Re: NO multiple logins !! Livingston won't listen

Matthew N. Dodd (winter@jurai.net)
Wed, 26 Jun 1996 10:40:35 -0500 (CDT)

On Wed, 26 Jun 1996, Jon Lewis wrote:
> I think the idea someone recently posted about using pmwho and pmcmd to
> check and boot users driven by a perl script is a really good way to go,

This is kind of what I'm doing right now... I use the Radius accounting
packets to maintain a list of users that are curreently online. Every 10
minutes I checkpoint the list by pmwho'ing all the Portmasters and running
the output through grep & awk and such. If the lists are different, then
I renenerate the list from the pmwho output, since thats a bit more
'correct'.

Clearly this 'multiple login' is a local authentication policy and should
be implemented as such. I can't expect Livingston to add SHM code to
radiusd and get it working on all supported platforms and try and get it
all working over a weekend.

I think the ideal thing to do would be to store the list of users in
shared memory, so that you can still run in forking mode, and add the
ability to checkpoint that list using the pmconsole protocol. This is my
goal when I've got more free time.

Alternately you could have a separate program that maintained the current
state of the Portmasters, and allowed radiusd do do local authentication
policy via a TCP connection. A simple protocol of 'I've got foo1. Are
they kosher?' would work. (Hummm... Sounds kinda like radius. :)

There are just too many ways to implement this, and all of them have their
advantages and disadvantages.

Have a good one.

| Matthew N. Dodd | winter@jurai.net | http://www.jurai.net/~winter |
| Technical Manager | mdodd@intersurf.net | http://www.intersurf.net |
| InterSurf Online | "Welcome to the net Sir, would you like a handbasket?"|