1rlm_files(5)                   FreeRADIUS Module                  rlm_files(5)
2
3
4

NAME

6       rlm_files - FreeRADIUS Module
7

DESCRIPTION

9       The  rlm_files module uses the 'users' file for accessing authorization
10       information for users.  Additionally, it supports a 'users' file syntax
11       to be applied to the accounting and pre-proxy sections.
12
13       The main configuration items to be aware of are:
14
15       usersfile
16              The  filename  of  the  'users' file, which is parsed during the
17              authorization stage of this module.
18
19       acctusersfile
20              The filename of the 'users' file, which  is  parsed  during  the
21              accounting stage of this module.
22
23       preproxy_usersfile
24              The  filename  of  the  'users' file, which is parsed during the
25              pre_proxy stage of this module.
26
27       compat This option allows FreeRADIUS to parse an old style Cistron syn‐
28              tax.   The  default  is 'no'.  If you need to parse an old style
29              Cistron file, set this option to 'cistron'.
30
31       key    This option lets you set the attribute to use as a key  to  find
32              entries.    The   default  is  "%{%{Stripped-User-Name}:-%{User-
33              Name}}".  Note that the key  MUST  supply  real  data.   Dynamic
34              attributes  like  "Group"  will  not  work,  because the "Group"
35              attribute can only be used as a comparison, to see if a user  is
36              in  a Unix group.  It will not return the name of the Unix group
37              that a user is in.
38
39       If you want to use groups as a key, see the rlm_passwd, which will cre‐
40       ate a real attribute that contains the group name.
41
42       This  configuration  entry enables you to have configurations that per‐
43       form per-group checks, and return per-group attributes, where the group
44       membership  is  dynamically defined by a previous module.  It also lets
45       you do things like key off of attributes  in  the  reply,  and  express
46       policies  like "when I send replies containing attribute FOO with value
47       BAR, do more checks, and maybe send additional attributes".
48

CONFIGURATION

50       modules {
51         ... stuff here ...
52         files {
53           usersfile = %{confdir}/users
54           acctusersfile = %{confdir}/acct_users
55           preproxy_usersfile = %{confdir}/preproxy_users
56           compat = no
57           key = %{%{Stripped-User-Name}:-%{User-Name}}
58         }
59         ... stuff here ...
60       }
61

SECTIONS

63       authorization, accounting, pre_proxy
64

FILES

66       /etc/raddb/radiusd.conf,    /etc/raddb/users,    /etc/raddb/acct_users,
67       /etc/raddb/preproxy_users
68

SEE ALSO

70       radiusd(8), radiusd.conf(5), users(5)
71

AUTHORS

73       Chris Parker, cparker@segv.org
74
75
76
77                                5 February 2004                   rlm_files(5)