Hello,
I'm having a weird problem with the latest build from CVS. I admit that this
problem may have been there for a while and i didn't know about it.
so what's happening is that radiusd will send an Access-Acept as long as the
user is valid (without regard for the password). So as long as I enter the
right username, the password doens't seem to matter.
Here is the debug output
Thu May 23 10:25:53 2002 : Info: Ready to process requests.
rad_recv: Access-Request packet from host 10.13.0.1:1645, id=75, length=78
NAS-IP-Address = 10.13.0.1
NAS-Port = 67
NAS-Port-Type = Virtual
User-Name = "aakhter"
Calling-Station-Id = "10.13.0.254"
User-Password = "*\213\256X\365g\363>2\022\342\264\307"\272\205"
Thu May 23 10:25:58 2002 : Debug: modcall: entering group authorize
Thu May 23 10:25:58 2002 : Debug: modcall[authorize]: module "preprocess"
returns ok
Thu May 23 10:25:58 2002 : Debug: rlm_realm: Looking up realm NULL for
User-Name = "aakhter"
Thu May 23 10:25:58 2002 : Debug: rlm_realm: No such realm NULL
Thu May 23 10:25:58 2002 : Debug: modcall[authorize]: module "suffix"
returns noop
Thu May 23 10:25:58 2002 : Debug: users: Matched DEFAULT at 13
Thu May 23 10:25:58 2002 : Debug: modcall[authorize]: module "files" returns
ok
Thu May 23 10:25:58 2002 : Debug: modcall: group authorize returns ok
Thu May 23 10:25:58 2002 : Debug: rad_check_password: Found Auth-Type Pam
Thu May 23 10:25:58 2002 : Debug: auth: type "Pam"
Thu May 23 10:25:58 2002 : Debug: modcall: entering group authenticate
Thu May 23 10:25:58 2002 : Debug: pam_pass: using pamauth string <radiusd> for
pam.conf lookup
Thu May 23 10:25:58 2002 : Debug: pam_pass: authentication succeeded for
<aakhter>
Thu May 23 10:25:58 2002 : Debug: modcall[authenticate]: module "pam"
returns ok
Thu May 23 10:25:58 2002 : Debug: modcall: group authenticate returns ok
Sending Access-Accept of id 75 to 10.13.0.1:1645
Service-Type = Administrative-User
Thu May 23 10:25:58 2002 : Debug: Finished request 0
Thu May 23 10:25:58 2002 : Debug: Going to the next request
Thu May 23 10:25:58 2002 : Debug: --- Walking the entire request list ---
Thu May 23 10:25:58 2002 : Debug: Waking up in 6 seconds...
Thu May 23 10:26:04 2002 : Debug: --- Walking the entire request list ---
Thu May 23 10:26:04 2002 : Debug: Cleaning up request 0 ID 75 with timestamp
3cecfbf6
Thu May 23 10:26:04 2002 : Debug: Nothing to do. Sleeping until we see a
request.
Thu May 23 10:26:24 2002 : Error: MASTER: exit on signal (2)
and my config:
[root@nsite-mpls-1 /root]# more /etc/raddb/users
## PAM handles both local /etc/passwd stuff and NIS stuff.
## Auth-Type needs to be on the same line as DEFAULT
DEFAULT Auth-Type := Pam
Service-Type = Shell-user,
Fall-Through = YES
smartbits Auth-Type := Local, Password == "xx"
Service-Type == Login-user
## these are script passwords, so don't need to be easy to use
cw2k Auth-Type := Local, Password == "xx"
aakhter-script Auth-Type := Local, Password == "xx"
rymcmaho-script Auth-Type := Local, Password == "xx"
mbrown-script Auth-Type := Local, Password == "xx"
jguy-script Auth-Type := Local, Password == "xx"
rajiva-script Auth-Type := Local, Password == "xx"
asharma-script Auth-Type := Local, Password == "xx"
any help would be greatly appreciated.
--
Aamer Akhter / [EMAIL PROTECTED]
NSITE - cisco Systems
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
