TS - custom script for access

d.tom.schmitt at L-3com.com d.tom.schmitt at L-3com.com
Mon Nov 30 18:39:24 CET 2009 

You refer to the scripts/exec-program-wait and I read what I could.
It is still vague to me.
Is there a simple example HOW-TO, etc. showing a simple script (bash
shell) 
That is executed by an entry in a flatfile in radius?
	I don't need a database for the entries as I build them upon
request in the flatfile.
	This works for a standard radius request with radtest.

I found that it must be a 'C' program not a shell script in the
comments.

I am still unclear if I create a script called 'doit.sh':
	1.  Do I have to place the script in a certain location?
	2.  What permissions are required for the script to execute?
	3.  What do I place in the radiusd.conf file to have the script
available and to run it?
	4.  What would an entry for a user look like to have just that
user be sent to the 'doit.sh' script?
	5.  Is there a location 'default' that would make all users have
to run the code for access?

I am new at freeRADIUS and currently am very confused.

The only thing that needs to come from a radius request is their login -
the rest of the credentials will come from a MySql database entry.
Password is not even required for a user at this point.
I'm sure once this clicks with me, it will go smoothly!

         Thanks,
         
         Tom Schmitt
         Senior IT Staff - R&D
         Phone (801) 594-3030
         D.Tom.Schmitt at L-3Com.com
                 \\\\||////
                  \ ~  ~ /  
                  | @  @ |   
    		 --oOo---(_)---oOo--

-----Original Message-----
From:
freeradius-users-bounces+d.tom.schmitt=l-3com.com at lists.freeradius.org
[mailto:freeradius-users-bounces+d.tom.schmitt=l-3com.com at lists.freeradi
us.org] On Behalf Of Alan DeKok
Sent: Tuesday, November 24, 2009 6:30 AM
To: FreeRadius users mailing list
Subject: Re: custom script for access

d.tom.schmitt at L-3com.com wrote:
> Just getting back to this project.
> 
> I want the request to come from a standard radius request from another
server (or the same server).
> I was to do some external checks with a bash shell script and then
have the script allow or deny access to the user.
> 
> I am using the flatfile for user entries.
> I currently have external scripts that write entries to the flatfile
for authentication.
> I can create a regular entry and have radtest verify that the entry is
fine.
> 
> I cannot figure what would have to be in that authentication entry to
tell radius to execute the script.

  See scripts/exec-program-wait

  Alan DeKok.
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html

More information about the Freeradius-Users mailing list