Re: Multiple policy files
On 9 Aug 2013, at 10:40, Jonathan Gazeley wrote: > For a while I've been using FreeRADIUS with a set of includes.d-style > directories that I can drop modules, virtual sites, etc into. This works well > - until today. So far I've only had one included policy file in use, and the > stock policy.conf is commented out. Today I tried to add another new virtual > site which also has a policy file. > Whilst making up features is a fun pastime it's not very productive. There is one global policy section at the top level. Virtual servers do not have different policy name spaces. -Arran Arran Cudbard-Bell FreeRADIUS Development Team - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Multiple policy files
On 09/08/13 10:52, Arran Cudbard-Bell wrote:
Whilst making up features is a fun pastime it's not very productive.
There is one global policy section at the top level. Virtual servers do not
have different policy name spaces.
Hi Arran,
Thanks for this. So you're saying that there can only be one policy {}
section in the whole server, and if I wish to load two sets of policies
I will have to merge the two files?
Thanks,
Jonathan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Multiple policy files
On Fri, Aug 09, 2013 at 11:05:47AM +0100, Jonathan Gazeley wrote:
> On 09/08/13 10:52, Arran Cudbard-Bell wrote:
> >Whilst making up features is a fun pastime it's not very productive.
> >
> >There is one global policy section at the top level. Virtual servers do not
> >have different policy name spaces.
>
> Thanks for this. So you're saying that there can only be one policy
> {} section in the whole server, and if I wish to load two sets of
> policies I will have to merge the two files?
You should be able to do
policy {
$INCLUDE /path/to/policy/dir
}
in radiusd.conf, then just put policies in that directory (without
the policy { } wrapper of course).
That's how it is now done by default in version 3.
Matthew
--
Matthew Newton, Ph.D.
Systems Specialist, Infrastructure Services,
I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom
For IT help contact helpdesk extn. 2253,
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Multiple policy files
Hi,
> Thanks for this. So you're saying that there can only be one policy
> {} section in the whole server, and if I wish to load two sets of
> policies I will have to merge the two files?
each policy has its own name/tag - in FR 3, there is a policy.d directory
in which policy files get put...each containing names/actions.
(all in unlang)
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Multiple policy files
On 09/08/13 11:18, Matthew Newton wrote:
On Fri, Aug 09, 2013 at 11:05:47AM +0100, Jonathan Gazeley wrote:
On 09/08/13 10:52, Arran Cudbard-Bell wrote:
Whilst making up features is a fun pastime it's not very productive.
There is one global policy section at the top level. Virtual servers do not
have different policy name spaces.
Thanks for this. So you're saying that there can only be one policy
{} section in the whole server, and if I wish to load two sets of
policies I will have to merge the two files?
You should be able to do
policy {
$INCLUDE /path/to/policy/dir
}
in radiusd.conf, then just put policies in that directory (without
the policy { } wrapper of course).
That's how it is now done by default in version 3.
Matthew
Thanks for this. I've implemented this solution using our config
management system (Puppet) which is handling all the includes stuff.
Happy weekend everyone,
Jonathan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
