exec external script on successful proxy authentication
Garber, Neal
Neal.Garber at energyeast.com
Fri Oct 27 20:29:51 CEST 2006
> you are saying that it is possible to put the "exec" module into this
> stage?
Well, under the heading "I'd rather teach you to fish than give you
a fish", you can determine this by looking at the source. If you
look at the bottom of src/modules/rlm_exec.c, you'll find:
module_t rlm_exec = {
"exec", /* Name */
RLM_TYPE_THREAD_SAFE, /* type */
NULL, /* initialization */
exec_instantiate, /* instantiation */
{
exec_dispatch, /* authentication */
exec_dispatch, /* authorization */
exec_dispatch, /* pre-accounting */
exec_dispatch, /* accounting */
NULL, /* check simul */
exec_dispatch, /* pre-proxy */
exec_dispatch, /* post-proxy */
exec_dispatch /* post-auth */
},
exec_detach, /* detach */
NULL, /* destroy */
};
This indicates that post-proxy and post-auth are valid for rlm_exec.
If you do the same for rlm_files.c, you'll see NULL for post-proxy
and post-auth. So, files does nothing in these stages.
> If this is so, what is the syntax? In the other places exec
> module was used from the users file with something like
Read radiusd.conf. You would define the module and then use it
in the post-proxy or post-auth section of that file.
More information about the Freeradius-Users
mailing list