Hi, I am using freeradius 1.0.5, configured so that when a user fails the password for X times, a mail is sent to a sysadmin. I have added the following to modules section:
exec accept_notify { wait = no program = "/usr/local/etc/raddb/radius_reject_notify %{User-Name} accept %{FreeRADIUS-Proxied-To}" input_pairs = request } exec reject_notify { wait = no program = "/usr/local/etc/raddb/radius_reject_notify %{User-Name} reject %{FreeRADIUS-Proxied-To}" input_pairs = request } and this is my posth-auth section: post-auth { accept_notify Post-Auth-Type REJECT { reject_notify } } radius_reject_notify is the bash script attached. However, when a user log in and the script is executed, I see that the script remains in a <defunct> state. After some time I see hundreds of such processes: Output of ps -e: 13110 ? 00:00:00 radius_reject_n <defunct> 13232 ? 00:00:00 radius_reject_n <defunct> 13233 ? 00:00:00 radius_reject_n <defunct> .... Has someone idea why freeradius does not close correctly my script? Thanks, Fabio radius_reject_notify: #!/bin/bash # #Sintax: # #mail_notify user access type # user: user name # access: accept or reject # type: accepted only if ( == FreeRADIUS-Proxied-To ) == 127.0.0.1 # # TRY: number of retry TRY=10 FAILED_USERS_DIR=/tmp/radius_user_fail/ MAIL_ADMINS="[EMAIL PROTECTED]" USER_RETRY=0 CURRENT_USER=$1 ACCESS=$2 failed() { mkdir -p $FAILED_USERS_DIR if [ -e $FAILED_USERS_DIR/$CURRENT_USER ] then USER_RETRY=`cat $FAILED_USERS_DIR/$CURRENT_USER` fi USER_RETRY=$(( USER_RETRY + 1 )) echo $USER_RETRY > $FAILED_USERS_DIR/$CURRENT_USER if (( USER_RETRY == $TRY )) then #Limit exceded! send_mail fi ; } success() { if [ -e $FAILED_USERS_DIR/$CURRENT_USER ] then rm -f $FAILED_USERS_DIR/$CURRENT_USER fi } send_mail() { HOSTNAME=`hostname` env MAILRC=/dev/null [EMAIL PROTECTED] smtp=smtp.domain.com nail -n -s "RADIUS - Autentication failed $TRY times" $MAIL_ADMINS <<-END $CURRENT_USER failed authentication for $TRY times. END } case $3 in '127.0.0.1') case $ACCESS in 'accept') success ;; 'reject') failed ;; esac ;; esac - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html