Hello Andy -
On Fri, 18 Feb 2000, Andy Dills wrote:
> On Fri, 18 Feb 2000, Hugh Irvine wrote:
>
> > Note that DefaultSimultaneousUse is an AuthBy parameter, used like this:
> >
> > <Realm ...>
> > <AuthBy ....>
> > DefaultSimultaneousUse 1
> > .....
> > </AuthBy>
> > </Realm>
> >
> > I have tested it recently with no problems at all.
>
> Hmm, strange, that's where I had it. Maybe it's because I had multiple
> AuthBy's and AuthByPolicy as ContinueAlways, with an external AuthBy UNIX
> because of my heavy reliance on AuthType = System.
>
> Now that I think about it, I'm almost positive I didn't put it in all
> three, so that's most likely the situation.
>
Yes. There is a gotcha in chained or cascaded AuthBy's - only the first one
will do the Sim-Use checking, so it must be set there (as well as the others if
they are used in other ways).
> > Also note that DefaultSimultaneousUse was introduced in Radiatior 2.14 - what
> > version are you running?
>
> 2.14...
>
FYI - Radiator 2.15 was released yesterday.
>
> Some other beefs, while I'm emailing the list. A check item of
> Group = <whatever> doesn't work unless the user is specifically listed in
> /etc/groups. I want it to work based on GID. So, I changed
> AuthUNIX::userIsInGroup to be:
>
> sub userIsInGroup
> {
> my ($self, $user, $group) = @_;
>
> # Added by Andy Dills
>
> my $gid = getgrnam($group);
> my @usergid = getpwnam($user);
> $self->log($main::LOG_DEBUG, "Gid specified: $gid Gid of user: $usergid[3]");
> if ($usergid[3] == $gid) { return 1 };
>
> # End
>
> return defined $group_of_last_user_found
> && $self->{GroupsToGID}{$group} == $group_of_last_user_found;
> }
>
> This, I'm sure, is horribly inefficient. But it works. And I'm not doing
> more than 2-3 reqs/sec, on a dedicated box, so no big deal.
>
I have forwarded this to Mike.
>
> Also, I've got a patch to Nas.pm which will allow you to specify a NasType
> of AssuredAccess, but it requires Net::SNMP (by far the best perl SNMP
> module, IMHO).
>
We would be happy to add this to the base code if you would care to contribute
it to the Radiator collection.
many thanks
Hugh
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8,
NT, Rhapsody
===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
