What is the recommended way of overriding a mod file like "realm"

Nick Howitt nick at howitts.co.uk
Thu Apr 26 15:08:28 CEST 2018


The reason I am asking is because domain logins are appearing as 
"user/machine.domain". I can make it work by adding a realm in 
proxy.conf (or a parallel file and adding an INCLUDE in radius.conf):

    realm "~(.*\.)*domain$" {
    }

But I also either have to change the delimiter in the "realm suffix" 
section of /etc/raddb/mods-available/realm from "@" to "/" which means 
the file is non non-standard or I have a couple of choices of adding a 
block:

    realm realmclearos {
         format = suffix
         delimiter = "/"
    }

at the bottom /etc/raddb/mods-available/realm or in its own file in 
mods-available and symlinking to it from mods-enabled, but then, either 
way, I also have to add a line "realmclearos" in 
/etc/raddb/sites-available/default around the line saying "suffix" which 
makes /etc/raddb/sites-available/default non-standard.

There is a fair push on the mailing lists of keeping things standard and 
I am wondering what is the best direction - or is my solution completely 
wrong.

Thanks,
Nick


More information about the Freeradius-Users mailing list