1
0
forked from infra/ansible
infra/roles/radius/files/raddb/modules/sqlcounter_expire_on_login

38 lines
985 B
Plaintext

# -*- text -*-
#
# $Id: c950169307009b088b2c31274f496ffe38e8a793 $
#
# Set an account to expire T seconds after first login.
# Requires the Expire-After attribute to be set, in seconds.
# You may need to edit raddb/dictionary to add the Expire-After
# attribute.
#
# This example is for MySQL. Other SQL variants should be similar.
#
# For versions prior to 2.1.11, this module defined the following
# expansion strings:
#
# %k key_name
# %S sqlmod_inst
#
# These SHOULD NOT be used. If these are used in your configuration,
# they should be replaced by the following strings, which will work
# identically to the previous ones:
#
# %k ${key}
# %S ${sqlmod-inst}
#
sqlcounter expire_on_login {
counter-name = Expire-After-Initial-Login
check-name = Expire-After
sqlmod-inst = sql
key = User-Name
reset = never
query = "SELECT TIME_TO_SEC(TIMEDIFF(NOW(), acctstarttime)) \
FROM radacct \
WHERE UserName='%{${key}}' \
ORDER BY acctstarttime \
LIMIT 1;"
}