Shell script execution

mdii mdii.alias at gmail.com
Thu Apr 16 10:58:27 CEST 2015


Hi, thanks for your answer.

I've tried to do

Filter-Id := "%{echo:/usr/sbin/ldap_get_group_info.sh %{User-Name}}"


as  you told but in the* radiusd -X* log I've got WARNING: Unknown module
"echo" in string expansion "%"


Then I've tried to do my first attempt (but using the* radiusd -X *debug
mode):

Filter-Id := `/usr/sbin/ldap_get_group_info.sh %{User-name}`


And it works well. Then I've tried a second time, but without the* radiusd
-X* command (using *service radiusd start*), and it didn't work.


to resume :

Filter-Id := `/usr/sbin/ldap_get_group_info.sh %{User-name}`

works if I start Freeradius with *radiusd -X*
it doesn't works if I start Freeradius with *service radiusd start*

Maybe is a question of script execution time?

Thanks again for your help,
Marc


2015-04-16 10:32 GMT+02:00 Stefan Paetow <Stefan.Paetow at jisc.ac.uk>:

> > Filter-Id := '/usr/sbin/ldap_get_group_info.sh %{User-name}'  ->
> >> /usr/sbin/ldap_get_group_info.sh %{User-name}
>
> That won't work. Single quotes are literally quoting what's in the quotes.
>
> > Filter-Id := "/usr/sbin/ldap_get_group_info.sh %{User-name}"  ->
> >> /usr/sbin/ldap_get_group_info.sh monUserTest
>
> That looks better, but it doesn't give you what you want.
>
> > Does someone knows why it doesn't work? Is there a way to enable some
> logs
> > to see why it doesn't work?
>
> Yes, run radiusd -X to run it in debug mode, then do a request. Check that
> user radiusd actually has permissions to execute the script.
>
> Try this:
>
> Filter-Id := "%{echo:/usr/sbin/ldap_get_group_info.sh %{User-Name}}"
>
> That should do the trick provided that user radiusd has permission to
> execute the script.
>
> Also, you could do the searches you're doing with the LDAP module?
>
> :-)
>
> Stefan Paetow
> Moonshot Industry & Research Liaison Coordinator
>
> t: +44 (0)1235 822 125
> gpg: 0x3FCE5142
> xmpp: stefanp at jabber.dev.ja.net
> skype: stefan.paetow.janet
> Lumen House, Library Avenue, Harwell Oxford, Didcot, OX11 0SG
>
> jisc.ac.uk
>
> Jisc is a registered charity (number 1149740) and a company limited by
> guarantee which is registered in England under Company No. 5747339, VAT No.
> GB 197 0632 86. Jisc’s registered office is: One Castlepark, Tower Hill,
> Bristol, BS2 0JA. T 0203 697 5800.
> Jisc Collections and Janet Ltd. is a wholly owned Jisc subsidiary and a
> company limited by guarantee which is registered in England under Company
> No. number 2881024, VAT No. GB 197 0632 86. The registered office is: Lumen
> House, Library Avenue, Harwell, Didcot, Oxfordshire, OX11 0SG. T 01235
> 822200.
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>


More information about the Freeradius-Users mailing list