Chris Parker wrote:
Nothing is unclear about it. I would prefer that the daemon not fail out if there's a data error in one of the files. It should report that error to a log and continue on. Otherwise, it becomes a fairly trivial task to crash out the daemon. Our users file is fairly dynamic and if someone makes a typo putting in a new entry, I don't want the whole system coming down.
Sorry, I prefer my failures to be deterministic. I don't want the server
carrying on and running with a partial config and doing something un-
expected.
For config issues, I agree, but if there's an unknown key in the *users* file, I don't think the system should stop. Especially if it's a key that's only in one or two users (which is usually the case here).
If you are concerned with making typos, you may want to look at the
'dialup-admin' package, which allows you to easily manage an SQL database
rather than a flat users file. Your chances of making a typo would then
be greatly reduced imho, and if you did typo on one entry for a user, it
would not affect any other users.
I will look into it, but I also don't want the authentication server to stop if we take the database down for maintenance. We're a bit tied to the file method at the moment, although I suspect that feeding directly from our database will be better and might be in the plan.
-Greg G
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
