I successfully managed to deploy a freeradius server and created a python script which does an additional check on the user (incoming request). I checked the internet (resources for freeradius are pretty horrible) and only found a thread which explains some basics about adding a python script to the process.
Right now I have it inside /etc/freeradius/sites-enabled/default under the authorize
section:
update control {
Auth-Type := `/usr/bin/python /etc/test.py '%{User-Name}' '%{User-Password}'`
}
My test.py
file spits Reject
or Accept
. I also have sql
authentication setup with freeradius and the problem is that, if my script returns Accept
any other authorization request under is ignored; response will still be an Accept
even if sql
check rejects the user.
From what I understand I should pass a noop
instead of Accept
to allow freeradius to continue and only pass Reject
if I need to reject the user but If I respond with noop
the server complains.
Any ideas? Maybe I need to add my code to the Authentication.
section? How?