(RADIATOR) Putting PostAuthHook script in background.

Ziaur Rahman zia at qalacom.com
Fri Feb 13 19:12:48 CST 2004 

Hi Hugh,

Thanks for you quick response.

I will look into the possiblity of running another instance.

Regards, 

+---------------------------------------------------+
| Ziaur Rahman           |       PGP Key: 0x8F30F439|
| http://www.zort.org    |        http://pgp.mit.edu|
|                        |                          |
+---------------------------------------------------+
.-.-.-.-.-.-.-.-.- Quote-o-moment .-.-.-.-.-.-.-.-.-.

Knowing others is Wisdom, knowing yourself is Enlightenment. - LaoTzu

.-.-.-.-.-.-.-.-.- Quote-o-moment .-.-.-.-.-.-.-.-.-. 


-----Original Message-----
From: Hugh Irvine [mailto:hugh at open.com.au] 
Sent: Friday, February 13, 2004 12:45 AM
To: Ziaur Rahman
Cc: radiator at open.com.au
Subject: Re: (RADIATOR) Putting PostAuthHook script in background.


Hello Ziaur -

In my previous mail I mentioned that I would be inclined to use two
instances of Radiator for this.

The first one should simply proxy the accounting starts and stops to the
second instance and you should use IgnoreAccountingResponse in the AuthBy
RADIUS clause. The second instance can then run your PostAuthHook.

This will let your first Radiator instance continue processing while the
second instance deals with DynamicDNS.

First instance would look something like this:

# define Realm or Handler

<Realm .....>

	AuthByPolicy ContinueAlways

	<AuthBy RADIUS>
		.....

		Retries 0

		IgnoreAuthentication

		IgnoreAccountingResponse

	</AuthBy>

	# your normal AuthBy
	
	<AuthBy .....>
		.....
	</AuthBy>

</Realm>


And the second instance would look something like this:

<Handler>
	AccountingHandled
	<AuthBy INTERNAL>
		AcctResult ACCEPT
	</AuthBy>

	PostAuthHook ......
</Handler>


Hope that helps.

regards

Hugh


On 14 Feb 2004, at 10:56, Ziaur Rahman wrote:

>
> Well, actually I wrote a perl script which updates my DynamicDNS 
> server on specific users' login and logout. So, based on the Session 
> Status I update the DNS server (remote). The script does the following 
> things step by
> step:
>
> 1. On every call from PostAuthHook, it connects to a local mysql 
> database to see if the user is being enabled for DDNS or not.
> 2. If the user is disabled, it simply quits.
> 3. If the use is enabled, it checks the Acct-Status-Type attribute 
> supplied by radiator.
> 4. If the Acct-Status-Type is Start, it adds the Framed-IP-Address in 
> the DynamicDNS against the host registered for the user.
> 5. If the Acct-Status-Type is Stop, it removes the host record for 
> that spacific user from the DNS.
>
> So, if for any reason, the remote DNS server cannot be reached, 
> radiator stalls. The irony is, it doesn't even resume operations once 
> the DNS server is back up. If I could even mention a timeout for the 
> PostAuthHook scripts response then it would be nice.
>
> Hope this explains.
>
> Regards,
>
> +---------------------------------------------------+
> | Ziaur Rahman           |       PGP Key: 0x8F30F439|
> | http://www.zort.org    |        http://pgp.mit.edu|
> |                        |                          |
> +---------------------------------------------------+
> .-.-.-.-.-.-.-.-.- Quote-o-moment .-.-.-.-.-.-.-.-.-.
>
> There are two types of people in this world, good and bad. The good 
> sleep better, but the bad seem to enjoy the waking hours much more. - 
> Woody Allen
>
> .-.-.-.-.-.-.-.-.- Quote-o-moment .-.-.-.-.-.-.-.-.-.
>
>
> -----Original Message-----
> From: Hugh Irvine [mailto:hugh at open.com.au]
> Sent: Thursday, February 12, 2004 11:00 PM
> To: Ziaur Rahman
> Cc: radiator at open.com.au
> Subject: Re: (RADIATOR) Putting PostAuthHook script in background.
>
>
> Hello Ziaur -
>
> Yes you are correct - Radiator will wait for the PostAuthHook to 
> complete before continuing.
>
> The correct answer to your question will depend on what else you are 
> doing and what your exact requirements are.
>
> You may find an AuthBy EXTERNAL clause or even a custom AuthBy clause 
> more useful. Alternatively you might be able to use a second instance 
> of Radiator and proxy those requests that need special treatment 
> there.
>
> More details are required before I can suggest anything.
>
> regards
>
> Hugh
>
>
> On 14 Feb 2004, at 06:16, Ziaur Rahman wrote:
>
>>
>> Hi,
>>
>> Recently, I realised that when calling an external PostAuthHook perl 
>> script, radiator waits for the script to finish. Or, if the hook 
>> script calls another perl script to perform some job and if that 
>> script, for some reason, stalls or waits for an exit, radiator also 
>> stalls or freezes.
>>
>> My question: is there a way I can put the hook script in background?
>> Or maybe instruct radiator not to wait for the hook script to finish?
>>
>> TIA.
>>
>> Regards,
>>
>> +---------------------------------------------------+
>> | Ziaur Rahman           |       PGP Key: 0x8F30F439|
>> | http://www.zort.org    |        http://pgp.mit.edu|
>> |                        |                          |
>> +---------------------------------------------------+
>> .-.-.-.-.-.-.-.-.- Quote-o-moment .-.-.-.-.-.-.-.-.-.
>>
>> Results! Why man, I have gotten a lot of results. I know several 
>> thousand things that won't work. - Thomas Alva Edison
>>
>> .-.-.-.-.-.-.-.-.- Quote-o-moment .-.-.-.-.-.-.-.-.-.
>>
>>
>> ===
>> Archive at http://www.open.com.au/archives/radiator/
>> Announcements on radiator-announce at open.com.au To unsubscribe, email 
>> 'majordomo at open.com.au' with 'unsubscribe radiator' in the body of 
>> the message.
>>
>>
>
> NB: have you included a copy of your configuration file (no secrets), 
> together with a trace 4 debug showing what is happening?
>
> --
> Radiator: the most portable, flexible and configurable RADIUS server 
> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
> -
> Nets: internetwork inventory and management - graphical, extensible, 
> flexible with hardware, software, platform and database independence.
> -
> CATool: Private Certificate Authority for Unix and Unix-like systems.
>
>

NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list