Re: How to add check item (Pool-Name) from Exec-Program-Wait script?

["Mindaugas" <mind@bi.lt>]

> > >  I want to use two ippools. That's no problem of course. But which IP 
> > > pool
> > > to assign I can decide only in Exec-Program-Wait script. Now I have the
> > > following lines in users file:
> > >
> > > DEFAULT Auth-Type := Accept
> > >    Exec-Program-Wait = "/etc/raddb/authclient"
> > >
> > > authclient script checks text file, connects to MySQL and Oracle and 
> > > then
> > > it
> > > can say - use ippool1 or ippool2. But how to set Pool-Name check item? 
> > > As
> > > far as I understand if authclient would write "Pool-Name:=ipool1" to
> > > stdout
> > > then that would be reply not check item!?
> > >
> > >  So how could I tell from the script which ippool to use? I feel that 
> > > that
> > > somehow should be possible since ippool is post-auth thing. :)
> >
> >   So no ideas? :)
>
> The "exec" module has two configuration items specifying where to take
> the input from and output to. You will want to do this:
>
> exec myprogram {
>   wait = yes
>   program = "/path/to/your/program %{Some-Argument}"
>   input_pairs = request
>   output_pairs = config
> }
>
> Then put the module in the authorize section:
>
> authorize {
>   preprocess
>   files
>   # ..others
>   myprogram
> }

 Aha! So my program then should write "Pool-Name:=ippool2" to stdout and it 
will pass as check item in post auth section later? And it can also return 1 
if I want to deny access for particular user?

 Thank you for the hint. I'll test it anyway.

 Mindaugas