Line 4... |
Line 4... |
4 |
# This script is distributed under the Gnu General Public License (GPL)
|
4 |
# This script is distributed under the Gnu General Public License (GPL)
|
5 |
|
5 |
|
6 |
# This script tests the following behaviour :
|
6 |
# This script tests the following behaviour :
|
7 |
# - Retreive 3 special attributes of a user ('test' by default). It Retrieves theses attributes from default group, then from user's group, then from its account
|
7 |
# - Retreive 3 special attributes of a user ('test' by default). It Retrieves theses attributes from default group, then from user's group, then from its account
|
8 |
# - test if the attribute "Alcasar-Status-Page-Must-Stay-Open" is set to "2", then retrieve the "expiration" attribute
|
8 |
# - test if the attribute "Alcasar-Status-Page-Must-Stay-Open" is set to "2", then retrieve the "expiration" attribute
|
9 |
# - if the "expiration" attribute exists then create a new user (login = user's @MAC) and duplicates all user's attributes
|
9 |
# - (todo) if the "expiration" attribute exists then create a new user (login = user's @MAC) and duplicates all user's attributes
|
10 |
|
10 |
|
11 |
|
11 |
|
12 |
PASSWD_FILE="/root/ALCASAR-passwords.txt"
|
12 |
PASSWD_FILE="/root/ALCASAR-passwords.txt"
|
13 |
USER_NAME="test"
|
13 |
USER_NAME="test"
|
14 |
DB_USER=`cat $PASSWD_FILE|grep ^db_user=|cut -d'=' -f2`
|
14 |
DB_USER=`cat $PASSWD_FILE|grep ^db_user=|cut -d'=' -f2`
|
Line 26... |
Line 26... |
26 |
filterProto=$(echo "$db_radreply_res" | awk '$1 == "Alcasar-Protocols-Filter" { print $2 }')
|
26 |
filterProto=$(echo "$db_radreply_res" | awk '$1 == "Alcasar-Protocols-Filter" { print $2 }')
|
27 |
statusOpenRequired=$(echo "$db_radreply_res" | awk '$1 == "Alcasar-Status-Page-Must-Stay-Open" { print $2 }')
|
27 |
statusOpenRequired=$(echo "$db_radreply_res" | awk '$1 == "Alcasar-Status-Page-Must-Stay-Open" { print $2 }')
|
28 |
echo "USER_NAME = $USER_NAME; filter = $filter; filterproto = $filterProto; statusOpenRequired = $statusOpenRequired";
|
28 |
echo "USER_NAME = $USER_NAME; filter = $filter; filterproto = $filterProto; statusOpenRequired = $statusOpenRequired";
|
29 |
|
29 |
|
30 |
# If status page isn't required :
|
30 |
# If status page isn't required :
|
31 |
# -add user_IP with the flag 'PERM' in /tmp/current_users.txt
|
- |
|
32 |
# -add user_@MAC as an authenticated (with the same user's attributes)
|
- |
|
33 |
if [ "$statusOpenRequired" == '2' ]; then # Status page is not required
|
31 |
if [ "$statusOpenRequired" == '2' ]; then # Status page is not required
|
34 |
echo ""
|
32 |
echo ""
|
35 |
# Retrieve "expiration" attribute from radcheck
|
33 |
# Retrieve "expiration" attribute from radcheck
|
36 |
db_query="SELECT attribute, value FROM ( \
|
34 |
db_query="SELECT attribute, value FROM ( \
|
37 |
( SELECT attribute, value FROM radcheck WHERE username = '$USER_NAME' AND attribute = 'Expiration' ) UNION \
|
35 |
( SELECT attribute, value FROM radcheck WHERE username = '$USER_NAME' AND attribute = 'Expiration' ) UNION \
|
Line 40... |
Line 38... |
40 |
) attrs GROUP BY attribute;"
|
38 |
) attrs GROUP BY attribute;"
|
41 |
db_radcheck_expiration_res=$(mysql -u$DB_USER -p$DB_PASSWORD -D radius -e "$db_query" -Ns)
|
39 |
db_radcheck_expiration_res=$(mysql -u$DB_USER -p$DB_PASSWORD -D radius -e "$db_query" -Ns)
|
42 |
# if a expiration date exists we retrieve all radreply attributes
|
40 |
# if a expiration date exists we retrieve all radreply attributes
|
43 |
if [ `echo $db_radcheck_expiration_res|wc -l` == '1' ]; then
|
41 |
if [ `echo $db_radcheck_expiration_res|wc -l` == '1' ]; then
|
44 |
echo "###########################"
|
42 |
echo "###########################"
|
45 |
echo "## Attributs radreply"
|
43 |
echo "## Radreply attributes"
|
46 |
db_query="SELECT attribute, value FROM ( \
|
44 |
db_query="SELECT attribute, value FROM ( \
|
47 |
( SELECT attribute, value FROM radreply WHERE username = '$USER_NAME' ) UNION \
|
45 |
( SELECT attribute, value FROM radreply WHERE username = '$USER_NAME' ) UNION \
|
48 |
( SELECT attribute, value FROM radgroupreply gr LEFT JOIN radusergroup ug ON gr.groupname = ug.groupname WHERE username = '$USER_NAME' ORDER BY ug.priority ) UNION \
|
46 |
( SELECT attribute, value FROM radgroupreply gr LEFT JOIN radusergroup ug ON gr.groupname = ug.groupname WHERE username = '$USER_NAME' ORDER BY ug.priority ) UNION \
|
49 |
( SELECT attribute, value FROM radgroupreply WHERE groupname = 'default' ) \
|
47 |
( SELECT attribute, value FROM radgroupreply WHERE groupname = 'default' ) \
|
50 |
) attrs GROUP BY attribute;"
|
48 |
) attrs GROUP BY attribute;"
|
51 |
mysql -u root -p$(cat $PASSWD_FILE | grep ^db_root= | cut -d'=' -f2-) -D radius -e "$db_query" -Ns | while IFS= read -r loop
|
49 |
mysql -u$DB_USER -p$DB_PASSWORD -D radius -e "$db_query" -Ns | while IFS= read -r loop
|
52 |
do
|
50 |
do
|
53 |
attr=`echo $loop|cut -d" " -f1`
|
51 |
attr=`echo $loop|cut -d" " -f1`
|
54 |
attr_value=`echo $loop|cut -d" " -f2-`
|
52 |
attr_value=`echo $loop|cut -d" " -f2-`
|
55 |
echo "$attr = $attr_value"
|
53 |
echo "$attr = $attr_value"
|
56 |
done
|
54 |
done
|
57 |
# if a expiration date exists we retrieve all radcheck attributes
|
55 |
# if a expiration date exists we retrieve all radcheck attributes
|
58 |
echo "## Attributs radcheck"
|
56 |
echo "## Radcheck attributes"
|
59 |
db_query="SELECT attribute, value FROM ( \
|
57 |
db_query="SELECT attribute, value FROM ( \
|
60 |
( SELECT attribute, value FROM radcheck WHERE username = '$USER_NAME' ) UNION \
|
58 |
( SELECT attribute, value FROM radcheck WHERE username = '$USER_NAME' ) UNION \
|
61 |
( SELECT attribute, value FROM radgroupcheck gr LEFT JOIN radusergroup ug ON gr.groupname = ug.groupname WHERE username = '$USER_NAME' ORDER BY ug.priority ) UNION \
|
59 |
( SELECT attribute, value FROM radgroupcheck gr LEFT JOIN radusergroup ug ON gr.groupname = ug.groupname WHERE username = '$USER_NAME' ORDER BY ug.priority ) UNION \
|
62 |
( SELECT attribute, value FROM radgroupcheck WHERE groupname = 'default' ) \
|
60 |
( SELECT attribute, value FROM radgroupcheck WHERE groupname = 'default' ) \
|
63 |
) attrs GROUP BY attribute;"
|
61 |
) attrs GROUP BY attribute;"
|
64 |
mysql -u root -p$(cat $PASSWD_FILE | grep ^db_root= | cut -d'=' -f2-) -D radius -e "$db_query" -Ns | while IFS= read -r loop
|
62 |
mysql -u$DB_USER -p$DB_PASSWORD -D radius -e "$db_query" -Ns | while IFS= read -r loop
|
65 |
do
|
63 |
do
|
66 |
attr=`echo $loop|cut -d" " -f1`
|
64 |
attr=`echo $loop|cut -d" " -f1`
|
67 |
attr_value=`echo $loop|cut -d" " -f2-`
|
65 |
attr_value=`echo $loop|cut -d" " -f2-`
|
68 |
echo "$attr = $attr_value"
|
66 |
echo "$attr = $attr_value"
|
69 |
done
|
67 |
done
|