Unix Group based White-List

Sid Stuart sid at meez.com
Wed Sep 29 21:31:56 CEST 2010


We would like to configure authentication using the Unix module. We would
also like to have a white-list based on a group in /etc/group.

We created an entry in the /etc/raddb/users file that looks like,

DEFAULT                Group == "enabled", Auth-Type := System

Unfortunately, this passes all users with a valid account through, even when
they are not listed in the group.

We can set up a blacklist with

DEFAULT         Group == "disabled", Auth-Type := Reject
                         Reply-Message = "Your account has been disabled."

DEFAULT         Auth-type := System

but would prefer a white-list approach. Does anyone know how to do this?

Sid
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20100929/9daa1cd3/attachment.html>


More information about the Freeradius-Users mailing list