log message when logintime returns userlock?
Matthew Newton
mcn at freeradius.org
Mon May 16 15:34:28 UTC 2022
On 16/05/2022 15:11, Josef Vybíhal wrote:
> post-auth {
> ...
> logintime
> if (userlock) {
> log_locked_by_logintime
> }
> ...
> }
>
> But this does not do what I expected. After logintime returns
> 'userlock', nothing else following in post-auth section is called.
> Snippet from debug:
>
> (9) } # policy assign_vlan = noop
> (9) logintime: Checking Login-Time
> (9) [logintime] = userlock
> (9) } # if (1) = userlock
> (9) } # post-auth = userlock
> (9) Using Post-Auth-Type Reject
Default behaviour for userlock os "reject". See
https://wiki.freeradius.org/config/Fail%20over
> Is this expected? Is there some trick how I can call the linelog in
> case of userlock?
The module return priority for userlock needs to be changed if you want
to catch it. Try:
logintime {
userlock = 1
}
if (userlock) {
...
}
There are examples on the wiki page above.
--
Matthew
More information about the Freeradius-Users
mailing list