htdocs/docs/session.html


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48

<head>
  <title>Session monitor</title>
</head>
<body>
<h1>Session monitor</h1>
<h2>Installation</h2>
For security reasons, the client portion of the session montior may run on one
or more external public machine(s).  On these machines, install:
<ul>
  <li><a href="http://www.perl.com/CPAN/doc/relinfo/INSTALL.html">Perl</a> (at l
east 5.004_05 for the 5.004 series or 5.005_03 for the 5.005 series.  Don't enable experimental features like threads or the PerlIO abstraction layer.)
  <li><a href="man/FS/SessionClient.html">FS::SessionClient</a> (copy the fs_session/FS-SessionClient directory to the external machine, then: perl Makefile.PL; make; make install)
</ul>
Then:
<ul>
  <li>Add the user `freeside' to the the external machine.
  <li>Create the /usr/local/freeside directory on the external machine (owned by the freeside user).
  <li>touch /usr/local/freeside/fs_sessiond_socket; chown freeside /usr/local/freeside/fs_sessiond_socket; chmod 600 /usr/local/freeside/fs_sessiond_socket
    <li>Append the identity.pub from the freeside user on your freeside machine to the authorized_keys file of the newly created freeside user on the external machine(s).
  <li>Run <pre>fs_session_server <i>user</i> <i>machine</i></pre> on the Freeside machine.
  <ul>
    <li><i>user</i> is a user from the mapsecrets file.
    <li><i>machine</i> is the name of the external machine.
  </ul>
</ul>
<h2>Usage</h2>
<ul>
  <li>RADIUS
  <li>Web
    <ul>
      <li>Copy FS-SessionClient/cgi/login.cgi and logout.cgi to your web
          server's document space.  
      <li>Use <a href="http://www.apache.org/docs/suexec.html">suEXEC</a> or <a href="http://www.perl.com/CPAN-local/doc/manual/html/pod/perlsec.html#Security_Bugs">setuid</a> (see <a href="install.html">install.html</a> for details) to run login.cgi and logout.cgi as the freeside user.
    </ul>
  <li>Command-line
    <br><pre>freeside-login username ( portnum | ip | nasnum nasport )</pre>
    <ul>
      <li><i>username</i> is a customer username from the svc_acct table
      <li><i>portnum</i>, <i>ip</i> or <i>nasport</i> and <i>nasnum</i> uniquely identify a port in the <a href="schema.html#port">port</a> database table.
    </ul>
</ul>
</body>