Hey Alan! Alan DeKok <aland@deployingradius.com> hat am 1. September 2010 um 15:46 geschrieben:
Jan Zacharias wrote:
To speed up the debugging, I introduced a sleep of varying duration in the ntlm_auth_wrapper.
I found that freeradius kills the ntlm stuff if it takes longer than ten seconds to complete.
Yes. Any child script which takes that long is broken. No, it can also be just someone pulling a network cord/routing changes etc.etc.
My suggestion is that we introduce a configuration variable ntlm_auth_retries so that freerad kills the process,
No. You can write a shell script wrapper around ntlm_auth that does:
- fork ntlm_auth - wait 1s for it to return - if it doesn't return, kill it - try to fork it again
Yeah sure, this was also my first idea, but i'm still limited to ten seconds then :(
What do you think, Alan? Anyone else?
This isn't a server problem, and changing the server isn't necessary. Sure it's not a problem, but it would improve reliability and robustness.
This is not about finger pointing or so, I just want to help make freerad even better :) Best, Jan