Monday, June 06, 2005

Activating simultaneous login limit on Freeradius

For those who are too lazy to read the Simultaneous-Use document in
Freeradius 1.0.1, here's how to do it, but I opted to use SNMP_Session
and BER modules:

1. Download SNMP_Session and BER from

http://www.switch.ch/misc/leinen/snmp/perl/

2. Extract and

#cd SNMP_Session-1.07/
#perl Makefile.PL
#make test
#make install

3. Edit /etc/raddb/users file and insert the following lines:

DEFAULT Simultaneous-Use := 1
Fall-Through = 1

(It may differ if you want to define it under a group, but it should
be one instance)

4. Edit /etc/raddb/nasspaswd and add:

<ip address of NAS> SNMP community

5. Restart radius

You're done!

Installing PERL modules in Unix/Linux

There are 3 normal ways to install a Perl module on a Unix machine.
Which one you use will depend on a number of factors, the most important
one being whether you have root privileges on the machine.

1. Compile

The standard way to install a Perl module on Unix is to change into the
directory that was created when you unpacked the .tar.gz file, and then
type the following sequence of commands:

perl Makefile.PL
make
make test
make install

This will create a makefile for you, then compile the module, test it,
and put it in the correct location for you. This requires that you are
logged in as root, so that you can copy files to the Perl library
directory, and various other places on your system where the
installation will put files.

If you do not have root permissions on the machine where you want to
install the module, such as if you wish to install a module in your home
directory, just change one of those commands. Instead of

perl Makefile.PL

type

perl Makefile.PL PREFIX=/path/to/where/you/want/it

That will put all the files in that directory. In order to use modules
that are stored in that location, you will need to add the following
like to your Perl programs:

use lib /path/to/where/you/want/it

2. CPAN.pm

Perl comes with a very handy module called CPAN.pm that automates the
process of downloading and installing a Perl module. There are some
modules that are really helpful to have installed before you use
CPAN.pm. They are not absolutely required, but they make life a lot
easier. These modules are:

Digest::MD5
HTML::Parser
MIME::Base64
URI
libnet
libwww

You can download and install those modules as described in the section
above. Then you can load the CPAN.pm shell with the following command:

perl -MCPAN -e shell

This also requires that you are root.

The first time that you run the CPAN shell, you will need to make some
configurations. It's usually OK to select all the defaults. When you
come to the section about choosing a CPAN mirror, try to choose one that
is located near to you.

Once you have typed the above command, you will be at an interactive
prompt with a huge number of options to make your life easier. The only
ones that I will talk about here are the search feature, and the
installation feature.

To find a particular module, use the i command, followed by an
expression that you want to search for:

cpan> i /Time/

CPAN.pm will go out to the CPAN mirrror that you selected, download the
list of modules, and tell you which ones match the search word.

To install a module, just type:

cpan> install Time::CTime

CPAN.pm takes care of the whole process. It downloads the compressed
file, unpacks it, builds it, and installs it all for you, unless there
is a problem with the installation process. If there are other modules
on which this module relies, it will also download and install those.

3. Manually placing files

Occasionally, you will not be able to use any of the methods above to
install modules. This may be the case if you are a particularly under-
privileged user - perhaps you are renting web space on a server, where
you are not given rights to do anything.

It is possible, for some modules, to install the module without
compiling anything, and so you can just drop the file in place and have
it work. Without going into a lot of the detail, some Perl modules
contain a portion written in some other language (such as C or C++) and
some are written in just in Perl. It is the latter type that this method
will work for. How will you know? Well, if there are no files called
something.c and something.h in the package, chances are that it is a
module that contains only Perl code.

In these cases, you can just unpack the file, and then copy just the
*.pm files to a directory from which you will run the modules. Two
examples of this should suffice to illustrate how this is done.

IniConf.pm is a wonderful little module that allows you to read
configuration information out of a .ini-style config file. IniConf.pm is
written only in Perl, and has no C portion. When you unpack the .tar.gz
file that you got from CPAN, you will find several files in there, and
one of them is called IniConf.pm. This is the only file that you are
actually interested in. Copy that file to the directory where you have
the Perl programs that will be using this module. You can then use the
module as you would if it was installed ``correctly,'' with just the
line:

use IniConf;

Time::CTime is another very handy module that lets you print times in
any format that strikes your fancy. It is written just in Perl, without
a C component. You will install it just the same way as you did with
IniConf, except that the file, called CTime.pm, must be placed in a
subdirectory called Time. The colons, as well as indicating an
organization of modules, also indicates a directory structure on your
file system.