On 12.3.2017 15.42, Eric W. Bates wrote:
Is there a recommended technique to validate a radius.cfg? Something
like named-checkconf.
There's -c option for radiusd. It will read the configuration and checks
what it can. It does not, for example, attempt to connect to SQL
databases, so it will not catch those types of problems.
Unknown parameters, unbalanced clause starts, for example <Handler>
closed with </AuthBy> and various other things are reported with log
messages.
I'm asking because I'm trying to use ansible to synchronize multiple
servers. Best-practice recommends running a config validation as a
pre-condition for daemon restart.
There's actually work ongoing to enhance configuration checking.
Currently the output from -c is more for human consumption, so the exit
code, for example, does not reflect the check results. We are looking at
returning different exit codes depending of level of problem (warning,
error) from -c run.
What you could do now is to wrap radiusd -c invocation with a script
that greps errors and warnings and then returns non-zero exit code.
Thanks,
Heikki
--
Heikki Vatiainen <h...@open.com.au>
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.
_______________________________________________
radiator mailing list
radiator@lists.open.com.au
http://lists.open.com.au/mailman/listinfo/radiator
