If a file is being referenced or created the config item 'filename' is used.
If a file is being created, the initial permissions are set by the 'permissions' config item.
If a directory hierarchy needs to be created the permissions are set by 'dir_permissions'
If an external host is referenced in the context of a module the 'server' config item is used.
file, script_file, module, detail, detailfile, attrsfile, perm, dirperm, detailperm,
hostname are all deprecated.
$INCLUDE ${confdir}/sql2.conf # Instance named 'sql2'.
detail othernas {
- detailfile = ${radacctdir}/10.0.0.1/detail-%Y%m%d
+ filename = ${radacctdir}/10.0.0.1/detail-%Y%m%d
}
preacct {
following::
detail detail1 {
- detailfile = ${radacctdir}/%{Client-IP-Address}/detail-%Y%m%d
- detailperm = 0600
- dirperm = 0755
+ filename = ${radacctdir}/%{Client-IP-Address}/detail-%Y%m%d
+ permissions = 0600
+ dir_permissions = 0755
}
The second detail file will be used by the program radrelay to relay a copy of
made. This file is defined in the following section of radiusd.conf::
detail detail2 {
- detailfile= ${radacctdir}/detail-combined
- detailperm = 0600
- dirperm = 0755
- locking = yes
- }
+ filename = ${radacctdir}/detail-combined
+ permissions = 0600
+ dir_permissions = 0755
+ locking = yes
+ }
INSTALLATION
------------
}
# regular detail files
detail detail1 {
- detailfile = ${radacctdir}/%{Client-IP-Address}/detail-%Y%m%d
- detailperm = 0600
- dirperm = 0755
+ filename = ${radacctdir}/%{Client-IP-Address}/detail-%Y%m%d
+ permissions = 0600
+ dir_permissions = 0755
}
# temp detail file to replicate to accountrad
detail detail2 {
- detailfile= ${radacctdir}/detail-combined
- detailperm = 0600
- dirperm = 0755
+ filename = ${radacctdir}/detail-combined
+ permissions = 0600
+ dir_permissions = 0755
locking = yes
}
#radutmp {
# filename = ${logdir}/radutmp
- # perm = 0600
+ # permissions = 0600
# callerid = "yes"
#}
#radutmp sradutmp {
# filename = ${logdir}/sradutmp
- # perm = 0644
+ # permissions = 0644
# callerid = "no"
#}
section which contains the current section.
.DS
- blogs = ${modules.detail.detailfile}
+ blogs = ${modules.detail.filename}
.DE
-Will set variable \fBblogs\fP to the value of variable \fBdetailfile\fP,
+Will set variable \fBblogs\fP to the value of variable \fBfilename\fP,
of the \fBdetail\fP module, which is in the \fBmodules\fP section of
the configuration file.
.DS
detail radrelay-detail {
.br
- detailfile = ${radacctdir}/radrelay/detail
+ filename = ${radacctdir}/radrelay/detail
.br
- detailperm = 0600
+ permissions = 0600
.br
- dirperm = 0755
+ dir_permissions = 0755
.br
locking = yes
.br
.br
type = detail
.br
- detail = ${radacctdir}/radrelay/detail
+ filename = ${radacctdir}/radrelay/detail
.br
max_outstanding = 100
.br
.br
detail {
.br
- file = %A/%{Client-IP-Address}/detail-%Y%m
+ filename = %A/%{Client-IP-Address}/detail-%Y%m
.br
- perm = 0600
+ permissions = 0600
.br
- dirperm = 0755
+ dir_permissions = 0755
.br
locking = no
.br
usersfile = ${confdir}/users_db
}
- # See doc/rlm_fastusers before using this
- # module or changing these values.
- #
- fastusers {
- usersfile = ${confdir}/users_fast
- hashsize = 1000
- compat = no
- # Reload the hash every 600 seconds (10mins)
- hash_reload = 600
- }
-
# Instantiate a couple instances of the idn module
idn {
}
# proxied servers, to make sure we send back to our RADIUS client
# only allowed attributes.
attr_filter attr_filter.post-proxy {
- file = ${modconfdir}/${.:name}/post-proxy
+ filename = ${modconfdir}/${.:name}/post-proxy
}
# attr_filter - filters the attributes in the packets we send to
# the RADIUS home servers.
attr_filter attr_filter.pre-proxy {
- file = ${modconfdir}/${.:name}/pre-proxy
+ filename = ${modconfdir}/${.:name}/pre-proxy
}
# Enforce RFC requirements on the contents of Access-Reject
#
attr_filter attr_filter.access_reject {
key = %{User-Name}
- file = ${modconfdir}/${.:name}/access_reject
+ filename = ${modconfdir}/${.:name}/access_reject
}
# Enforce RFC requirements on the contents of Access-Challenge
#
attr_filter attr_filter.access_challenge {
key = %{User-Name}
- file = ${modconfdir}/${.:name}/access_challenge
+ filename = ${modconfdir}/${.:name}/access_challenge
}
#
attr_filter attr_filter.accounting_response {
key = %{User-Name}
- file = ${modconfdir}/${.:name}/accounting_response
+ filename = ${modconfdir}/${.:name}/accounting_response
}
# be ONE "listen" section reading detail files from a
# particular directory.
#
- file = ${radacctdir}/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d
+ filename = ${radacctdir}/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d
#
# If you are using radrelay, delete the above line for "file",
# and use this one instead:
#
-# file = ${radacctdir}/detail
+# filename = ${radacctdir}/detail
#
# The Unix-style permissions on the 'detail' file.
# information about users. So by keeping the file
# permissions restrictive, we can prevent unwanted
# people from seeing that information.
- perm = 0600
+ permissions = 0600
# The Unix group of the log file.
#
# $Id$
#
detail detail.example.com {
- file = ${radacctdir}/detail.example.com/detail-%Y%m%d:%H:%G
+ filename = ${radacctdir}/detail.example.com/detail-%Y%m%d:%H:%G
}
# in the 'authorize' section, below.
#
detail auth_log {
- file = ${radacctdir}/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
+ filename = ${radacctdir}/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d
#
# This MUST be 0600, otherwise anyone can read
# the users passwords!
- perm = 0600
+ permissions = 0600
# You may also strip out passwords completely
suppress {
# in the 'post-auth' section, below.
#
detail reply_log {
- file = ${radacctdir}/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/reply-detail-%Y%m%d
+ filename = ${radacctdir}/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/reply-detail-%Y%m%d
- perm = 0600
+ permissions = 0600
}
#
# in the 'pre-proxy' section, below.
#
detail pre_proxy_log {
- file = ${radacctdir}/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/pre-proxy-detail-%Y%m%d
+ filename = ${radacctdir}/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/pre-proxy-detail-%Y%m%d
#
# This MUST be 0600, otherwise anyone can read
# the users passwords!
- perm = 0600
+ permissions = 0600
# You may also strip out passwords completely
#suppress {
# in the 'post-proxy' section, below.
#
detail post_proxy_log {
- file = ${radacctdir}/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/post-proxy-detail-%Y%m%d
+ filename = ${radacctdir}/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/post-proxy-detail-%Y%m%d
- perm = 0600
+ permissions = 0600
}
# specific files configured. It's recommended that
# per section instances of 'files' are used, as per section
# files will be deprecated in a future release.
- file = ${moddir}/authorize
+ filename = ${moddir}/authorize
usersfile = ${moddir}/authorize
acctusersfile = ${moddir}/accounting
# See the "smbpasswd" and "etc_group" files for more examples.
#
# parameters are:
-# filename - path to filename
+# filename - path to file
#
# format - format for filename record. This parameters
# correlates record in the passwd file and RADIUS
# 'rlm_exec' module, but it is persistent, and therefore
# faster.
#
- module = ${modconfdir}/${.:instance}/example.pl
+ filename = ${modconfdir}/${.:instance}/example.pl
#
# The following hashes are given to the module and
# Set the file permissions, as the contents of this file
# are usually private.
- perm = 0600
+ permissions = 0600
callerid = "yes"
}
redis {
# Host where the redis server is located.
# We recommend using ONLY 127.0.0.1 !
- hostname = 127.0.0.1
+ server = 127.0.0.1
# The default port.
port = 6379
# section.
radutmp sradutmp {
filename = ${logdir}/sradutmp
- perm = 0644
+ permissions = 0644
callerid = "no"
}
static const CONF_PARSER detail_config[] = {
- { "filename", PW_TYPE_STRING_PTR,
+ { "detail", PW_TYPE_STRING_PTR | PW_TYPE_DEPRECATED,
+ offsetof(listen_detail_t, filename), NULL, NULL },
+ { "filename", PW_TYPE_STRING_PTR | PW_TYPE_REQUIRED,
offsetof(listen_detail_t, filename), NULL, NULL },
{ "load_factor", PW_TYPE_INTEGER,
offsetof(listen_detail_t, load_factor), NULL, Stringify(10)},
* be used as the instance handle.
*/
typedef struct rlm_attr_filter {
- char *file;
+ char *filename;
char *key;
int relaxed;
PAIR_LIST *attrs;
static const CONF_PARSER module_config[] = {
{ "attrsfile", PW_TYPE_FILENAME | PW_TYPE_DEPRECATED,
- offsetof(rlm_attr_filter_t, file), NULL, NULL},
- { "file", PW_TYPE_FILENAME | PW_TYPE_REQUIRED,
- offsetof(rlm_attr_filter_t, file), NULL, NULL},
+ offsetof(rlm_attr_filter_t, filename), NULL, NULL},
+ { "file", PW_TYPE_FILENAME | PW_TYPE_DEPRECATED,
+ offsetof(rlm_attr_filter_t, filename), NULL, NULL},
+ { "filename", PW_TYPE_FILENAME | PW_TYPE_REQUIRED,
+ offsetof(rlm_attr_filter_t, filename), NULL, NULL},
{ "key", PW_TYPE_STRING_PTR,
offsetof(rlm_attr_filter_t, key), NULL, "%{Realm}" },
{ "relaxed", PW_TYPE_BOOLEAN,
rlm_attr_filter_t *inst = instance;
int rcode;
- rcode = attr_filter_getfile(inst, inst->file, &inst->attrs);
+ rcode = attr_filter_getfile(inst, inst->filename, &inst->attrs);
if (rcode != 0) {
- ERROR("Errors reading %s", inst->file);
+ ERROR("Errors reading %s", inst->filename);
return -1;
}
* Holds the configuration and preparsed data for a instance of rlm_detail.
*/
typedef struct detail_instance {
- char *file; //!< File/path to write to.
+ char *filename; //!< File/path to write to.
int perm; //!< Permissions to use for new files.
char *group; //!< Group to use for new files.
static const CONF_PARSER module_config[] = {
{ "detailfile", PW_TYPE_STRING_PTR | PW_TYPE_DEPRECATED,
- offsetof(struct detail_instance,file), NULL, NULL },
- { "file", PW_TYPE_STRING_PTR | PW_TYPE_REQUIRED,
- offsetof(struct detail_instance,file), NULL, "%A/%{Client-IP-Address}/detail" },
+ offsetof(struct detail_instance,filename), NULL, NULL },
+ { "file", PW_TYPE_STRING_PTR | PW_TYPE_DEPRECATED,
+ offsetof(struct detail_instance,filename), NULL, NULL },
+ { "filename", PW_TYPE_STRING_PTR | PW_TYPE_REQUIRED,
+ offsetof(struct detail_instance,filename), NULL, "%A/%{Client-IP-Address}/detail" },
{ "header", PW_TYPE_STRING_PTR,
offsetof(struct detail_instance,header), NULL, "%t" },
{ "detailperm", PW_TYPE_INTEGER | PW_TYPE_DEPRECATED,
offsetof(struct detail_instance,perm), NULL, NULL },
- { "perm", PW_TYPE_INTEGER,
+ { "permissions", PW_TYPE_INTEGER,
offsetof(struct detail_instance,perm), NULL, "0600" },
{ "group", PW_TYPE_STRING_PTR,
offsetof(struct detail_instance,group), NULL, NULL},
- { "dirperm", PW_TYPE_INTEGER,
+ { "dir_permissions", PW_TYPE_INTEGER,
offsetof(struct detail_instance,dirperm), NULL, "0755" },
{ "locking", PW_TYPE_BOOLEAN,
offsetof(struct detail_instance,locking), NULL, "no" },
/*
* Do detail, compatible with old accounting
*/
-static rlm_rcode_t do_detail(void *instance, REQUEST *request, RADIUS_PACKET *packet,
- int compat)
+static rlm_rcode_t do_detail(void *instance, REQUEST *request, RADIUS_PACKET *packet, int compat)
{
int outfd;
char timestamp[256];
* feed it through radius_xlat() to expand the
* variables.
*/
- if (radius_xlat(buffer, sizeof(buffer), request, inst->file, NULL, NULL) < 0) {
+ if (radius_xlat(buffer, sizeof(buffer), request, inst->filename, NULL, NULL) < 0) {
return RLM_MODULE_FAIL;
}
- RDEBUG2("%s expands to %s", inst->file, buffer);
+ RDEBUG2("%s expands to %s", inst->filename, buffer);
#ifdef HAVE_FNMATCH_H
#ifdef FNM_FILE_NAME
{
#ifdef WITH_DETAIL
if (request->listener->type == RAD_LISTEN_DETAIL &&
- strcmp(((struct detail_instance *)instance)->file,
+ strcmp(((struct detail_instance *)instance)->filename,
((listen_detail_t *)request->listener->data)->filename) == 0) {
RDEBUG("Suppressing writes to detail file as the request was just read from a detail file.");
return RLM_MODULE_NOOP;
char *key;
- char *file;
+ char *filename;
fr_hash_table_t *common;
/* autz */
}
static const CONF_PARSER module_config[] = {
- { "file", PW_TYPE_FILENAME,
- offsetof(rlm_files_t,file), NULL, NULL },
+ { "filename", PW_TYPE_FILENAME,
+ offsetof(rlm_files_t,filename), NULL, NULL },
{ "usersfile", PW_TYPE_FILENAME,
offsetof(rlm_files_t,usersfile), NULL, NULL },
{ "acctusersfile", PW_TYPE_FILENAME,
static int mod_detach(void *instance)
{
rlm_files_t *inst = instance;
+ fr_hash_table_free(inst->common);
fr_hash_table_free(inst->users);
fr_hash_table_free(inst->acctusers);
#ifdef WITH_PROXY
#undef READFILE
#define READFILE(_x, _y) do { if (getusersfile(inst, inst->_x, &inst->_y, inst->compat_mode) != 0) { ERROR("Failed reading %s", inst->_x); mod_detach(inst);return -1;} } while (0)
- READFILE(file, common);
+ READFILE(filename, common);
READFILE(usersfile, users);
READFILE(acctusersfile, acctusers);
offsetof(rlm_perl_t,func_##_x), NULL, Stringify(_x)}
static const CONF_PARSER module_config[] = {
- { "module", PW_TYPE_FILENAME | PW_TYPE_REQUIRED,
+ { "module", PW_TYPE_FILENAME | PW_TYPE_DEPRECATED,
+ offsetof(rlm_perl_t,module), NULL, NULL},
+ { "filename", PW_TYPE_FILENAME | PW_TYPE_REQUIRED,
offsetof(rlm_perl_t,module), NULL, NULL},
RLM_PERL_CONF(authorize),
offsetof(rlm_radutmp_t,case_sensitive), NULL, "yes"},
{ "check_with_nas", PW_TYPE_BOOLEAN,
offsetof(rlm_radutmp_t,check_nas), NULL, "yes"},
- { "perm", PW_TYPE_INTEGER,
+ { "perm", PW_TYPE_INTEGER | PW_TYPE_DEPRECATED,
+ offsetof(rlm_radutmp_t,permission), NULL, NULL },
+ { "permissions", PW_TYPE_INTEGER,
offsetof(rlm_radutmp_t,permission), NULL, "0644" },
{ "callerid", PW_TYPE_BOOLEAN,
offsetof(rlm_radutmp_t,callerid_ok), NULL, "no" },
#include "rlm_redis.h"
static const CONF_PARSER module_config[] = {
- { "hostname", PW_TYPE_STRING_PTR,
- offsetof(REDIS_INST, hostname), NULL, "127.0.0.1"},
+ { "hostname", PW_TYPE_STRING_PTR | PW_TYPE_DEPRECATED,
+ offsetof(REDIS_INST, hostname), NULL, NULL},
+ { "server", PW_TYPE_STRING_PTR | PW_TYPE_REQUIRED,
+ offsetof(REDIS_INST, hostname), NULL, NULL},
{ "port", PW_TYPE_INTEGER,
offsetof(REDIS_INST, port), NULL, "6379"},
{ "database", PW_TYPE_INTEGER,
#endif
RLM_RUBY_STRUCT(detach);
- char *script_file;
+ char *filename;
char *module_name;
VALUE module;
* buffer over-flows.
*/
static const CONF_PARSER module_config[] = {
- { "script_file", PW_TYPE_FILENAME | PW_TYPE_REQUIRED,
- offsetof(struct rlm_ruby_t, script_file), NULL, NULL},
- { "module_name", PW_TYPE_STRING_PTR,
+ { "filename", PW_TYPE_FILENAME | PW_TYPE_REQUIRED,
+ offsetof(struct rlm_ruby_t, filename), NULL, NULL},
+ { "module", PW_TYPE_STRING_PTR,
offsetof(struct rlm_ruby_t, module_name), NULL, "Radiusd"},
{ NULL, -1, 0, NULL, NULL} /* end of module_config */
};
*/
rb_define_module_function(module, "radlog", radlog_rb, 2);
- DEBUG("Loading file %s...", inst->script_file);
- rb_load_protect(rb_str_new2(inst->script_file), 0, &status);
+ DEBUG("Loading file %s...", inst->filename);
+ rb_load_protect(rb_str_new2(inst->filename), 0, &status);
if (status) {
- EDEBUG("Error loading file %s status: %d", inst->script_file, status);
+ EDEBUG("Error loading file %s status: %d", inst->filename, status);
return -1;
}
- DEBUG("Loaded file %s", inst->script_file);
+ DEBUG("Loaded file %s", inst->filename);
/*
* Import user modules.