Oddity with configurable failover

Brian Candler B.Candler at pobox.com
Fri Nov 9 13:53:32 CET 2012


This is with freeradius 2.2.0.

Support in policy.conf I define a module:

  policy {
          mymodule {
                  update reply {
                          Reply-Message += "boo"
                  }
          }
  ...
  }

Now in sites-available/default, I can happily do

  authorize {
        mymodule
        ...
  }

But if I write it as

  authorize {
        mymodule {
              ok = return
        }
        ...
  }

then the server fails to load at all, and freeradius -X reports:

 ...
 Module: Checking authorize {...} for more modules to load
/etc/freeradius/sites-enabled/default[20]: Failed to find "mymodule" in the "modules" section.
/etc/freeradius/sites-enabled/default[19]: Errors parsing authorize section.

However,

  authorize {
         chap {
            ok = return
         }
  }

is fine.

Is configurable failover not available for user-defined modules?  (If so, I
couldn't find this in doc/configurable_failover.rst )

What I'm actually trying to do is run a user-defined module up to 20 times,
but stop after the first return of 'notfound' - without making a horrible
20-deep nested if statement.  It's not important to do it this way, but I
was surprised I couldn't.

Thanks,

Brian.


More information about the Freeradius-Users mailing list