> I'm setting up a new RADIUS server and don't want to repeat the mistakes
> of my current RADIUS setup. In particular, I'd like to make maximum use
> of the DEFAULT names so that it isn't such a management problem.
>
> The server will have all users specified in /etc/passwd. Some users are
> PPP, others are just POP accounts. Only PPP users should be able to
> login (via PPP only, there is no shell access.)
I don't know our solution is the most elegant, but it works...
We have all of our users type defined by their shell in /etc/passwd. For
example, a shell-only user may have /bin/zsh, a ppp customer has a shell
of /dynamic-ppp, and a mail customer is /dev/null. We then have a perl
script which parses the passwd file to create the appropriate radius
records, based on the shell type.
--Mark