On 12/10/12 12:15, Stefano Zanmarchi wrote:
Hi,
we're using rlm_sql to perform authorization based on a couple of sql
tables ('eduroam_diritto_uso'
and 'eduroam_mac_registrati') , it's working fine.
Now mysql logs show that radiusd is still performing queries on
radcheck, radgroupcheck.
Can I avoid this (since these tables are empty so we're not using them)?
If you don't want to run the "sql" queries, just remove the "sql" module
from the "authorize" section.
I know this is nothing vital, but if it's easy done...
I've managed to avoid queries on radgroupcheck commenting out the
"group_membership_query"
in dalup.conf.
I thought that I could now comment out the "authorize_check_query" to
avoid queries radchek,
but no, I get an error:
[sql] expand: ->
[sql] Error generating query; rejecting user
Thanks a lot in advance,
Stefano
authorize {
preprocess
rewrite.calling_station_id
sql
Just remove the line above. You might need to add "sql" to the
"instantiate { }" section, to ensure the module is loaded and available
for the XLAT you use below.
if ("%{sql:SELECT count(*) FROM eduroam_mac_registrati AS m,
eduroam_diritto_uso AS d WHERE m.username = d.username AND
m.mac='%{Calling-Station-Id}' and d.diritto='S'}" == 1){
ok
update control {
Auth-Type := Accept
}
}
else {
reject
}
auth_log
eap
openldap
mschap
}
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
