[freeside] freeside and legasy install

ivan ivan at 420.am
Tue Apr 17 19:33:51 PDT 2001

On Tue, Apr 17, 2001 at 05:51:55PM -0700, James Maxwell wrote:
> Hi there, the new cvs for 1.3.0 looks kewl, got a legacy question or two.
> --------------------------------
> Here's what I have in the box
> RH7
> Cistron Radius (User Auth is System - pam_cracklib and the NOT Users file)
> All auth is handled by pam
> Mysql 3...36
> Everything is stock nothin too wierd

For 1.3.0, as per htdocs/docs/install.html and htdocs/docs/upgrade6.html,
MySQL's default MyISAN and ISAM table types are *not* supported. 
PostgreSQL is recommended.  If you really want to use MySQL, you need to
use one of the new transaction-safe table types such as BDB. 

> ---------------------------------
> When I try to import passwd/shadow file I get a Illegal Passwd error.
> The shadow file is encrypted via the stock passwd crypt scheme and
> throws in /\.
> and other non standard (illegal) characters
> How can I augment the svc_account.import script to accept these
> characters?

. / and \ are all legal characters.  The regex you're looking for is
in the check subroutine in FS/FS/cust_main.pm, around line 472.

> So anyways the script imports passwd/shadow data just fine (barring
> further errors), but I seems to be missing a step as this generates
> unlinked accounts.

That's to be expected.  The passwd and shadow files don't contain
information on which customer the accounts are associated with.

> Do I first use the Template_cust_main to import the customer data first
> then import the shadow/passwd?

No, first you import your passwd and shadow file, and then you import your
customer data.

> Does it matter? I hate to think I gotta physically input 1500+
> userids/data

That's why eg/TEMPLATE_cust_main.import is provided as a guide to
writing a script which automates that process.

> Another is encryption, I'm fine with it, I like it, but I'm paranoid of
> clients not being able to login. If the passwd is encrypted in the
> shadow file(pam), and the User file contains no user data, does
> freeside (after svc_acct.import) re-encrypt the mysql passwd record?

If that password not present in the RADIUS users file, and is encrypted in
the shadow file, that's how Freeside imports and stores it. 

> If the user wishes to change thier passwd, is the new passwd pam/crypt
> compatible? How and where do I change this?

PAM is irrelevant.  See htdocs/docs/passwd.html for information on the
Freeside passwd/chfn/chsh replacement.

> Does freeside use the systems encryption scheme or its own flavour?

Freeside uses the system crypt(2) function, which typically means it
encryptes passwords with the classic DES function understood by all
unix flavours.


More information about the freeside-users mailing list