summaryrefslogtreecommitdiff
path: root/usr.sbin/radiusd
diff options
context:
space:
mode:
Diffstat (limited to 'usr.sbin/radiusd')
-rw-r--r--usr.sbin/radiusd/radiusd.conf.538
1 files changed, 24 insertions, 14 deletions
diff --git a/usr.sbin/radiusd/radiusd.conf.5 b/usr.sbin/radiusd/radiusd.conf.5
index 90eff773a48..9237715d6be 100644
--- a/usr.sbin/radiusd/radiusd.conf.5
+++ b/usr.sbin/radiusd/radiusd.conf.5
@@ -1,4 +1,4 @@
-.\" $OpenBSD: radiusd.conf.5,v 1.9 2019/04/01 09:25:14 yasuoka Exp $
+.\" $OpenBSD: radiusd.conf.5,v 1.10 2019/04/01 09:40:16 yasuoka Exp $
.\"
.\" Copyright (c) 2014 Esdenera Networks GmbH
.\" Copyright (c) 2014 Internet Initiative Japan Inc.
@@ -59,10 +59,11 @@ Message authentication is required if
is specified.
.El
.It Ic module Ic load Ar name path
-Load module
-.Ar name
+Load a module
from
-.Ar path .
+.Ar path
+and name it with the given
+.Ar name .
The following modules are available:
.Bl -column "/usr/libexec/radiusd/radiusd_bsdauthXXX"
.It Sy "Path" Ta Sy "Description"
@@ -84,11 +85,20 @@ The
.Dq radius
module provides authentication from upstream RADIUS servers.
.El
-.It Ic module Ic set Ar key Ar value ...
-Configure the module specific configuration by
+.It Ic module Ic set Ar module Ar key Ar value ...
+Configure the module specific configurations by
.Ar key
and
-.Ar value .
+.Ar value
+for the module specified by
+.Ar module .
+Notice that
+.Ar module ,
+.Ar key , and
+.Ar value
+must be quoted to be distinguished from the reserved word (eg.
+.Dq secret )
+if needed.
.Pp
The
.Dq bsdauth
@@ -180,18 +190,18 @@ client 192.168.0.0/24 {
msgauth-required yes
}
-module load bsdauth "/usr/libexec/radiusd/radiusd_bsdauth"
-module set bsdauth restrict-group operator
+module load "bsdauth" "/usr/libexec/radiusd/radiusd_bsdauth"
+module set "bsdauth" "restrict-group" "operator"
-module load radius "/usr/libexec/radiusd/radiusd_radius"
-module set radius "secret" "testing123"
-module set radius "server" "127.0.0.1"
+module load "radius" "/usr/libexec/radiusd/radiusd_radius"
+module set "radius" "secret" "testing123"
+module set "radius" "server" "127.0.0.1"
authenticate *@example.com {
- authenticate-by radius
+ authenticate-by "radius"
}
authenticate * {
- authenticate-by bsdauth
+ authenticate-by "bsdauth"
}
.Ed
.Sh SEE ALSO
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-24 12:31:11 +0000