rlm_radutmp

Synopsis

The radutmp module writes a utmp style file that lists the users who are logged in. The file is used mainly for Simultaneous-Use checking and by radwho to see who is currently logged in.

Using the sql module to store user login records is recommended. The radutmp module should be employed for backwards compatibility and for use in very small systems. It is recommended to use the radutmp module only when the system tracks no more than a few thousand users.

Processing Sections

accounting

When listed in the accounting section, the radutmp module updates the radutmp file.

Return codes

noop The module did nothing. The input packet did not contain the information required by the radutmp file.

fail The module was unable to expand the filename or to open the file.

ok The module successfully wrote the user’s login record to the file.

checksimul

When listed in the checksimul section, the radutmp module checks the radutmp file to see if the user has already logged in.

Return codes

fail The module was unable to expand the filename or to open the file.

ok The user is allowed to log in.

noop The username directive was empty.

Expansions

None.

Directives

callerid
Syntax

callerid = boolean

Default

yes

Description

If set, the Calling-Station-Id will be stored in the users record.

case_sensitive
Syntax

case_sensitive = boolean

Default

yes

Description

Treat the users login name as case sensitive. If set to no, then the strings Name, NaMe, NAME, and name are all identical.

Setting this directive to no is not recommended.

check_with_nas
Syntax

check_with_nas = boolean

Default

yes

Description

The server normally runs checkrad when it determines that the user is trying to login multiple times. The checkrad script asks the NAS about the previous login sessions, as an accounting "stop" packet might have been lost.

When this directive is set to no, the server will not run checkrad and will treat the contents of radumpt as being definitive.

filename
Syntax

filename = string

Default

${logdir}/radutmp

Description

The name of the radutmp file. This file should not be rotated.

perm
Syntax

perm = integer

Default

0600

Description

The Unix-style permissions for the log file.

The radutmp file contains private information about users. Keeping the file permissions as restrictive as possible is recommended.

username
Syntax

username = string

Default

%{User-Name}

Description

The field in the request that is used as the key for the radutmp entries.

Note
The size of the field in the utmp data structure is small, usually around 32 characters. A better key may be %\{Stripped-User-Name:-%{User-Name}}