diff options
Diffstat (limited to 'man/man5/rlm_files.5')
| -rw-r--r-- | man/man5/rlm_files.5 | 95 |
1 files changed, 95 insertions, 0 deletions
diff --git a/man/man5/rlm_files.5 b/man/man5/rlm_files.5 new file mode 100644 index 0000000..52f4734 --- /dev/null +++ b/man/man5/rlm_files.5 @@ -0,0 +1,95 @@ +.\" # DS - begin display +.de DS +.RS +.nf +.sp +.. +.\" # DE - end display +.de DE +.fi +.RE +.sp +.. +.TH rlm_files 5 "5 February 2004" "" "FreeRADIUS Module" +.SH NAME +rlm_files \- FreeRADIUS Module +.SH DESCRIPTION +The \fIrlm_files\fP module uses the 'users' file for accessing +authorization information for users. Additionally, it supports +a 'users' file syntax to be applied to the accounting and pre-proxy +sections. +.PP +The main configuration items to be aware of are: +.IP usersfile +The filename of the 'users' file, which is parsed during the +authorization stage of this module. +.IP acctusersfile +The filename of the 'users' file, which is parsed during the +accounting stage of this module. +.IP preproxy_usersfile +The filename of the 'users' file, which is parsed during the +pre_proxy stage of this module. +.IP compat +This option allows FreeRADIUS to parse an old style Cistron syntax. +The default is 'no'. If you need to parse an old style Cistron +file, set this option to 'cistron'. +.IP key +This option lets you set the attribute to use as a key to find +entries. The default is "%{%{Stripped-User-Name}:-%{User-Name}}". Note +that the key MUST supply real data. Dynamic attributes like "Group" +will not work, because the "Group" attribute can only be used as a +comparison, to see if a user is in a Unix group. It will not return +the name of the Unix group that a user is in. +.PP +If you want to use groups as a key, see the \fIrlm_passwd\fP, which +will create a real attribute that contains the group name. +.PP +This configuration entry enables you to have configurations that +perform per-group checks, and return per-group attributes, where the +group membership is dynamically defined by a previous module. It also +lets you do things like key off of attributes in the reply, and +express policies like "when I send replies containing attribute +FOO with value BAR, do more checks, and maybe send additional +attributes". +.SH CONFIGURATION +.PP +.DS +modules { + ... stuff here ... +.br + files { +.br + usersfile = %{confdir}/users +.br + acctusersfile = %{confdir}/acct_users +.br + preproxy_usersfile = %{confdir}/preproxy_users +.br + compat = no +.br + key = %{%{Stripped-User-Name}:-%{User-Name}} +.br + } +.br + ... stuff here ... +.br +} +.DE +.PP +.SH SECTIONS +.BR authorization, +.BR accounting, +.BR pre_proxy +.PP +.SH FILES +.I /etc/raddb/radiusd.conf, +.I /etc/raddb/users, +.I /etc/raddb/acct_users, +.I /etc/raddb/preproxy_users +.PP +.SH "SEE ALSO" +.BR radiusd (8), +.BR radiusd.conf (5), +.BR users (5) +.SH AUTHORS +Chris Parker, cparker@segv.org |