Denny, A couple of things:
1. Check the SQL How To at: http://wiki.freeradius.org/SQL_HOWTO 2. The radcheck table should have entries like: mysql> select * from radcheck; +----+----------------+--------------------+------------------+------+ | id | UserName | Attribute | Value | Op | +----+----------------+--------------------+------------------+------+ | 1 | fredf | Cleartext-Password | wilma | := | | 2 | barney | Cleartext-Password | betty | := | | 2 | dialrouter | Cleartext-Password | dialup | := | +----+----------------+--------------------+------------------+------+ 3 rows in set (0.01 sec) Your table has the Password attribute and Op is == 3. Send all of the debug output from the radius server. The useful information is missing from this section of the debug output: Wed Mar 4 20:00:03 2009 : Debug: ++[unix] returns notfound Wed Mar 4 20:00:03 2009 : Debug: modsingle[authorize]: calling sql (rlm_sql) for request 1 Wed Mar 4 20:00:03 2009 : Debug: rlm_sql (sql): Reserving sql socket id: 2 Wed Mar 4 20:00:03 2009 : Debug: expand: -> Wed Mar 4 20:00:03 2009 : Error: rlm_sql (sql): Error generating query; rejecting user Wed Mar 4 20:00:03 2009 : Debug: rlm_sql (sql): Released sql socket id:2 Wed Mar 4 20:00:03 2009 : Debug: modsingle[authorize]: returned from sql (rlm_sql) for request 1 Wed Mar 4 20:00:03 2009 : Debug: ++[sql] returns fail Wed Mar 4 20:00:03 2009 : Auth: Invalid user: [chillispot/chillispot] (from client localhost port 0) Tim -----Original Message----- From: freeradius-users-bounces+tim.sylvester=networkradius....@lists.freeradius.or g [mailto:freeradius-users-bounces+tim.sylvester=networkradius....@lists.freer adius.org] On Behalf Of Denny Schierz Sent: Thursday, March 05, 2009 12:40 AM To: freeradius-users@lists.freeradius.org Subject: No MySQL queries with freeradius 2.x from Lenny hi, i tried to get coopa chilli running, but i have problems with radius and mysql. Radius works with users from "files", but not with mysql. I can only see on startup some mysql messages (connect) but no queries at all. The system Debian Lenny. sql.conf sql { database = "mysql" driver = "rlm_sql_mysql" server = "localhost" login = "radius" password = "secret" radius_db = "radius" acct_table1 = "radacct" acct_table2 = "radacct" postauth_table = "radpostauth" authcheck_table = "radcheck" authreply_table = "radreply" groupcheck_table = "radgroupcheck" groupreply_table = "radgroupreply" usergroup_table = "radusergroup" deletestalesessions = yes sqltrace = yes sqltracefile = ${logdir}/sqltrace.sql num_sql_socks = 5 connect_failure_retry_delay = 60 readclients = yes nas_table = "nas" } (from a small egrep command, hope, there is everything ok) Debug Output: rad_recv: Access-Request packet from host 127.0.0.1 port 51722, id=2, length=199 Vendor-14559-Attr-8 = 0x312e302e3132 User-Name = "chillispot" User-Password = "chillispot" Service-Type = Administrative-User NAS-Port-Type = Wireless-802.11 NAS-IP-Address = 10.1.0.1 Called-Station-Id = "00-0C-29-98-FE-1D" NAS-Identifier = "nas01" WISPr-Location-ID = "isocc=,cc=,ac=,network=Coova," WISPr-Location-Name = "My_HotSpot" Acct-Session-Id = "49aec18f00000000" Message-Authenticator = 0x21b6e2efd764dc022a55ff0b7ecd3072 Wed Mar 4 20:00:03 2009 : Debug: +- entering group authorize Wed Mar 4 20:00:03 2009 : Debug: modsingle[authorize]: calling preprocess (rlm_preprocess) for request 1 Wed Mar 4 20:00:03 2009 : Debug: modsingle[authorize]: returned from preprocess (rlm_preprocess) for request 1 Wed Mar 4 20:00:03 2009 : Debug: ++[preprocess] returns ok Wed Mar 4 20:00:03 2009 : Debug: modsingle[authorize]: calling chap (rlm_chap) for request 1 Wed Mar 4 20:00:03 2009 : Debug: modsingle[authorize]: returned from chap (rlm_chap) for request 1 Wed Mar 4 20:00:03 2009 : Debug: ++[chap] returns noop Wed Mar 4 20:00:03 2009 : Debug: modsingle[authorize]: calling mschap (rlm_mschap) for request 1 Wed Mar 4 20:00:03 2009 : Debug: modsingle[authorize]: returned from mschap (rlm_mschap) for request 1 Wed Mar 4 20:00:03 2009 : Debug: ++[mschap] returns noop Wed Mar 4 20:00:03 2009 : Debug: modsingle[authorize]: calling suffix (rlm_realm) for request 1 Wed Mar 4 20:00:03 2009 : Debug: rlm_realm: No '@' in User-Name = "chillispot", looking up realm NULL Wed Mar 4 20:00:03 2009 : Debug: rlm_realm: No such realm "NULL" Wed Mar 4 20:00:03 2009 : Debug: modsingle[authorize]: returned from suffix (rlm_realm) for request 1 Wed Mar 4 20:00:03 2009 : Debug: ++[suffix] returns noop Wed Mar 4 20:00:03 2009 : Debug: modsingle[authorize]: calling eap (rlm_eap) for request 1 Wed Mar 4 20:00:03 2009 : Debug: rlm_eap: No EAP-Message, not doing EAP Wed Mar 4 20:00:03 2009 : Debug: modsingle[authorize]: returned from eap (rlm_eap) for request 1 Wed Mar 4 20:00:03 2009 : Debug: ++[eap] returns noop Wed Mar 4 20:00:03 2009 : Debug: modsingle[authorize]: calling unix (rlm_unix) for request 1 Wed Mar 4 20:00:03 2009 : Debug: modsingle[authorize]: returned from unix (rlm_unix) for request 1 Wed Mar 4 20:00:03 2009 : Debug: ++[unix] returns notfound Wed Mar 4 20:00:03 2009 : Debug: modsingle[authorize]: calling sql (rlm_sql) for request 1 Wed Mar 4 20:00:03 2009 : Debug: rlm_sql (sql): Reserving sql socket id: 2 Wed Mar 4 20:00:03 2009 : Debug: expand: -> Wed Mar 4 20:00:03 2009 : Error: rlm_sql (sql): Error generating query; rejecting user Wed Mar 4 20:00:03 2009 : Debug: rlm_sql (sql): Released sql socket id: 2 Wed Mar 4 20:00:03 2009 : Debug: modsingle[authorize]: returned from sql (rlm_sql) for request 1 Wed Mar 4 20:00:03 2009 : Debug: ++[sql] returns fail Wed Mar 4 20:00:03 2009 : Auth: Invalid user: [chillispot/chillispot] (from client localhost port 0) Wed Mar 4 20:00:03 2009 : Debug: Found Post-Auth-Type Reject Wed Mar 4 20:00:03 2009 : Debug: +- entering group REJECT Wed Mar 4 20:00:03 2009 : Debug: modsingle[post-auth]: calling attr_filter.access_reject (rlm_attr_filter) for request 1 Wed Mar 4 20:00:03 2009 : Debug: expand: %{User-Name} -> chillispot Wed Mar 4 20:00:03 2009 : Debug: attr_filter: Matched entry DEFAULT at line 11 Wed Mar 4 20:00:03 2009 : Debug: modsingle[post-auth]: returned from attr_filter.access_reject (rlm_attr_filter) for request 1 Wed Mar 4 20:00:03 2009 : Debug: ++[attr_filter.access_reject] returns updated Wed Mar 4 20:00:03 2009 : Debug: Delaying reject of request 1 for 1 seconds Wed Mar 4 20:00:03 2009 : Debug: Going to the next request Wed Mar 4 20:00:03 2009 : Debug: Waking up in 0.9 seconds. Wed Mar 4 20:00:04 2009 : Debug: Sending delayed reject for request 1 Sending Access-Reject of id 2 to 127.0.0.1 port 51722 Wed Mar 4 20:00:04 2009 : Debug: Waking up in 4.9 seconds. Wed Mar 4 20:00:09 2009 : Debug: Cleaning up request 1 ID 2 with timestamp +63 Wed Mar 4 20:00:09 2009 : Debug: Ready to process requests. SQL Table; mysql> select * from radcheck; +----+------------+-----------+----+------------+ | id | UserName | Attribute | op | Value | +----+------------+-----------+----+------------+ | 1 | mysqltest | Password | == | testsecret | | 2 | chillispot | Password | == | chillispot | +----+------------+-----------+----+------------+ 2 rows in set (0.00 sec) mysql> show tables; +------------------+ | Tables_in_radius | +------------------+ | nas | | radacct | | radcheck | | radgroupcheck | | radgroupreply | | radpostauth | | radreply | | usergroup | +------------------+ 8 rows in set (0.00 sec) i also tested to set "read_groups = no" instead of yes, but no luck. any suggestions? cu denny - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html