I tried this one earlier ....
Non-zero exit code seems to return an "Exec module failed" message and then does not seem a valid reponse to the Radius client.
Exec-Program: returned: 255 rlm_exec (getstatus): External script failed
What does the module 'return'? Can you include some of the radius debug that includes the call to this module?
Have you tried having the program print 'Auth-Type := Reject' to stdout?
In this case getstatus was a simple shell script that did nothing but exit 255. I would prefer to exit with a valid radius response including a Reply-Message.
You can configure the server where to place the 'reply' from the program in one of the following data lists:
#
# The attributes which are placed into the
# environment variables for the program.
#
# Allowed values are:
#
# request attributes from the request
# config attributes from the configuration items list
# reply attributes from the reply
# proxy-request attributes from the proxy request
# proxy-reply attributes from the proxy reply
#
# Note that some attributes may not exist at some
# stages. e.g. There may be no proxy-reply
# attributes if this module is used in the
# 'authorize' section.
#
input_pairs = request
#
# Where to place the output attributes (if any) from
# the executed program. The values allowed, and the
# restrictions as to availability, are the same as
# for the input_pairs.
#
output_pairs = replySo, by default, it will place the reply pairs into the reply, you may want it to go to config or request, in order to affect the accept or reject status.
-Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \ WX *is* Wireless! \ Director, Engineering | @ @ | \ http://www.starnetwx.net \ (847) 963-0116 oOo---(_)---oOo--\------------------------------------------------------ \ Wholesale Internet Services - http://www.megapop.net
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
