Looks normal. Your PAM setup is authenticating the user. You can't have multiple auth-types, so the PAM one is the only one being used.
/fc On Thu, May 23, 2002 at 08:04:20PM -0400, Aamer Akhter wrote: > Hello, > > I'm having a weird problem with the latest build from CVS. I admit that this > problem may have been there for a while and i didn't know about it. > > so what's happening is that radiusd will send an Access-Acept as long as the > user is valid (without regard for the password). So as long as I enter the > right username, the password doens't seem to matter. > > Here is the debug output > > > Thu May 23 10:25:53 2002 : Info: Ready to process requests. > rad_recv: Access-Request packet from host 10.13.0.1:1645, id=75, length=78 > NAS-IP-Address = 10.13.0.1 > NAS-Port = 67 > NAS-Port-Type = Virtual > User-Name = "aakhter" > Calling-Station-Id = "10.13.0.254" > User-Password = "*\213\256X\365g\363>2\022\342\264\307"\272\205" > Thu May 23 10:25:58 2002 : Debug: modcall: entering group authorize > Thu May 23 10:25:58 2002 : Debug: modcall[authorize]: module "preprocess" > returns ok > Thu May 23 10:25:58 2002 : Debug: rlm_realm: Looking up realm NULL for > User-Name = "aakhter" > Thu May 23 10:25:58 2002 : Debug: rlm_realm: No such realm NULL > Thu May 23 10:25:58 2002 : Debug: modcall[authorize]: module "suffix" > returns noop > Thu May 23 10:25:58 2002 : Debug: users: Matched DEFAULT at 13 > Thu May 23 10:25:58 2002 : Debug: modcall[authorize]: module "files" returns > ok > Thu May 23 10:25:58 2002 : Debug: modcall: group authorize returns ok > Thu May 23 10:25:58 2002 : Debug: rad_check_password: Found Auth-Type Pam > Thu May 23 10:25:58 2002 : Debug: auth: type "Pam" > Thu May 23 10:25:58 2002 : Debug: modcall: entering group authenticate > Thu May 23 10:25:58 2002 : Debug: pam_pass: using pamauth string <radiusd> for > pam.conf lookup > Thu May 23 10:25:58 2002 : Debug: pam_pass: authentication succeeded for > <aakhter> > Thu May 23 10:25:58 2002 : Debug: modcall[authenticate]: module "pam" > returns ok > Thu May 23 10:25:58 2002 : Debug: modcall: group authenticate returns ok > Sending Access-Accept of id 75 to 10.13.0.1:1645 > Service-Type = Administrative-User > Thu May 23 10:25:58 2002 : Debug: Finished request 0 > Thu May 23 10:25:58 2002 : Debug: Going to the next request > Thu May 23 10:25:58 2002 : Debug: --- Walking the entire request list --- > Thu May 23 10:25:58 2002 : Debug: Waking up in 6 seconds... > Thu May 23 10:26:04 2002 : Debug: --- Walking the entire request list --- > Thu May 23 10:26:04 2002 : Debug: Cleaning up request 0 ID 75 with timestamp > 3cecfbf6 > Thu May 23 10:26:04 2002 : Debug: Nothing to do. Sleeping until we see a > request. > Thu May 23 10:26:24 2002 : Error: MASTER: exit on signal (2) > > and my config: > [root@nsite-mpls-1 /root]# more /etc/raddb/users > > > > ## PAM handles both local /etc/passwd stuff and NIS stuff. > ## Auth-Type needs to be on the same line as DEFAULT > > DEFAULT Auth-Type := Pam > Service-Type = Shell-user, > Fall-Through = YES > > > smartbits Auth-Type := Local, Password == "xx" > Service-Type == Login-user > > > ## these are script passwords, so don't need to be easy to use > cw2k Auth-Type := Local, Password == "xx" > aakhter-script Auth-Type := Local, Password == "xx" > rymcmaho-script Auth-Type := Local, Password == "xx" > mbrown-script Auth-Type := Local, Password == "xx" > jguy-script Auth-Type := Local, Password == "xx" > rajiva-script Auth-Type := Local, Password == "xx" > asharma-script Auth-Type := Local, Password == "xx" > > > any help would be greatly appreciated. > -- > Aamer Akhter / [EMAIL PROTECTED] > NSITE - cisco Systems > > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
