Suggested feature for rlm_detail: logging only a few specific users
Bjørn Mork
bjorn at mork.no
Mon Apr 24 21:23:21 CEST 2006
"Alan DeKok" <aland at nitros9.org> writes:
> =?iso-8859-1?Q?Bj=F8rn_Mork?= <bjorn at mork.no> wrote:
>> Where users.debug contains a list of users to debug. The syntax is
>> similar to users(5). It can even contain check-items and DEFAULT
>> entries (which only makes sense if combined with check items), to
>> filter the logging even more.
>
> You should be able to configure the server to do this. Put the
> per-user logging in a special Post-Auth-Type, and configure the
> Post-Auth-Type dynamically per user. If you pull the Post-Auth-Type
> from a database, you should be able to change it on the fly.
Great tip!
> In other words, if your patch is to combine the "users" module with
> the "detail" module, the server is configurable enough that you should
> already be able to do that.
Yes, the idea was to "users" and "detail". I still think it has a
couple of advantages that makes me want it, but I'm getting the
feeling that I'm alone ;-)
I'll try to explain why I want it:
- it can be used to log rejects on a per-user basis (which I don't
think your method above will?)
- it makes per-user logging available in configuration sections with
other modules. rlm_detail supports authorize, accounting, pre_proxy,
post_proxy and postauth, and I want to be able to do per-user
logging in any of these sections
Bjørn
More information about the Freeradius-Devel
mailing list