-# $Id$
+# -*- text -*-
+##
+## sql.conf -- SQL modules
+##
+## $Id$
+
+######################################################################
#
# Configuration for the SQL module
#
-# The database schemas are available at:
+# The database schemas and queries are located in subdirectories:
+#
+# sql/DB/schema.sql Schema
+# sql/DB/dialup.conf Basic dialup (including policy) queries
+# sql/DB/counter.conf counter
+# sql/DB/ippool.conf IP Pools in SQL
+# sql/DB/ippool.sql schema for IP pools.
#
-# doc/examples/*.sql
+# Where "DB" is mysql, mssql, oracle, or postgresql.
#
sql {
-
- ## Database type you wish to connect to:
- # driver = "rlm_sql_freetds"
- # driver = "rlm_sql_iodbc"
- driver = "rlm_sql_mysql"
- # driver = "rlm_sql_oracle"
- # driver = "rlm_sql_postgresql"
- # driver = "rlm_sql_unixodbc"
-
- ## Also see the bottom of this file to modify which SQL dialect you use
-
- ## Connection info:
+ #
+ # Set the database to one of:
+ #
+ # mysql, mssql, oracle, postgresql
+ #
+ database = "mysql"
+
+ #
+ # Which FreeRADIUS driver to use.
+ #
+ driver = "rlm_sql_${database}"
+
+ # Connection info:
server = "localhost"
+ #port = 3306
login = "radius"
password = "radpass"
- ## Database table configuration for everything except Oracle
+ # Database table configuration for everything except Oracle
radius_db = "radius"
- ## If you are using Oracle then use this instead
+ # If you are using Oracle then use this instead
# radius_db = "(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=localhost)(PORT=1521))(CONNECT_DATA=(SID=your_sid)))"
- ## If you want both stop and start records logged to the
- ## same SQL table, leave this as is. If you want them in
- ## different tables, put the start table in acct_table1
- ## and stop table in acct_table2
+ # If you want both stop and start records logged to the
+ # same SQL table, leave this as is. If you want them in
+ # different tables, put the start table in acct_table1
+ # and stop table in acct_table2
acct_table1 = "radacct"
acct_table2 = "radacct"
- ## Allow for storing data after authentication
+ # Allow for storing data after authentication
postauth_table = "radpostauth"
authcheck_table = "radcheck"
groupcheck_table = "radgroupcheck"
groupreply_table = "radgroupreply"
- ## Table to keep group info
+ # Table to keep group info
usergroup_table = "radusergroup"
- ## If set to 'yes' (default) we read the group tables
- ## If set to 'no' the user MUST have Fall-Through = Yes in the radreply table
+ # If set to 'yes' (default) we read the group tables
+ # If set to 'no' the user MUST have Fall-Through = Yes in the radreply table
# read_groups = yes
- ## Table to keep radius client info
- nas_table = "nas"
-
- ## Set to 'yes' to read radius clients from the database ('nas' table)
- # readclients = yes
-
- ## Remove stale session if checkrad does not see a double login
+ # Remove stale session if checkrad does not see a double login
deletestalesessions = yes
- ## Print all SQL statements when in debug mode (-x)
+ # Print all SQL statements when in debug mode (-x)
sqltrace = no
sqltracefile = ${logdir}/sqltrace.sql
- ## number of sql connections to make to server
+ # number of sql connections to make to server
num_sql_socks = 5
- ## number of seconds to dely retrying on a failed database
- ## connection (per_socket)
+ # number of seconds to dely retrying on a failed database
+ # connection (per_socket)
connect_failure_retry_delay = 60
+ # lifetime of an SQL socket. If you are having network issues
+ # such as TCP sessions expiring, you may need to set the socket
+ # lifetime. If set to non-zero, any open connections will be
+ # closed "lifetime" seconds after they were first opened.
+ lifetime = 0
+
+ # Maximum number of queries used by an SQL socket. If you are
+ # having issues with SQL sockets lasting "too long", you can
+ # limit the number of queries performed over one socket. After
+ # "max_qeuries", the socket will be closed. Use 0 for "no limit".
+ max_queries = 0
+
+ # Set to 'yes' to read radius clients from the database ('nas' table)
+ # Clients will ONLY be read on server startup. For performance
+ # and security reasons, finding clients via SQL queries CANNOT
+ # be done "live" while the server is running.
+ #
+ #readclients = yes
+
+ # Table to keep radius client info
+ nas_table = "nas"
- ## Uncomment the appropriate config file for your SQL dialect
-
- # $INCLUDE ${confdir}/sql/mssql-dialup.conf
- $INCLUDE ${confdir}/sql/mysql-dialup.conf
- # $INCLUDE ${confdir}/sql/oracle-dialup.conf
- # $INCLUDE ${confdir}/sql/postgresql-dialup.conf
-
+ # Read driver-specific configuration
+ $INCLUDE sql/${database}/dialup.conf
}