Great, this worked. Now the question is what example config file had the suppress stanza under the detail auth_log section as well? Mine just listed it under the detail section so I did not know I needed to put it in both places. On Thu, 22 Jun 2006, freeradius-users-request@lists.freeradius.org wrote:
Date: Thu, 22 Jun 2006 20:15:54 +0100 From: A.L.M.Buxey@lboro.ac.uk Subject: Re: So how do you suppress To: FreeRadius users mailing list <freeradius-users@lists.freeradius.org> Message-ID: <20060622191554.GC23362@lboro.ac.uk> Content-Type: text/plain; charset=us-ascii
Hi,
So how do I actually suppress the user password from the detail log based on this? Looking at the rlm_detail file and I might as well be looking at a foreign language.
you can, for example, do somthing like this in radiusd.conf
# Write a detailed log of all accounting records received. # detail { # Note that we do NOT use NAS-IP-Address here, as # that attribute MAY BE from the originating NAS, and # blah blah blah detailfile = ${radacctdir}/%{Client-IP-Address}/detail-%Y%m%d
detailperm = 0600 suppress { User-Password }
}
detail auth_log { detailfile = ${radacctdir}/%{Client-IP-Address}/auth-detail-%Y% m%d
detailperm = 0600 suppress { User-Password }
}
its SO much easier if you read the example config files that come with the new release as they often contain HOW to use a feature/option/argument :-)
alan
-- Walter Reynolds University of Michigan