.org/mailman/htdig/freeradius-users/2006-March/051856.html
> 
>   A short work-around (i.e. hack) may be to not reload everything on HUP.
> 
>   Why are you HUPing it so often?

I realise this question wasn't directed to me, but the reason we HUP it 
so often is to reload a *large* rlm_passwd map in response to users 
registering and de-registering for things, and users being blocked and 
unblocked.

I realise in theory an SQL lookup might make more sense, but frankly 
we've found SQL in FreeRadius to be less-than reliable in the past, and 
it's certainly never going to be anything like as fast as rlm_passwd. 
Largely these issues were to do with peak load scaling and MVCC issues 
in Postgres (MySQL not being an option).

It's my intention to write and contribute an rlm_tdb module at some 
point when I have the free time (ha!) which would allow update processes 
to write to the binary map file whilst FR is running e.g.

modules
   tdb mac2zone {
     file = %{confdir}/mac2zone.tdb
     key = "Calling-Station-Id"
     result = "~MyZone ~MyHostId"
   }
   tdb nas2vlanset {
     file = %{confdir}/nas2vlanset.tdb
     key = "NAS-IP-Address"
     result = "~MyVlanset ~MyNasId"
   }
   tdb zonevlan2vlan {
     file = %{confdir}/zonevlan2vlan
     key = "MyZone MyVlanset"
     result = "Tunnel-Private-Group-Id"
   }
}

authorize {
   preprocess
   files
   Autz-Type MACBASEVLANS {
     mac2zone
     nas2vlanset
     zonevlan2vlan
   }
}

...and one could update the .tdb live