In my operation, we sell e-mail only accounts which get
written to /etc/password/shadow. However, we also use
/etc/password/shadow to authenticate using Radius. When an
e-mail only user is created, his shell is set to
/usr/bin/mailshell, and I have a script that extracts
those usernames and places them in a "group" file.
Radiator uses that group file to reject users:
in my users file:
DEFAULT Auth-Type = UNIX, Group = mail, Auth-Type = "Reject: Dial-up
access not
authorized for this account"
in my radiusd.cfg file:
<AuthBy UNIX>
Identifier UNIX
Filename /usr/local/etc/shadow
GroupFilename /usr/local/etc/group
</Authby>
The dilemma I'm having is that the "group" file is a single large
comma-delimited string, and it's 'ugly'. Is there a better way
to reject a group of users based on the value of their shell
variable, or is there a way I can write a different type of
file (or even an SQL query) with a list of usernames to reject.
Help is greatly appreciated.
John
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
