# $Id$
# passwd module allows to do authorization via any passwd-like
-# file and to extract any attributes from these modules
+# file and to extract any attributes from these files.
+#
+# See the "smbpasswd" and "etc_group" files for more examples.
#
# parameters are:
# filename - path to filename
+#
# format - format for filename record. This parameters
# correlates record in the passwd file and RADIUS
# attributes.
#
-# Field marked as '*' is key field. That is, the parameter
+# Field marked as '*' is a key field. That is, the parameter
# with this name from the request is used to search for
# the record from passwd file
-# Attribute marked as '=' is added to reply_itmes instead
+#
+# Attributes marked as '=' are added to reply_items instead
# of default configure_itmes
-# Attribute marked as '~' is added to request_items
+#
+# Attributse marked as '~' are added to request_items
#
# Field marked as ',' may contain a comma separated list
# of attributes.
+#
# hashsize - hashtable size. If 0 or not specified records are not
-# stored in memory and file is red on every request.
-# allowmultiplekeys - if few records for every key are allowed
+# stored in memory and file is read on every request.
+# This configuration is *not* recommended, as it can be
+# very slow. The "passwd" module reloads its configuration
+# on HUP, so setting "hashsize = 0" is unnecessary.
+#
+# allowmultiplekeys - if many records for a key are allowed
+#
# ignorenislike - ignore NIS-related records
+#
# delimiter - symbol to use as a field separator in passwd file,
# for format ':' symbol is always used. '\0', '\n' are
# not allowed
#
+# An example configuration for using /etc/passwd.
+#
+# We do NOT recommend using the configuration below. See the "unix"
+# module, or the "pam" module for a cleaner way to get system passwords.
+# Using this configuration means that the server will find *only* those
+# passwords which are in /etc/passwd, and will *ignore* all of the
+# passwords in NIS, LDAP, etc.
+#
+passwd etc_passwd {
+ filename = /etc/passwd
+ format = "*User-Name:Crypt-Password:"
+ hashsize = 100
+ ignorenislike = no
+ allowmultiplekeys = no
+}