use vars qw( @ISA $nossh_hack $conf $dir_prefix @shells $usernamemin
$usernamemax $passwordmin
$shellmachine @saltset @pw_set);
+use Carp;
use FS::Conf;
use FS::Record qw( qsearchs fields );
use FS::svc_Common;
=item radius
+Depriciated, use radius_reply instead.
+
+=cut
+
+sub radius {
+ carp "FS::svc_acct::radius depriciated, use radius_reply";
+ $_[0]->radius_reply;
+}
+
+=item radius_reply
+
Returns key/value pairs, suitable for assigning to a hash, for any RADIUS
-attributes of this record.
+reply attributes of this record.
Note that this is now the preferred method for reading RADIUS attributes -
accessing the columns directly is discouraged, as the column names are
=cut
-sub radius {
+sub radius_reply {
my $self = shift;
map {
/^(radius_(.*))$/;
} grep { /^radius_/ && $self->getfield($_) } fields( $self->table );
}
+=item radius_check
+
+Returns key/value pairs, suitable for assigning to a hash, for any RADIUS
+check attributes of this record.
+
+Accessing RADIUS attributes directly is not supported and will break in the
+future.
+
=back
+sub radius_check {
+ my $self = shift;
+ map {
+ /^(rc_(.*))$/;
+ my($column, $attrib) = ($1, $2);
+ $attrib =~ s/_/\-/g;
+ ( $attrib, $self->getfield($column) );
+ } grep { /^rc_/ && $self->getfield($_) } fields( $self->table );
+}
+
=head1 VERSION
-$Id: svc_acct.pm,v 1.8 2000-07-04 13:42:37 ivan Exp $
+$Id: svc_acct.pm,v 1.9 2000-07-06 08:57:27 ivan Exp $
=head1 BUGS
-$Id: TODO,v 1.47 2000-07-03 09:03:14 ivan Exp $
+$Id: TODO,v 1.48 2000-07-06 08:57:27 ivan Exp $
If you are interested in helping with any of these, please join the mailing
list (send a blank message to ivan-freeside-subscribe@sisd.com) to avoid
---
+hmm - if you delete an account in svc_acct somehow that a mail alias points to,
+svc_acct_sm.export will fail. make sure this can't be done using
+the web interface.
+
Bug: during the linking process apparantly you can link too many services to
a package. *sigh*
+++ /dev/null
-#!/usr/bin/perl -Tw
-
-# quick'n'dirty hack of fs-setup to add radius attributes
-
-use strict;
-use DBI;
-use FS::UID qw(adminsuidsetup checkeuid getsecrets);
-die "Not running uid freeside!" unless checkeuid();
-
-my $user = shift or die &usage;
-getsecrets($user);
-
-my $dbh = adminsuidsetup $user;
-
-###
-
-print "\n\n", <<END, ":";
-Enter the additional RADIUS attributes you need to track for
-each user, separated by whitespace.
-END
-my @attributes = map { s/\-/_/g; $_; } split(" ",&getvalue);
-
-sub getvalue {
- my($x)=scalar(<STDIN>);
- chop $x;
- $x;
-}
-
-###
-
-my($char_d) = 80; #default maxlength for text fields
-
-###
-
-foreach my $attribute ( @attributes ) {
- foreach my $statement (
- "ALTER TABLE svc_acct ADD radius_$attribute varchar($char_d) NULL",
- "ALTER TABLE svc_acct ADD radius_$attribute varchar($char_d) NULL",
- "ALTER TABLE part_svc ADD svc_acct__radius_$attribute varchar($char_d) NULL;",
- "ALTER TABLE part_svc ADD svc_acct__radius_${attribute}_flag char(1) NULL;",
- ) {
- $dbh->do( $statement ) or warn "Error executing $statement: ". $dbh->errstr; }
-}
-
-$dbh->disconnect or die $dbh->errstr;
-
-print "\n\n", "Now you must run dbdef-create.\n\n";
-
-sub usage {
- die "Usage:\n fs-radius-add user\n";
-}
-
-
--- /dev/null
+#!/usr/bin/perl -Tw
+
+# quick'n'dirty hack of fs-setup to add radius attributes
+
+use strict;
+use DBI;
+use FS::UID qw(adminsuidsetup checkeuid getsecrets);
+die "Not running uid freeside!" unless checkeuid();
+
+my $user = shift or die &usage;
+getsecrets($user);
+
+my $dbh = adminsuidsetup $user;
+
+###
+
+print "\n\n", <<END, ":";
+Enter the additional RADIUS check attributes you need to track for
+each user, separated by whitespace.
+END
+my @attributes = map { s/\-/_/g; $_; } split(" ",&getvalue);
+
+sub getvalue {
+ my($x)=scalar(<STDIN>);
+ chop $x;
+ $x;
+}
+
+###
+
+my($char_d) = 80; #default maxlength for text fields
+
+###
+
+foreach my $attribute ( @attributes ) {
+ foreach my $statement (
+ "ALTER TABLE svc_acct ADD rc_$attribute varchar($char_d) NULL",
+ "ALTER TABLE svc_acct ADD rc_$attribute varchar($char_d) NULL",
+ "ALTER TABLE part_svc ADD svc_acct__rc_$attribute varchar($char_d) NULL;",
+ "ALTER TABLE part_svc ADD svc_acct__rc_${attribute}_flag char(1) NULL;",
+ ) {
+ $dbh->do( $statement ) or warn "Error executing $statement: ". $dbh->errstr; }
+}
+
+$dbh->disconnect or die $dbh->errstr;
+
+print "\n\n", "Now you must run dbdef-create.\n\n";
+
+sub usage {
+ die "Usage:\n fs-radius-add user\n";
+}
+
+
--- /dev/null
+#!/usr/bin/perl -Tw
+
+# quick'n'dirty hack of fs-setup to add radius attributes
+
+use strict;
+use DBI;
+use FS::UID qw(adminsuidsetup checkeuid getsecrets);
+die "Not running uid freeside!" unless checkeuid();
+
+my $user = shift or die &usage;
+getsecrets($user);
+
+my $dbh = adminsuidsetup $user;
+
+###
+
+print "\n\n", <<END, ":";
+Enter the additional RADIUS reply attributes you need to track for
+each user, separated by whitespace.
+END
+my @attributes = map { s/\-/_/g; $_; } split(" ",&getvalue);
+
+sub getvalue {
+ my($x)=scalar(<STDIN>);
+ chop $x;
+ $x;
+}
+
+###
+
+my($char_d) = 80; #default maxlength for text fields
+
+###
+
+foreach my $attribute ( @attributes ) {
+ foreach my $statement (
+ "ALTER TABLE svc_acct ADD radius_$attribute varchar($char_d) NULL",
+ "ALTER TABLE svc_acct ADD radius_$attribute varchar($char_d) NULL",
+ "ALTER TABLE part_svc ADD svc_acct__radius_$attribute varchar($char_d) NULL;",
+ "ALTER TABLE part_svc ADD svc_acct__radius_${attribute}_flag char(1) NULL;",
+ ) {
+ $dbh->do( $statement ) or warn "Error executing $statement: ". $dbh->errstr; }
+}
+
+$dbh->disconnect or die $dbh->errstr;
+
+print "\n\n", "Now you must run dbdef-create.\n\n";
+
+sub usage {
+ die "Usage:\n fs-radius-add user\n";
+}
+
+
#!/usr/bin/perl -Tw
#
-# $Id: fs-setup,v 1.25 2000-06-29 12:00:49 ivan Exp $
+# $Id: fs-setup,v 1.26 2000-07-06 08:57:27 ivan Exp $
#
# ivan@sisd.com 97-nov-8,9
#
# fix radius attributes ivan@sisd.com 98-sep-27
#
# $Log: fs-setup,v $
-# Revision 1.25 2000-06-29 12:00:49 ivan
+# Revision 1.26 2000-07-06 08:57:27 ivan
+# support for radius check attributes (except importing). poorly documented.
+#
+# Revision 1.25 2000/06/29 12:00:49 ivan
# support for pre-encrypted md5 passwords.
#
# Revision 1.24 2000/03/02 07:44:07 ivan
my($username_len)=&getvalue;
print "\n\n", <<END, ":";
-Freeside tracks the RADIUS attributes User-Name, Password and Framed-IP-Address
-for each user. Enter any additional RADIUS attributes you need to track for
-each user, separated by whitespace.
+Freeside tracks the RADIUS attributes User-Name, check attribute Password and
+reply attribute Framed-IP-Address for each user. You can specify additional
+check and reply attributes. First enter any additional RADIUS check attributes
+you need to track for each user, separated by whitespace.
+END
+my @check_attributes = map { s/\-/_/g; $_; } split(" ",&getvalue);
+
+print "\n\n", <<END, ":";
+Now enter any additional reply attributes you need to track for each user,
+separated by whitespace.
END
my @attributes = map { s/\-/_/g; $_; } split(" ",&getvalue);
));
}
+foreach $attribute (@check_attributes) {
+ $svc_acct->addcolumn( new FS::dbdef_column (
+ 'rc_'. $attribute,
+ 'varchar',
+ 'NULL',
+ $char_d,
+ ));
+}
+
#make part_svc table (but now as object)
my($part_svc)=$dbdef->table('part_svc');
#!/usr/bin/perl -w
#
-# $Id: svc_acct.export,v 1.14 2000-06-29 15:01:25 ivan Exp $
+# $Id: svc_acct.export,v 1.15 2000-07-06 08:57:28 ivan Exp $
#
# Create and export password files: passwd, passwd.adjunct, shadow,
# acp_passwd, acp_userinfo, acp_dialup, users
# ivan@sisd.com 98-sep-18
#
# $Log: svc_acct.export,v $
-# Revision 1.14 2000-06-29 15:01:25 ivan
+# Revision 1.15 2000-07-06 08:57:28 ivan
+# support for radius check attributes (except importing). poorly documented.
+#
+# Revision 1.14 2000/06/29 15:01:25 ivan
# another silly typo in svc_acct.export
#
# Revision 1.13 2000/06/28 12:37:28 ivan
print ACP_DIALUP $svc_acct->username, "\t*\t", $svc_acct->slipip, "\n";
}
- my %radius = $svc_acct->radius;
+ my %radreply = $svc_acct->radius_reply;
+ my %radcheck = $svc_acct->radius_check;
+
+ my $radcheck = join ", ", map { qq($_ = "$radcheck{$_}") } keys %radcheck;
+ $radcheck .= ", " if $radcheck;
###
# FORMAT OF THE USERS FILE HERE
print USERS
- $svc_acct->username, qq(\t${textradiusprepend}Password = "$rpassword"\n\t),
- join ",\n\t", map { qq($_ = "$radius{$_}") } keys %radius;
+ $svc_acct->username,
+ qq(\t${textradiusprepend}),
+ $radcheck,
+ qq(Password = "$rpassword"\n\t),
+ join ",\n\t", map { qq($_ = "$radreply{$_}") } keys %radreply;
if ( $ip && $ip ne '0e0' ) {
- print USERS qq(,\n\tFramed-Address = "$ip"\n\n);
+ #print USERS qq(,\n\tFramed-Address = "$ip"\n\n);
+ print USERS qq(,\n\tFramed-IP-Address = "$ip"\n\n);
} else {
print USERS qq(\n\n);
}
###
# ICRADIUS export
if ( $icradiusmachines ) {
+
my $sth = $icradius_dbh->prepare(
"INSERT INTO radcheck ( id, UserName, Attribute, Value ) VALUES ( ".
join(", ", map { $icradius_dbh->quote( $_ ) } (
);
$sth->execute or die "Can't insert into radcheck table: ". $sth->errstr;
- foreach my $attribute ( keys %radius ) {
+ foreach my $attribute ( keys %radcheck ) {
+ my $sth = $icradius_dbh->prepare(
+ "INSERT INTO radcheck ( id, UserName, Attribute, Value ) VALUES ( ".
+ join(", ", map { $icradius_dbh->quote( $_ ) } (
+ '',
+ $svc_acct->username,
+ $attribute
+ $radcheck{$attribute},
+ ) ). " )"
+ );
+ $sth->execute or die "Can't insert into radcheck table: ". $sth->errstr;
+ }
+
+ foreach my $attribute ( keys %radreply ) {
my $sth = $icradius_dbh->prepare(
"INSERT INTO radreply (id, UserName, Attribute, Value) VALUES ( ".
join(", ", map { $icradius_dbh->quote( $_ ) } (
'',
$svc_acct->username,
$attribute,
- $radius{$attribute},
+ $radreply{$attribute},
) ). " )"
);
$sth->execute or die "Can't insert into radreply table: ". $sth->errstr;
<li>nismachines - <b>passwd</b> and <b>shadow</b> are copied to the <b>/etc/global</b> directory on the remote machine. If no errors occur, the command <b>( cd /var/yp; make; )</b> is executed on the remote machine.
<li>erpcdmachines - <b>acp_passwd</b> and <b>acp_dialup</b> are copied to the <b>/usr/annex</b> directory on the remote machine. If no errors occur, the command <b>( kill -USR1 `cat /usr/annex/erpcd.pid` )</b> is executed on the remote machine.
<li>radiusmachines - <b>users</b> is copied to the <b>/etc/raddb</b> directory on the remote machine. If no errors occur, the command <b>( builddbm )</b> is executed on the remote machine.
- <li>icradiusmachines - A local radcheck file will be created. If any machines are specified, the remote MySQL database will be locked and the radcheck table will be copied to the those machines. You may also need to set the icradius_mysqlsource and/or icradius_mysqldest <a href="config.html">configuration files</a>.
+ <li>icradiusmachines - Local radcheck and radreply tables will be created. If any machines are specified, the remote MySQL database will be locked and the radcheck table will be copied to the those machines. You may also need to set the icradius_mysqlsource and/or icradius_mysqldest <a href="config.html">configuration files</a>. Currently you need to be running MySQL for your Freeside database to use this feature.
</ul>
<li>site_perl/svc_acct.pm - If a shellmachine is defined, users can be created, modified and deleted remotely; see below.
<ul>
projects / freeside.git / commitdiff