files: How to choose SQL entry for users?
George Koulyabin
jumbo at vinf.ru
Tue Aug 25 06:51:07 CEST 2009
Hi.
On Mon, Aug 24, 2009 at 02:59:27PM +0200, Alan DeKok wrote:
> George Koulyabin wrote:
> > On Mon, Aug 24, 2009 at 01:45:11PM +0200, Alan DeKok wrote:
> >> George Koulyabin wrote:
> >>> I had got success when 'sql_auth' was defined as last entry into instantiate { }. But I think that this
> >>> solution is unsecure and wrong.
> >> Why is that?
> >
> > For example, I added new sql-module into sql.conf and forgot to fix order of loading of sql-modules
> > into instantiate { }. I tried to do it. The 'users' used last sql-module of sql.conf.
> > Variable 'sqlmod-inst' is used by 'sqlcounter'-module, but why isn't such variable used into 'files'-module?
>
> (a) That doesn't make it "unsecure".
Your words are true. I can't say that rejecting of authorization is unsecure.
>
> (b) you may have MULTIPLE sql modules, and may be doing MULTIPLE sql
> group comparisons in the "files" module. Adding one "sqlmod-inst" to
> the "files" module won't help you try to use MULTIPLE sql modules.
Supposing it were available to use MULTIPLE files modules and unlang, I could use different
'users'-files. In addition, I can use a few virtual servers.
More information about the Freeradius-Users
mailing list