processes invoked goes

Thu, 01 Jun 2006 06:32:41 -0700 

Hi,
I am using freeradius 1.0.5, configured so that when a user fails the password 
for X times, a mail is sent to a sysadmin.
I have added the following to modules section:

exec accept_notify {
  wait = no
  program = "/usr/local/etc/raddb/radius_reject_notify %{User-Name} accept 
%{FreeRADIUS-Proxied-To}"
  input_pairs = request
}
exec reject_notify {
  wait = no
  program = "/usr/local/etc/raddb/radius_reject_notify %{User-Name} reject 
%{FreeRADIUS-Proxied-To}"
  input_pairs = request
}

and this is my posth-auth section:
post-auth {
  accept_notify

  Post-Auth-Type REJECT {
    reject_notify
  }
}

radius_reject_notify is the bash script attached.

However, when a user log in and the script is executed, I see that the script 
remains in a <defunct> state. After some time I see hundreds of such processes:

Output of ps -e:
13110 ?        00:00:00 radius_reject_n <defunct>
13232 ?        00:00:00 radius_reject_n <defunct>
13233 ?        00:00:00 radius_reject_n <defunct>
....

Has someone idea why freeradius does not close correctly my script?

Thanks,

  Fabio



radius_reject_notify:

#!/bin/bash
#
#Sintax:
#
#mail_notify user access type
#  user:   user name
#  access: accept or reject
#  type:   accepted only if ( == FreeRADIUS-Proxied-To ) == 127.0.0.1
#

# TRY: number of retry
TRY=10

FAILED_USERS_DIR=/tmp/radius_user_fail/
MAIL_ADMINS="[EMAIL PROTECTED]"

USER_RETRY=0
CURRENT_USER=$1
ACCESS=$2


failed() {
mkdir -p $FAILED_USERS_DIR

        if
                [ -e $FAILED_USERS_DIR/$CURRENT_USER ]
        then
                USER_RETRY=`cat $FAILED_USERS_DIR/$CURRENT_USER`
        fi

        USER_RETRY=$(( USER_RETRY + 1 ))
        echo $USER_RETRY > $FAILED_USERS_DIR/$CURRENT_USER

        if (( USER_RETRY == $TRY ))
        then
                #Limit exceded!
                send_mail
        fi ;
}

success() {
        if
                [ -e $FAILED_USERS_DIR/$CURRENT_USER ]
        then
                rm -f $FAILED_USERS_DIR/$CURRENT_USER
        fi
}

send_mail() {
        HOSTNAME=`hostname`
        env MAILRC=/dev/null [EMAIL PROTECTED] smtp=smtp.domain.com nail -n -s 
"RADIUS - Autentication failed $TRY
 times" $MAIL_ADMINS <<-END
$CURRENT_USER failed authentication for $TRY times.
END

}

case $3 in
        '127.0.0.1')

        case $ACCESS in
                'accept')
                success
                ;;
                'reject')
                failed
                ;;
        esac
        ;;
esac


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to