Man Linux: Main Page and Category List

NAME

       rlm_files - FreeRADIUS Module

DESCRIPTION

       The  rlm_files module uses the ’users’ file for accessing authorization
       information for users.  Additionally, it supports a ’users’ file syntax
       to be applied to the accounting and pre-proxy sections.

       The main configuration items to be aware of are:

       usersfile
              The  filename  of  the  ’users’ file, which is parsed during the
              authorization stage of this module.

       acctusersfile
              The filename of the ’users’ file, which  is  parsed  during  the
              accounting stage of this module.

       preproxy_usersfile
              The  filename  of  the  ’users’ file, which is parsed during the
              pre_proxy stage of this module.

       compat This option allows FreeRADIUS to  parse  an  old  style  Cistron
              syntax.  The default is ’no’.  If you need to parse an old style
              Cistron file, set this option to ’cistron’.

       key    This option lets you set the attribute to use as a key  to  find
              entries.   The default is "%{Stripped-User-Name:-%{User-Name}}".
              Note that the key MUST supply  real  data.   Dynamic  attributes
              like  "Group"  will  not work, because the "Group" attribute can
              only be used as a comparison, to see if a  user  is  in  a  Unix
              group.   It  will  not  return the name of the Unix group that a
              user is in.

       If you want to use groups as a key,  see  the  rlm_passed,  which  will
       create a real attribute that contains the group name.

       This  configuration  entry  enables  you  to  have  configurations that
       perform per-group checks, and return per-group  attributes,  where  the
       group  membership is dynamically defined by a previous module.  It also
       lets you do things like key off of attributes in the reply, and express
       policies  like  like "when I send replies containing attribute FOO with
       value BAR, do more checks, and maybe send additional attributes".

CONFIGURATION

              modules {
                ... stuff here ...
                files {
                  usersfile = %{confdir}/users
                  acctusersfile = %{confdir}/acct_users
                  preproxy_usersfile = %{confdir}/preproxy_users
                  compat = no
                  key = %{Stripped-User-Name:-%{User-Name}}
                }
                ... stuff here ...
              }

SECTIONS

       authorization, accounting, pre_proxy

FILES

       /etc/raddb/radiusd.conf,    /etc/raddb/users,    /etc/raddb/acct_users,
       /etc/raddb/preproxy_users

SEE ALSO

       radiusd(8), radiusd.conf(5), users(5)

AUTHORS

       Chris Parker, cparker@segv.org

                                5 February 2004                   rlm_files(5)