WebSVN – ALCASAR – Diff – /scripts/alcasar-test-debug-conup.sh


#! /bin/bash
PASSWD_FILE="/root/ALCASAR-passwords.txt"
USER_NAME="test"
DB_USER=`cat $PASSWD_FILE|grep ^db_user=|cut -d'=' -f2`
DB_PASSWORD=`cat $PASSWD_FILE|grep ^db_password=|cut -d'=' -f2`
 
# Retrieve 3 ALCASAR special radius attributes (search order : default group, then user's group, then user)
db_query="SELECT attribute, value FROM ( \
 	( SELECT attribute, value FROM radreply WHERE username = '$USER_NAME' AND (attribute IN ('Alcasar-Filter', 'Alcasar-Protocols-Filter', 'Alcasar-Status-Page-Must-Stay-Open')) ) UNION \
	( SELECT attribute, value FROM radgroupreply gr LEFT JOIN radusergroup ug ON gr.groupname = ug.groupname WHERE username = '$USER_NAME' AND (attribute IN ('Alcasar-Filter', 'Alcasar-Protocols-Filter', 'Alcasar-Status-Page-Must-Stay-Open')) ORDER BY ug.priority ) UNION \
	( SELECT attribute, value FROM radgroupreply WHERE groupname = 'default' AND (attribute IN ('Alcasar-Filter', 'Alcasar-Protocols-Filter', 'Alcasar-Status-Page-Must-Stay-Open')) ) \
) attrs GROUP BY attribute;"
db_radreply_res=$(mysql -u$DB_USER -p$DB_PASSWORD -D radius -e "$db_query" -Ns)
 
filter=$(echo "$db_radreply_res"             | awk '$1 == "Alcasar-Filter"                     { print $2 }')
filterProto=$(echo "$db_radreply_res"        | awk '$1 == "Alcasar-Protocols-Filter"           { print $2 }')
statusOpenRequired=$(echo "$db_radreply_res" | awk '$1 == "Alcasar-Status-Page-Must-Stay-Open" { print $2 }')
echo "USER_NAME = $USER_NAME; filter = $filter; filterproto = $filterProto; statusOpenRequired = $statusOpenRequired";
 
# If status page isn't required :
#	-add user_IP with the flag 'PERM' in /tmp/current_users.txt
#	-add user_@MAC as an authenticated (with the same user's attributes)
if [ "$statusOpenRequired" == '2' ]; then	# Status page is not required
	echo ""
db_query="SELECT attribute, value FROM ( \
 	( SELECT attribute, value FROM radcheck WHERE username = '$USER_NAME' AND attribute = 'Expiration' ) UNION \
	( SELECT attribute, value FROM radgroupcheck gr LEFT JOIN radusergroup ug ON gr.groupname = ug.groupname WHERE username = '$USER_NAME' AND attribute = 'Expiration' ORDER BY ug.priority ) UNION \
	( SELECT attribute, value FROM radgroupcheck WHERE groupname = 'default' AND attribute = 'Expiration' ) \
	) attrs GROUP BY attribute;"
db_radcheck_expiration_res=$(mysql -u$DB_USER -p$DB_PASSWORD -D radius -e "$db_query" -Ns) 
# if a expiration date exists we create a @mac authorisation
	if [ `echo $db_radcheck_expiration_res|wc -l` == '1' ]; then
		echo "###########################"
		echo "## Attributs radreply"
		db_query="SELECT attribute, value FROM ( \
 			( SELECT attribute, value FROM radreply WHERE username = '$USER_NAME' ) UNION \
			( SELECT attribute, value FROM radgroupreply gr LEFT JOIN radusergroup ug ON gr.groupname = ug.groupname WHERE username = '$USER_NAME' ORDER BY ug.priority ) UNION \
			( SELECT attribute, value FROM radgroupreply WHERE groupname = 'default' ) \
			) attrs GROUP BY attribute;"
		mysql -u root -p$(cat $PASSWD_FILE | grep ^db_root= | cut -d'=' -f2-) -D radius -e "$db_query" -Ns |  while IFS= read -r loop
		do
			attr=`echo $loop|cut -d" " -f1`
			attr_value=`echo $loop|cut -d" " -f2-`
			echo "$attr = $attr_value"
		done 
		db_query_additionalGroups="( SELECT attribute, value FROM radgroupcheck WHERE groupname = 'default' )"
		db_query="SELECT attribute, value FROM ( \
		( SELECT attribute, value FROM radcheck WHERE username = '$USER_NAME' ) UNION \
		( SELECT attribute, value FROM radgroupcheck gr LEFT JOIN radusergroup ug ON gr.groupname = ug.groupname WHERE username = '$USER_NAME' ORDER BY ug.priority ) UNION \
		$db_query_additionalGroups \
		) attrs GROUP BY attribute;"
		echo "## Attributs radcheck"
		mysql -u root -p$(cat $PASSWD_FILE | grep ^db_root= | cut -d'=' -f2-) -D radius -e "$db_query" -Ns |  while IFS= read -r loop
		do
			attr=`echo $loop|cut -d" " -f1`
			attr_value=`echo $loop|cut -d" " -f2-`
			echo "$attr = $attr_value"
		done
	fi	
fi
 

Subversion Repositories ALCASAR

(root)/scripts/alcasar-test-debug-conup.sh – Rev 2885 → 2886

Rev 2885		Rev 2886
1	`#! /bin/bash`	1	`#! /bin/bash`
2	`PASSWD_FILE="/root/ALCASAR-passwords.txt"`	2	`PASSWD_FILE="/root/ALCASAR-passwords.txt"`
3	`USER_NAME="test"`	3	`USER_NAME="test"`
4	DB_USER=`cat $PASSWD_FILE\|grep ^db_user=\|cut -d'=' -f2`	4	DB_USER=`cat $PASSWD_FILE\|grep ^db_user=\|cut -d'=' -f2`
5	DB_PASSWORD=`cat $PASSWD_FILE\|grep ^db_password=\|cut -d'=' -f2`	5	DB_PASSWORD=`cat $PASSWD_FILE\|grep ^db_password=\|cut -d'=' -f2`
6		6
7	`# Retrieve alcasar special radius attributes`	7	`# Retrieve 3 ALCASAR special radius attributes (search order : default group, then user's group, then user)`
8	`db_query="SELECT attribute, value FROM ( \`	8	`db_query="SELECT attribute, value FROM ( \`
9	`( SELECT attribute, value FROM radreply WHERE username = '$USER_NAME' AND (attribute IN ('Alcasar-Filter', 'Alcasar-Protocols-Filter', 'Alcasar-Status-Page-Must-Stay-Open')) ) UNION \`	9	`( SELECT attribute, value FROM radreply WHERE username = '$USER_NAME' AND (attribute IN ('Alcasar-Filter', 'Alcasar-Protocols-Filter', 'Alcasar-Status-Page-Must-Stay-Open')) ) UNION \`
10	`( SELECT attribute, value FROM radgroupreply gr LEFT JOIN radusergroup ug ON gr.groupname = ug.groupname WHERE username = '$USER_NAME' AND (attribute IN ('Alcasar-Filter', 'Alcasar-Protocols-Filter', 'Alcasar-Status-Page-Must-Stay-Open')) ORDER BY ug.priority ) UNION \`	10	`( SELECT attribute, value FROM radgroupreply gr LEFT JOIN radusergroup ug ON gr.groupname = ug.groupname WHERE username = '$USER_NAME' AND (attribute IN ('Alcasar-Filter', 'Alcasar-Protocols-Filter', 'Alcasar-Status-Page-Must-Stay-Open')) ORDER BY ug.priority ) UNION \`
11	`( SELECT attribute, value FROM radgroupreply WHERE groupname = 'default' AND (attribute IN ('Alcasar-Filter', 'Alcasar-Protocols-Filter', 'Alcasar-Status-Page-Must-Stay-Open')) ) \`	11	`( SELECT attribute, value FROM radgroupreply WHERE groupname = 'default' AND (attribute IN ('Alcasar-Filter', 'Alcasar-Protocols-Filter', 'Alcasar-Status-Page-Must-Stay-Open')) ) \`
12	`) attrs GROUP BY attribute;"`	12	`) attrs GROUP BY attribute;"`
13	`db_radreply_res=$(mysql -u$DB_USER -p$DB_PASSWORD -D radius -e "$db_query" -Ns)`	13	`db_radreply_res=$(mysql -u$DB_USER -p$DB_PASSWORD -D radius -e "$db_query" -Ns)`
14		14
15	`filter=$(echo "$db_radreply_res" \| awk '$1 == "Alcasar-Filter" { print $2 }')`	15	`filter=$(echo "$db_radreply_res" \| awk '$1 == "Alcasar-Filter" { print $2 }')`
16	`filterProto=$(echo "$db_radreply_res" \| awk '$1 == "Alcasar-Protocols-Filter" { print $2 }')`	16	`filterProto=$(echo "$db_radreply_res" \| awk '$1 == "Alcasar-Protocols-Filter" { print $2 }')`
17	`statusOpenRequired=$(echo "$db_radreply_res" \| awk '$1 == "Alcasar-Status-Page-Must-Stay-Open" { print $2 }')`	17	`statusOpenRequired=$(echo "$db_radreply_res" \| awk '$1 == "Alcasar-Status-Page-Must-Stay-Open" { print $2 }')`
18	`echo "USER_NAME = $USER_NAME; filter = $filter; filterproto = $filterProto; statusOpenRequired = $statusOpenRequired";`	18	`echo "USER_NAME = $USER_NAME; filter = $filter; filterproto = $filterProto; statusOpenRequired = $statusOpenRequired";`
19		19
20	`# If status page isn't required :`	20	`# If status page isn't required :`
21	`# -add user_IP with flag PERM in /tmp/current_users.txt`	21	`# -add user_IP with the flag 'PERM' in /tmp/current_users.txt`
22	`# -add user_@MAC as an authenticated user (until "expiration_date")`	22	`# -add user_@MAC as an authenticated (with the same user's attributes)`
23	`if [ "$statusOpenRequired" == '2' ]; then # Status page is not required`	23	`if [ "$statusOpenRequired" == '2' ]; then # Status page is not required`
24	`echo ""`	24	`echo ""`
25	`db_query="SELECT attribute, value FROM ( \`	25	`db_query="SELECT attribute, value FROM ( \`
26	`( SELECT attribute, value FROM radcheck WHERE username = '$USER_NAME' AND attribute = 'Expiration' ) UNION \`	26	`( SELECT attribute, value FROM radcheck WHERE username = '$USER_NAME' AND attribute = 'Expiration' ) UNION \`
27	`( SELECT attribute, value FROM radgroupcheck gr LEFT JOIN radusergroup ug ON gr.groupname = ug.groupname WHERE username = '$USER_NAME' AND attribute = 'Expiration' ORDER BY ug.priority ) UNION \`	27	`( SELECT attribute, value FROM radgroupcheck gr LEFT JOIN radusergroup ug ON gr.groupname = ug.groupname WHERE username = '$USER_NAME' AND attribute = 'Expiration' ORDER BY ug.priority ) UNION \`
28	`( SELECT attribute, value FROM radgroupcheck WHERE groupname = 'default' AND attribute = 'Expiration' ) \`	28	`( SELECT attribute, value FROM radgroupcheck WHERE groupname = 'default' AND attribute = 'Expiration' ) \`
29	`) attrs GROUP BY attribute;"`	29	`) attrs GROUP BY attribute;"`
30	`db_radcheck_expiration_res=$(mysql -u$DB_USER -p$DB_PASSWORD -D radius -e "$db_query" -Ns)`	30	`db_radcheck_expiration_res=$(mysql -u$DB_USER -p$DB_PASSWORD -D radius -e "$db_query" -Ns)`
31	`# if a expiration date exists we create a @mac authorisation`	31	`# if a expiration date exists we create a @mac authorisation`
32	if [ `echo $db_radcheck_expiration_res\|wc -l` == '1' ]; then	32	if [ `echo $db_radcheck_expiration_res\|wc -l` == '1' ]; then
33	`echo "###########################"`	33	`echo "###########################"`
34	`echo "## Attributs radreply"`	34	`echo "## Attributs radreply"`
35	`db_query="SELECT attribute, value FROM ( \`	35	`db_query="SELECT attribute, value FROM ( \`
36	`( SELECT attribute, value FROM radreply WHERE username = '$USER_NAME' ) UNION \`	36	`( SELECT attribute, value FROM radreply WHERE username = '$USER_NAME' ) UNION \`
37	`( SELECT attribute, value FROM radgroupreply gr LEFT JOIN radusergroup ug ON gr.groupname = ug.groupname WHERE username = '$USER_NAME' ORDER BY ug.priority ) UNION \`	37	`( SELECT attribute, value FROM radgroupreply gr LEFT JOIN radusergroup ug ON gr.groupname = ug.groupname WHERE username = '$USER_NAME' ORDER BY ug.priority ) UNION \`
38	`( SELECT attribute, value FROM radgroupreply WHERE groupname = 'default' ) \`	38	`( SELECT attribute, value FROM radgroupreply WHERE groupname = 'default' ) \`
39	`) attrs GROUP BY attribute;"`	39	`) attrs GROUP BY attribute;"`
40	`mysql -u root -p$(cat $PASSWD_FILE \| grep ^db_root= \| cut -d'=' -f2-) -D radius -e "$db_query" -Ns \| while IFS= read -r loop`	40	`mysql -u root -p$(cat $PASSWD_FILE \| grep ^db_root= \| cut -d'=' -f2-) -D radius -e "$db_query" -Ns \| while IFS= read -r loop`
41	`do`	41	`do`
42	attr=`echo $loop\|cut -d" " -f1`	42	attr=`echo $loop\|cut -d" " -f1`
43	attr_value=`echo $loop\|cut -d" " -f2-`	43	attr_value=`echo $loop\|cut -d" " -f2-`
44	`echo "$attr = $attr_value"`	44	`echo "$attr = $attr_value"`
45	`done`	45	`done`
46	`db_query_additionalGroups="( SELECT attribute, value FROM radgroupcheck WHERE groupname = 'default' )"`	46	`db_query_additionalGroups="( SELECT attribute, value FROM radgroupcheck WHERE groupname = 'default' )"`
47	`db_query="SELECT attribute, value FROM ( \`	47	`db_query="SELECT attribute, value FROM ( \`
48	`( SELECT attribute, value FROM radcheck WHERE username = '$USER_NAME' ) UNION \`	48	`( SELECT attribute, value FROM radcheck WHERE username = '$USER_NAME' ) UNION \`
49	`( SELECT attribute, value FROM radgroupcheck gr LEFT JOIN radusergroup ug ON gr.groupname = ug.groupname WHERE username = '$USER_NAME' ORDER BY ug.priority ) UNION \`	49	`( SELECT attribute, value FROM radgroupcheck gr LEFT JOIN radusergroup ug ON gr.groupname = ug.groupname WHERE username = '$USER_NAME' ORDER BY ug.priority ) UNION \`
50	`$db_query_additionalGroups \`	50	`$db_query_additionalGroups \`
51	`) attrs GROUP BY attribute;"`	51	`) attrs GROUP BY attribute;"`
52	`echo "## Attributs radcheck"`	52	`echo "## Attributs radcheck"`
53	`mysql -u root -p$(cat $PASSWD_FILE \| grep ^db_root= \| cut -d'=' -f2-) -D radius -e "$db_query" -Ns \| while IFS= read -r loop`	53	`mysql -u root -p$(cat $PASSWD_FILE \| grep ^db_root= \| cut -d'=' -f2-) -D radius -e "$db_query" -Ns \| while IFS= read -r loop`
54	`do`	54	`do`
55	attr=`echo $loop\|cut -d" " -f1`	55	attr=`echo $loop\|cut -d" " -f1`
56	attr_value=`echo $loop\|cut -d" " -f2-`	56	attr_value=`echo $loop\|cut -d" " -f2-`
57	`echo "$attr = $attr_value"`	57	`echo "$attr = $attr_value"`
58	`done`	58	`done`
59	`fi`	59	`fi`
60	`fi`	60	`fi`
61		61