custom script for access
Alan DeKok
aland at deployingradius.com
Thu Oct 29 11:55:27 CET 2009
d.tom.schmitt at L-3com.com wrote:
> *I tried to post a similar message on the 26^th of October but got no
> responses – thought maybe I messed it up as my first posting.*
Or no one was sure how to help.
> I then need to have freeRADIUS call a bash shell (or Perl) script that
> checks additional credentials before allowing or rejecting the user’s
> access.
This can be done. See scripts/exec-program-wait. (At least, I think
that's where it is in 1.1.3)
> This check can take a multiple seconds to complete so I don’t want the
> original radius request to timeout (not sure if it will though).
It won't, but it's a *bad* idea to take that long for authentication.
> An easy script for testing could be as simple as:
>
> If the minute is EVEN = allow in and say an appropriate
> message
>
> If the minute is ODD = do not allow access and say an
> appropriate message
>
>
>
> I have read most of the .conf files but am still confused about proxy,
> etc.
You're not proxying, so it doesn't matter.
> Is there a HOW-TO that shows a simple script example?
In 2.1.7, it's in scripts/exec-program-wait.
Alan DeKok.
More information about the Freeradius-Users
mailing list