Hi, Have been trying to work my way around an annoying little issue I'd been having in regards to (shadow) password expiries not being seen when using the rlm_unix module. (Freeradius 0.9.0 installed on a test Redhat 9 server)
First off let me say that I am not an experienced C programmer so my skills toward fixing the issue myself are limited. In any case after hours of muddling my way through the source of rlm_unix.c putting some temporary log entries in to figure out where I was... I noticed that the flow did not seem to be tracking past one particular point... tracked that back to the code for caching vs. non-caching of the password files. I went back and turned off caching (had it turned on because that was to be the desired setting on the production machine). Lo and behold the code tracked the way I figured it should and the password expiries worked just fine. So, over into the cache.c module of rlm_unix... now the code in that module is wayyyy above my level (or at least it looks so at an initial glance) but I did find the comment "FIXME: Check for password expiry!" *that* I understand :-) What I'm wondering... is this a part of the code that's actively being worked on, or is it one of those "FIXME"'s that's gotten back-burnered? In the meantime, perhaps a brief note in the docs, or in the radiusd.conf comments noting that password expiries will not work if caching is on would be warranted until the code is complete... might save others the same hassle that I've just gone thru. If whomever is responsible for that chunk of code (I think that's Peter :-) can let me know it's status, I'd be happy to help in as much as I can (testing if nothing else) to help get it going. The second "is it possible" question.... <insert long convoluted story here>... to have 2 (multiple) instances of the rlm_unix module (or is there another module with the same functionality) each of which looks at a different set of passwd/group/shadow files? I've looked briefly at rlm_passwd for this functionality, but it currently lacks support for expiries. And finally, who is the maintainer of the "redhat" directory in the distribution (if any) I have a little "buglet" to pass along if they can get in contact with me. Cheers & thanks, >>>>> Mike <<<<<< - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html