Alexander Clouter <a...@digriz.org.uk> writes: > Alex rsm <alex-...@hotmail.com> wrote: >> >> And added the following in src/modules/rlm_perl/example.pl >> >> sub authorize { >> print "This is a TEST\n"; >> ..... >> } >> >> However, When I send a simple test request I don't see my debug line. >> I also don't see the message "perl loaded" when start Freeradius in >> debug mode (radiusd -X). >> > I am pretty sure stdout is not plumbed up for rlm_perl, and neither is > stderr so you will not see anything.
Oh, but they are. At least in debug mode I don't think Alex (the other one :-) really enabled the perl module. It will NOT be silent in debug mode. You should see something like this when the module is instantiated: Module: Linked to module rlm_perl Module: Instantiating module "perl" from file /etc/freeradius/modules/perl perl { module = "/etc/freeradius/example.pl" func_authorize = "authorize" func_authenticate = "authenticate" func_accounting = "accounting" func_preacct = "preacct" func_checksimul = "checksimul" func_detach = "detach" func_xlat = "xlat" func_pre_proxy = "pre_proxy" func_post_proxy = "post_proxy" func_post_auth = "post_auth" func_recv_coa = "recv_coa" func_send_coa = "send_coa" } And with the following "/etc/freeradius/example.pl": use constant RLM_MODULE_REJECT=> 0;# /* immediately reject the request */ use constant RLM_MODULE_FAIL=> 1;# /* module failed, don't reply */ use constant RLM_MODULE_OK=> 2;# /* the module is OK, continue */ use constant RLM_MODULE_HANDLED=> 3;# /* the module handled the request, so stop. */ use constant RLM_MODULE_INVALID=> 4;# /* the module considers the request invalid. */ use constant RLM_MODULE_USERLOCK=> 5;# /* reject the request (user is locked out) */ use constant RLM_MODULE_NOTFOUND=> 6;# /* user not found */ use constant RLM_MODULE_NOOP=> 7;# /* module succeeded without doing anything */ use constant RLM_MODULE_UPDATED=> 8;# /* OK (pairs modified) */ use constant RLM_MODULE_NUMCODES=> 9;# /* How many return codes there are */ sub authorize { print "Here\n"; return RLM_MODULE_NOOP; } I get: rad_recv: Access-Request packet from host 127.0.0.1 port 41702, id=236, length=43 User-Name = "foo" User-Password = "bar" # Executing section authorize from file /etc/freeradius/sites-enabled/default +- entering group authorize {...} ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "foo", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop ++[unix] returns notfound ++[files] returns noop ++[expiration] returns noop ++[logintime] returns noop Here rlm_perl: Added pair User-Name = foo rlm_perl: Added pair User-Password = bar rlm_perl: Added pair NAS-IP-Address = 127.0.0.1 ++[perl] returns noop [pap] WARNING! No "known good" password found for the user. Authentication may fail because of this. ++[pap] returns noop ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user Failed to authenticate the user. Using Post-Auth-Type Reject # Executing group from file /etc/freeradius/sites-enabled/default +- entering group REJECT {...} [attr_filter.access_reject] expand: %{User-Name} -> foo attr_filter: Matched entry DEFAULT at line 11 ++[attr_filter.access_reject] returns updated Delaying reject of request 0 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 0 Sending Access-Reject of id 236 to 127.0.0.1 port 41702 Waking up in 4.9 seconds. Cleaning up request 0 ID 236 with timestamp +132 Ready to process requests. Note the "Here" right before the "rlm_perl: " debug lines. That's the perl scripts stdout. But there's no use looking for output from the perl script if the rlm_perl module isn't loaded. > Of course reading the documentation brings enlightenment in the form of > '&radiusd::radlog(1, "...");'... :-/ Sure. That's essential if you want to log something useful in production mode. Bjørn - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html