[rad] Re: SOLVED Re: pseudo-newbie exec scripts and session-time
Charles Gregory
cgregory at hwcn.org
Mon Jun 15 00:15:20 CEST 2009
On Sun, 14 Jun 2009, Alan DeKok wrote:
> Charles Gregory wrote:
>> Five or six huh? Quote them.
> 1) Read my messages.
That's rich coming from you.
> .... The text you *deleted* pointed you to documentation for the
> "users" file, and the SQL module.
Speaking of 'not reading' didn't you catch my comment that the users file
and its documentation contains NOTHING about exec? So the 'option' may
have been offered, but of course, I was talking about options that had the
faintest chance of pointing me in the right direction.
As for SQL, it's utterly irrelvant. Writing the script is not my issue.
I just needed to find the right syntax to call it.
> 2) See the examples in the "users" file. It contains MANY examples
> of setting values for attributes.
Well, let's pretend for a moment that the information is actually in the
users file or its docs, care to quote where someone said "the instructions
for 'exec' are in the users file"? Oh, and this makes #1 and #2 the same
advice. Repeating bad advice is not five or six OPTIONS.
> The *hope* is that readers can put 2+2 together. i.e. the "exec"
> modules does NOT contain documentation about how to configure all of
> the other modules
Actually, the flaw I've noticed is that it *partially* contains just
that. If it had no example of usage at all, but just how to 'code' it, I
would have then started looking for another file where it was 'used'.
> 3) buy support.
Oh ho! So sarcastic screw-me-if-I-don't-want-to-pay is an option?
Nice one. I think I'll be charitable and give you this one. But it's
really not something I could type into a config file, is it....
> 4) upgrade to 2.x.
I said you could skip that one. But I can tell you're struggling to back
up these ludicrous statements you keep making, so I'll forgive you.
> 5) install 1.0.x from *source* and look at the examples you were told
> to look at.
Uh, actually, I thought of *that* one on my own after people kept
insisting that #2 should have helped. And really, it's not another
'option' for me to try, it was just helping me find #2. And it wasn't
suggested I try the source until AFTER I had figured it out on my own.
>> OH, and as a side note, I just double-checked the 'users' file and the
>> users man page, and NEITHER of them contain the word 'exec' ANYWHERE in
>> any context or usage. So WHERE exactly was I supposed to find the
>> instructions to do what I wanted to do?
> The "exec" module.
Well, let's look for the documentation for the exec module.....
root at york/data/temp/freeradius-1.0.1/doc> ls -a
. MACOSX rlm_digest
.. Makefile rlm_eap
00-OLD misc-nas rlm_fastusers
aaa.txt module_interface rlm_krb5
Acct-Type OS2 rlm_ldap
ascend performance-testing rlm_pam
Autz-Type Post-Auth-Type rlm_passwd
bay processing_users_file rlm_python
bugs proxy rlm_sim_triplets
ChangeLog RADIUS-LDAP.schema rlm_sql
cisco RADIUS-LDAPv3.schema rlm_sqlcounter
coding-methods.txt RADIUS-SQL.schema rlm_x99_token
configurable_failover radrelay Session-Type
CVS README Simultaneous-Use
CYGWIN release-method.txt supervise-radiusd.txt
DIFFS rfc tuning_guide
duplicate-users rlm_attr_filter variables.txt
ldap_howto.txt rlm_dbm
OH well.... I guess when I was asking someone to help point me in the
right direction maybe I was just asking if someone could tell me WHICH of
these files contains that exec module description. The README file
contains descriptions for 'exec-program'. I suppose *that* would have
sufficed. Though again, with the warnings about it being deprecated, I
preferred to use the exec module.
> Did you *really* think that there was an attributed called
> "Attribute-Name", as suggested in the comments for the exec module?
Oh yes, absolutely! I take everything I read absolutely literally 100%.
How could you think anything else? Uh, unless of course you read my
attempted syntax in my first posting..... Oh wait you did, you're just
trying to be funny... or something....
> .... But you *didn't* put 2+2 together, and edit the *users* file
> examples containing Session-Timeout to use the same `%{exec:..` text.
The users file does not contain any examples of *executable* code.
Not objecting to this clever use of the file, but for an old progreammer
conditioned to keep his data and his code separate, and an obvious
'section' in the radiusd.conf to define modules, it didn't make sense to
be placing 'calls' to programs in among hard-coded attributes. Now should
I have 'figured it out' from the fact that the users file contains
conditional tests? Maybe. But keep in mind (or did I mention?) that I had
already coded a *logging* module in radiusd.conf. I was thinking not that
I was using an entirely different *scheme*, but only needed a minor
correction of usage or syntax which any well-meaning individual could have
pointed out in 2 seconds (or just said, "that looks fine, your problem is
somewhere else".
> I've made it as clear as possible in 1.0.
Well, given the comment that I've done things in an 'unofficial' manner,
then I won't contradict this. But if I may say so, given the way that the
users file comments are otherwise very well self-contained, the absence of
any examples of 'exec-program' is very misleading. I finally found the
references to it today in the overall 'readme' in the docs directory.
If you want to accuse me fairly of anything, it would be presumption that
the comments in the files were adequate. Yes, I should have gone hunting
for the readme. But then again, I think that was the substance of my
original post. The correct answer would have been, "did you look in
doc/README?" I would have gone 'duh' read it and perhaps had a different
solution than the one I finally came up with. But no.... It had to be a
generic 'read the docs.... read the docs....' (sigh)
> If you don't like the documentation there, upgrade to 2.x .
I just downloaded it and looked at it. The comments on 'exec-program' have
been removed from the README and the rest of the documentation looks
pretty much the same. So much for having improved it.... Though of
course, you are so convinced of how good it is, why would you? But it
makes the above comment a bit of a joke....
> If you don't want to upgrade to 2.x, don't blame *me* for the
> documentation being bad. You're the one whose chose to *not* read the
> documentation I wrote.
Actually, if you engage two or more brain cells at the same time, you will
remember that I was *asking* for pointers to the correct documentation.
>> Yes, yes, version 2.x.... But
>> given my
> ... self-imposed ...
>> constraints, 'read the docs' was utterly useless.
> Well.. I can't help that.
No you can't. But at least when someone tells you it was useless you can
stop telling them that you have done something 'useful' by repeatedly
pointing him to docs that don't help.
>> I await your QUOTE of '5 or 6' options. I'll presume one of them was to
>> upgrade to 2.x so you can skip that one....
> No. It's an option. The fact that *you* rejected it is *your* problem.
No, no, I was just saying you could save time by not bothering to repeat
it. You have so many times, WE ALL GET IT. :)
> I didn't know if you *really* wanted to solve the problem, or if you
> just wanted to find reasons to vent about how bad the software was.
My turn to say "you're kidding, right?" To give you your due, yes I'm sure
you get lots of whiners who disagree with any number of your design
choices and anything else they can think of. But I think when you see the
word 'newbie' and a request for a 'howto', it's not criticizing anything.
It just means I need more docs. Not my fault if you take away more meaning
from the request than you put into it.
> Given the sheer level of energy you've put into *not* following
> suggestions, I'd say the answer to that is pretty clear.
Actually, you have a point there about wasted effort. I spent far more
time trying to understand what docs were being referenced than I did
actually continuing to work on my own.
> Yet when you *finally* downloaded the source, you found the working
> script that you were told to use. But it took *fighting* you before you
> were willing to take that step.
Actually, no. It took someone polite and caring who asked me if I had
looked in a particular file and not just 'at the docs'. As soon as someone
mentioned a specific file that I knew I had not yet seen I had at least
some sort of answer that I could work with. YOUR problem is you never
named a file. You never told me WHERE to look. As soon as that script was
named, I got the source and looked at it. Even though I had already
figured out my own way, it seemed reasonable to pursue this and see if
there really was something you were talking about,
But seriously, chanting 'read the docs' is worse than useless,
> See? Given the choice between following instructions and then solving
> the problem, *or* fighting, your first reaction was to fight, and to
> disagree with the people on this list.
(Sarcasm) Your argument is completely invalid in light of my previous
posting on this subject. PLease read it before continuing to make these
false assertions. (/sarcasm)
Now to *which* posting do I refer? Well, in the spirit of your 'look at
the docs' comment, you'll just have to keep looking in places you never
knew about to find it. Oh, sorry, it was on a different list, ina
competely unexpected thread. But you can work it out without details like
that. At least that's what you expect from me.
LOL
> That seems to be clear demonstration of your goals.
I think the thing that really bugs you is that I proved that my goals were
to get a working script/module and DID it in spite of your pathetic
attempts to 'help', not because of them. Why don't you take this
positively and think of it as a tribute to your excellent design that I
was able to code it myself by simply copying what was in the file?
>> Really, why weren't the docs in the radiusd.conf or users documentation?
>> You say you wrote this stuff. How could you leave something out (and
>> then act like it was always there and I failed to read it)?
> You got far enough to put the *correct* configuration into the *wrong*
> file.
Yeah. Far enough to know this was the case, and not have any comment in
any config file showing its use in place. So I ASKED for a 'howto' or a
working example. What is so hard about that?
> No documentation or example said that configuration would work.
> Many other documentation files and examples said something else would work.
And I asked people to POINT me to one of them, and I had to fight like
crazy just to finally get someone to point me to a 'script' directory.
> And despite your complaints, you have carefully *not* responded to
> most of my points disproving most of your complaints.
LOL I would say the same about you. Your list of '5 options' is totally
repatitive (or perhaps redundant is the word) to the point of being a
joke.
But having read the above, I am once more convinced that your only goal
here is to sound superior. I've easilyt admitted I came here as an
ignorant newbie (it's in the darn thread title, for heaven's sake), so you
could hardly take any of this as some giant scheme to prove I am somehow
'better' than you. I just don't see how lies and half truths help the
situation.
> You selectively read my messages, just like you selectively read the
> documentation.
Guilty of the latter, certainly. But the former is once again, for the
man who gets 'no idea' from my postings, strictly your problem. Not mine.
You make this stuff up as you go. I quote my previous postings, and
sections of documentation that are clearly lacking. I post examples and
facts. You post hyperbole and exaggerated accusations of my incompetency.
And you know what? I don't even care if I come across as incompetent. Sure
I am. There you go. I said it. But the fact that you could FAIL to help
someone who knows so little only shows a complete unwillingness to be
helpful. Makes me wonder why you bother to post at all....
Anyways.... When you come up with 5 real examples of clear code options
that were offered to me to use in my 1.x setup without using the
deprecated exec-program, then I might believe I overlooked something,
but well, to quote a favorite TV show, I think Satan will be skating to
work on that day....
Thanks again for the great software.
- C
More information about the Freeradius-Users
mailing list