How to use Autz-Type?

tnt at kalik.net tnt at kalik.net
Mon Mar 30 12:55:41 CEST 2009


>So in /etc/raddb/sites-available/default I have this (only authorize
>section shown):
>#==================
>authorize {
>        preprocess
>        suffix
>        Autz-Type DOM1 {
>                sql1
>        }
>        Autz-Type DOM2 {
>                sql2
>        }
>        files
>}
>#==================
>
>and on /etc/raddb/users I have this:
>#==================
>DEFAULT Realm == "domain1.com", Autz-Type := DOM1, Auth-Type := DOM1
>DEFAULT Realm == "domain2.com", Autz-Type := DOM2, Auth-Type := DOM2
>#==================
>
>but on starting freeradius I got this (full output on
>http://pastebin.com/f7ab657ef)
>
> Module: Instantiating files
>  files {
>	usersfile = "/etc/raddb/users"
>	acctusersfile = "/etc/raddb/acct_users"
>	compat = "no"
>  }
>/etc/raddb/users[2]: Parse error (check) for entry DEFAULT: Unknown
>value DOM1 for attribute Autz-Type
>Errors reading /etc/raddb/users
>/etc/raddb/modules/files[7]: Instantiation failed for module "files"
>

including configuration file /etc/raddb/sites-enabled/default
including configuration file /etc/raddb/sites-enabled/buffered-sql
including configuration file /etc/raddb/sites-enabled/control-socket

Well, default knows abut this Autz-Type, but other two virtual servers
don't. Alan plans to make changes to files module, so you would have
per virtual server users file (and probably one common users file for
all - like the present one). Until then, if you define a new Auth or
Autz type and use it in users file - you have to define it in all
enabled virtual servers.

You can always use unlang and avoid this.

Ivan Kalik
Kalik Informatika ISP




More information about the Freeradius-Users mailing list