OpenRADIUS

Introduction

FAQ

Download

Documentation
   Installation/Usage
   Module interface
   Language
   Packet handling
   Modules
      Ascfile
      Delay
      Radlogger
      RadLDAP
      RadSQL
      Unixpasswd

Configurations
   Pre-paid

Contributed
   Using VSAs
   Installing on OSX

Mailing list...

Add-ons/Services

Other software...

OpenRADIUS Unixpasswd module


Description:
The Unixpasswd module verifies passwords using the Unix password database. If your host system supports getting shadow passwords using the standard getpw*() interface, this module also supports them. The same goes for Crypt-style MD5 passwords and NIS/NIS+.
 
Usage:
The module is to be run from OpenRADIUS using an interface definition like this:
interface(name = "...",
	  prog = "unixpasswd [options]",
	  flags = Ascii + Short-Attr, 
	  sendattr = "str",
	  sendattr = "User-Password",
	  ...),

The 'Ascii' and 'Short-Attr' flags are required for any interface that uses this module.

The module only uses the 'str' and 'User-Password' attributes from requests sent to it; the sendattr ACL is specified for efficiency only.
 

Options:
The following command line options are provided:

-d
Output debugging messages on standard error (fd 2, which can be redirected by OpenRADIUS using '-o').
 
Operation:
The module uses the last 'str' attribute as the username and the last 'User-Password' attribute as the plaintext password. It returns one instance of 'int', with value 1 if the credentials could be matched to the password database and 0 otherwise.

TODO: cache the database of usernames and crypt(3)'ed passwords in a hash and refresh it when signalled or after a configurable period. Possibly optional using -c switch; some people may have fast getpwname() implementations or want immediately updated passwords anyway. I would like to see some reports that it indeed *is* slow first, though.
 

Distribution:
This standard module is included with the server and installed by default.
 

Generated on Sun Mar 25 00:43:53 2007 by decorate.pl / menuize.pl