From: Matthew Newton Date: Tue, 25 Jul 2023 18:23:13 +0000 (+0100) Subject: docs: some small antora fixes X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2d3007ef2560a812ab90591e02a64930f4b4b8bb;p=thirdparty%2Ffreeradius-server.git docs: some small antora fixes and remove unused list.adoc (replaced by all_modules.adoc) --- diff --git a/doc/antora/modules/howto/pages/modules/ldap/accounting.adoc b/doc/antora/modules/howto/pages/modules/ldap/accounting.adoc index d5ab8823e48..20430ceba57 100644 --- a/doc/antora/modules/howto/pages/modules/ldap/accounting.adoc +++ b/doc/antora/modules/howto/pages/modules/ldap/accounting.adoc @@ -1 +1 @@ -= Configuring Accouting += Configuring Accounting diff --git a/doc/antora/modules/howto/pages/modules/ldap/index.adoc b/doc/antora/modules/howto/pages/modules/ldap/index.adoc index 7e64b1f9463..94a69f8aa46 100644 --- a/doc/antora/modules/howto/pages/modules/ldap/index.adoc +++ b/doc/antora/modules/howto/pages/modules/ldap/index.adoc @@ -56,7 +56,7 @@ Once the xref:modules/ldap/ldapsearch/index.adoc[ldapsearch] validation tests pa next step is to xref:modules/ldap/base_configuration/index.adoc[configure the LDAP module]. OpenLDAP configuration examples detailing how to install appropriate schemas and -populate the server with test data will be provided a the beginning of each +populate the server with test data will be provided at the beginning of each tutorial section. == Sections in this tutorial diff --git a/doc/antora/modules/raddb/pages/mods-available/expr.adoc b/doc/antora/modules/raddb/pages/mods-available/expr.adoc index bf55abda023..644e280d8a9 100644 --- a/doc/antora/modules/raddb/pages/mods-available/expr.adoc +++ b/doc/antora/modules/raddb/pages/mods-available/expr.adoc @@ -1,6 +1,6 @@ = Expr Module -The `expr` module has been remove, and replaced with an equivalent +The `expr` module has been removed, and replaced with an equivalent `%{expr:...}` in the xref:reference:xlat/builtin.adoc[built-in expansions]. The parameters to the `%{expr:...}` is an xref:reference:unlang/expression.adoc[Unlang expression]. diff --git a/doc/antora/modules/raddb/pages/mods-available/list.adoc b/doc/antora/modules/raddb/pages/mods-available/list.adoc deleted file mode 100644 index dfe2c0d55d3..00000000000 --- a/doc/antora/modules/raddb/pages/mods-available/list.adoc +++ /dev/null @@ -1,136 +0,0 @@ -== Authentication Modules -[options="header"] -[cols="20%,80%"] -|===== -| Module | Description -| xref:chap.adoc[chap] | Performs Challenge Handshake Authentication Protocol (CHAP) authentication, as described by RFC 2865. -| xref:cram.adoc[cram] | Implements CRAM-MD5 authentication, a challenge response protocol similar to CHAP. CRAM is defined by RFC 2195. -| xref:digest.adoc[digest] | The digest module performs HTTP digest authentication, usually for a SIP server. See draft-sterman-aaa-sip-00.txt for -details. The module does not support RFC 5090. -| xref:eap.adoc[eap] | Implements the base protocol for EAP (Extensible Authentication Protocol). -| xref:krb5.adoc[krb5] | Implements kerberos authentication, using the result of decrypting the TGT as an indication that the provided -password was correct. -| xref:ldap.adoc[ldap] | Allows LDAP directory entries to be retrieved, modified, inserted and deleted. -| xref:mschap.adoc[mschap] | Supports MS-CHAP and MS-CHAPv2 authentication. It also enforces the SMB-Account-Ctrl attribute. -| xref:opendirectory.adoc[opendirectory] | Integrates with an Apple OpenDirectory service on the same host as FreeRADIUS to allow OpenDirectory users to -authenticate. -| xref:pam.adoc[pam] | Performs password checking via the Pluggable Authentication Module (PAM) framework. -| xref:pap.adoc[pap] | Accepts a large number of formats for the "known good" (reference) password, such as crypt hashes, md5 hashes, -and etc. The module verifies the User-Password against the the "known good" password. -| xref:securid.adoc[securid] | Supports authentication against an RSA SecurID ACE instance. -| xref:sigtran.adoc[sigtran] | Supports authentication against a Sigtran interface. -| xref:wimax.adoc[wimax] | Implements WiMAX authentication over RADIUS. -| xref:winbind.adoc[winbind] | The module also allows for direct connection to Samba winbindd (version 4.2.1 or above), which communicates with -Active-Directory to retrieve group information and the user's NT-Password. -| xref:yubikey.adoc[yubikey] | Supports authentication of yubikey tokens where the PSK is known to FreeRADIUS, and integrates with the Yubico -cloud-based authentication service. -|===== - -== Datastore Modules -[options="header"] -[cols="20%,80%"] -|===== -| Module | Description -| xref:cache.adoc[cache] | Stores attributes and/or lists and adds them back to a subsequent request or to the current request on a later execution -of the module. -| xref:couchbase.adoc[couchbase] | Allows attributes to be stored and retrieved from a couchbase server. Client definitions may also be bulk loaded from a -couchbase server as FreeRADIUS starts. -| xref:csv.adoc[csv] | Maps values in a CSV file to FreeRADIUS attributes and adds them to the request. -| xref:dict.adoc[dict] | Registers xlats and maps to access dictionary data -| xref:dynamic_clients.adoc[dynamic_clients] | Reads client definitions from flat files. -| xref:passwd.adoc[passwd] | Reads and caches line-oriented files that are in a format similar to ``/etc/passwd``. -| xref:radutmp.adoc[radutmp] | Writes a utmp style file that lists the users who are logged in. The file is used mainly for Simultaneous-Use checking -and by radwho to see who has current sessions. -| xref:redis.adoc[redis] | Provides connectivity to single and clustered instances of Redis. This module exposes a string expansion that may be -used to execute queries against Redis. -| xref:redis_ippool.adoc[redis_ippool] | Implements a fast and scalable IP allocation system using Redis. Supports both IPv4 and IPv6 address and prefix -allocation, and implements pre-allocation for use with DHCPv4. -| xref:redis_who.adoc[redis_who] | Records which users are currently logged into the service. The file is used mainly for Simultaneous-Use checking to see -who has current sessions. -| xref:sql.adoc[sql] | Provides an abstraction over multiple SQL backends, via database specific drivers. -| xref:sqlippool.adoc[sqlippool] | SQL based IP allocation module. -| xref:unix.adoc[unix] | Retrieves a user's encrypted password from the local system and places it into the ``control:Crypt-Password`` attribute. -The password is retrieved via the ``getpwent()`` and ``getspwent()`` system calls. -|===== - -== IO Modules -[options="header"] -[cols="20%,80%"] -|===== -| Module | Description -| xref:detail.adoc[detail] | Writes attributes from a request list to a flat file in 'detail' format. -| xref:dhcpv4.adoc[dhcpv4] | Implements DHCPv4 (Dynamic Host Configuration Protocol for IPv4) client and relay. -| xref:files.adoc[files] | Implements a traditional Livingston-style users file. -| xref:linelog.adoc[linelog] | Creates log entries from attributes, string expansions, or static strings, and writes them to a variety of backends, -including syslog, flat files, and raw UDP/TCP sockets. -| xref:logtee.adoc[logtee] | Tee's request logging at runtime, sending it to additional log destinations. -| xref:radius_client.adoc[radius_client] | Allows Access-Requests, Accounting-Requests, CoA-Requests and Disconnect-Messages to be sent during request processing. -| xref:rest.adoc[rest] | Sends HTTP requests to remote servers and decodes the responses. -| xref:unbound.adoc[unbound] | Performs queries against a DNS service to allow FQDNs to be resolved during request processing. -|===== - -== Language Modules -[options="header"] -[cols="20%,80%"] -|===== -| Module | Description -| xref:exec.adoc[exec] | Executes an external script, passing in FreeRADIUS attributes as environmental variables or as arguments. -| xref:lua.adoc[lua] | Allows the server to call embedded lua scripts. -| xref:mruby.adoc[mruby] | Allows the server to call a persistent, embedded mRuby script. -| xref:perl.adoc[perl] | Allows the server to call a persistent, embedded Perl script. -| xref:python.adoc[python] | Allows the server to call a persistent, embedded Python script. -|===== - -== Miscellaneous Modules -[options="header"] -[cols="20%,80%"] -|===== -| Module | Description -| xref:abfab_psk_sql.adoc[abfab_psk_sql] | ADFAB PSK -| xref:cache_eap.adoc[cache_eap] | Cache EAP -| xref:cache_tls.adoc[cache_tls] | Cache TLS Session -| xref:cipher.adoc[cipher] | Cipher -| xref:client.adoc[client] | Client -| xref:cui.adoc[cui] | CUI -| xref:detail.example.com.adoc[detail.example.com] | Detail (Sample) -| xref:detail.log.adoc[detail.log] | Detail (Log Sample) -| xref:dhcp_sqlippool.adoc[dhcp_sqlippool] | DHCP SQL-IP-Pool -| xref:eap_inner.adoc[eap_inner] | EAP/Inner -| xref:echo.adoc[echo] | Echo -| xref:etc_group.adoc[etc_group] | etc_group -| xref:isc_dhcp.adoc[isc_dhcp] | isc_dhcp -| xref:mac2ip.adoc[mac2ip] | Mac2IP -| xref:mac2vlan.adoc[mac2vlan] | Mac2Vlan -| xref:ntlm_auth.adoc[ntlm_auth] | NTLM Auth -| xref:radius.adoc[radius] | Radius -| xref:rediswho.adoc[rediswho] | REDISWho -| xref:smbpasswd.adoc[smbpasswd] | SMBPasswd -| xref:sradutmp.adoc[sradutmp] | sRadutmp -| xref:stats.adoc[stats] | Stats -|===== - -== Policy Modules -[options="header"] -[cols="20%,80%"] -|===== -| Module | Description -| xref:always.adoc[always] | Returns a pre-configured result code such as 'ok', 'noop', 'reject' etc... -| xref:attr_filter.adoc[attr_filter] | Filters attributes in a request. Can delete attributes or permit them to have only certain values. -| xref:date.adoc[date] | Converts date strings between user configurable formats. -| xref:delay.adoc[delay] | Introduces an artificial non-blocking delay when processing a request. -| xref:escape.adoc[escape] | Escapes and unescapes strings using the MIME escape format -| xref:example.adoc[example] | An example module to use as a template when writing new modules. -An example module to use as a template when writing new modules. -| xref:expiration.adoc[expiration] | Determines whether a user account has expired, with the expiration time set by another module. -| xref:expr.adoc[expr] | Registers a string expansion "%{expr:}" that allows basic arithmetic and binary operations. -| xref:idn.adoc[idn] | Converts internationalized domain names to ASCII. -| xref:json.adoc[json] | Parses JSON strings into an in memory format using the json-c library. -| xref:logintime.adoc[logintime] | Enforces the time span during which a user may login to the system. -| xref:sometimes.adoc[sometimes] | Is a hashing and distribution protocol, that will sometimes return one code or another depending on the input value -configured. -| xref:sqlcounter.adoc[sqlcounter] | Records statistics for users such as data transfer and session time, and prevent further logins when limits are reached. -| xref:test.adoc[test] | Contains test stubs for CIT and the ``make test`` build target. -| xref:unpack.adoc[unpack] | Unpacks binary data from octets type attributes into individual attributes. -| xref:utf8.adoc[utf8] | Checks all attributes of type string in the current request, to ensure that they only contain valid UTF8 sequences. -|===== - diff --git a/doc/antora/modules/tutorials/pages/final_group_project.adoc b/doc/antora/modules/tutorials/pages/final_group_project.adoc index 991726752c2..5a47fbf2a0d 100644 --- a/doc/antora/modules/tutorials/pages/final_group_project.adoc +++ b/doc/antora/modules/tutorials/pages/final_group_project.adoc @@ -14,20 +14,24 @@ For this task you will need at least two participants. Each participant should decide on the following: -* A realm e.g. example.com, that their RADIUS server will respond to request for +* A realm e.g. `example.com`, that their RADIUS server will respond to request for the realm must be unique within the group. This will be referred to as `your_realm` in the rest of the text. * A shared secret for the realm `your_secret`. * A backend module (`your_module`) to use to authenticate their users. Again, this should be unique within the group. Options are: ++ +-- ** `files` ** `ldap` ** `redis` ** `rest` ** `sql` - For everything except `files` it's recommended to pick a module where you're - familiar with the backend protocol. +-- ++ +For everything except `files` it's recommended to pick a module where you're +familiar with the backend protocol. * A set of credentials (`your_user`, `your_password`). These should not be sensitive credentials as they will be seen by the rest of the group.