In formulating my responses to those asking about time limits on a per-user basis, it reminded me I wanted to check on something that, well, doesn't seem to be documented all that clearly...
In particular, the concept of "disallowing logons past a given date" [i.e., someone bought "30 (calendar) days" of access] brings up a kludgy response of "scan the database from an external program and change entries accordingly". What would make more sense (and require less "external" programming) would be to have a "check" item of "is the logon (request) DATE <= the cutoff date?" It **seems** like this exists, but the one place where this is listed states, "this is deprecated and WILL go away..." Namely, the file "variables.txt" refers to some single-character replacement items such as "%D" or "%S" for request DATE or TIMESTAMP respectively. In the column labelled "proper equivalent", it is blank. ALSO, the presumption is that these are in the "user" file specifically -- are they valid in SQL table entries? In particular, let's say "fred" buys a 30-day account. In the following "radcheck" table entries, what "attribute" should I use for "???": user attribute OP value fred auth-type := local fred password == flintstone fred ??? <= 20030712 Would "%D" really work here for an attribute value? And in a related question, how would I go about setting a "radreply" item of "your 30 days are up" IF AND ONLY IF the request date is actually past the cutoff date/value? (using SQL entries only) -- Yet another Blog: http://osnut.homelinux.net
pgp00000.pgp
Description: signature
