robin.thoni
/
docker-radius-server
关注 1
点赞 0
派生 0
代码 工单 0 合并请求 0 版本发布 0 百科 动态
您最多选择25个主题 主题必须以字母或数字开头,可以包含连字符 (-),并且长度不得超过35个字符
3 提交
2 分支
目录树: ca532c16e1
分支列表 标签列表
${ item.name }
创建分支 ${ searchTerm }
从 'ca532c16e1'
${ noResults }
docker-radius-server/freeradius/config/tmp/freeradius/sites-available/control-socket

control-socket 2.0KB
文件历史 原始文件

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273 
  1. # -*- text -*-

  2. ######################################################################

  3. #

  4. #	Control socket interface.

  5. #

  6. #	In the future, we will add username/password checking for

  7. #	connections to the control socket.  We will also add

  8. #	command authorization, where the commands entered by the

  9. #	administrator are run through a virtual server before

  10. #	they are executed.

  11. #

  12. #	For now, anyone who has permission to connect to the socket

  13. #	has nearly complete control over the server.  Be warned!

  14. #

  15. #	This functionality is NOT enabled by default.

  16. #

  17. #	See also the "radmin" program, which is used to communicate

  18. #	with the server over the control socket.

  19. #

  20. #	$Id: 6a6f2b9428713083720b145d12c90b9747510ec1 $

  21. #

  22. ######################################################################

  23. listen {

  24. 	#

  25. 	#  Listen on the control socket.

  26. 	#

  27. 	type = control

  28. 

  29. 	#

  30. 	#  Socket location.

  31. 	#

  32. 	#  This file is created with the server's uid and gid.

  33. 	#  It's permissions are r/w for that user and group, and

  34. 	#  no permissions for "other" users.  These permissions form

  35. 	#  minimal security, and should not be relied on.

  36. 	#

  37. 	socket = ${run_dir}/${name}.sock

  38. 

  39. 	#

  40. 	#  The following two parameters perform authentication and

  41. 	#  authorization of connections to the control socket.

  42. 	#

  43. 	#  If not set, then ANYONE can connect to the control socket,	

  44. 	#  and have complete control over the server.  This is likely

  45. 	#  not what you want.

  46. 	#

  47. 	#  One, or both, of "uid" and "gid" should be set.  If set, the

  48. 	#  corresponding value is checked.  Unauthorized users result

  49. 	#  in an error message in the log file, and the connection is

  50. 	#  closed.

  51. 	#

  52. 

  53. 	#

  54. 	#  Name of user that is allowed to connect to the control socket.

  55. 	#

  56. #	uid = radius

  57. 

  58. 	#

  59. 	#  Name of group that is allowed to connect to the control socket.

  60. 	#

  61. #	gid = radius

  62. 

  63. 	#

  64. 	#  Access mode.

  65. 	#

  66. 	#  This can be used to give *some* administrators access to

  67. 	#  monitor the system, but not to change it.

  68. 	#

  69. 	#	ro = read only access (default)

  70. 	#	rw = read/write access.

  71. 	#

  72. #	mode = rw

  73. }