Cannot compile FreeRADIUS 3.0
I downloaded FreeRADIUS 3.0,and intall it under RedHat 7.2, 1)#./configure ---Everything is OK. 2) [root@LSRV1 freeradius-0.3]# make gmake[1]: Entering directory `/root/freeradius-0.3' Making all in libltdl... gmake[2]: Entering directory `/root/freeradius-0.3/libltdl' gmake[2]: Nothing to be done for `all'. gmake[2]: Leaving directory `/root/freeradius-0.3/libltdl' Making all in src... gmake[2]: Entering directory `/root/freeradius-0.3/src' gmake[3]: Entering directory `/root/freeradius-0.3/src' Making all in lib... gmake[4]: Entering directory `/root/freeradius-0.3/src/lib' gcc -g -O2 -D_REENTRANT -Wall -D_GNU_SOURCE -DNDEBUG -D_LIBRADIUS -I../include -c dict.c /tmp/cca1KeWL.s: Assembler messages: /tmp/cca1KeWL.s:510: Warning: Unrecognized .section attribute: want a,w,x /tmp/cca1KeWL.s:510: Warning: Unrecognized .section attribute: want a,w,x /tmp/cca1KeWL.s:510: Error: Rest of line ignored. First ignored character is `,'. /tmp/cca1KeWL.s:650: Warning: Unrecognized .section attribute: want a,w,x /tmp/cca1KeWL.s:650: Warning: Unrecognized .section attribute: want a,w,x /tmp/cca1KeWL.s:650: Error: Rest of line ignored. First ignored character is `,'. /tmp/cca1KeWL.s:654: Warning: Unrecognized .section attribute: want a,w,x /tmp/cca1KeWL.s:654: Warning: Unrecognized .section attribute: want a,w,x /tmp/cca1KeWL.s:654: Error: Rest of line ignored. First ignored character is `,'. /tmp/cca1KeWL.s:771: Warning: Unrecognized .section attribute: want a,w,x /tmp/cca1KeWL.s:771: Warning: Unrecognized .section attribute: want a,w,x /tmp/cca1KeWL.s:771: Error: Rest of line ignored. First ignored character is `,'. /tmp/cca1KeWL.s:775: Warning: Unrecognized .section attribute: want a,w,x /tmp/cca1KeWL.s:775: Warning: Unrecognized .section attribute: want a,w,x /tmp/cca1KeWL.s:775: Error: Rest of line ignored. First ignored character is `,'. /tmp/cca1KeWL.s:956: Warning: Unrecognized .section attribute: want a,w,x /tmp/cca1KeWL.s:956: Warning: Unrecognized .section attribute: want a,w,x /tmp/cca1KeWL.s:956: Error: Rest of line ignored. First ignored character is `,'. /tmp/cca1KeWL.s:963: Warning: Unrecognized .section attribute: want a,w,x /tmp/cca1KeWL.s:963: Warning: Unrecognized .section attribute: want a,w,x /tmp/cca1KeWL.s:963: Error: Rest of line ignored. First ignored character is `,'. /tmp/cca1KeWL.s:1101: Warning: Unrecognized .section attribute: want a,w,x /tmp/cca1KeWL.s:1101: Warning: Unrecognized .section attribute: want a,w,x /tmp/cca1KeWL.s:1101: Error: Rest of line ignored. First ignored character is `,'. /tmp/cca1KeWL.s:1105: Warning: Unrecognized .section attribute: want a,w,x /tmp/cca1KeWL.s:1105: Warning: Unrecognized .section attribute: want a,w,x /tmp/cca1KeWL.s:1105: Error: Rest of line ignored. First ignored character is `,'. /tmp/cca1KeWL.s:1112: Warning: Unrecognized .section attribute: want a,w,x /tmp/cca1KeWL.s:1112: Warning: Unrecognized .section attribute: want a,w,x /tmp/cca1KeWL.s:1112: Error: Rest of line ignored. First ignored character is `,'. /tmp/cca1KeWL.s:1119: Warning: Unrecognized .section attribute: want a,w,x /tmp/cca1KeWL.s:1119: Warning: Unrecognized .section attribute: want a,w,x /tmp/cca1KeWL.s:1119: Error: Rest of line ignored. First ignored character is `,'. /tmp/cca1KeWL.s:1124: Warning: Unrecognized .section attribute: want a,w,x /tmp/cca1KeWL.s:1124: Warning: Unrecognized .section attribute: want a,w,x /tmp/cca1KeWL.s:1124: Error: Rest of line ignored. First ignored character is `,'. /tmp/cca1KeWL.s:1128: Warning: Unrecognized .section attribute: want a,w,x /tmp/cca1KeWL.s:1128: Warning: Unrecognized .section attribute: want a,w,x /tmp/cca1KeWL.s:1128: Error: Rest of line ignored. First ignored character is `,'. /tmp/cca1KeWL.s:1139: Warning: Unrecognized .section attribute: want a,w,x /tmp/cca1KeWL.s:1139: Warning: Unrecognized .section attribute: want a,w,x /tmp/cca1KeWL.s:1139: Error: Rest of line ignored. First ignored character is `,'. /tmp/cca1KeWL.s:1143: Warning: Unrecognized .section attribute: want a,w,x /tmp/cca1KeWL.s:1143: Warning: Unrecognized .section attribute: want a,w,x /tmp/cca1KeWL.s:1143: Error: Rest of line ignored. First ignored character is `,'. /tmp/cca1KeWL.s:1148: Warning: Unrecognized .section attribute: want a,w,x /tmp/cca1KeWL.s:1148: Warning: Unrecognized .section attribute: want a,w,x /tmp/cca1KeWL.s:1148: Error: Rest of line ignored. First ignored character is `,'. /tmp/cca1KeWL.s:1152: Warning: Unrecognized .section attribute: want a,w,x /tmp/cca1KeWL.s:1152: Warning: Unrecognized .section attribute: want a,w,x /tmp/cca1KeWL.s:1152: Error: Rest of line ignored. First ignored character is `,'. /tmp/cca1KeWL.s:1155: Warning: Unrecognized .section attribute: want a,w,x /tmp/cca1KeWL.s:1155: Warning: Unrecognized .section attribute: want a,w,x /tmp/cca1KeWL.s:1155: Error: Rest of line ignored. First ignored character is `,'. /tmp/cca1KeWL.s:1165: Warning: Unrecog
FreeRADIUS how to support Oracle SQL authentication
I want the FreeRADIUS support Oracle SQL authentication. My FreeRADIUS is running on RedHat 7.2 and Oracle SQL server is running on Solaris7 for SPARC. How can I realize it? Thanks. â²Ø§~ì¹»®&Þþéì¹»®&ÞI硶Úÿ0~·§bºÊ+ùb²ßî±êìÙ¥
auth by /etc/passwd
How can I have freeradius (or cistron 1.6.5) do a check on /etc/passwd for the shell type? For Example: I need users of shell type /usr/bin/ppp to be able to auth via radius but NOT: /sbin/noservice Any ideas? BTW - Livingston 2.1 does this. --Eli Chancey --NetlinkIP Sysadmin - www.netlinkip.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radiusd.conf and Useable Variables
Ignore this :) I thought about it and now understand what you ment. There is a very useful list in xlat.c for alot of variables that can be used though. Would be very handy to have on the faq or something. - Si > > > What I am trying to do is this. > > > > > > groupmembership_filter = "(loginName=%u)(nasAccess=%{Huntgroup-Name}) > > > > > > %{Huntgroup-Name} does not get expanded to be the configued Huntgroup > > > though. > > > > Run it in debugging mode. See where/when rlm_preprocess adds in the > > huntgroup name. > > > > If it isn't added, then it can't be used. > > Don't quite get what you mean. > > This is what my debug for the preeproccess module sayes. > > Module: Loaded preprocess > preprocess: huntgroups = "/etc/raddb/huntgroups" > preprocess: hints = "/etc/raddb/hints" > preprocess: with_ascend_hack = no > preprocess: ascend_channels_per_line = 23 > preprocess: with_ntdomain_hack = no > preprocess: with_specialix_jetstream_hack = no > preprocess: with_cisco_vsa_hack = no > Module: Instantiated preprocess (preprocess) > > > This is in my /etc/raddb/huntgroups > > MAINLINE NAS-IP-Address == 10.10.10.10 > > > It doesn't seem to expand, but I am unsure if its cause I am using the > wrong name and if its supported. If its not supported, is it possible to > add, I don't mind doing the code for it, but just want to make sure its > possible before tearing into the code. > > - Si > > > Simon Allard (Senior Tool Monkey) > IHUG > Ph (09) 358-5067 Email: [EMAIL PROTECTED] > > WARNING: Excessive alcohol may lead you to believe people > are laughing WITH you. > > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > Simon Allard (Senior Tool Monkey) IHUG Ph (09) 358-5067 Email: [EMAIL PROTECTED] WARNING: Excessive alcohol may lead you to believe people are laughing WITH you. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radiusd.conf and Useable Variables
> > What I am trying to do is this. > > > > groupmembership_filter = "(loginName=%u)(nasAccess=%{Huntgroup-Name}) > > > > %{Huntgroup-Name} does not get expanded to be the configued Huntgroup > > though. > > Run it in debugging mode. See where/when rlm_preprocess adds in the > huntgroup name. > > If it isn't added, then it can't be used. Don't quite get what you mean. This is what my debug for the preeproccess module sayes. Module: Loaded preprocess preprocess: huntgroups = "/etc/raddb/huntgroups" preprocess: hints = "/etc/raddb/hints" preprocess: with_ascend_hack = no preprocess: ascend_channels_per_line = 23 preprocess: with_ntdomain_hack = no preprocess: with_specialix_jetstream_hack = no preprocess: with_cisco_vsa_hack = no Module: Instantiated preprocess (preprocess) This is in my /etc/raddb/huntgroups MAINLINE NAS-IP-Address == 10.10.10.10 It doesn't seem to expand, but I am unsure if its cause I am using the wrong name and if its supported. If its not supported, is it possible to add, I don't mind doing the code for it, but just want to make sure its possible before tearing into the code. - Si Simon Allard (Senior Tool Monkey) IHUG Ph (09) 358-5067 Email: [EMAIL PROTECTED] WARNING: Excessive alcohol may lead you to believe people are laughing WITH you. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Dupes
You know, I _almost_ replied to this, thinking that suddenly _I_ was getting dups, then I noticed the subtle difference in the two messages. :) - Original Message - From: "Nathan Miller" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, December 18, 2001 4:49 PM Subject: Re: Dupes > not i > > At 04:14 PM 12/18/2001 -0600, you wrote: > > >Is anyone else getting duplicate email from this list? > > > > > > > >Thanks > > > >Chris > > -- > Nathan Miller - [EMAIL PROTECTED] > VISP Technologies - "Building Better ISPs" > > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: rlm_ldap lib/includes
It appears that the problem here is actually because -llber appears before -lldap_r on the link link, thus the symbols in ldap_r that require lber are not defined. I changed freeradius-0.4/aclocal.m4: line 928: LIBS="-l$1 $LIBS -l$1" line 938: LIBS=" -L$try -l$1 $old_LIBS" and after running autoconf in src/modules/rlm_ldap, it built nicely. -Kevin --On Wednesday, December 19, 2001 2:14 PM -0500 "Kevin C. Miller" <[EMAIL PROTECTED]> wrote: > Hello- > > I'm working on compiling freeradius 0.4 here, and specifically rlm_ldap. > I'm using configure with --with-rlm-ldap-lib-dir=/usr/local/lib > --with-rlm-ldap-include-dir=/usr/local/include. However it doesn't seem > like configure is actually using those options. > > In src/modules/rlm_ldap: > config.status: ># ./configure --sysconfdir=/home/radius/etc ># --localstatedir=/home/radius/etc --disable-ltdl-install --without-snmp ># --with-r > lm_ldap=yes --with-logdir=/home/radius/logs > --with-rlm-krb5-lib-dir=/usr/local/lib > --with-rlm-krb5-include-dir=/usr/local/in clude > --with-rlm-ldap-lib-dir=/usr/local/lib > --with-rlm-ldap-include-dir=/usr/local/include --enable-ltdl-install=no > --cache -file=../../.././config.cache --srcdir=. > > config.log: > configure:1534: gcc -o conftest -D_REENTRANT -Wall -D_GNU_SOURCE > -DNDEBUG conftest.c -lresolv -lnsl -lresolv -lpthrea d -lpthread > -lpthread -lsasl -lcrypto -lssl -llber -lldap_r 1>&5 > /usr/local/lib/libldap_r.a(open.o): In function `ldap_create': > /usr/obj/local/openldap/012/libraries/libldap_r/open.c:134: undefined > reference to `ber_memcalloc' > /usr/obj/local/openldap/012/libraries/libldap_r/open.c:149: undefined > reference to `ber_strdup' > /usr/obj/local/openldap/012/libraries/libldap_r/open.c:151: undefined > reference to `ber_strdup' > > ... and thus won't build the LDAP module. Is there something obviously > wrong with this config? > > Thanks, > -Kevin > --- > Kevin C. Miller <[EMAIL PROTECTED]> > Network Group > Carnegie Mellon University > > - List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html --- Kevin C. Miller <[EMAIL PROTECTED]> Network Group Carnegie Mellon University - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
rlm_ldap lib/includes
Hello- I'm working on compiling freeradius 0.4 here, and specifically rlm_ldap. I'm using configure with --with-rlm-ldap-lib-dir=/usr/local/lib --with-rlm-ldap-include-dir=/usr/local/include. However it doesn't seem like configure is actually using those options. In src/modules/rlm_ldap: config.status: # ./configure --sysconfdir=/home/radius/etc --localstatedir=/home/radius/etc --disable-ltdl-install --without-snmp --with-r lm_ldap=yes --with-logdir=/home/radius/logs --with-rlm-krb5-lib-dir=/usr/local/lib --with-rlm-krb5-include-dir=/usr/local/in clude --with-rlm-ldap-lib-dir=/usr/local/lib --with-rlm-ldap-include-dir=/usr/local/include --enable-ltdl-install=no --cache -file=../../.././config.cache --srcdir=. config.log: configure:1534: gcc -o conftest -D_REENTRANT -Wall -D_GNU_SOURCE -DNDEBUG conftest.c -lresolv -lnsl -lresolv -lpthrea d -lpthread -lpthread -lsasl -lcrypto -lssl -llber -lldap_r 1>&5 /usr/local/lib/libldap_r.a(open.o): In function `ldap_create': /usr/obj/local/openldap/012/libraries/libldap_r/open.c:134: undefined reference to `ber_memcalloc' /usr/obj/local/openldap/012/libraries/libldap_r/open.c:149: undefined reference to `ber_strdup' /usr/obj/local/openldap/012/libraries/libldap_r/open.c:151: undefined reference to `ber_strdup' ... and thus won't build the LDAP module. Is there something obviously wrong with this config? Thanks, -Kevin --- Kevin C. Miller <[EMAIL PROTECTED]> Network Group Carnegie Mellon University - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
rlm_sql: Pairs do not match
Who can tell me what does 'rlm_sql: Pairs do not match' mean? please... --- query: SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,r adgroupreply.Value FROM radgroupreply,usergroup WHERE usergroup.Username = 'steve' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id rlm_postgresql Status: PGRES_TUPLES_OK sql_postgresql: affected rows = Service-Type = Framed-User Service-Type = Framed-User Framed-Protocol = PPP Service-Type = Framed-User Framed-Protocol = PPP Framed-Address = 255.255.255.254 Service-Type = Framed-User Framed-Protocol = PPP Framed-Address = 255.255.255.254 Framed-Compression = Van-Jacobson-TCP-IP Service-Type = Framed-User Framed-Protocol = PPP Framed-Address = 255.255.255.254 Framed-Compression = Van-Jacobson-TCP-IP Framed-MTU = 1500 Service-Type = Framed-User Framed-Protocol = PPP Framed-Address = 255.255.255.254 Framed-Compression = Van-Jacobson-TCP-IP Framed-MTU = 1500 Fall-Through = Yes rlm_sql: Released sql socket id: 4 rlm_sql: Pairs do not match [steve] Sending Access-Reject of id 137 to 127.0.0.1:2083 -- cron - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Expiration, Counter and Reset Value
On Wed, 19 Dec 2001, power jessie wrote: > > Are there any ways I can do these in freeradius (0.4)? > > 1. 'Expiration' will be set based on firt login date. > i.e. an account will expired 90 days after > first usage. > > Expiration = FirstLoginDate + 90 Days I don't think so. Expiration is a check item which could be stored in an ldap/mysql database. The user is responsible of changing the value. You could just run an exec-program on login that will update the expiration attribute to the correct value. > > 2. User-defined reset value in the counter module. > i.e. reset = 14 # counter will reset to zero after 14 days >reset = 60 # resets after two months Well, you can't do that. Wait a minute. I 've just commited a change to rlm_counter. You can now do the following: reset = 14 #reset after 14 days reset = 3w #reset after 3 weeks > > Also, can i have another the same counter module but with a different > reset value? i.e. > > counter { > ... > reset = daily > ... > } > > counter2 { > ... > reset = monthly > ... > } Yes you can: counter weekly{ reset = weekly } counter monthly{ reset = monthly } authorize{ weekly monthly } -- kkalev > > Hope you'll be more patient to my newbie questions =) > Thanks again guys for your support! > > yo! > jessie > > Feliz Navidad! > --- > Don't Panic! This mail is certified Virus Free. > Checked by AVG anti-virus system (http://www.grisoft.com). > Version: 6.0.309 / Virus Database: 170 - Release Date: 12/17/2001 > > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: FreeRADIUS and libtool
Martti Kuparinen <[EMAIL PROTECTED]> wrote: > While trying to create a NetBSD package of FreeRADIUS 0.4 I noticed > that the source files are not compiled "right" with libtool. I'm not sure that libtool *ever* compiles anything "right", but that's another story. > Are there any plans to libtoolify the sources, i.e. compile and > link all files like this: > > ${LIBTOOL} --mode=compile ${CC} ${CFLAGS} -c filename.c > ${LIBTOOL} --mode=link ${CC} -o ${LIBRADIUS:.a=.la} ${OBJS:.o=.lo} \ > -rpath ${PREFIX}/lib -version-info ${MAJOR}:${MINOR} > > Right now e.g. src/lib/Makefile isn't compiled properly. Uh... what do you mean by that? The 'libradius.a' archive should be created fine, using standard system tools. There isn't a *requirement* to use libtool, that I know of. libtool *can* help in some places. In others, it can't. > I'm going to take a look at this, although the priority is very low. > Please let me know if someone is already working on this issue. If it's important, and if it makes a big difference, send a patch to the list. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radiusd.conf and Useable Variables
Simon Allard <[EMAIL PROTECTED]> wrote: > Is there a list of variables that can be used in radiusd.conf? Not really, sorry. > What I am trying to do is this. > > groupmembership_filter = "(loginName=%u)(nasAccess=%{Huntgroup-Name}) > > %{Huntgroup-Name} does not get expanded to be the configued Huntgroup > though. Run it in debugging mode. See where/when rlm_preprocess adds in the huntgroup name. If it isn't added, then it can't be used. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Expiration, Counter and Reset Value
"power jessie" <[EMAIL PROTECTED]> wrote: > Are there any ways I can do these in freeradius (0.4)? > > 1. 'Expiration' will be set based on firt login date. > i.e. an account will expired 90 days after > first usage. How do you know when the user is first logging in? How do you authenticate them? You can run a shell program when a request is seen. That shell program can set up any per-user configuration you desire. > 2. User-defined reset value in the counter module. > i.e. reset = 14 # counter will reset to zero after 14 days >reset = 60 # resets after two months A *per-user* reset? That's not supported now, but it should be possible with source code patches. > Also, can i have another the same counter module but with a different > reset value? i.e. Yes, but they will use two different counters, and two different databases. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More documentation about xtradius
Hi I am setting up radius for a first time and I chose xtradius Pls can someone tell me where to find more documentation becouse i've set it up, it uses mysql to auth users but i want to find out more things - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
FreeRADIUS and libtool
Hi! While trying to create a NetBSD package of FreeRADIUS 0.4 I noticed that the source files are not compiled "right" with libtool. Are there any plans to libtoolify the sources, i.e. compile and link all files like this: ${LIBTOOL} --mode=compile ${CC} ${CFLAGS} -c filename.c ${LIBTOOL} --mode=link ${CC} -o ${LIBRADIUS:.a=.la} ${OBJS:.o=.lo} \ -rpath ${PREFIX}/lib -version-info ${MAJOR}:${MINOR} Right now e.g. src/lib/Makefile isn't compiled properly. I'm going to take a look at this, although the priority is very low. Please let me know if someone is already working on this issue. Martti --- Martti Kuparinen <[EMAIL PROTECTED]> NetBSD - No media hype http://www.iki.fi/~kuparine/http://www.netbsd.org/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
dumb question :)
I have dumb, but very interesting to me question. I'vre read http://www.frontios.com/freeradius.html and did everything following to that instruction (what concerns sql authorization). In that example table radgroupcheck is empty. What should be there? :-/ I thought that filling radgroupreply with valid replies was enough :-\ -- cron-ripe - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html