Enabling a shell/perl script correctly in radiusd.conf

OK, I've made some progress with this (thanks for the tips), but
so far my script still isn't executing. This is what I have
in radiusd.conf:

exec grabmschap {
wait = yes
program = "/usr/local/sbin/radius-local-or-remote-domain.pl"
input_pairs = request
output_pairs = reply
packet_type = Access-Request
}

I have tried:

* Putting this inside the mschap { } stanza.
* Putting it right after the "exec echo" declaration and
putting "grabmschap" in the mschap { } stanza.
* Both of the above *without* the packet-type line.

In all cases, the script doesn't run. When run from the command line, the
script successfully grabs the contents of $ENV and stuffs them in a text
file (that's all it does so far). But that file never appears when it
runs from radiusd. Yes, I've checked out permissions and ownership issues
(the script creates a new file in /tmp, the radiusd user shouldn't have a
problem doing that). Yes, the script is chmodded correctly, et cetera.

What's the correct way to enable the script so that it actually runs
as part of and, hopefully, can short-circuit and report success from
the mschap authorization sequence? I feel I must be missing something
basic re: how to actually enable this exec stuff. Thank you!

--
Thomas Boutell
Boutell.Com, Inc.
http://www.boutell.com/


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html