external script collecting invironment variables
Hi all, I'm run a home made script whenever I receive an accounting- start, stop or alive. In the script I get the value of all the attributes set in the environment variables (example : val = getenv(USER_NAME) ). I want to count how many attributes contain no value (or doesn't not exist) so I have a check (example : if(val == NULL) ) and I have a counter variable. I check with NULL because I thought when an attribute has no value, the value would be NULL butt apparently it is not always the case. I guess it is different when the attribute is sent without a value and when it is not sent at all. I would like to know what value contains in these two cases. Anyone? Thanks! -- Vicky - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: segmentation fault
Hi all, I made make clean, re-configured with the option --disable-share, make and make install and now it works! Thanks for your help! --Vicky Nicolas Baradakis wrote: vicky wrote: Nicolas, Here is the output of gdb. Thanks a lot for your help! [...] Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 16384 (LWP 12678)] 0x400633a2 in lt_dlsym (handle=0x8118398, symbol=0x8116698 rlm_sql_mysql) at ltdl.c:3330 3330 lensym = LT_STRLEN (symbol) + LT_STRLEN (handle-loader-sym_prefix) It's bug #98. Please look at: http://bugs.freeradius.org/show_bug.cgi?id=98 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: AW: sementation fault
First, you should a new empty 'radius' database in MySQL and login user with permissions to that database. You could of course call the database and the user anything you like but we'll stick to 'radius' for both for the purposes of this discussion Next up, you need to create the schema for the database. There is a file which describes this and is actually a SQL script file. It can be found at /src/modules/rlm_sql/drivers/rlm_sql_mysql/db_mysql.sql where you untar'd FreeRadius. This is the bit that, at least at the time I originally wrote these notes, wasn't really documented anywhere and was the thing most people seemed to be asking. How you run that script is up to you and how you like to admin MySQL. The easiest way is to: mysql -uroot -prootpass radius db_mysql.sql ...where 'root' and 'rootpass' are your mysql root name and password respectively. Uwe, Thanks for your answer. About the empty database 'radius' I had already done that. This morning I ran the script 'db_mysql.sql' you talked about. Now I can see the tables in my database radius but I still have the same segmentation fault error. I have reconfigured, recompiled (with make clean) and reinstalled. That didn't help. Do you have any other ideas? Thanks for your help, --Vicky - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: segmentation fault
Nicolas Baradakis wrote:
vicky wrote:
Thanks for your answer. About the empty database 'radius' I had already
done that. This morning I ran the script 'db_mysql.sql' you talked
about. Now I can see the tables in my database radius but I still have
the same segmentation fault error. I have reconfigured, recompiled (with
make clean) and reinstalled. That didn't help. Do you have any other ideas?
Please post the gdb output. Follow the instructions at:
http://www.freeradius.org/radiusd/doc/bugs
Nicolas,
Here is the output of gdb. Thanks a lot for your help!
--Vicky
(gdb) run
Starting program: /opt/freeradius/sbin/radiusd -X
(no debugging symbols found)...[Thread debugging using libthread_db enabled]
[New Thread 16384 (LWP 12678)]
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /opt/freeradius/etc/raddb/proxy.conf
Config: including file: /opt/freeradius/etc/raddb/clients.conf
Config: including file: /opt/freeradius/etc/raddb/snmp.conf
Config: including file: /opt/freeradius/etc/raddb/eap.conf
Config: including file: /opt/freeradius/etc/raddb/sql.conf
main: prefix = /opt/freeradius
main: localstatedir = /opt/freeradius/var
main: logdir = /opt/freeradius/var/log/radius
main: libdir = /opt/freeradius/lib
main: radacctdir = /opt/freeradius/var/log/radius/radacct
main: hostname_lookups = no
main: max_request_time = 30
main: cleanup_delay = 5
main: max_requests = 1024
main: delete_blocked_requests = 0
main: port = 0
main: allow_core_dumps = no
main: log_stripped_names = no
main: log_file = /opt/freeradius/var/log/radius/radius.log
main: log_auth = yes
main: log_auth_badpass = no
main: log_auth_goodpass = no
main: pidfile = /opt/freeradius/var/run/radiusd/radiusd.pid
main: user = psaadm
main: group = psaadm
main: usercollide = no
main: lower_user = no
main: lower_pass = no
main: nospace_user = no
main: nospace_pass = no
main: checkrad = /opt/freeradius/sbin/checkrad
main: proxy_requests = yes
proxy: retry_delay = 5
proxy: retry_count = 3
proxy: synchronous = no
proxy: default_fallback = yes
proxy: dead_time = 120
proxy: post_proxy_authorize = yes
proxy: wake_all_if_all_dead = no
security: max_attributes = 200
security: reject_delay = 1
security: status_server = no
main: debug_level = 0
read_config_files: reading dictionary
read_config_files: reading naslist
Using deprecated naslist file. Support for this will go away soon.
read_config_files: reading clients
read_config_files: reading realms
radiusd: entering modules setup
Module: Library search path is /opt/freeradius/lib
Module: Loaded PAP
pap: encryption_scheme = crypt
Module: Instantiated pap (pap)
Module: Loaded CHAP
Module: Instantiated chap (chap)
Module: Loaded MS-CHAP
mschap: use_mppe = yes
mschap: require_encryption = no
mschap: require_strong = no
mschap: with_ntdomain_hack = no
mschap: passwd = (null)
mschap: authtype = MS-CHAP
mschap: ntlm_auth = (null)
Module: Instantiated mschap (mschap)
Module: Loaded System
unix: cache = no
unix: passwd = (null)
unix: shadow = (null)
unix: group = (null)
unix: radwtmp = /opt/freeradius/var/log/radius/radwtmp
unix: usegroup = no
unix: cache_reload = 600
Module: Instantiated unix (unix)
Module: Loaded eap
eap: default_eap_type = md5
eap: timer_expire = 60
eap: ignore_unknown_eap_types = no
eap: cisco_accounting_username_bug = no
rlm_eap: Loaded and initialized type md5
rlm_eap: Loaded and initialized type leap
gtc: challenge = Password:
gtc: auth_type = PAP
rlm_eap: Loaded and initialized type gtc
mschapv2: with_ntdomain_hack = no
rlm_eap: Loaded and initialized type mschapv2
Module: Instantiated eap (eap)
Module: Loaded attr_rewrite
attr_rewrite: attribute = User-Name
attr_rewrite: searchfor = promo.*
attr_rewrite: searchin = packet
attr_rewrite: replacewith = %{User-Password}
attr_rewrite: append = no
attr_rewrite: ignore_case = no
attr_rewrite: new_attribute = no
attr_rewrite: max_matches = 10
Module: Instantiated attr_rewrite (attr_rewrite)
Module: Loaded preprocess
preprocess: huntgroups = /opt/freeradius/etc/raddb/huntgroups
preprocess: hints = /opt/freeradius/etc/raddb/hints
preprocess: with_ascend_hack = no
preprocess: ascend_channels_per_line = 23
preprocess: with_ntdomain_hack = no
preprocess: with_specialix_jetstream_hack = no
preprocess: with_cisco_vsa_hack = no
Module: Instantiated preprocess (preprocess)
Module: Loaded detail
detail: detailfile =
/opt/freeradius/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
detail: detailperm = 384
detail: dirperm = 493
detail: locking = no
Module: Instantiated detail (auth_log)
Module: Loaded realm
realm: format = prefix
realm: delimiter = /
realm: ignore_default = yes
realm: ignore_null = yes
Module: Instantiated realm (prefix)
realm: format = suffix
realm: delimiter = @
realm: ignore_default = yes
realm: ignore_null = yes
Module: Instantiated realm (suffix)
Module
sementation fault
Hi all,
I trying to install (compile from source) freeRADIUS 1.0.4 on a SuSe
Linux system version 9.1. The configuration, compilation and
installation goes well. The problem comes when I run it with -X -A. You
can see the output from that attached with this mail.
I have made sure the the mysql-devel packages is installed so I guess it
is not that.
The last two lines in the output are :
sql: postauth_query = INSERT into radpostauth (id, user, pass,
session_id, reply, date) values ('', '%{User-Name}',
'%{User-Password:-Chap-Password}', '%{Acct-Session-Id}',
'%{reply:Packet-Type}', NOW())
sql: safe-characters =
@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /
It tries to insert to a table 'radpostauth' that doesn't exist and
further more there are no tables at all in the database. Is that normal?
Please help me shed some light on this,
Thanks!
--Vicky
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /opt/freeradius/etc/raddb/proxy.conf
Config: including file: /opt/freeradius/etc/raddb/clients.conf
Config: including file: /opt/freeradius/etc/raddb/snmp.conf
Config: including file: /opt/freeradius/etc/raddb/eap.conf
Config: including file: /opt/freeradius/etc/raddb/sql.conf
main: prefix = /opt/freeradius
main: localstatedir = /opt/freeradius/var
main: logdir = /opt/freeradius/var/log/radius
main: libdir = /opt/freeradius/lib
main: radacctdir = /opt/freeradius/var/log/radius/radacct
main: hostname_lookups = no
main: max_request_time = 30
main: cleanup_delay = 5
main: max_requests = 1024
main: delete_blocked_requests = 0
main: port = 0
main: allow_core_dumps = no
main: log_stripped_names = no
main: log_file = /opt/freeradius/var/log/radius/radius.log
main: log_auth = yes
main: log_auth_badpass = no
main: log_auth_goodpass = no
main: pidfile = /opt/freeradius/var/run/radiusd/radiusd.pid
main: user = psaadm
main: group = psaadm
main: usercollide = no
main: lower_user = no
main: lower_pass = no
main: nospace_user = no
main: nospace_pass = no
main: checkrad = /opt/freeradius/sbin/checkrad
main: proxy_requests = yes
proxy: retry_delay = 5
proxy: retry_count = 3
proxy: synchronous = no
proxy: default_fallback = yes
proxy: dead_time = 120
proxy: post_proxy_authorize = yes
proxy: wake_all_if_all_dead = no
security: max_attributes = 200
security: reject_delay = 1
security: status_server = no
main: debug_level = 0
read_config_files: reading dictionary
read_config_files: reading naslist
Using deprecated naslist file. Support for this will go away soon.
read_config_files: reading clients
read_config_files: reading realms
radiusd: entering modules setup
Module: Library search path is /opt/freeradius/lib
Module: Loaded PAP
pap: encryption_scheme = crypt
Module: Instantiated pap (pap)
Module: Loaded CHAP
Module: Instantiated chap (chap)
Module: Loaded MS-CHAP
mschap: use_mppe = yes
mschap: require_encryption = no
mschap: require_strong = no
mschap: with_ntdomain_hack = no
mschap: passwd = (null)
mschap: authtype = MS-CHAP
mschap: ntlm_auth = (null)
Module: Instantiated mschap (mschap)
Module: Loaded System
unix: cache = no
unix: passwd = (null)
unix: shadow = (null)
unix: group = (null)
unix: radwtmp = /opt/freeradius/var/log/radius/radwtmp
unix: usegroup = no
unix: cache_reload = 600
Module: Instantiated unix (unix)
Module: Loaded eap
eap: default_eap_type = md5
eap: timer_expire = 60
eap: ignore_unknown_eap_types = no
eap: cisco_accounting_username_bug = no
rlm_eap: Loaded and initialized type md5
rlm_eap: Loaded and initialized type leap
gtc: challenge = Password:
gtc: auth_type = PAP
rlm_eap: Loaded and initialized type gtc
mschapv2: with_ntdomain_hack = no
rlm_eap: Loaded and initialized type mschapv2
Module: Instantiated eap (eap)
Module: Loaded attr_rewrite
attr_rewrite: attribute = User-Name
attr_rewrite: searchfor = promo.*
attr_rewrite: searchin = packet
attr_rewrite: replacewith = %{User-Password}
attr_rewrite: append = no
attr_rewrite: ignore_case = no
attr_rewrite: new_attribute = no
attr_rewrite: max_matches = 10
Module: Instantiated attr_rewrite (attr_rewrite)
Module: Loaded preprocess
preprocess: huntgroups = /opt/freeradius/etc/raddb/huntgroups
preprocess: hints = /opt/freeradius/etc/raddb/hints
preprocess: with_ascend_hack = no
preprocess: ascend_channels_per_line = 23
preprocess: with_ntdomain_hack = no
preprocess: with_specialix_jetstream_hack = no
preprocess: with_cisco_vsa_hack = no
Module: Instantiated preprocess (preprocess)
Module: Loaded detail
detail: detailfile =
/opt/freeradius/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
detail: detailperm = 384
detail: dirperm = 493
detail: locking = no
Module: Instantiated detail (auth_log)
Module: Loaded realm
realm: format = prefix
realm: delimiter = /
realm: ignore_default = yes
realm: ignore_null = yes
Module: Instantiated realm (prefix)
realm
Re: segmentation fault caused by sql ?
Mario,
I thought I had that installed, hum...
I'm on fc3, what rpm package(s) should I install for the mysqlclient?
Thaks for your respond!
--Vicky
Mario Alberto Cruz Gartner wrote:
I'd had a similar segmentation fault when i'd try to use the sql
module and the freeradius installation doesn't include the mysqlclient
libraries.
I've installed the libraries on the system, reconfigure, make, make
install again and it works fine!
On 7/6/05, vicky [EMAIL PROTECTED] wrote:
Hi all!
I have a segmentation fault and it scares me. I have attached the output
of radiusd -X with this e-mail.
It is not because the database is not there because when I connect to it
manually it works.
Is is permission issues? Is it a driver problem?
Thanks for any help I can get!
--Vicky
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /opt/freeradius/etc/raddb/proxy.conf
Config: including file: /opt/freeradius/etc/raddb/trs_proxy.conf
Config: including file: /opt/freeradius/etc/raddb/clients.conf
Config: including file: /opt/freeradius/etc/raddb/trs_clients.conf
Config: including file: /opt/freeradius/etc/raddb/snmp.conf
Config: including file: /opt/freeradius/etc/raddb/sqlcounter.conf
Config: including file: /opt/freeradius/etc/raddb/eap.conf
Config: including file: /opt/freeradius/etc/raddb/sql.conf
main: prefix = /opt/freeradius
main: localstatedir = /opt/freeradius/var
main: logdir = /opt/freeradius/var/log/radius
main: libdir = /opt/freeradius/lib
main: radacctdir = /opt/freeradius/var/log/radius/radacct
main: hostname_lookups = no
main: max_request_time = 30
main: cleanup_delay = 5
main: max_requests = 1024
main: delete_blocked_requests = 0
main: port = 0
main: allow_core_dumps = no
main: log_stripped_names = no
main: log_file = /opt/freeradius/var/log/radius/radius.log
main: log_auth = yes
main: log_auth_badpass = yes
main: log_auth_goodpass = no
main: pidfile = /opt/freeradius/var/run/radiusd/radiusd.pid
main: user = trustive
main: group = trustive
main: usercollide = no
main: lower_user = no
main: lower_pass = no
main: nospace_user = no
main: nospace_pass = no
main: checkrad = /opt/freeradius/sbin/checkrad
main: proxy_requests = yes
proxy: retry_delay = 5
proxy: retry_count = 3
proxy: synchronous = no
proxy: default_fallback = yes
proxy: dead_time = 120
proxy: post_proxy_authorize = no
proxy: wake_all_if_all_dead = no
security: max_attributes = 200
security: reject_delay = 1
security: status_server = no
main: debug_level = 0
read_config_files: reading dictionary
read_config_files: reading naslist
Using deprecated naslist file. Support for this will go away soon.
read_config_files: reading clients
read_config_files: reading realms
radiusd: entering modules setup
Module: Library search path is /opt/freeradius/lib
Module: Loaded PAP
pap: encryption_scheme = crypt
Module: Instantiated pap (pap)
Module: Loaded CHAP
Module: Instantiated chap (chap)
Module: Loaded MS-CHAP
mschap: use_mppe = yes
mschap: require_encryption = no
mschap: require_strong = no
mschap: with_ntdomain_hack = no
mschap: passwd = (null)
mschap: authtype = MS-CHAP
mschap: ntlm_auth = (null)
Module: Instantiated mschap (mschap)
Module: Loaded System
unix: cache = no
unix: passwd = (null)
unix: shadow = (null)
unix: group = (null)
unix: radwtmp = /opt/freeradius/var/log/radius/radwtmp
unix: usegroup = no
unix: cache_reload = 600
Module: Instantiated unix (unix)
Module: Loaded eap
eap: default_eap_type = md5
eap: timer_expire = 60
eap: ignore_unknown_eap_types = no
eap: cisco_accounting_username_bug = no
rlm_eap: Loaded and initialized type md5
rlm_eap: Loaded and initialized type leap
gtc: challenge = Password:
gtc: auth_type = PAP
rlm_eap: Loaded and initialized type gtc
mschapv2: with_ntdomain_hack = no
rlm_eap: Loaded and initialized type mschapv2
Module: Instantiated eap (eap)
Module: Loaded attr_rewrite
attr_rewrite: attribute = User-Name
attr_rewrite: searchfor = promo.*
attr_rewrite: searchin = packet
attr_rewrite: replacewith = %{User-Password}
attr_rewrite: append = no
attr_rewrite: ignore_case = no
attr_rewrite: new_attribute = no
attr_rewrite: max_matches = 10
Module: Instantiated attr_rewrite (attr_rewrite)
Module: Loaded preprocess
preprocess: huntgroups = /opt/freeradius/etc/raddb/huntgroups
preprocess: hints = /opt/freeradius/etc/raddb/hints
preprocess: with_ascend_hack = no
preprocess: ascend_channels_per_line = 23
preprocess: with_ntdomain_hack = no
preprocess: with_specialix_jetstream_hack = no
preprocess: with_cisco_vsa_hack = no
Module: Instantiated preprocess (preprocess)
Module: Loaded detail
detail: detailfile =
/opt/freeradius/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
detail: detailperm = 384
detail: dirperm = 493
detail: locking = no
Module: Instantiated detail (auth_log)
Module: Loaded realm
realm: format = prefix
realm: delimiter = /
realm: ignore_default = yes
realm: ignore_null = yes
Module: Instantiated realm (prefix
segmentation fault caused by sql ?
Hi all!
I have a segmentation fault and it scares me. I have attached the output
of radiusd -X with this e-mail.
It is not because the database is not there because when I connect to it
manually it works.
Is is permission issues? Is it a driver problem?
Thanks for any help I can get!
--Vicky
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /opt/freeradius/etc/raddb/proxy.conf
Config: including file: /opt/freeradius/etc/raddb/trs_proxy.conf
Config: including file: /opt/freeradius/etc/raddb/clients.conf
Config: including file: /opt/freeradius/etc/raddb/trs_clients.conf
Config: including file: /opt/freeradius/etc/raddb/snmp.conf
Config: including file: /opt/freeradius/etc/raddb/sqlcounter.conf
Config: including file: /opt/freeradius/etc/raddb/eap.conf
Config: including file: /opt/freeradius/etc/raddb/sql.conf
main: prefix = /opt/freeradius
main: localstatedir = /opt/freeradius/var
main: logdir = /opt/freeradius/var/log/radius
main: libdir = /opt/freeradius/lib
main: radacctdir = /opt/freeradius/var/log/radius/radacct
main: hostname_lookups = no
main: max_request_time = 30
main: cleanup_delay = 5
main: max_requests = 1024
main: delete_blocked_requests = 0
main: port = 0
main: allow_core_dumps = no
main: log_stripped_names = no
main: log_file = /opt/freeradius/var/log/radius/radius.log
main: log_auth = yes
main: log_auth_badpass = yes
main: log_auth_goodpass = no
main: pidfile = /opt/freeradius/var/run/radiusd/radiusd.pid
main: user = trustive
main: group = trustive
main: usercollide = no
main: lower_user = no
main: lower_pass = no
main: nospace_user = no
main: nospace_pass = no
main: checkrad = /opt/freeradius/sbin/checkrad
main: proxy_requests = yes
proxy: retry_delay = 5
proxy: retry_count = 3
proxy: synchronous = no
proxy: default_fallback = yes
proxy: dead_time = 120
proxy: post_proxy_authorize = no
proxy: wake_all_if_all_dead = no
security: max_attributes = 200
security: reject_delay = 1
security: status_server = no
main: debug_level = 0
read_config_files: reading dictionary
read_config_files: reading naslist
Using deprecated naslist file. Support for this will go away soon.
read_config_files: reading clients
read_config_files: reading realms
radiusd: entering modules setup
Module: Library search path is /opt/freeradius/lib
Module: Loaded PAP
pap: encryption_scheme = crypt
Module: Instantiated pap (pap)
Module: Loaded CHAP
Module: Instantiated chap (chap)
Module: Loaded MS-CHAP
mschap: use_mppe = yes
mschap: require_encryption = no
mschap: require_strong = no
mschap: with_ntdomain_hack = no
mschap: passwd = (null)
mschap: authtype = MS-CHAP
mschap: ntlm_auth = (null)
Module: Instantiated mschap (mschap)
Module: Loaded System
unix: cache = no
unix: passwd = (null)
unix: shadow = (null)
unix: group = (null)
unix: radwtmp = /opt/freeradius/var/log/radius/radwtmp
unix: usegroup = no
unix: cache_reload = 600
Module: Instantiated unix (unix)
Module: Loaded eap
eap: default_eap_type = md5
eap: timer_expire = 60
eap: ignore_unknown_eap_types = no
eap: cisco_accounting_username_bug = no
rlm_eap: Loaded and initialized type md5
rlm_eap: Loaded and initialized type leap
gtc: challenge = Password:
gtc: auth_type = PAP
rlm_eap: Loaded and initialized type gtc
mschapv2: with_ntdomain_hack = no
rlm_eap: Loaded and initialized type mschapv2
Module: Instantiated eap (eap)
Module: Loaded attr_rewrite
attr_rewrite: attribute = User-Name
attr_rewrite: searchfor = promo.*
attr_rewrite: searchin = packet
attr_rewrite: replacewith = %{User-Password}
attr_rewrite: append = no
attr_rewrite: ignore_case = no
attr_rewrite: new_attribute = no
attr_rewrite: max_matches = 10
Module: Instantiated attr_rewrite (attr_rewrite)
Module: Loaded preprocess
preprocess: huntgroups = /opt/freeradius/etc/raddb/huntgroups
preprocess: hints = /opt/freeradius/etc/raddb/hints
preprocess: with_ascend_hack = no
preprocess: ascend_channels_per_line = 23
preprocess: with_ntdomain_hack = no
preprocess: with_specialix_jetstream_hack = no
preprocess: with_cisco_vsa_hack = no
Module: Instantiated preprocess (preprocess)
Module: Loaded detail
detail: detailfile =
/opt/freeradius/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
detail: detailperm = 384
detail: dirperm = 493
detail: locking = no
Module: Instantiated detail (auth_log)
Module: Loaded realm
realm: format = prefix
realm: delimiter = /
realm: ignore_default = yes
realm: ignore_null = yes
Module: Instantiated realm (prefix)
realm: format = suffix
realm: delimiter = @
realm: ignore_default = yes
realm: ignore_null = yes
Module: Instantiated realm (suffix)
Module: Loaded files
files: usersfile = /opt/freeradius/etc/raddb/users
files: acctusersfile = /opt/freeradius/etc/raddb/acct_users
files: preproxy_usersfile = /opt/freeradius/etc/raddb/preproxy_users
files: compat = no
Module
User-Name missing
Hi all! I execute an external script as soon as I get an Access- or an Accounting-Request. The scripts collects (from the environment variables) all the attributes received and writes them to a Database. I encountered a problem recently. The attribute User-Name is missing (its value equals NULL) for the Accounting-Requests but it is there in the Access-Requests. I find this strange that the User-Name attribute is sent with certain package types and not with others. My server is a freeRADIUS 1.0.3. Thanks for any contributions to solving this problem! -- Vicky - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: User-Name missing
Paul! Thanks for your respond! I do keep radacct logs and I did check it. I even run my server in debug mode and saw that the User-Name attribute is actually there. As for the other attributes I manage to get all of them except the User-Name! I find this very strange and it is almost driving me nuts. V Paul Hampson wrote: On Thu, Jun 23, 2005 at 03:12:33PM +0200, vicky wrote: Hi all! I execute an external script as soon as I get an Access- or an Accounting-Request. The scripts collects (from the environment variables) all the attributes received and writes them to a Database. I encountered a problem recently. The attribute User-Name is missing (its value equals NULL) for the Accounting-Requests but it is there in the Access-Requests. I find this strange that the User-Name attribute is sent with certain package types and not with others. My server is a freeRADIUS 1.0.3. Thanks for any contributions to solving this problem! Have a look at your radacct logs (you're keeping radacct logs, right?) and see if you're actually being sent a User-Name attribute. In fact, in the first instance, I'd use 'env' and confirm that your script is seeing all the attributes that get logged from the accounting packets. -- Vicky El Fhaily Integration Manager TRUSTIVE (France) WTC 2, Les Bouillides 120, Route des Macarons Parc de Sophia Antipolis 06560 Valbonne, France Phone: +33 493 65 25 63 Fax: +33 493 65 21 56 www.trustive.com / www.corp.trustive.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
executing external program
Hi all! I have a huge problem. When executing an external script I get strange error messages and my server shuts down. I find this strange because the script is tested a side and it works. Plus I have other similar scripts running and they run perfectly. I get this in the log (radiusd.log) : /Tue Jun 14 09:52:48 2005 : Error: Exec-Program: Abnormal child exit: Interrupted system call Tue Jun 14 09:52:48 2005 : Error: rlm_exec (getaccounting): External script failed/ And this in the debug mode : /radius_xlat: '/home/vicky/finalprog/compAttrs Accounting-Request' Exec-Program: /home/vicky/finalprog/compAttrs Accounting-Request MASTER: Child PID 1842 failed to catch signal 11: killing all active servers./ Has anyone encountered the same problem or has anyone any idea what may be causing this? Thanks a lot in advance! -- Vicky - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
executing external program
Hello guys and girls, While executing a script of mine in the radiusd.conf file I get a very strange error that worries me. /radius_xlat: '/home/vicky/finalprog/compAttrs Access-Request' Exec-Program: /home/vicky/finalprog/compAttrs Access-Request MASTER: Child PID 28050 failed to catch signal 11: killing all active servers./ The script it self is tested aside and it work. What seems to be the problem. I've never seen anything like this before... Thanks for all the suggestions! -- Vicky - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
picks up the same request twice
Hello RADIUS-people!
In my radius server I have a certain NAS defined in the clients.conf
file as (example) :
client 1.1.1.1{
shortname = one
secret = oneone
}
and the same NAS in the proxy.conf file like this :
realm one{
type = radius
authhost = 1.1.1.1:1812
accthost = 1.1.1.1:1813
secret = oneone
}
This creates confusion because when receiving a request from this NAS,
my radius server recognize it twice. One that is proxied and one that is
treated locally (without striping of the realm). How can I solve this
so that when the request should be proxied it is only proxied and when
it should be treated locally it is only treated locally?
I hope I made my question clear...
Loads of thanks!
--
Vicky
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Cannot find a configuration entry for module exec
Hey people, I'm trying to upgrade my freeRADIUS server and to do so, I downloaded and installed the latest version available on freeradius.org. I installed and configured it in a separate folder than the old server is configured in. Today I stopped the old server and brought up the new one with radiusd -X and it gave me an error as shown below. . . . main: debug_level = 0 read_config_files: reading dictionary read_config_files: reading naslist Using deprecated naslist file. Support for this will go away soon. read_config_files: reading clients read_config_files: reading realms radiusd: entering modules setup Module: Library search path is /opt/freeradiusupgrade/lib ERROR: Cannot find a configuration entry for module exec. zsh: exit 1 /opt/freeradiusupgrade/sbin/radiusd -X With no line number or file name I don't even know where to begin to look. Does anyone has any suggestions? Every so thankful! -- Vicky - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
upgrading freeRADIUS
Hi list subscribers, hi list admins, (again) I'm running a freeRADIUS server version 0.8.1 (I know it is ancient) and I want to upgrade it to the latest version available. I have been trying to find some kind of procedure to upgrading but with no success. Does anyone know how to (in a fairly simple way) safely upgrade? The safetyness is very crucial, I cant risk overwriting my old configuration. The old server is built with #configure --prefix=/opt/freeradius #make #su #make install Thanks to you all in advance and please notice that I'm not that of an expert on RADIUS... Keep up the good work! -- Vicky - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: upgrading freeRADIUS
Hi Stéphane (and all the others of course), Thats is what I was trying to do, configure and install the new version elsewhere but still on the same machine (I'm gonna set the default ports to something else so there will be no conflicts). Now I've downloaded version 1.0.2 and I get a compilation error. I do : #configure --prefix=/opt/freeradius1.0.2 #make and in the end of the compilation output I get this... In file included from x99_rlm.c:54: x99.h:26:42: openssl/des.h: No such file or directory gmake[6]: *** [x99_rlm.o] Error 1 gmake[6]: Leaving directory `/home/vicky/freeradius-1.0.2/src/modules/rlm_x99_token' gmake[5]: *** [common] Error 1 gmake[5]: Leaving directory `/home/vicky/freeradius-1.0.2/src/modules' gmake[4]: *** [all] Error 2 gmake[4]: Leaving directory `/home/vicky/freeradius-1.0.2/src/modules' gmake[3]: *** [common] Error 1 gmake[3]: Leaving directory `/home/vicky/freeradius-1.0.2/src' gmake[2]: *** [all] Error 2 gmake[2]: Leaving directory `/home/vicky/freeradius-1.0.2/src' gmake[1]: *** [common] Error 1 gmake[1]: Leaving directory `/home/vicky/freeradius-1.0.2' make: *** [all] Error 2 zsh: exit 2 make What am I missing? Cheers Vicky DELORT Stephane wrote: Hello Vicky, Haven't you try to copy your config files and do the upgrade on a test system ? (create an exact replica on another machine and upgrade it) I think it would be useful to post an howto to upgrade from xxx to yyy once you've done it. regards, Stéphane -Message d'origine- De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] la part de vicky Envoyé : mardi 31 mai 2005 11:31 À : FreeRadius users mailing list Objet : upgrading freeRADIUS Hi list subscribers, hi list admins, (again) I'm running a freeRADIUS server version 0.8.1 (I know it is ancient) and I want to upgrade it to the latest version available. I have been trying to find some kind of procedure to upgrading but with no success. Does anyone know how to (in a fairly simple way) safely upgrade? The safetyness is very crucial, I cant risk overwriting my old configuration. The old server is built with #configure --prefix=/opt/freeradius #make #su #make install Thanks to you all in advance and please notice that I'm not that of an expert on RADIUS... Keep up the good work! -- Vicky El Fhaily Integration Manager TRUSTIVE (France) WTC 2, Les Bouillides 120, Route des Macarons Parc de Sophia Antipolis 06560 Valbonne, France Phone: +33 493 65 25 63 Fax: +33 493 65 21 56 www.trustive.com / www.corp.trustive.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: upgrading freeRADIUS
Rupak, I built the code in a clean directory so to say. There was nothing in /opt/freeradius1.0.2/ before I made #./configure --prefix=/opt/freeradius1.0.2/ I just reset everything and retried, but still the same compilation error. Do you have any other suggestions? Thanks a lot! Vicky Rupak wrote: I also had the same problem.Later on I came to know that I had to again ./configure --prefix=- to another fresh unpacked tarball.Not in the old unpacked tar ball.just again try tar -xvf freeradius-1.0.2.tar and again ./configure then make then again make install. This time try and give another directory in --prefix section.when I had faced this problem I even formatted my box.Thanx that it was an isolated machine. Rupak Hi Stéphane (and all the others of course), Thats is what I was trying to do, configure and install the new version elsewhere but still on the same machine (I'm gonna set the default ports to something else so there will be no conflicts). Now I've downloaded version 1.0.2 and I get a compilation error. I do : #configure --prefix=/opt/freeradius1.0.2 #make and in the end of the compilation output I get this... In file included from x99_rlm.c:54: x99.h:26:42: openssl/des.h: No such file or directory gmake[6]: *** [x99_rlm.o] Error 1 gmake[6]: Leaving directory `/home/vicky/freeradius-1.0.2/src/modules/rlm_x99_token' gmake[5]: *** [common] Error 1 gmake[5]: Leaving directory `/home/vicky/freeradius-1.0.2/src/modules' gmake[4]: *** [all] Error 2 gmake[4]: Leaving directory `/home/vicky/freeradius-1.0.2/src/modules' gmake[3]: *** [common] Error 1 gmake[3]: Leaving directory `/home/vicky/freeradius-1.0.2/src' gmake[2]: *** [all] Error 2 gmake[2]: Leaving directory `/home/vicky/freeradius-1.0.2/src' gmake[1]: *** [common] Error 1 gmake[1]: Leaving directory `/home/vicky/freeradius-1.0.2' make: *** [all] Error 2 zsh: exit 2 make What am I missing? Cheers Vicky DELORT Stephane wrote: Hello Vicky, Haven't you try to copy your config files and do the upgrade on a test system ? (create an exact replica on another machine and upgrade it) I think it would be useful to post an howto to upgrade from xxx to yyy once you've done it. regards, Stéphane -Message d'origine- De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] la part de vicky Envoyé : mardi 31 mai 2005 11:31 À : FreeRadius users mailing list Objet : upgrading freeRADIUS Hi list subscribers, hi list admins, (again) I'm running a freeRADIUS server version 0.8.1 (I know it is ancient) and I want to upgrade it to the latest version available. I have been trying to find some kind of procedure to upgrading but with no success. Does anyone know how to (in a fairly simple way) safely upgrade? The safetyness is very crucial, I cant risk overwriting my old configuration. The old server is built with #configure --prefix=/opt/freeradius #make #su #make install Thanks to you all in advance and please notice that I'm not that of an expert on RADIUS... Keep up the good work! - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
upgrading freeRADIUS
Hi list subscribers, hi list admins, I'm running a freeRADIUS server version 0.8.1 (I know it is ancient) and I want to upgrade it to the latest version available. I have been trying to find some kind of procedure to upgrading but with no success. Does anyone know how to (in a fairly simple way) safely upgrade? The safetyness is very crucial, I cant risk overwriting my old configuration. The old server is built with /configure --prefix=/opt/freeradius make su make install / Thanks to you all in advance and please notice that I'm not that of an expert on RADIUS... Keep up the good work! -- Vicky - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
MS-CHAP
Hello freeRADIUS mailing list readers, Is it possible to configure a freeRADIUS server running on a UNIX machine to also accept MS-CHAP? If so, is it complicated? is there documentation for it? how can I do that (in a fairly simple way)? /the girl that wonders why Microsoft had to complicate things for her... -- Vicky - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Acct-Session-Id
Hello guys and girls, I have a small quick question. Is the attribute Acct-Session-Id (number 44) modifiable manually (can I set it to what I want)? If so where should it be modified (in witch file)? sanx a lot! -- Vicky - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: RADIUS attributes
Hi Alan, Thanks for your answer but that is unfortunately not what I had hoped for. What I'm actually looking for is a way to retrieve the configured attributes of some one that is trying to connect to my freeRADIUS server. Is that possible? Best, Vicky Alan DeKok wrote: vicky [EMAIL PROTECTED] wrote: I was wondering if RADIUS attributes show when I run the server in debug mode. It spits out a lot of things, is the configured attributes there between? In other words, does one see the attributes configured just by looking at the output from the debugger? For some attributes, yes. The debug mode generally prints out what module did what, which enables you to read your configuration files, to discover which attributes are matched. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- Vicky El Fhaily Integration Manager TRUSTIVE (France) WTC 2, Les Bouillides 120, Route des Macarons Parc de Sophia Antipolis 06560 Valbonne, France Phone: +33 493 65 25 63 Fax: +33 493 65 21 56 www.trustive.com / www.corp.trustive.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: RADIUS attributes
Mitchell (and all the rest), Thanks for your answer but what I meant was : Of all freeRADIUS attributes that exists, I want to know exactly witch once the client (the one on the other side who is trying to connect to my server) has set (configured) and to which value. Is this feasible? Thanks again, Vicky - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: RADIUS attributes
Exactly, what I meant by client is NAS not PC. You are not the one confused, it is more likely that I'm speaking gibberish. If my server receives the (all!) attributes from any NAS in the request then problem solved. But, the request piece in the debugger is so small, I had a doubt that I couldn't see all attributes in there, but if you say so... Enormous thanks! Vicky Michael Mitchell wrote: Maybe I'm just really confused, but the attributes that the client has set are the ones that the server receives in the request... Maybe you need to define what you mean by client... A client is something that sends RADIUS requests to a radius server, eg a Network Access Server (NAS) of some sort. If by client you mean for example a PC that is using a modem to dial up to a network, then the answer is it doesn't set any attributes. It may however supply some values (like a username and password) that the NAS will populate some RADIUS attributes with. regards, Mike (same Mike, different email address ;-) ) vicky wrote: Mitchell (and all the rest), Thanks for your answer but what I meant was : Of all freeRADIUS attributes that exists, I want to know exactly witch once the client (the one on the other side who is trying to connect to my server) has set (configured) and to which value. Is this feasible? Thanks again, Vicky - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- Vicky El Fhaily Integration Manager TRUSTIVE (France) WTC 2, Les Bouillides 120, Route des Macarons Parc de Sophia Antipolis 06560 Valbonne, France Phone: +33 493 65 25 63 Fax: +33 493 65 21 56 www.trustive.com / www.corp.trustive.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RADIUS attributes
Hi guys and girls! I was wondering if RADIUS attributes show when I run the server in debug mode. It spits out a lot of things, is the configured attributes there between? In other words, does one see the attributes configured just by looking at the output from the debugger? Thanks all! Peace Vicky - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
radclient
Hi guys and girls, I have recently downloaded and installed freeRADIUS on a fedora (Red Hat Linux) machine. The radtest is successful but the radclient :( is not. For example : #radclient localhost auth testing123 gives nothing, just like above. It hangs the terminal and I have to end the command with CTRL-c. Even the debugger gives nothing, blank. (Also tried radiusd -x -x -x). What seems to be the problem? Tanks in advance Vicky - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
radtest
Hi all, I'm trying to do a simple radtest but it doesn't go through. Here is what I get : $ radtest bob bob localhost 0 testing123 Sending Access-Request of id 227 to 127.0.0.1:1812 User-Name = bob User-Password = bob NAS-IP-Address = localhost.localdomain NAS-Port = 0 radclient: no response from server for ID 227 I running on Fedora with very simple configurations. Does anyone have any idea about what is going on? Cheers Vicky This message was sent using IMP, the Internet Messaging Program. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
configurating freeRADIUS
Hi,
I have recently downloaded and installed the latest version
(freeradius-1.0.2) at freeRADIUS.org
I have configurated server as I want it to be but i fail to check the
configuration (for example with check-radiusd-config). I get an error
that says:
15654:error:0906D06C:PEM routines:PEM_read_bio:no start
line:pem_lib.c:632:Expecting: CERTIFICATE
15654:error:0200100E:system library:fopen:Bad
address:bss_file.c:259:fopen('','r')
15654:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:261:
15654:error:140AD002:SSL routines:SSL_CTX_use_certificate_file:system
lib:ssl_rsa.c:513:
rlm_eap_tls: Error reading certificate file
rlm_eap: Failed to initialize type tls
radiusd.conf[9]: eap: Module instantiation failed.
The system is running on a LINUX machine, fedora 3.0
I appreciate any tips and ideas about how the error can be solved.
Thanks in advance!
Vicky
This message was sent using IMP, the Internet Messaging Program.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
