How does rlm_perl work with freeRADIUS 3?
Cornelius Kölbel
cornelius.koelbel at netknights.it
Wed Aug 26 17:08:28 CEST 2015
Am Dienstag, den 25.08.2015, 13:18 -0400 schrieb Alan DeKok:
> On Aug 25, 2015, at 3:02 AM, Cornelius Kölbel <cornelius.koelbel at netknights.it> wrote:
> > I have a question regarding rlm_perl.
> > I was using rlm_perl with FreeRADIUS 2 just fine.
> > Now I try to use rlm_perl with FreeRADIUS 3 on CentOS 7 and I am reading
> > this page.
> >
> > http://wiki.freeradius.org/modules/Rlm_perl
>
> It should work.
Well, it does not.
> >
> > But then I get an error in my authenticate section.
> >
> > # Creating Auth-Type = Perl
> > # Loading authenticate {...}
> > /etc/raddb/sites-enabled/privacyidea[25]: "System" modules aren't
> > allowed in 'authenticate' sections -- they have no such method.
> > /etc/raddb/sites-enabled/privacyidea[21]: Errors parsing authenticate
> > section.
>
> That error happens when (a) you use the module in a wrong section, or (b) you use modules from one version of the server, and radiusd from another version.
First I was using example.pl from the very same server - and I guess
this should work.
My own module,
https://github.com/privacyidea/privacyidea/blob/master/authmodules/FreeRADIUS/privacyidea_radius.pm
which worked fine with FreeRADIUS 2 does not contain any clue, that it
is a FreeRADIUS2 module.
It provides the following functions:
sub authenticate {
sub log_request_attributes {
sub authorize {
sub preacct {
sub accounting {
sub checksimul {
sub pre_proxy {
sub post_proxy {
sub post_auth {
sub xlat {
sub detach {
sub test_call {
It has a function authenticate, which is mapped accordingly
# Loaded module rlm_perl
# Instantiating module "perl" from file /etc/raddb/mods-enabled/perl
perl {
filename = "/etc/raddb/mods-config/perl/privacyidea_radius.pm"
func_authorize = "authorize"
func_authenticate = "authenticate"
func_post_auth = "post_auth"
func_accounting = "accounting"
func_preacct = "preacct"
func_checksimul = "checksimul"
func_detach = "detach"
func_xlat = "xlat"
func_pre_proxy = "pre_proxy"
func_post_proxy = "post_proxy"
func_recv_coa = "recv_coa"
func_send_coa = "send_coa"
}
} # modules
So I am wondering why the error complains, it is not allowed in the
authenticate section, although it provides an authenticate function.
Thanks
Cornelius
>
> > Did I miss anything in the description
> > http://wiki.freeradius.org/modules/Rlm_perl?
> >
> > What are "System" modules?
>
> Nothing.
>
> Alan DeKok.
>
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--
Cornelius Kölbel
cornelius.koelbel at netknights.it
+49 151 2960 1417
NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798
Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20150826/815eb41a/attachment.sig>
More information about the Freeradius-Users
mailing list