On Fri, 21 Nov 2003, Matt Sapp wrote: > Personally, I don't see how the users file being in proper shape is any > less critical than any other configuration file being correct. You'd be > much better off implementing some solution to make sure the users file > is correct (perhaps some type checking in whatever system you use to > manage your users -- surely you don't have a bunch of type-prone data > entry people editing the users file by hand, do you?).
For what it's worth, it may be better to make this a matter of procedure. For my part, whenever I make any change to Radius configuration files, I follow the following steps: 1) Edit the file and make changes. 2) Run "radiusd -X". This will show any fatal errors in the config without you having to stop your "good" radius. It will quit with a message about radius already running, but up until then, will show you whether or not radius *will* start with the new config. 3) Restart radiusd with the new config if radiusd -X worked out okay. It's probably possible to write a script (and eventually I probably will but am too lazy now) to run this sort of check and only restart radiusd if things are okay, but I think just making sure that people check is a quicker fix than code hacking. Not a better fix, but a quicker fix. :-) I do agree that I don't really want Radius running with a semi-woogly config, although it can be a pain the times where I forget to check it with -X, since those are always the times I've made a mistake. Heh. Kristina - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html