external script collecting invironment variables
Hi all, I'm run a home made script whenever I receive an accounting- start, stop or alive. In the script I get the value of all the attributes set in the environment variables (example : val = getenv(USER_NAME) ). I want to count how many attributes contain no value (or doesn't not exist) so I have a check (example : if(val == NULL) ) and I have a counter variable. I check with NULL because I thought when an attribute has no value, the value would be NULL butt apparently it is not always the case. I guess it is different when the attribute is sent without a value and when it is not sent at all. I would like to know what value contains in these two cases. Anyone? Thanks! -- Vicky - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: segmentation fault
Hi all, I made make clean, re-configured with the option --disable-share, make and make install and now it works! Thanks for your help! --Vicky Nicolas Baradakis wrote: vicky wrote: Nicolas, Here is the output of gdb. Thanks a lot for your help! [...] Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 16384 (LWP 12678)] 0x400633a2 in lt_dlsym (handle=0x8118398, symbol=0x8116698 rlm_sql_mysql) at ltdl.c:3330 3330 lensym = LT_STRLEN (symbol) + LT_STRLEN (handle-loader-sym_prefix) It's bug #98. Please look at: http://bugs.freeradius.org/show_bug.cgi?id=98 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: AW: sementation fault
First, you should a new empty 'radius' database in MySQL and login user with permissions to that database. You could of course call the database and the user anything you like but we'll stick to 'radius' for both for the purposes of this discussion Next up, you need to create the schema for the database. There is a file which describes this and is actually a SQL script file. It can be found at /src/modules/rlm_sql/drivers/rlm_sql_mysql/db_mysql.sql where you untar'd FreeRadius. This is the bit that, at least at the time I originally wrote these notes, wasn't really documented anywhere and was the thing most people seemed to be asking. How you run that script is up to you and how you like to admin MySQL. The easiest way is to: mysql -uroot -prootpass radius db_mysql.sql ...where 'root' and 'rootpass' are your mysql root name and password respectively. Uwe, Thanks for your answer. About the empty database 'radius' I had already done that. This morning I ran the script 'db_mysql.sql' you talked about. Now I can see the tables in my database radius but I still have the same segmentation fault error. I have reconfigured, recompiled (with make clean) and reinstalled. That didn't help. Do you have any other ideas? Thanks for your help, --Vicky - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: segmentation fault
Nicolas Baradakis wrote: vicky wrote: Thanks for your answer. About the empty database 'radius' I had already done that. This morning I ran the script 'db_mysql.sql' you talked about. Now I can see the tables in my database radius but I still have the same segmentation fault error. I have reconfigured, recompiled (with make clean) and reinstalled. That didn't help. Do you have any other ideas? Please post the gdb output. Follow the instructions at: http://www.freeradius.org/radiusd/doc/bugs Nicolas, Here is the output of gdb. Thanks a lot for your help! --Vicky (gdb) run Starting program: /opt/freeradius/sbin/radiusd -X (no debugging symbols found)...[Thread debugging using libthread_db enabled] [New Thread 16384 (LWP 12678)] Starting - reading configuration files ... reread_config: reading radiusd.conf Config: including file: /opt/freeradius/etc/raddb/proxy.conf Config: including file: /opt/freeradius/etc/raddb/clients.conf Config: including file: /opt/freeradius/etc/raddb/snmp.conf Config: including file: /opt/freeradius/etc/raddb/eap.conf Config: including file: /opt/freeradius/etc/raddb/sql.conf main: prefix = /opt/freeradius main: localstatedir = /opt/freeradius/var main: logdir = /opt/freeradius/var/log/radius main: libdir = /opt/freeradius/lib main: radacctdir = /opt/freeradius/var/log/radius/radacct main: hostname_lookups = no main: max_request_time = 30 main: cleanup_delay = 5 main: max_requests = 1024 main: delete_blocked_requests = 0 main: port = 0 main: allow_core_dumps = no main: log_stripped_names = no main: log_file = /opt/freeradius/var/log/radius/radius.log main: log_auth = yes main: log_auth_badpass = no main: log_auth_goodpass = no main: pidfile = /opt/freeradius/var/run/radiusd/radiusd.pid main: user = psaadm main: group = psaadm main: usercollide = no main: lower_user = no main: lower_pass = no main: nospace_user = no main: nospace_pass = no main: checkrad = /opt/freeradius/sbin/checkrad main: proxy_requests = yes proxy: retry_delay = 5 proxy: retry_count = 3 proxy: synchronous = no proxy: default_fallback = yes proxy: dead_time = 120 proxy: post_proxy_authorize = yes proxy: wake_all_if_all_dead = no security: max_attributes = 200 security: reject_delay = 1 security: status_server = no main: debug_level = 0 read_config_files: reading dictionary read_config_files: reading naslist Using deprecated naslist file. Support for this will go away soon. read_config_files: reading clients read_config_files: reading realms radiusd: entering modules setup Module: Library search path is /opt/freeradius/lib Module: Loaded PAP pap: encryption_scheme = crypt Module: Instantiated pap (pap) Module: Loaded CHAP Module: Instantiated chap (chap) Module: Loaded MS-CHAP mschap: use_mppe = yes mschap: require_encryption = no mschap: require_strong = no mschap: with_ntdomain_hack = no mschap: passwd = (null) mschap: authtype = MS-CHAP mschap: ntlm_auth = (null) Module: Instantiated mschap (mschap) Module: Loaded System unix: cache = no unix: passwd = (null) unix: shadow = (null) unix: group = (null) unix: radwtmp = /opt/freeradius/var/log/radius/radwtmp unix: usegroup = no unix: cache_reload = 600 Module: Instantiated unix (unix) Module: Loaded eap eap: default_eap_type = md5 eap: timer_expire = 60 eap: ignore_unknown_eap_types = no eap: cisco_accounting_username_bug = no rlm_eap: Loaded and initialized type md5 rlm_eap: Loaded and initialized type leap gtc: challenge = Password: gtc: auth_type = PAP rlm_eap: Loaded and initialized type gtc mschapv2: with_ntdomain_hack = no rlm_eap: Loaded and initialized type mschapv2 Module: Instantiated eap (eap) Module: Loaded attr_rewrite attr_rewrite: attribute = User-Name attr_rewrite: searchfor = promo.* attr_rewrite: searchin = packet attr_rewrite: replacewith = %{User-Password} attr_rewrite: append = no attr_rewrite: ignore_case = no attr_rewrite: new_attribute = no attr_rewrite: max_matches = 10 Module: Instantiated attr_rewrite (attr_rewrite) Module: Loaded preprocess preprocess: huntgroups = /opt/freeradius/etc/raddb/huntgroups preprocess: hints = /opt/freeradius/etc/raddb/hints preprocess: with_ascend_hack = no preprocess: ascend_channels_per_line = 23 preprocess: with_ntdomain_hack = no preprocess: with_specialix_jetstream_hack = no preprocess: with_cisco_vsa_hack = no Module: Instantiated preprocess (preprocess) Module: Loaded detail detail: detailfile = /opt/freeradius/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d detail: detailperm = 384 detail: dirperm = 493 detail: locking = no Module: Instantiated detail (auth_log) Module: Loaded realm realm: format = prefix realm: delimiter = / realm: ignore_default = yes realm: ignore_null = yes Module: Instantiated realm (prefix) realm: format = suffix realm: delimiter = @ realm: ignore_default = yes realm: ignore_null = yes Module: Instantiated realm (suffix) Module
sementation fault
Hi all, I trying to install (compile from source) freeRADIUS 1.0.4 on a SuSe Linux system version 9.1. The configuration, compilation and installation goes well. The problem comes when I run it with -X -A. You can see the output from that attached with this mail. I have made sure the the mysql-devel packages is installed so I guess it is not that. The last two lines in the output are : sql: postauth_query = INSERT into radpostauth (id, user, pass, session_id, reply, date) values ('', '%{User-Name}', '%{User-Password:-Chap-Password}', '%{Acct-Session-Id}', '%{reply:Packet-Type}', NOW()) sql: safe-characters = @abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: / It tries to insert to a table 'radpostauth' that doesn't exist and further more there are no tables at all in the database. Is that normal? Please help me shed some light on this, Thanks! --Vicky Starting - reading configuration files ... reread_config: reading radiusd.conf Config: including file: /opt/freeradius/etc/raddb/proxy.conf Config: including file: /opt/freeradius/etc/raddb/clients.conf Config: including file: /opt/freeradius/etc/raddb/snmp.conf Config: including file: /opt/freeradius/etc/raddb/eap.conf Config: including file: /opt/freeradius/etc/raddb/sql.conf main: prefix = /opt/freeradius main: localstatedir = /opt/freeradius/var main: logdir = /opt/freeradius/var/log/radius main: libdir = /opt/freeradius/lib main: radacctdir = /opt/freeradius/var/log/radius/radacct main: hostname_lookups = no main: max_request_time = 30 main: cleanup_delay = 5 main: max_requests = 1024 main: delete_blocked_requests = 0 main: port = 0 main: allow_core_dumps = no main: log_stripped_names = no main: log_file = /opt/freeradius/var/log/radius/radius.log main: log_auth = yes main: log_auth_badpass = no main: log_auth_goodpass = no main: pidfile = /opt/freeradius/var/run/radiusd/radiusd.pid main: user = psaadm main: group = psaadm main: usercollide = no main: lower_user = no main: lower_pass = no main: nospace_user = no main: nospace_pass = no main: checkrad = /opt/freeradius/sbin/checkrad main: proxy_requests = yes proxy: retry_delay = 5 proxy: retry_count = 3 proxy: synchronous = no proxy: default_fallback = yes proxy: dead_time = 120 proxy: post_proxy_authorize = yes proxy: wake_all_if_all_dead = no security: max_attributes = 200 security: reject_delay = 1 security: status_server = no main: debug_level = 0 read_config_files: reading dictionary read_config_files: reading naslist Using deprecated naslist file. Support for this will go away soon. read_config_files: reading clients read_config_files: reading realms radiusd: entering modules setup Module: Library search path is /opt/freeradius/lib Module: Loaded PAP pap: encryption_scheme = crypt Module: Instantiated pap (pap) Module: Loaded CHAP Module: Instantiated chap (chap) Module: Loaded MS-CHAP mschap: use_mppe = yes mschap: require_encryption = no mschap: require_strong = no mschap: with_ntdomain_hack = no mschap: passwd = (null) mschap: authtype = MS-CHAP mschap: ntlm_auth = (null) Module: Instantiated mschap (mschap) Module: Loaded System unix: cache = no unix: passwd = (null) unix: shadow = (null) unix: group = (null) unix: radwtmp = /opt/freeradius/var/log/radius/radwtmp unix: usegroup = no unix: cache_reload = 600 Module: Instantiated unix (unix) Module: Loaded eap eap: default_eap_type = md5 eap: timer_expire = 60 eap: ignore_unknown_eap_types = no eap: cisco_accounting_username_bug = no rlm_eap: Loaded and initialized type md5 rlm_eap: Loaded and initialized type leap gtc: challenge = Password: gtc: auth_type = PAP rlm_eap: Loaded and initialized type gtc mschapv2: with_ntdomain_hack = no rlm_eap: Loaded and initialized type mschapv2 Module: Instantiated eap (eap) Module: Loaded attr_rewrite attr_rewrite: attribute = User-Name attr_rewrite: searchfor = promo.* attr_rewrite: searchin = packet attr_rewrite: replacewith = %{User-Password} attr_rewrite: append = no attr_rewrite: ignore_case = no attr_rewrite: new_attribute = no attr_rewrite: max_matches = 10 Module: Instantiated attr_rewrite (attr_rewrite) Module: Loaded preprocess preprocess: huntgroups = /opt/freeradius/etc/raddb/huntgroups preprocess: hints = /opt/freeradius/etc/raddb/hints preprocess: with_ascend_hack = no preprocess: ascend_channels_per_line = 23 preprocess: with_ntdomain_hack = no preprocess: with_specialix_jetstream_hack = no preprocess: with_cisco_vsa_hack = no Module: Instantiated preprocess (preprocess) Module: Loaded detail detail: detailfile = /opt/freeradius/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d detail: detailperm = 384 detail: dirperm = 493 detail: locking = no Module: Instantiated detail (auth_log) Module: Loaded realm realm: format = prefix realm: delimiter = / realm: ignore_default = yes realm: ignore_null = yes Module: Instantiated realm (prefix) realm
Re: segmentation fault caused by sql ?
Mario, I thought I had that installed, hum... I'm on fc3, what rpm package(s) should I install for the mysqlclient? Thaks for your respond! --Vicky Mario Alberto Cruz Gartner wrote: I'd had a similar segmentation fault when i'd try to use the sql module and the freeradius installation doesn't include the mysqlclient libraries. I've installed the libraries on the system, reconfigure, make, make install again and it works fine! On 7/6/05, vicky [EMAIL PROTECTED] wrote: Hi all! I have a segmentation fault and it scares me. I have attached the output of radiusd -X with this e-mail. It is not because the database is not there because when I connect to it manually it works. Is is permission issues? Is it a driver problem? Thanks for any help I can get! --Vicky Starting - reading configuration files ... reread_config: reading radiusd.conf Config: including file: /opt/freeradius/etc/raddb/proxy.conf Config: including file: /opt/freeradius/etc/raddb/trs_proxy.conf Config: including file: /opt/freeradius/etc/raddb/clients.conf Config: including file: /opt/freeradius/etc/raddb/trs_clients.conf Config: including file: /opt/freeradius/etc/raddb/snmp.conf Config: including file: /opt/freeradius/etc/raddb/sqlcounter.conf Config: including file: /opt/freeradius/etc/raddb/eap.conf Config: including file: /opt/freeradius/etc/raddb/sql.conf main: prefix = /opt/freeradius main: localstatedir = /opt/freeradius/var main: logdir = /opt/freeradius/var/log/radius main: libdir = /opt/freeradius/lib main: radacctdir = /opt/freeradius/var/log/radius/radacct main: hostname_lookups = no main: max_request_time = 30 main: cleanup_delay = 5 main: max_requests = 1024 main: delete_blocked_requests = 0 main: port = 0 main: allow_core_dumps = no main: log_stripped_names = no main: log_file = /opt/freeradius/var/log/radius/radius.log main: log_auth = yes main: log_auth_badpass = yes main: log_auth_goodpass = no main: pidfile = /opt/freeradius/var/run/radiusd/radiusd.pid main: user = trustive main: group = trustive main: usercollide = no main: lower_user = no main: lower_pass = no main: nospace_user = no main: nospace_pass = no main: checkrad = /opt/freeradius/sbin/checkrad main: proxy_requests = yes proxy: retry_delay = 5 proxy: retry_count = 3 proxy: synchronous = no proxy: default_fallback = yes proxy: dead_time = 120 proxy: post_proxy_authorize = no proxy: wake_all_if_all_dead = no security: max_attributes = 200 security: reject_delay = 1 security: status_server = no main: debug_level = 0 read_config_files: reading dictionary read_config_files: reading naslist Using deprecated naslist file. Support for this will go away soon. read_config_files: reading clients read_config_files: reading realms radiusd: entering modules setup Module: Library search path is /opt/freeradius/lib Module: Loaded PAP pap: encryption_scheme = crypt Module: Instantiated pap (pap) Module: Loaded CHAP Module: Instantiated chap (chap) Module: Loaded MS-CHAP mschap: use_mppe = yes mschap: require_encryption = no mschap: require_strong = no mschap: with_ntdomain_hack = no mschap: passwd = (null) mschap: authtype = MS-CHAP mschap: ntlm_auth = (null) Module: Instantiated mschap (mschap) Module: Loaded System unix: cache = no unix: passwd = (null) unix: shadow = (null) unix: group = (null) unix: radwtmp = /opt/freeradius/var/log/radius/radwtmp unix: usegroup = no unix: cache_reload = 600 Module: Instantiated unix (unix) Module: Loaded eap eap: default_eap_type = md5 eap: timer_expire = 60 eap: ignore_unknown_eap_types = no eap: cisco_accounting_username_bug = no rlm_eap: Loaded and initialized type md5 rlm_eap: Loaded and initialized type leap gtc: challenge = Password: gtc: auth_type = PAP rlm_eap: Loaded and initialized type gtc mschapv2: with_ntdomain_hack = no rlm_eap: Loaded and initialized type mschapv2 Module: Instantiated eap (eap) Module: Loaded attr_rewrite attr_rewrite: attribute = User-Name attr_rewrite: searchfor = promo.* attr_rewrite: searchin = packet attr_rewrite: replacewith = %{User-Password} attr_rewrite: append = no attr_rewrite: ignore_case = no attr_rewrite: new_attribute = no attr_rewrite: max_matches = 10 Module: Instantiated attr_rewrite (attr_rewrite) Module: Loaded preprocess preprocess: huntgroups = /opt/freeradius/etc/raddb/huntgroups preprocess: hints = /opt/freeradius/etc/raddb/hints preprocess: with_ascend_hack = no preprocess: ascend_channels_per_line = 23 preprocess: with_ntdomain_hack = no preprocess: with_specialix_jetstream_hack = no preprocess: with_cisco_vsa_hack = no Module: Instantiated preprocess (preprocess) Module: Loaded detail detail: detailfile = /opt/freeradius/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d detail: detailperm = 384 detail: dirperm = 493 detail: locking = no Module: Instantiated detail (auth_log) Module: Loaded realm realm: format = prefix realm: delimiter = / realm: ignore_default = yes realm: ignore_null = yes Module: Instantiated realm (prefix
segmentation fault caused by sql ?
Hi all! I have a segmentation fault and it scares me. I have attached the output of radiusd -X with this e-mail. It is not because the database is not there because when I connect to it manually it works. Is is permission issues? Is it a driver problem? Thanks for any help I can get! --Vicky Starting - reading configuration files ... reread_config: reading radiusd.conf Config: including file: /opt/freeradius/etc/raddb/proxy.conf Config: including file: /opt/freeradius/etc/raddb/trs_proxy.conf Config: including file: /opt/freeradius/etc/raddb/clients.conf Config: including file: /opt/freeradius/etc/raddb/trs_clients.conf Config: including file: /opt/freeradius/etc/raddb/snmp.conf Config: including file: /opt/freeradius/etc/raddb/sqlcounter.conf Config: including file: /opt/freeradius/etc/raddb/eap.conf Config: including file: /opt/freeradius/etc/raddb/sql.conf main: prefix = /opt/freeradius main: localstatedir = /opt/freeradius/var main: logdir = /opt/freeradius/var/log/radius main: libdir = /opt/freeradius/lib main: radacctdir = /opt/freeradius/var/log/radius/radacct main: hostname_lookups = no main: max_request_time = 30 main: cleanup_delay = 5 main: max_requests = 1024 main: delete_blocked_requests = 0 main: port = 0 main: allow_core_dumps = no main: log_stripped_names = no main: log_file = /opt/freeradius/var/log/radius/radius.log main: log_auth = yes main: log_auth_badpass = yes main: log_auth_goodpass = no main: pidfile = /opt/freeradius/var/run/radiusd/radiusd.pid main: user = trustive main: group = trustive main: usercollide = no main: lower_user = no main: lower_pass = no main: nospace_user = no main: nospace_pass = no main: checkrad = /opt/freeradius/sbin/checkrad main: proxy_requests = yes proxy: retry_delay = 5 proxy: retry_count = 3 proxy: synchronous = no proxy: default_fallback = yes proxy: dead_time = 120 proxy: post_proxy_authorize = no proxy: wake_all_if_all_dead = no security: max_attributes = 200 security: reject_delay = 1 security: status_server = no main: debug_level = 0 read_config_files: reading dictionary read_config_files: reading naslist Using deprecated naslist file. Support for this will go away soon. read_config_files: reading clients read_config_files: reading realms radiusd: entering modules setup Module: Library search path is /opt/freeradius/lib Module: Loaded PAP pap: encryption_scheme = crypt Module: Instantiated pap (pap) Module: Loaded CHAP Module: Instantiated chap (chap) Module: Loaded MS-CHAP mschap: use_mppe = yes mschap: require_encryption = no mschap: require_strong = no mschap: with_ntdomain_hack = no mschap: passwd = (null) mschap: authtype = MS-CHAP mschap: ntlm_auth = (null) Module: Instantiated mschap (mschap) Module: Loaded System unix: cache = no unix: passwd = (null) unix: shadow = (null) unix: group = (null) unix: radwtmp = /opt/freeradius/var/log/radius/radwtmp unix: usegroup = no unix: cache_reload = 600 Module: Instantiated unix (unix) Module: Loaded eap eap: default_eap_type = md5 eap: timer_expire = 60 eap: ignore_unknown_eap_types = no eap: cisco_accounting_username_bug = no rlm_eap: Loaded and initialized type md5 rlm_eap: Loaded and initialized type leap gtc: challenge = Password: gtc: auth_type = PAP rlm_eap: Loaded and initialized type gtc mschapv2: with_ntdomain_hack = no rlm_eap: Loaded and initialized type mschapv2 Module: Instantiated eap (eap) Module: Loaded attr_rewrite attr_rewrite: attribute = User-Name attr_rewrite: searchfor = promo.* attr_rewrite: searchin = packet attr_rewrite: replacewith = %{User-Password} attr_rewrite: append = no attr_rewrite: ignore_case = no attr_rewrite: new_attribute = no attr_rewrite: max_matches = 10 Module: Instantiated attr_rewrite (attr_rewrite) Module: Loaded preprocess preprocess: huntgroups = /opt/freeradius/etc/raddb/huntgroups preprocess: hints = /opt/freeradius/etc/raddb/hints preprocess: with_ascend_hack = no preprocess: ascend_channels_per_line = 23 preprocess: with_ntdomain_hack = no preprocess: with_specialix_jetstream_hack = no preprocess: with_cisco_vsa_hack = no Module: Instantiated preprocess (preprocess) Module: Loaded detail detail: detailfile = /opt/freeradius/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d detail: detailperm = 384 detail: dirperm = 493 detail: locking = no Module: Instantiated detail (auth_log) Module: Loaded realm realm: format = prefix realm: delimiter = / realm: ignore_default = yes realm: ignore_null = yes Module: Instantiated realm (prefix) realm: format = suffix realm: delimiter = @ realm: ignore_default = yes realm: ignore_null = yes Module: Instantiated realm (suffix) Module: Loaded files files: usersfile = /opt/freeradius/etc/raddb/users files: acctusersfile = /opt/freeradius/etc/raddb/acct_users files: preproxy_usersfile = /opt/freeradius/etc/raddb/preproxy_users files: compat = no Module
User-Name missing
Hi all! I execute an external script as soon as I get an Access- or an Accounting-Request. The scripts collects (from the environment variables) all the attributes received and writes them to a Database. I encountered a problem recently. The attribute User-Name is missing (its value equals NULL) for the Accounting-Requests but it is there in the Access-Requests. I find this strange that the User-Name attribute is sent with certain package types and not with others. My server is a freeRADIUS 1.0.3. Thanks for any contributions to solving this problem! -- Vicky - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: User-Name missing
Paul! Thanks for your respond! I do keep radacct logs and I did check it. I even run my server in debug mode and saw that the User-Name attribute is actually there. As for the other attributes I manage to get all of them except the User-Name! I find this very strange and it is almost driving me nuts. V Paul Hampson wrote: On Thu, Jun 23, 2005 at 03:12:33PM +0200, vicky wrote: Hi all! I execute an external script as soon as I get an Access- or an Accounting-Request. The scripts collects (from the environment variables) all the attributes received and writes them to a Database. I encountered a problem recently. The attribute User-Name is missing (its value equals NULL) for the Accounting-Requests but it is there in the Access-Requests. I find this strange that the User-Name attribute is sent with certain package types and not with others. My server is a freeRADIUS 1.0.3. Thanks for any contributions to solving this problem! Have a look at your radacct logs (you're keeping radacct logs, right?) and see if you're actually being sent a User-Name attribute. In fact, in the first instance, I'd use 'env' and confirm that your script is seeing all the attributes that get logged from the accounting packets. -- Vicky El Fhaily Integration Manager TRUSTIVE (France) WTC 2, Les Bouillides 120, Route des Macarons Parc de Sophia Antipolis 06560 Valbonne, France Phone: +33 493 65 25 63 Fax: +33 493 65 21 56 www.trustive.com / www.corp.trustive.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
executing external program
Hi all! I have a huge problem. When executing an external script I get strange error messages and my server shuts down. I find this strange because the script is tested a side and it works. Plus I have other similar scripts running and they run perfectly. I get this in the log (radiusd.log) : /Tue Jun 14 09:52:48 2005 : Error: Exec-Program: Abnormal child exit: Interrupted system call Tue Jun 14 09:52:48 2005 : Error: rlm_exec (getaccounting): External script failed/ And this in the debug mode : /radius_xlat: '/home/vicky/finalprog/compAttrs Accounting-Request' Exec-Program: /home/vicky/finalprog/compAttrs Accounting-Request MASTER: Child PID 1842 failed to catch signal 11: killing all active servers./ Has anyone encountered the same problem or has anyone any idea what may be causing this? Thanks a lot in advance! -- Vicky - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
executing external program
Hello guys and girls, While executing a script of mine in the radiusd.conf file I get a very strange error that worries me. /radius_xlat: '/home/vicky/finalprog/compAttrs Access-Request' Exec-Program: /home/vicky/finalprog/compAttrs Access-Request MASTER: Child PID 28050 failed to catch signal 11: killing all active servers./ The script it self is tested aside and it work. What seems to be the problem. I've never seen anything like this before... Thanks for all the suggestions! -- Vicky - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
picks up the same request twice
Hello RADIUS-people! In my radius server I have a certain NAS defined in the clients.conf file as (example) : client 1.1.1.1{ shortname = one secret = oneone } and the same NAS in the proxy.conf file like this : realm one{ type = radius authhost = 1.1.1.1:1812 accthost = 1.1.1.1:1813 secret = oneone } This creates confusion because when receiving a request from this NAS, my radius server recognize it twice. One that is proxied and one that is treated locally (without striping of the realm). How can I solve this so that when the request should be proxied it is only proxied and when it should be treated locally it is only treated locally? I hope I made my question clear... Loads of thanks! -- Vicky - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Cannot find a configuration entry for module exec
Hey people, I'm trying to upgrade my freeRADIUS server and to do so, I downloaded and installed the latest version available on freeradius.org. I installed and configured it in a separate folder than the old server is configured in. Today I stopped the old server and brought up the new one with radiusd -X and it gave me an error as shown below. . . . main: debug_level = 0 read_config_files: reading dictionary read_config_files: reading naslist Using deprecated naslist file. Support for this will go away soon. read_config_files: reading clients read_config_files: reading realms radiusd: entering modules setup Module: Library search path is /opt/freeradiusupgrade/lib ERROR: Cannot find a configuration entry for module exec. zsh: exit 1 /opt/freeradiusupgrade/sbin/radiusd -X With no line number or file name I don't even know where to begin to look. Does anyone has any suggestions? Every so thankful! -- Vicky - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
upgrading freeRADIUS
Hi list subscribers, hi list admins, (again) I'm running a freeRADIUS server version 0.8.1 (I know it is ancient) and I want to upgrade it to the latest version available. I have been trying to find some kind of procedure to upgrading but with no success. Does anyone know how to (in a fairly simple way) safely upgrade? The safetyness is very crucial, I cant risk overwriting my old configuration. The old server is built with #configure --prefix=/opt/freeradius #make #su #make install Thanks to you all in advance and please notice that I'm not that of an expert on RADIUS... Keep up the good work! -- Vicky - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: upgrading freeRADIUS
Hi Stéphane (and all the others of course), Thats is what I was trying to do, configure and install the new version elsewhere but still on the same machine (I'm gonna set the default ports to something else so there will be no conflicts). Now I've downloaded version 1.0.2 and I get a compilation error. I do : #configure --prefix=/opt/freeradius1.0.2 #make and in the end of the compilation output I get this... In file included from x99_rlm.c:54: x99.h:26:42: openssl/des.h: No such file or directory gmake[6]: *** [x99_rlm.o] Error 1 gmake[6]: Leaving directory `/home/vicky/freeradius-1.0.2/src/modules/rlm_x99_token' gmake[5]: *** [common] Error 1 gmake[5]: Leaving directory `/home/vicky/freeradius-1.0.2/src/modules' gmake[4]: *** [all] Error 2 gmake[4]: Leaving directory `/home/vicky/freeradius-1.0.2/src/modules' gmake[3]: *** [common] Error 1 gmake[3]: Leaving directory `/home/vicky/freeradius-1.0.2/src' gmake[2]: *** [all] Error 2 gmake[2]: Leaving directory `/home/vicky/freeradius-1.0.2/src' gmake[1]: *** [common] Error 1 gmake[1]: Leaving directory `/home/vicky/freeradius-1.0.2' make: *** [all] Error 2 zsh: exit 2 make What am I missing? Cheers Vicky DELORT Stephane wrote: Hello Vicky, Haven't you try to copy your config files and do the upgrade on a test system ? (create an exact replica on another machine and upgrade it) I think it would be useful to post an howto to upgrade from xxx to yyy once you've done it. regards, Stéphane -Message d'origine- De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] la part de vicky Envoyé : mardi 31 mai 2005 11:31 À : FreeRadius users mailing list Objet : upgrading freeRADIUS Hi list subscribers, hi list admins, (again) I'm running a freeRADIUS server version 0.8.1 (I know it is ancient) and I want to upgrade it to the latest version available. I have been trying to find some kind of procedure to upgrading but with no success. Does anyone know how to (in a fairly simple way) safely upgrade? The safetyness is very crucial, I cant risk overwriting my old configuration. The old server is built with #configure --prefix=/opt/freeradius #make #su #make install Thanks to you all in advance and please notice that I'm not that of an expert on RADIUS... Keep up the good work! -- Vicky El Fhaily Integration Manager TRUSTIVE (France) WTC 2, Les Bouillides 120, Route des Macarons Parc de Sophia Antipolis 06560 Valbonne, France Phone: +33 493 65 25 63 Fax: +33 493 65 21 56 www.trustive.com / www.corp.trustive.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: upgrading freeRADIUS
Rupak, I built the code in a clean directory so to say. There was nothing in /opt/freeradius1.0.2/ before I made #./configure --prefix=/opt/freeradius1.0.2/ I just reset everything and retried, but still the same compilation error. Do you have any other suggestions? Thanks a lot! Vicky Rupak wrote: I also had the same problem.Later on I came to know that I had to again ./configure --prefix=- to another fresh unpacked tarball.Not in the old unpacked tar ball.just again try tar -xvf freeradius-1.0.2.tar and again ./configure then make then again make install. This time try and give another directory in --prefix section.when I had faced this problem I even formatted my box.Thanx that it was an isolated machine. Rupak Hi Stéphane (and all the others of course), Thats is what I was trying to do, configure and install the new version elsewhere but still on the same machine (I'm gonna set the default ports to something else so there will be no conflicts). Now I've downloaded version 1.0.2 and I get a compilation error. I do : #configure --prefix=/opt/freeradius1.0.2 #make and in the end of the compilation output I get this... In file included from x99_rlm.c:54: x99.h:26:42: openssl/des.h: No such file or directory gmake[6]: *** [x99_rlm.o] Error 1 gmake[6]: Leaving directory `/home/vicky/freeradius-1.0.2/src/modules/rlm_x99_token' gmake[5]: *** [common] Error 1 gmake[5]: Leaving directory `/home/vicky/freeradius-1.0.2/src/modules' gmake[4]: *** [all] Error 2 gmake[4]: Leaving directory `/home/vicky/freeradius-1.0.2/src/modules' gmake[3]: *** [common] Error 1 gmake[3]: Leaving directory `/home/vicky/freeradius-1.0.2/src' gmake[2]: *** [all] Error 2 gmake[2]: Leaving directory `/home/vicky/freeradius-1.0.2/src' gmake[1]: *** [common] Error 1 gmake[1]: Leaving directory `/home/vicky/freeradius-1.0.2' make: *** [all] Error 2 zsh: exit 2 make What am I missing? Cheers Vicky DELORT Stephane wrote: Hello Vicky, Haven't you try to copy your config files and do the upgrade on a test system ? (create an exact replica on another machine and upgrade it) I think it would be useful to post an howto to upgrade from xxx to yyy once you've done it. regards, Stéphane -Message d'origine- De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] la part de vicky Envoyé : mardi 31 mai 2005 11:31 À : FreeRadius users mailing list Objet : upgrading freeRADIUS Hi list subscribers, hi list admins, (again) I'm running a freeRADIUS server version 0.8.1 (I know it is ancient) and I want to upgrade it to the latest version available. I have been trying to find some kind of procedure to upgrading but with no success. Does anyone know how to (in a fairly simple way) safely upgrade? The safetyness is very crucial, I cant risk overwriting my old configuration. The old server is built with #configure --prefix=/opt/freeradius #make #su #make install Thanks to you all in advance and please notice that I'm not that of an expert on RADIUS... Keep up the good work! - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
upgrading freeRADIUS
Hi list subscribers, hi list admins, I'm running a freeRADIUS server version 0.8.1 (I know it is ancient) and I want to upgrade it to the latest version available. I have been trying to find some kind of procedure to upgrading but with no success. Does anyone know how to (in a fairly simple way) safely upgrade? The safetyness is very crucial, I cant risk overwriting my old configuration. The old server is built with /configure --prefix=/opt/freeradius make su make install / Thanks to you all in advance and please notice that I'm not that of an expert on RADIUS... Keep up the good work! -- Vicky - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
MS-CHAP
Hello freeRADIUS mailing list readers, Is it possible to configure a freeRADIUS server running on a UNIX machine to also accept MS-CHAP? If so, is it complicated? is there documentation for it? how can I do that (in a fairly simple way)? /the girl that wonders why Microsoft had to complicate things for her... -- Vicky - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Acct-Session-Id
Hello guys and girls, I have a small quick question. Is the attribute Acct-Session-Id (number 44) modifiable manually (can I set it to what I want)? If so where should it be modified (in witch file)? sanx a lot! -- Vicky - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: RADIUS attributes
Hi Alan, Thanks for your answer but that is unfortunately not what I had hoped for. What I'm actually looking for is a way to retrieve the configured attributes of some one that is trying to connect to my freeRADIUS server. Is that possible? Best, Vicky Alan DeKok wrote: vicky [EMAIL PROTECTED] wrote: I was wondering if RADIUS attributes show when I run the server in debug mode. It spits out a lot of things, is the configured attributes there between? In other words, does one see the attributes configured just by looking at the output from the debugger? For some attributes, yes. The debug mode generally prints out what module did what, which enables you to read your configuration files, to discover which attributes are matched. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- Vicky El Fhaily Integration Manager TRUSTIVE (France) WTC 2, Les Bouillides 120, Route des Macarons Parc de Sophia Antipolis 06560 Valbonne, France Phone: +33 493 65 25 63 Fax: +33 493 65 21 56 www.trustive.com / www.corp.trustive.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: RADIUS attributes
Mitchell (and all the rest), Thanks for your answer but what I meant was : Of all freeRADIUS attributes that exists, I want to know exactly witch once the client (the one on the other side who is trying to connect to my server) has set (configured) and to which value. Is this feasible? Thanks again, Vicky - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: RADIUS attributes
Exactly, what I meant by client is NAS not PC. You are not the one confused, it is more likely that I'm speaking gibberish. If my server receives the (all!) attributes from any NAS in the request then problem solved. But, the request piece in the debugger is so small, I had a doubt that I couldn't see all attributes in there, but if you say so... Enormous thanks! Vicky Michael Mitchell wrote: Maybe I'm just really confused, but the attributes that the client has set are the ones that the server receives in the request... Maybe you need to define what you mean by client... A client is something that sends RADIUS requests to a radius server, eg a Network Access Server (NAS) of some sort. If by client you mean for example a PC that is using a modem to dial up to a network, then the answer is it doesn't set any attributes. It may however supply some values (like a username and password) that the NAS will populate some RADIUS attributes with. regards, Mike (same Mike, different email address ;-) ) vicky wrote: Mitchell (and all the rest), Thanks for your answer but what I meant was : Of all freeRADIUS attributes that exists, I want to know exactly witch once the client (the one on the other side who is trying to connect to my server) has set (configured) and to which value. Is this feasible? Thanks again, Vicky - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- Vicky El Fhaily Integration Manager TRUSTIVE (France) WTC 2, Les Bouillides 120, Route des Macarons Parc de Sophia Antipolis 06560 Valbonne, France Phone: +33 493 65 25 63 Fax: +33 493 65 21 56 www.trustive.com / www.corp.trustive.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RADIUS attributes
Hi guys and girls! I was wondering if RADIUS attributes show when I run the server in debug mode. It spits out a lot of things, is the configured attributes there between? In other words, does one see the attributes configured just by looking at the output from the debugger? Thanks all! Peace Vicky - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
radclient
Hi guys and girls, I have recently downloaded and installed freeRADIUS on a fedora (Red Hat Linux) machine. The radtest is successful but the radclient :( is not. For example : #radclient localhost auth testing123 gives nothing, just like above. It hangs the terminal and I have to end the command with CTRL-c. Even the debugger gives nothing, blank. (Also tried radiusd -x -x -x). What seems to be the problem? Tanks in advance Vicky - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
radtest
Hi all, I'm trying to do a simple radtest but it doesn't go through. Here is what I get : $ radtest bob bob localhost 0 testing123 Sending Access-Request of id 227 to 127.0.0.1:1812 User-Name = bob User-Password = bob NAS-IP-Address = localhost.localdomain NAS-Port = 0 radclient: no response from server for ID 227 I running on Fedora with very simple configurations. Does anyone have any idea about what is going on? Cheers Vicky This message was sent using IMP, the Internet Messaging Program. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
configurating freeRADIUS
Hi, I have recently downloaded and installed the latest version (freeradius-1.0.2) at freeRADIUS.org I have configurated server as I want it to be but i fail to check the configuration (for example with check-radiusd-config). I get an error that says: 15654:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:632:Expecting: CERTIFICATE 15654:error:0200100E:system library:fopen:Bad address:bss_file.c:259:fopen('','r') 15654:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:261: 15654:error:140AD002:SSL routines:SSL_CTX_use_certificate_file:system lib:ssl_rsa.c:513: rlm_eap_tls: Error reading certificate file rlm_eap: Failed to initialize type tls radiusd.conf[9]: eap: Module instantiation failed. The system is running on a LINUX machine, fedora 3.0 I appreciate any tips and ideas about how the error can be solved. Thanks in advance! Vicky This message was sent using IMP, the Internet Messaging Program. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html