Defining multiple post-auth INSERT queries for the same table

Stefan Paetow Stefan.Paetow at
Thu May 18 02:00:50 CEST 2017

Hi Alan et al, 

>>[gss_acceptor] [namespace] [username] [targeted_id]
>> The *-TargetedId entries depend on 3 attributes: GSS-Acceptor-Host-Name
>> (gives us Moonshot-Host-TargetedId), GSS-Acceptor-Realm-Name (gives us
>> Moonshot-Realm-TargetedId) and Trust-Router-COI (gives us
>> Moonshot-TR-COI-TargetedId).
>  Then you're probably better off just writing a custom SQL inner in the
>post-auth stage...

Following on from this... How do I define multiple post-auth queries (to
insert stuff into the database) in a sql module? Looks like I can only
have one per instance (like the cui module), or I have to define a type?
But if I define a type, how do I invoke it?

In my queries.conf I have something like this (granted, this is sort-of
guess work since there's nothing described in the Wiki how a queries.conf
should look like other than looking at the other examples):

post-auth {
  query1 {
    query = "\
      INSERT INTO `${...table_name}` \
      (column1, column2, column3, column4) VALUES \
      ("%{Attribute1}", "%{Attribute2}", "%{Attribute3}", "%{Attribute4}")"
  query2 {
    query = "\
      INSERT INTO `${...table_name}` \
      (column1, column2, column3, column4) VALUES \
      ("%{Attribute5}", "%{Attribute6}", "%{Attribute7}", "%{Attribute8}")"

The queries.conf is pulled in with a standard $INCLUDE as per the CUI
module, and it loads, but when I try to invoke any of these queries, I get
a nice red message when loading in debug mode:

/etc/raddb/policy.d/moonshot-targeted-ids[70]: Failed to find
"" as a module or policy.
/etc/raddb/policy.d/moonshot-targeted-ids[70]: Please verify that the
configuration exists in
/etc/raddb/policy.d/moonshot-targeted-ids[70]: Failed to parse
"" entry.
/etc/raddb/policy.d/moonshot-targeted-ids[68]: Failed to parse "else"
/etc/raddb/policy.d/moonshot-targeted-ids[55]: Failed to parse "if"
/etc/raddb/policy.d/moonshot-targeted-ids[54]: Failed to parse "if"
/etc/raddb/policy.d/moonshot-targeted-ids[42]: Failed to parse "if"

Changing it to moonshot_tid_sql.query1 doesn't make a difference either.
Of course I could invoke an INSERT INTO with a sqlxlat, but... That's
messy, isn't it?

I am missing *something*, I just don't quite get what.

Stefan Paetow
Moonshot Industry & Research Liaison Coordinator

t: +44 (0)1235 822 125
gpg: 0x3FCE5142
xmpp: stefanp at
skype: stefan.paetow.janet

Jisc is a registered charity (number 1149740) and a company limited by
guarantee which is registered in England under Company No. 5747339, VAT
No. GB 197 0632 86. JiscĀ¹s registered office is: One Castlepark, Tower
Hill, Bristol, BS2 0JA. T 0203 697 5800.

More information about the Freeradius-Users mailing list