Hello Ron -
On Thu, 19 Oct 2000, Ron Hensley wrote:
> Evening,
>
> I've got 99% of everything coverted over to use SQL, logging, sessions, and
> tested with a few users
> as auth-type. However currently I am using Auth-Type = System for unix
> password authentication, due
> to the way we're setup. I need to block users who belong to a certain unix
> group. (only concerned with Primary Group)
>
> This is working fine. However id like to totally switch to SQL. All my users
> are in my SQL database, and I added
> a field, UNIXGROUP, which holds the unix group for that user.
>
> >From what I can tell, the way to do this will be a GlobalVar to hold the
> currently being processed users group:
> GlobalVar UnixGroup 9002
> and then use a PreHandlerHook, to make an SQL query,
> SELECT UNIXGROUP FROM SUBSCRIBERS WHERE USERNAME = ' %n';
> and store the return in the global %{UnixGroup} variable.
>
> Then, to actually use the group id have
> <HANDLER UnixGroup=9002>
> ..
> </Handler>
>
> Is this the correct way to do this, right hook spot and right way to utilize
> it in a hanlder?
> Any Perl whizzes (Perl Whiz Im not :P ), that know what code would work in a
> sub to run that query and
> stuff the results in that variable, using Radiators hook system?
>
I think you can do this more simply by changing your AuthSelect statement to do
the right thing.
However, if you do want to use a PreHandlerHook, you should store your
UnixGroup pseudo-attribute in the current request packet ($p in your hook),
otherwise you will not be able to set up your Handler(s) as you have shown
above. Do not use GlobalVar's for this, as GlobalVar's are expected to be used
for unchanging global variables, and there is no guarantee in the future (with
a threaded version of Radiator) that a GlobalVar will have any relevance to a
particular radius request packet.
Have a look at the example hooks in "goodies/hooks.txt".
regards
Hugh
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
