/etc/freeradius/modules/passwd is in freeradius 2.1.12+dfsg-1.2.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 | # -*- text -*-
#
# $Id$
# passwd module allows to do authorization via any passwd-like
# file and to extract any attributes from these files.
#
# See the "smbpasswd" and "etc_group" files for more examples.
#
# parameters are:
# filename - path to filename
#
# format - format for filename record. This parameters
# correlates record in the passwd file and RADIUS
# attributes.
#
# Field marked as '*' is a key field. That is, the parameter
# with this name from the request is used to search for
# the record from passwd file
#
# Attributes marked as '=' are added to reply_items instead
# of default configure_itmes
#
# Attributse marked as '~' are added to request_items
#
# Field marked as ',' may contain a comma separated list
# of attributes.
#
# hashsize - hashtable size. If 0 or not specified records are not
# stored in memory and file is read on every request.
# This configuration is *not* recommended, as it can be
# very slow. The "passwd" module reloads its configuration
# on HUP, so setting "hashsize = 0" is unnecessary.
#
# allowmultiplekeys - if many records for a key are allowed
#
# ignorenislike - ignore NIS-related records
#
# delimiter - symbol to use as a field separator in passwd file,
# for format ':' symbol is always used. '\0', '\n' are
# not allowed
#
# An example configuration for using /etc/passwd.
#
# We do NOT recommend using the configuration below. See the "unix"
# module, or the "pam" module for a cleaner way to get system passwords.
# Using this configuration means that the server will find *only* those
# passwords which are in /etc/passwd, and will *ignore* all of the
# passwords in NIS, LDAP, etc.
#
passwd etc_passwd {
filename = /etc/passwd
format = "*User-Name:Crypt-Password:"
hashsize = 100
ignorenislike = no
allowmultiplekeys = no
}
|