0,0 → 1,60 |
#! /bin/bash |
PASSWD_FILE="/root/ALCASAR-passwords.txt" |
USER_NAME="test" |
DB_USER=`cat $PASSWD_FILE|grep ^db_user=|cut -d'=' -f2` |
DB_PASSWORD=`cat $PASSWD_FILE|grep ^db_password=|cut -d'=' -f2` |
|
# Retrieve alcasar special radius attributes |
db_query="SELECT attribute, value FROM ( \ |
( SELECT attribute, value FROM radreply WHERE username = '$USER_NAME' AND (attribute IN ('Alcasar-Filter', 'Alcasar-Protocols-Filter', 'Alcasar-Status-Page-Must-Stay-Open')) ) UNION \ |
( SELECT attribute, value FROM radgroupreply gr LEFT JOIN radusergroup ug ON gr.groupname = ug.groupname WHERE username = '$USER_NAME' AND (attribute IN ('Alcasar-Filter', 'Alcasar-Protocols-Filter', 'Alcasar-Status-Page-Must-Stay-Open')) ORDER BY ug.priority ) UNION \ |
( SELECT attribute, value FROM radgroupreply WHERE groupname = 'default' AND (attribute IN ('Alcasar-Filter', 'Alcasar-Protocols-Filter', 'Alcasar-Status-Page-Must-Stay-Open')) ) \ |
) attrs GROUP BY attribute;" |
db_radreply_res=$(mysql -u$DB_USER -p$DB_PASSWORD -D radius -e "$db_query" -Ns) |
|
filter=$(echo "$db_radreply_res" | awk '$1 == "Alcasar-Filter" { print $2 }') |
filterProto=$(echo "$db_radreply_res" | awk '$1 == "Alcasar-Protocols-Filter" { print $2 }') |
statusOpenRequired=$(echo "$db_radreply_res" | awk '$1 == "Alcasar-Status-Page-Must-Stay-Open" { print $2 }') |
echo "USER_NAME = $USER_NAME; filter = $filter; filterproto = $filterProto; statusOpenRequired = $statusOpenRequired"; |
|
# If status page isn't required : |
# -add user_IP with flag PERM in /tmp/current_users.txt |
# -add user_@MAC as an authenticated user (until "expiration_date") |
if [ "$statusOpenRequired" == '2' ]; then # Status page is not required |
echo "" |
db_query="SELECT attribute, value FROM ( \ |
( SELECT attribute, value FROM radcheck WHERE username = '$USER_NAME' AND attribute = 'Expiration' ) UNION \ |
( SELECT attribute, value FROM radgroupcheck gr LEFT JOIN radusergroup ug ON gr.groupname = ug.groupname WHERE username = '$USER_NAME' AND attribute = 'Expiration' ORDER BY ug.priority ) UNION \ |
( SELECT attribute, value FROM radgroupcheck WHERE groupname = 'default' AND attribute = 'Expiration' ) \ |
) attrs GROUP BY attribute;" |
db_radcheck_expiration_res=$(mysql -u$DB_USER -p$DB_PASSWORD -D radius -e "$db_query" -Ns) |
# if a expiration date exists we create a @mac authorisation |
if [ `echo $db_radcheck_expiration_res|wc -l` == '1' ]; then |
echo "###########################" |
echo "## Attributs radreply" |
db_query="SELECT attribute, value FROM ( \ |
( SELECT attribute, value FROM radreply WHERE username = '$USER_NAME' ) UNION \ |
( SELECT attribute, value FROM radgroupreply gr LEFT JOIN radusergroup ug ON gr.groupname = ug.groupname WHERE username = '$USER_NAME' ORDER BY ug.priority ) UNION \ |
( SELECT attribute, value FROM radgroupreply WHERE groupname = 'default' ) \ |
) attrs GROUP BY attribute;" |
mysql -u root -p$(cat $PASSWD_FILE | grep ^db_root= | cut -d'=' -f2-) -D radius -e "$db_query" -Ns | while IFS= read -r loop |
do |
attr=`echo $loop|cut -d" " -f1` |
attr_value=`echo $loop|cut -d" " -f2-` |
echo "$attr = $attr_value" |
done |
db_query_additionalGroups="( SELECT attribute, value FROM radgroupcheck WHERE groupname = 'default' )" |
db_query="SELECT attribute, value FROM ( \ |
( SELECT attribute, value FROM radcheck WHERE username = '$USER_NAME' ) UNION \ |
( SELECT attribute, value FROM radgroupcheck gr LEFT JOIN radusergroup ug ON gr.groupname = ug.groupname WHERE username = '$USER_NAME' ORDER BY ug.priority ) UNION \ |
$db_query_additionalGroups \ |
) attrs GROUP BY attribute;" |
echo "## Attributs radcheck" |
mysql -u root -p$(cat $PASSWD_FILE | grep ^db_root= | cut -d'=' -f2-) -D radius -e "$db_query" -Ns | while IFS= read -r loop |
do |
attr=`echo $loop|cut -d" " -f1` |
attr_value=`echo $loop|cut -d" " -f2-` |
echo "$attr = $attr_value" |
done |
fi |
fi |
Property changes: |
Added: svn:eol-style |
+native |
\ No newline at end of property |
Added: svn:executable |
+* |
\ No newline at end of property |