What can be defined in sites-enable/a_site

Alan DeKok aland at deployingradius.com
Tue Apr 14 19:21:47 CEST 2015

On Apr 14, 2015, at 1:01 PM, James Sumners <james.sumners at clayton.edu> wrote:
> It's pretty simple to indicate how many times a block can be used in the configuration: once or multiple. Asking users to infer this from the 200 or so configuration files that double as the documentation is, frankly, ridiculous.

  So... asking people to read the configuration files is ridiculous?

  The radiusd.conf file says "the 'modules' section loads modules".  There is NOTHING which says that modules can be located elsewhere.  The conclusion should be pretty simple.

  Unfortunately, some people want to be spoon fed.  You can't put "listen" sections into module configurations.  You can't put virtual servers into module configurations.  You can't put module configurations in virtual servers.  You can't put module configurations into client definitions.

  The list of what is NOT allowed is infinite.  The list of what IS allowed is small, and is clearly documented.

> I'll break down what led to the orginal post in this thread:
> 1) I read the thread where someone was having an issue with rlm_memcached
> 2) I tried to investigate this module as I could be interested in using it
> 3) I go to the web site to read the documenation
> 4) I browse through the few man pages on the site that don't 404
> 5) I see that the few documented modules indicate that their configuration can be included in a `modules` block
> 6) I realize that my site file also contains global definitions for clients
> 7) I attempt to move one of my `mods-enabled` configs to the global space of my site file

  i.e. NOT reading "radiusd.conf" to see where modules.  NOT reading raddb/mods-available/README.rst to see HOW the modules are defined.  Instead, just going "I know, I'll starry putting random things into random config files.  WTF?  It doesn't work?  YOU BASTARDS".

  Forgive me if I don't have a lot of sympathy.  While the documentation isn't perfect, I'm continually amazed at the people who look every EXCEPT the documentation that ships with the server.

  Should I put big warnings on the web pages which say "PLEASE READ THE CONFIG FILES YOU ARE EDITING.  IT HELPS"  ?

> 8) Failure
> 9) Spend 45 minutes trying to find documentation to figure out the problem

  Yeah, it's hard work to find the READMEs that come with the server.   Things in raddb/mods-available?  Woo.... can't look THERE for documentation.  That wouldn't make any sense.

> 10) Give up and post to this list

  And get told that a little bit of thought is productive.  Which is I think your main point of frustration.

  Alan DeKok.

More information about the Freeradius-Users mailing list