(RADIATOR) Different logfiles for different groups?

Mon, 18 Oct 1999 14:56:51 -0700 

Now that our previous configuration errors have been corrected (Thank
you, Hugh!), I have another one. :-)  We have a (unix) group of userids
for which we would like the accounting information written to a separate
detail file.  The machine on which we're trying this is running 2.14.1
on Solaris 7.

Can "Group=" be used in a Handler definition?  Is there a better way to do
this?  Our current configuration (which doesn't work :-) is shown below.

AuthPort 1812
AcctPort 1813
LogDir /var/adm/radacct
DbDir /etc/raddb
SnmpgetProg /usr/local/bin/snmpget
<SessionDatabase DBM>
         Filename        %D/online
</SessionDatabase>
...
<Client localhost>
         Secret <not shown>
         DupInterval 300
</Client>
...
<AuthBy UNIX>
         Identifier System
         Filename /etc/shadow
         DefaultSimultaneousUse 1
</AuthBy>
<Handler Group=trial>
         <AuthBy FILE>
         # The filename defaults to %D/users
         </AuthBy>
         AcctLogFileName %L/trial/detail
</Handler>
<Handler>
         <AuthBy FILE>
         # The filename defaults to %D/users
         </AuthBy>
         AcctLogFileName %L/%N/detail
</Handler>

We were hoping that this would cause users in the "trial" group to be
logged to one file and everyone else to be logged normally.  With this
configuration, radpwtst (radpwtst  -auth_port 1812 -acct_port 1813 -secret
<not shown> -user testuser -password <not shown>) gives the following
errors.

sending Access-Request...
Can't call method "userIsInGroup" on an undefined value at 
/usr/local/lib/perl5/site_perl/5.005/Radius/AuthGeneric.pm line 542.
No reply
sending Accounting-Request Start...
No reply
sending Accounting-Request Stop...
No reply

Radiusd is running, but dies when we run radpwtst.
The entire trace 4 debug output is as follows.

on Oct 18 14:58:21 1999: DEBUG: Reading password file /etc/shadow
Mon Oct 18 14:58:54 1999: DEBUG: Reading group file /etc/group
Mon Oct 18 14:58:54 1999: DEBUG: Reading users file /etc/raddb/users
Mon Oct 18 14:58:54 1999: DEBUG: Reading users file /etc/raddb/users
Mon Oct 18 14:58:55 1999: INFO: Server started
Mon Oct 18 14:59:21 1999: DEBUG: Packet dump:
*** Received from 127.0.0.1 port 33054 ....
Code:       Access-Request
Identifier: 21
Authentic:  1234567890123456
Attributes:
         User-Name = "testuser"
         Service-Type = Framed-User
         NAS-IP-Address = 203.63.154.1
         NAS-Port = 1234
         NAS-Port-Type = Async
         User-Password = "<not shown>"

Mon Oct 18 14:59:21 1999: DEBUG: Check if Handler Group=trial should be 
used to handle this request

Dawn Lovell
[EMAIL PROTECTED]

===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Reply via email to