How to add check item (Pool-Name) from Exec-Program-Wait script?
Phil Mayers
p.mayers at imperial.ac.uk
Fri Feb 2 10:50:45 CET 2007
Mindaugas wrote:
>> I want to use two ippools. That's no problem of course. But which IP pool
>> to assign I can decide only in Exec-Program-Wait script. Now I have the
>> following lines in users file:
>>
>> DEFAULT Auth-Type := Accept
>> Exec-Program-Wait = "/etc/raddb/authclient"
>>
>> authclient script checks text file, connects to MySQL and Oracle and then
>> it
>> can say - use ippool1 or ippool2. But how to set Pool-Name check item? As
>> far as I understand if authclient would write "Pool-Name:=ipool1" to
>> stdout
>> then that would be reply not check item!?
>>
>> So how could I tell from the script which ippool to use? I feel that that
>> somehow should be possible since ippool is post-auth thing. :)
>
> So no ideas? :)
The "exec" module has two configuration items specifying where to take
the input from and output to. You will want to do this:
exec myprogram {
wait = yes
program = "/path/to/your/program %{Some-Argument}"
input_pairs = request
output_pairs = config
}
Then put the module in the authorize section:
authorize {
preprocess
files
# ..others
myprogram
}
There may be other ways of doing this. In particular, you might be able
in the users file to do this (haven't tested it):
DEFAULT Pool-Name := `%{exec:/path/to/program args}`
Fall-Through = yes/no
>
> I'm thinking that maybe "Fall-Through = Yes" could help!? But again - how
> to set something from script that I could specify as check item in second
> DEFAULT entry?
You can't compare against config items in the "users" file, but should
not need to
More information about the Freeradius-Users
mailing list