Added sample configuration for rlm_exec

author aland <aland>

Wed, 29 Jan 2003 20:11:44 +0000 (20:11 +0000)

committer aland <aland>

Wed, 29 Jan 2003 20:11:44 +0000 (20:11 +0000)
author aland <aland>
Wed, 29 Jan 2003 20:11:44 +0000 (20:11 +0000)
committer aland <aland>
Wed, 29 Jan 2003 20:11:44 +0000 (20:11 +0000)
diff --git a/raddb/experimental.conf b/raddb/experimental.conf

index 523ce44..9995aa0 100644 (file)
--- a/raddb/experimental.conf
+++ b/raddb/experimental.conf
@@ -298,3 +298,83 @@
                 # Reload the hash every 600 seconds (10mins)
                 hash_reload = 600
         }
+
+       #
+       #  Execute external programs
+       #
+       #  The first example is useful only for 'xlat'.  To use it,
+       #  put 'exec' into the 'instantiate' section.  You can then
+       #  do dynamic translation of attributes like:
+       #
+       #  Attribute-Name = `{%exec:/path/to/program args}`
+       #
+       #  The value of the attribute will be replaced with the output
+       #  of the program which is executed.  Due to RADIUS protocol
+       #  limitations, any output over 253 bytes will be ignored.
+       #
+       #  The RADIUS attributes from the user request will be placed
+       #  into environment variables of the executed program, as
+       #  described in 'doc/variables.txt'
+       #
+       exec {
+               wait = yes
+               input_pairs = request
+       }
+
+       #
+       #  This is a more general example of the execute module.
+       #
+       #  If you wish to execute an external program in more than
+       #  one section (e.g. 'authorize', 'pre_proxy', etc), then it
+       #  is probably best to define a different instance of the
+       #  'exec' module for every section.     
+       #       
+       exec echo {
+               #
+               #  Wait for the program to finish.
+               #
+               #  If we do NOT wait, then the program is "fire and
+               #  forget", and any output attributes from it are ignored.
+               #
+               #  If we are looking for the program to output
+               #  attributes, and want to add those attributes to the
+               #  request, then we MUST wait for the program to
+               #  finish, and therefore set 'wait=yes'
+               #
+               # allowed values: {no, yes}
+               wait = yes
+
+               #
+               #  The name of the program to execute, and it's
+               #  arguments.  Dynamic translation is done on this
+               #  field, so things like the following example will
+               #  work.
+               #
+               program = "/bin/echo %{User-Name}"
+
+               #
+               #  The attributes which are placed into the
+               #  environment variables for the program.
+               #
+               #  Allowed values are:
+               #
+               #       request         attributes from the request
+               #       reply           attributes from the reply
+               #       proxy-request   attributes from the proxy request
+               #       proxy-reply     attributes from the proxy reply
+               #
+               #  Note that some attributes may not exist at some
+               #  stages.  e.g. There may be no proxy-reply
+               #  attributes if this module is used in the
+               #  'authorize' section.
+               #
+               input_pairs = request
+
+               #
+               #  Where to place the output attributes (if any) from
+               #  the executed program.  The values allowed, and the
+               #  restrictions as to availability, are the same as
+               #  for the input_pairs.
+               #
+               output_pairs = reply
+       }
author	aland <aland>
	Wed, 29 Jan 2003 20:11:44 +0000 (20:11 +0000)
committer	aland <aland>
	Wed, 29 Jan 2003 20:11:44 +0000 (20:11 +0000)