TJ Saunders wrote:

>> Success! The above didn't match what I found out on the net on the
>>subject, and I had to make my own dictionary/unix file, but adding in
>>this line:
>>
>> RadiusUserInfo $(10:100) $(11:100) $(12:/tmp) $(13:/bin/bash)
>>
>> and having this as my dictionary/unix file:
>>
>>
>>BEGIN VENDOR Unix 4
>>
>>ATTRIBUTE Unix-FTP-UID 10 integer
>>ATTRIBUTE Unix-FTP-GID 11 integer
>>ATTRIBUTE Unix-FTP-Home 12 string
>>ATTRIBUTE Unix-FTP-Shell 13 string
>>ATTRIBUTE Unix-FTP-Group-Names 14 string
>>ATTRIBUTE Unix-FTP-Group-Ids 15 string
>>
>>END
>>
>>

>
>The numbers are arbitrary; what is important is that the IDs you use in
>your RadiusUserInfo directive match the IDs configured for the attributes
>in your RADIUS server.
>
>
>

That's what I thought. However, it's not picking up the attributes.
Here's what's in my ftpradius.log:

Jun 01 17:14:22 mod_radius/0.8rc2[15968]: sending auth request packet
Jun 01 17:14:22 mod_radius/0.8rc2[15968]: sending packet to
192.168.250.105:1812
Jun 01 17:14:22 mod_radius/0.8rc2[15968]: receiving auth response packet
Jun 01 17:14:22 mod_radius/0.8rc2[15968]: packet receive succeeded
Jun 01 17:14:22 mod_radius/0.8rc2[15968]: verifying packet
Jun 01 17:14:22 mod_radius/0.8rc2[15968]: authentication successful for
user 'ggtest103'
Jun 01 17:14:22 mod_radius/0.8rc2[15968]: parsing packet for
RadiusUserInfo attributes
Jun 01 17:14:22 mod_radius/0.8rc2[15968]: packet lacks 'Unix'
Vendor-Specific Attribute 10 for user ID: defaulting to '100'
Jun 01 17:14:22 mod_radius/0.8rc2[15968]: packet lacks 'Unix'
Vendor-Specific Attribute 11 for group ID: defaulting to '100'
Jun 01 17:14:22 mod_radius/0.8rc2[15968]: packet lacks 'Unix'
Vendor-Specific Attribute 12 for home directory: defaulting to '/tmp'
Jun 01 17:14:22 mod_radius/0.8rc2[15968]: packet lacks 'Unix'
Vendor-Specific Attribute 13 for shell: defaulting to '/bin/bash'
Jun 01 17:14:22 mod_radius/0.8rc2[15968]: sending start acct request packet
Jun 01 17:14:22 mod_radius/0.8rc2[15968]: sending packet to
192.168.250.105:1813
Jun 01 17:14:22 mod_radius/0.8rc2[15968]: receiving acct response packet
Jun 01 17:14:22 mod_radius/0.8rc2[15968]: packet receive succeeded
Jun 01 17:14:22 mod_radius/0.8rc2[15968]: verifying packet
Jun 01 17:14:22 mod_radius/0.8rc2[15968]: accounting started for user
'ggtest103'

And here's what's in my attrib table:
mysql> select * from attrib_pws;
+-----------+----------------+------------------------------------+------+
| user_name | attr | value | op |
+-----------+----------------+------------------------------------+------+
| ggtest103 | Unix-FTP-Home | /web2/httpd-users/htdocs/ggtest103 | NULL |
| ggtest103 | Unix-FTP-UID | 4040 | NULL |
| ggtest103 | Unix-FTP-GID | 4040 | NULL |
| ggtest103 | Unix-FTP-SHELL | /bin/ftpshell | NULL |
+-----------+----------------+------------------------------------+------+
4 rows in set (0.01 sec)

....and... the bit from my raddb/sqlserver file:

# This query returns a list of a/v pairs to be included in reply packet.
# The query is used only if the user is authorized successfully.
reply_attr_query SELECT attr,value \
FROM attrib_pws \
WHERE user_name='%u' AND op IS NULL




Is proftpd making some other type of call?

Thanks.

-Greg G




-------------------------------------------------------
This SF.Net email is sponsored by Yahoo.
Introducing Yahoo! Search Developer Network - Create apps using Yahoo!
Search APIs Find out how you can build Yahoo! directly into your own
Applications - visit http://developer.yahoo.net/?fr=offad-ysdn-ostg-q22005
_______________________________________________
ProFTPD Users List
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html