RE: exec external script on successful proxy authentication
you are saying that it is possible to put the "exec" module into this stage?
Well, under the heading "I'd rather teach you to fish than give you a fish", you can determine this by looking at the source. If you look at the bottom of src/modules/rlm_exec.c, you'll find: module_t rlm_exec = { "exec", /* Name */ RLM_TYPE_THREAD_SAFE, /* type */ NULL, /* initialization */ exec_instantiate, /* instantiation */ { exec_dispatch, /* authentication */ exec_dispatch, /* authorization */ exec_dispatch, /* pre-accounting */ exec_dispatch, /* accounting */ NULL, /* check simul */ exec_dispatch, /* pre-proxy */ exec_dispatch, /* post-proxy */ exec_dispatch /* post-auth */ }, exec_detach, /* detach */ NULL, /* destroy */ }; This indicates that post-proxy and post-auth are valid for rlm_exec. If you do the same for rlm_files.c, you'll see NULL for post-proxy and post-auth. So, files does nothing in these stages.
If this is so, what is the syntax? In the other places exec module was used from the users file with something like
Read radiusd.conf. You would define the module and then use it in the post-proxy or post-auth section of that file.
participants (1)
-
Garber, Neal