files: How to choose SQL entry for users?

George Koulyabin jumbo at
Tue Aug 25 06:51:07 CEST 2009


On Mon, Aug 24, 2009 at 02:59:27PM +0200, Alan DeKok wrote:
> George Koulyabin wrote:
> > On Mon, Aug 24, 2009 at 01:45:11PM +0200, Alan DeKok wrote:
> >> George Koulyabin wrote:
> >>> I had got success when 'sql_auth' was defined as last entry into instantiate { }. But I think that this
> >>> solution is unsecure and wrong.
> >>   Why is that?
> > 
> > 	For example, I added new sql-module into sql.conf and forgot to fix order of loading of sql-modules 
> > into instantiate { }. I tried to do it. The 'users' used last sql-module of sql.conf. 
> > Variable 'sqlmod-inst' is used by 'sqlcounter'-module, but why isn't such variable used into 'files'-module?
>   (a) That doesn't make it "unsecure". 

   Your words are true. I can't say that rejecting of authorization is unsecure.

>   (b) you may have MULTIPLE sql modules, and may be doing MULTIPLE sql
> group comparisons in the "files" module.  Adding one "sqlmod-inst" to
> the "files" module won't help you try to use MULTIPLE sql modules.

	Supposing it were available to use MULTIPLE files modules and unlang, I could use different
'users'-files. In addition, I can use a few virtual servers.

More information about the Freeradius-Users mailing list