Newbie-ish HUP question (0.9.0)
Hi All, Apologies to all if this IS documented somewhere, but I've had a good trawl through the archive and docs and can't appear to find the answer (I'm new-ish to freeradius currently). Just been playing with 0.9.0 (had a quick play with the final beta a few weeks back) and it all seems to work fantasticly, I have it auth'ing against a postgres DB and I'm a happy man, apart from one thing: Whenever I send it a HUP to reload the config (say for proxy.conf changes or whatever), it just dies completely and utterly. ie: the process completely disappears with NO output in logfiles or anything. If I run it with -X and then send it a SIGHUP, it just goes away, see STD[OUT|ERR] output below: - /usr/sbin/freeradius -X --snip-- Ready to process requests. --- Walking the entire request list --- Nothing to do. Sleeping until we see a request. Reloading configuration files. --- HUP sent here reread_config: reading radiusd.conf Config: including file: /etc/freeradius/proxy.conf Config: including file: /etc/freeradius/clients.conf Config: including file: /etc/freeradius/snmp.conf Config: including file: /etc/freeradius/postgresql.conf main: prefix = /usr main: localstatedir = /var main: logdir = /var/log/freeradius main: libdir = /usr/lib/freeradius main: radacctdir = /var/log/freeradius/radacct main: hostname_lookups = no main: snmp = no main: max_request_time = 30 main: cleanup_delay = 5 main: max_requests = 1024 main: delete_blocked_requests = 0 main: port = 0 main: allow_core_dumps = no main: log_stripped_names = no main: log_file = /var/log/freeradius/radius.log main: log_auth = no main: log_auth_badpass = no main: log_auth_goodpass = no main: pidfile = /var/run/freeradius/freeradius.pid main: user = freerad main: group = freerad main: usercollide = no main: lower_user = no main: lower_pass = no main: nospace_user = no main: nospace_pass = no main: checkrad = /usr/sbin/checkrad main: proxy_requests = yes proxy: retry_delay = 5 proxy: retry_count = 3 proxy: synchronous = no proxy: default_fallback = yes proxy: dead_time = 120 proxy: post_proxy_authorize = yes proxy: wake_all_if_all_dead = no security: max_attributes = 200 security: reject_delay = 1 security: status_server = no main: debug_level = 0 read_config_files: reading dictionary read_config_files: reading naslist Using deprecated naslist file. Support for this will go away soon. read_config_files: reading clients Using deprecated clients file. Support for this will go away soon. read_config_files: reading realms Using deprecated realms file. Support for this will go away soon. dies silently at this point - I'm wondering if anyone can help me trackdown what exactly might be happening (or, if I'm doing something REALLY dumb, then to beat me severely with a clue-stick). Any help very appreciated, Thanks, Fenn. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Newbie-ish HUP question (0.9.0)
I'm wondering if anyone can help me trackdown what exactly might be happening (or, if I'm doing something REALLY dumb, then to beat me severely with a clue-stick). Ok, I realise I jumped the gun slightly in my eagerness for help (though still not fixed) - here's a bit more info: Log output AFTER the HUP is: --- Wed Jul 30 16:08:19 2003 : Info: Reloading configuration files. Wed Jul 30 16:08:19 2003 : Info: Using deprecated naslist file. Support for this will go away soon. Wed Jul 30 16:08:19 2003 : Info: Using deprecated clients file. Support for this will go away soon. Wed Jul 30 16:08:19 2003 : Info: Using deprecated realms file. Support for this will go away soon. Wed Jul 30 16:08:19 2003 : Error: sql_postgresql: calling unimplemented function --- So it's obviously a postgres module related issue (odd that it starts and works, but fails on HUP). Here's the tail of a strace output off the master process/thread: --- read(13, #\n#\tTHIS FILE IS DEPRECATED.\n#\n#..., 4096) = 1387 read(13, , 4096) = 0 close(13) = 0 munmap(0x40017000, 4096)= 0 getrlimit(0x4, 0xbfffe500) = 0 setrlimit(RLIMIT_CORE, {rlim_cur=0, rlim_max=RLIM_INFINITY}) = 0 open(/etc/group, O_RDONLY)= 13 fcntl64(13, F_GETFD)= 0 fcntl64(13, F_SETFD, FD_CLOEXEC)= 0 fstat64(13, {st_mode=S_IFREG|0644, st_size=519, ...}) = 0 old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40017000 _llseek(13, 0, [0], SEEK_CUR) = 0 read(13, root:x:0:\ndaemon:x:1:\nbin:x:2:\ns..., 4096) = 519 close(13) = 0 munmap(0x40017000, 4096)= 0 setgid32(0x67) = 0 open(/etc/passwd, O_RDONLY) = 13 fcntl64(13, F_GETFD)= 0 fcntl64(13, F_SETFD, FD_CLOEXEC)= 0 fstat64(13, {st_mode=S_IFREG|0644, st_size=1354, ...}) = 0 old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40017000 _llseek(13, 0, [0], SEEK_CUR) = 0 read(13, root:x:0:0:root:/root:/bin/bash\n..., 4096) = 1354 close(13) = 0 munmap(0x40017000, 4096)= 0 setuid32(0x69) = 0 munmap(0x4023d000, 10040) = 0 munmap(0x4024, 11824) = 0 rt_sigaction(SIGPIPE, {SIG_IGN}, {SIG_IGN}, 8) = 0 send(7, X, 1, 0) = 1 rt_sigaction(SIGPIPE, {SIG_IGN}, {SIG_IGN}, 8) = 0 close(7)= 0 open(/var/log/freeradius/radius.log, O_WRONLY|O_APPEND|O_CREAT, 0666) = 7 fstat64(7, {st_mode=S_IFREG|0644, st_size=24247, ...}) = 0 old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40017000 fstat64(7, {st_mode=S_IFREG|0644, st_size=24247, ...}) = 0 _llseek(7, 24247, [24247], SEEK_SET)= 0 time(NULL) = 1059545186 write(7, Wed Jul 30 16:06:26 2003 : Error..., 81) = 81 close(7)= 0 munmap(0x40017000, 4096)= 0 write(12, [EMAIL PROTECTED](\371\22\10\310\377\22\10`=..., 148) = 148 rt_sigprocmask(SIG_SETMASK, NULL, [RTMIN], 8) = 0 rt_sigsuspend([] unfinished ... --- SIGRTMIN (Real-time signal 0) --- ... rt_sigsuspend resumed ) = -1 EINTR (Interrupted system call) sigreturn() = ? (mask now [RTMIN]) wait4(4570, NULL, __WCLONE, NULL) = 4570 munmap(0x40014000, 4096)= 0 _exit(1)= ? --- By the way, this is built/installed using the debian packaging stuff under /debian in the tarball. Thanks heaps again, Fenn. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re:A question about implementing PEAP
Title: Messaggio Hi, I'm tryng to implement PEAP(with the help of Chris Hessing) for xsupplicant with IAS (radius server of windows), and so I know a littlesome problem in the implementation.If your problem is how to encrypt (and decrypt) the packet for PEAP phase 2, you can see the code that I had writtenfor xsupplicant (client and server work in the same manner)you should download Xsupplicant (www.open1x.org) and see inthe file src/auth_methods/tls/eapcrypt.c the func eapcrypt_decrypt(...). I think it should help. thanks Daniele Brevi
ldap.attrmap file
Hi, I have an entry in a ldap database with an attribute radiusVSA. In file ldap.attrmap, I have this line - replyItem Vendor-Specific radiusVSA In user file, I have this line - sqdqFS Autz-Type:=CISCO-ACCESS,Auth-Type:=CISCO-ACCESS Service-Type = Login-User I want that user sqdqFS provides to my Cisco Switch this attribute : Cisco-AVPair = shell:priv-lvl=15 For this, I use the attribute radiusVSA in LDAP but what's the syntax for this attribute : Cisco-avpair = shell:priv-lvl=15 Or shell:priv-lvl=15 An answer ?? Thanks Philippe - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Help Needed Regarding Accounting in FreeRadius with / without MySql
On Wed, Jul 30, 2003 at 04:15:22PM +0530, Pradeep Rai wrote: I do not know how to configure accounting information for new users. Does Tell your NAS to send accounting information. this require MySQL for it. Is this possible w/o using MySQL. What all files you can log into detail files. do I need to configure ? radiusd.conf, look for 'detail' Oliver. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Exec-Program-Wait trouble.
Since I started to use Exec-Program-Wait, From time to time begin to appear messages such following: 30 14:53:23 2003 : Error: Thread 9 failed waiting for semaphore: Interrupted system call: Exiting 30 14:53:26 2003 : Error: Discarding new request from client ns1:1025 - ID: 242 due to live request 50 30 14:53:29 2003 : Error: Discarding new request from client ns1:1025 - ID: 242 due to live request 50 30 14:53:32 2003 : Error: Discarding new request from client ns1:1025 - ID: 242 due to live request 50 30 14:53:51 2003 : Error: Thread 10 failed waiting for semaphore: Interrupted system call: Exiting 30 14:53:57 2003 : Error: WARNING: Unresponsive child (id 1101872432) for request 50 30 14:56:21 2003 : Error: Exec-Program: Abnormal child exit: Interrupted system call What can i do? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Has anyone been able to get rlm_sql to auth users
There is nothing wrong with the tables. They work fine as shipped. I had the whole thing running against MYSQL in less than an hour using release .8 with absolutely no changes to anything other than config files. Tim -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Guy Fraser Sent: Tuesday, July 29, 2003 2:27 PM To: [EMAIL PROTECTED] Subject: Has anyone been able to get rlm_sql to auth users I was trying to get the PostgreSQL driver working. The SQL tables need to be fixed significantly, I have fixed some of the data types and have the tables functional. With so little documentation for rlm_sql it is very difficult to work with. I have made my own patch for Cistron 1.6.7-rc4 that allows accounting directly to a PostgreSQL db. I would be willing to work on fixing some of the rlm_sql parts, but first I would like to know if anyone has already got it working. I noticed in the source that the functions used to connect to the db will cause a crash if the connection fails. I can look into using the functions that allow reconnection and possibly some kind of buffering for extended failures. Guy - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: ldap.attrmap file
I have an entry in a ldap database with an attribute radiusVSA. In file ldap.attrmap, I have this line - replyItem Vendor-Specific radiusVSA In user file, I have this line - sqdqFS Autz-Type:=CISCO-ACCESS,Auth-Type:=CISCO-ACCESS Service-Type = Login-User I want that user sqdqFS provides to my Cisco Switch this attribute : Cisco-AVPair = shell:priv-lvl=15 For this, I use the attribute radiusVSA in LDAP but what's the syntax for this attribute : Cisco-avpair = shell:priv-lvl=15 Or shell:priv-lvl=15 The syntax will be shell:priv-lvl=15 example ldif format radiusVSA: shell:priv-lvl=15 An answer ?? Thanks Philippe - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: proxy an user without a realm?
Hi, is it possible and what should I do to forward (proxy) a specified username (without realm) to the specified radius server? Check out NULL in proxy.conf I tried adding as the realm delimiter which didn't work. It would be simple solution to my problem. Can I somehow specifiy proxy as user auth-type or similar if the above is not feasible? I need this because first request during l2tp setup on Cisco 6400 is just a realm name (without @,%,/ or similar) as the username and I need to proxy (not localy) process that username. ### Log from 'radiusd -X': Nothing to do. Sleeping until we see a request. rad_recv: Access-Request packet from host x.y.z.t::21645, id=155, length=124 User-Name = mpls-vpdn User-Password = cisco NAS-Port-Type = Virtual Cisco-NAS-Port = 8/0/0/127.36 NAS-Port = 2155806756 Connect-Info = 384/64 Service-Type = Outbound-User NAS-IP-Address = x.y.z.t Acct-Session-Id = 8/0/0/127.36_0045 modcall: entering group authorize modcall[authorize]: module preprocess returns ok modcall[authorize]: module chap returns noop modcall[authorize]: module mschap returns noop rlm_realm: No '@' in User-Name = mpls-vpdn, looking up realm NULL rlm_realm: No such realm NULL modcall[authorize]: module suffix returns noop users: Matched DEFAULT at 155 modcall[authorize]: module files returns ok modcall: group authorize returns ok rad_check_password: Found Auth-Type System auth: type System modcall: entering group authenticate modcall[authenticate]: module unix returns notfound modcall: group authenticate returns notfound auth: Failed to validate the user. ### Thanks - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Local user authentication.
Tran, Julian [EMAIL PROTECTED] wrote: I just want to do local user authentication on freeradius. My users file contains testAuth-Type := Local, Password == test1234 I get the following errors in the log and I can't work out why. Jul 29 16:19:43: Main.info: Starting - reading configuration files ... Jul 29 16:19:43: Main.info: reading /usr/local/etc/raddb/config You are not using FreeRADIUS. Stop posting to this list. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: eap-tls with ldap?
Luca Benassi [EMAIL PROTECTED] wrote: eap-tls works fine but I need to use LDAP. For what? Are you willing to say what you're trying to do, and why? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: eap-tls with ldap?
On Wed, 30 Jul 2003, Alan DeKok wrote: Luca Benassi [EMAIL PROTECTED] wrote: eap-tls works fine but I need to use LDAP. For what? Are you willing to say what you're trying to do, and why? No problem ... :) I want to secure a 802.11 lan using eap-tls and authenticating on an ldap server. At the moment the AP Cisco Aironet 350 authenticates with FreeRadius 0.9 using eap-tls. I'm testing with an XP client. I've made a CA and with it I've signed two certificates: client and server. It's all fine: the client is authenticated using eap-tls and the digital certificate generated with openssl. Now what I want to do. I'd like to autenthicate to a second server with an ldap server running. So that FreeRadius is used only for proxing request to and from the LDAP server. Can I do this? I think so, but I don't know where to begin :) I've managed to use eap-tls and XP following one of the fine tutorials on the web, but I haven't found anything with ldap. So, if anyone can tell me where to begin ... ;) At the present I'm reading some stuff regarding LDAP. Thank you again, Luca - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: eap-tls with ldap?
On Wed, 30 Jul 2003, Luca Benassi wrote: On Wed, 30 Jul 2003, Alan DeKok wrote: Luca Benassi [EMAIL PROTECTED] wrote: eap-tls works fine but I need to use LDAP. For what? Are you willing to say what you're trying to do, and why? No problem ... :) I want to secure a 802.11 lan using eap-tls and authenticating on an ldap server. At the moment the AP Cisco Aironet 350 authenticates with FreeRadius 0.9 using eap-tls. I'm testing with an XP client. I've made a CA and with it I've signed two certificates: client and server. It's all fine: the client is authenticated using eap-tls and the digital certificate generated with openssl. Now what I want to do. I'd like to autenthicate to a second server with an ldap server running. So that FreeRadius is used only for proxing request to and from the LDAP server. Can I do this? I think so, but I don't know where to begin :) So you want to proxy a radius request to an ldap server? I've managed to use eap-tls and XP following one of the fine tutorials on the web, but I haven't found anything with ldap. So, if anyone can tell me where to begin ... ;) I think what you really want to do is to make freeradius use ldap as the backend. You will store all your user authentication in the ldap directory and freeradius will then talk ldap to the ldap directory to autz and auth the users. Check out doc/rlm-ldap At the present I'm reading some stuff regarding LDAP. Thank you again, Luca - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Freeradius EAP roadmap [Re: A question about implementing PEAP]
Hi, This leads me to a quick question about where we are for EAP and where we're going. I still have an item on my Todo list to fix rlm_eap and the submodules to use RLM return codes, so, for example, an EAP subtype could return RLM_HANDLED to indicate an incoming packet should just be dropped. Is that one of the changes in the CVS? If not, I'm still not sure when I'll get to it, but we need that to meet the EAP-SIM spec. We're running with 0.8.1 now, but if I need to make this change, I assume I should do it against 0.9.0? If the CVS has already changed, maybe I should wait till the next release? I prefer to do my work on top of a released version, since it will need to go to our customers. Regards, Dave Alan DeKok wrote: pankaj Goel [EMAIL PROTECTED] wrote: I configured rlm_eap-peap module and used the code from eap-tls module to get till the first phase of peap. I have been using freeradius 0.8.1. Are you talking about the latest snapshot from CVS regarding the changes ? Yes. The issue is that the server CANNOT do TTLS or PEAP in 0.8.1, or in 0.9.0. Those two protocols require additional changes to the server core, which are ONLY in the latest CVS snapshot. I've also changed a large portion of the rlm_eap module, to make it simpler better. This work isn't strictly required for TTLS or PEAP, but it does make it MUCH easier to understand the EAP module. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Freeradius EAP roadmap [Re: A question about implementing PEAP]
Dave Mason [EMAIL PROTECTED] wrote: This leads me to a quick question about where we are for EAP and where we're going. I still have an item on my Todo list to fix rlm_eap and the submodules to use RLM return codes, so, for example, an EAP subtype could return RLM_HANDLED to indicate an incoming packet should just be dropped. Is that one of the changes in the CVS? Not yet. I plan on doing this over the next week or so. If not, I'm still not sure when I'll get to it, but we need that to meet the EAP-SIM spec. We're running with 0.8.1 now, but if I need to make this change, I assume I should do it against 0.9.0? Against the CVS head. The 0.9.0 release should ONLY have critical bug fixes. If the CVS has already changed, maybe I should wait till the next release? I prefer to do my work on top of a released version, since it will need to go to our customers. You can probably wait. I'd like to push 1.0 out as soon as possible. I see it mainly as a code cleanup release, with only a few new features. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Exec-Program-Wait trouble.
Fedor V.Zelenkin [EMAIL PROTECTED] wrote: 30 14:56:21 2003 : Error: Exec-Program: Abnormal child exit: Interrupted system call What can i do? Try the CVS snapshot from tomorrow. It should contain a fix. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Newbie Setup
I am working with a FreeBDS 4.8 System MySQL 3.23. I can start the radiusd -X from command line and it worls fine authenticating aginst the database. My problem is i can not getting a radius.log file. i have tried starting it with /usr/local/sbin/radiusd -l /usr/local/var/log/radius/radius.log -xxfzy radius workd but i am not able to get a log if i remove the xx and relpace with X i get the same thing. I just need it to log my good and bad logins. if i remove the x's completelt it says it can not open (NULL) and does not start. also i am having a problem getting it to start at boot. i have daemontool installed, but the service is not starting at boot. any help would be greatly appreciated. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
generating Accounting messages
Is there another way to generate an accounting message from Freeradius to another radius server when a user authenticates? One idea was to call radclient in a shell program to generate the packet. I would call radclient in the exec module with all the accounting attributes and send them to another radius server. I am wondering if there is a better way? Also is there a way to call multiple programs in the post-exec module? Can I have multiple program lines? Or will it only run one program ? exec ECUdirect-post-exe{ wait = no program=/opt/freeradius/etc/raddb/myworkershell.sh input_pairs = reply } Thanks, Ron. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: generating Accounting messages
On Wed, 30 Jul 2003, Ron Wahler wrote: Is there another way to generate an accounting message from Freeradius to another radius server when a user authenticates? its called radrelay. check doc/radrelay One idea was to call radclient in a shell program to generate the packet. I would call radclient in the exec module with all the accounting attributes and send them to another radius server. I am wondering if there is a better way? Also is there a way to call multiple programs in the post-exec module? Can I have multiple program lines? Or will it only run one program ? exec ECUdirect-post-exe{ wait = no program=/opt/freeradius/etc/raddb/myworkershell.sh input_pairs = reply } Thanks, Ron. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Newbie Setup
travis [EMAIL PROTECTED] wrote: I am working with a FreeBDS 4.8 System MySQL 3.23. I can start the radiusd -X from command line and it worls fine authenticating aginst the database. My problem is i can not getting a radius.log file. i have tried starting it with /usr/local/sbin/radiusd -l /usr/local/var/log/radius/radius.log -xxfzy When running in debugging mode, the server doesn't produce a log file. if i remove the x's completelt it says it can not open (NULL) and does not start. Did you edit the 'radiusd.conf' file, to point it to a log file? also i am having a problem getting it to start at boot. i have daemontool installed, but the service is not starting at boot. That's a FreeBSD admin question. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: generating Accounting messages
Radrelay is interesting, but will only relay an accounting message to another radius server. I need to generate an original accounting message from the radius server. The NAS will not be sending one. -Original Message- From: Dustin Doris [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 30, 2003 10:55 AM To: [EMAIL PROTECTED] Subject: Re: generating Accounting messages On Wed, 30 Jul 2003, Ron Wahler wrote: Is there another way to generate an accounting message from Freeradius to another radius server when a user authenticates? its called radrelay. check doc/radrelay One idea was to call radclient in a shell program to generate the packet. I would call radclient in the exec module with all the accounting attributes and send them to another radius server. I am wondering if there is a better way? Also is there a way to call multiple programs in the post-exec module? Can I have multiple program lines? Or will it only run one program ? exec ECUdirect-post-exe{ wait = no program=/opt/freeradius/etc/raddb/myworkershell.sh input_pairs = reply } Thanks, Ron. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Newbie Setup
Ok i got the service to start at boot now. When i remove the x's it gives me an error about could not open null i have the log file set in the radiusd.conf -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Alan DeKok Sent: Wednesday, July 30, 2003 1:04 PM To: [EMAIL PROTECTED] Subject: Re: Newbie Setup travis [EMAIL PROTECTED] wrote: I am working with a FreeBDS 4.8 System MySQL 3.23. I can start the radiusd -X from command line and it worls fine authenticating aginst the database. My problem is i can not getting a radius.log file. i have tried starting it with /usr/local/sbin/radiusd -l /usr/local/var/log/radius/radius.log -xxfzy When running in debugging mode, the server doesn't produce a log file. if i remove the x's completelt it says it can not open (NULL) and does not start. Did you edit the 'radiusd.conf' file, to point it to a log file? also i am having a problem getting it to start at boot. i have daemontool installed, but the service is not starting at boot. That's a FreeBSD admin question. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: generating Accounting messages
On Wed, 30 Jul 2003, Ron Wahler wrote: Radrelay is interesting, but will only relay an accounting message to another radius server. I need to generate an original accounting message from the radius server. The NAS will not be sending one. My bad, saw that you did write when they authenticate, just overlooked that. Looks like you will have to generate the packet and send it over. -Original Message- From: Dustin Doris [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 30, 2003 10:55 AM To: [EMAIL PROTECTED] Subject: Re: generating Accounting messages On Wed, 30 Jul 2003, Ron Wahler wrote: Is there another way to generate an accounting message from Freeradius to another radius server when a user authenticates? its called radrelay. check doc/radrelay One idea was to call radclient in a shell program to generate the packet. I would call radclient in the exec module with all the accounting attributes and send them to another radius server. I am wondering if there is a better way? Also is there a way to call multiple programs in the post-exec module? Can I have multiple program lines? Or will it only run one program ? exec ECUdirect-post-exe{ wait = no program=/opt/freeradius/etc/raddb/myworkershell.sh input_pairs = reply } Thanks, Ron. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: generating Accounting messages
In this case I was thinking of generating an Acct-Session-ID some how. I assume that it just needs to be a unique ID identifying the users accounting session between my server and the Accounting server. See any problems with that ? Ron. -Original Message- From: Alan DeKok [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 30, 2003 11:02 AM To: [EMAIL PROTECTED] Subject: Re: generating Accounting messages Ron Wahler [EMAIL PROTECTED] wrote: Is there another way to generate an accounting message from Freeradius to another radius server when a user authenticates? One idea was to call radclient in a shell program to generate the packet. That's about your only option. But there's a problem: You don't know what Acct-Session-Id to use. Also is there a way to call multiple programs in the post-exec module? Can I have multiple program lines? Or will it only run one program ? It takes only one program line. But you should be able to use a shell script wrapper to run multiple programs. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Newbie Setup
travis-radius [EMAIL PROTECTED] wrote: When i remove the x's it gives me an error about could not open null Are you going to post the error to the list, as suggested in the FAQ, or are you going to play a stupid game of twenty questions, and make us guess? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: generating Accounting messages
Ron Wahler [EMAIL PROTECTED] wrote: In this case I was thinking of generating an Acct-Session-ID some how. I assume that it just needs to be a unique ID identifying the users accounting session between my server and the Accounting server. See any problems with that ? Nope. See the 'acct_unique_id' module. You'll need to do something similar to create an Acct-Session-Id, because you *don't* want to keep track of it on the server. i.e. Generate a fake Acct-Session-Id based on an MD5-hash of the client IP address, user name, and NAS port. That should work... Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Newbie Setup
What ever the problem was i have it working now. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Alan DeKok Sent: Wednesday, July 30, 2003 1:21 PM To: [EMAIL PROTECTED] Subject: Re: Newbie Setup travis-radius [EMAIL PROTECTED] wrote: When i remove the x's it gives me an error about could not open null Are you going to post the error to the list, as suggested in the FAQ, or are you going to play a stupid game of twenty questions, and make us guess? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Freeradius EAP roadmap
Good deal! If 1.0 comes out soon and it has the RLM return code fix (and the static link fix?) for EAP, I'll be a happy camper. If our management shifts gears and decides they need the RLM fix sooner, I'll check back here and see if anything is new, and pull the latest CVS and work from there. Otherwise I'll wait and see what happens. Regards, Dave Alan DeKok wrote: Dave Mason [EMAIL PROTECTED] wrote: This leads me to a quick question about where we are for EAP and where we're going. I still have an item on my Todo list to fix rlm_eap and the submodules to use RLM return codes, so, for example, an EAP subtype could return RLM_HANDLED to indicate an incoming packet should just be dropped. Is that one of the changes in the CVS? Not yet. I plan on doing this over the next week or so. If not, I'm still not sure when I'll get to it, but we need that to meet the EAP-SIM spec. We're running with 0.8.1 now, but if I need to make this change, I assume I should do it against 0.9.0? Against the CVS head. The 0.9.0 release should ONLY have critical bug fixes. If the CVS has already changed, maybe I should wait till the next release? I prefer to do my work on top of a released version, since it will need to go to our customers. You can probably wait. I'd like to push 1.0 out as soon as possible. I see it mainly as a code cleanup release, with only a few new features. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Attribute rewriting based on NAS/huntgroup?
This might be a stupid question, but I am just not seeing it... I've looked over all of the documentation, the code, searched through the archives, etc. I'm just going to have to come right out and ask at this point. Is it possible to cause an attribute rewrite rule to only be used when the packet is coming from a particular NAS-IP-Address / huntgroup? Let's say that you need to add '@foo.com' (if it's not present) to User-Names coming from the NAS 1.2.3.4... Possible? (On a side note, who is in charge of the rlm_ldap module? I have a patch for them to look at.) -- Jason Downs [EMAIL PROTECTED] - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: gmake freeradius-0.9.0 on BSDI4.3
Hello !!! I built with and without support for threads and I always got the same error. I checked the following files: ./src/include/radiusd.h and it has the following line: extern int total_active_threads(void); ./src/main/radiusd.c and it includes the followings lines #include radiusd.h if( (total_active_threads() == 0) || (max_wait = 5) ) { sig_hup_block = FALSE; break; } ./src/main/threads.c and it has the next lines: int total_active_threads(void) { int rcode = 0; THREAD_HANDLE *handle; for (handle = thread_pool.head; handle != NULL; handle = handle-next){ if (handle-request != NULL) { rcode ++; } } return (rcode); } Any suggestion? - Original Message - From: Alan DeKok [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, July 25, 2003 6:21 PM Subject: Re: gmake freeradius-0.9.0 on BSDI4.3 Guillermo Delmastro [EMAIL PROTECTED] wrote: When I do gmake I get this error: ... radiusd.o: In function `main': /usr/freeradius-0.9.0/src/main/radiusd.c:845: undefined reference to `total_active_threads' Build with support for threads. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Proxy-to-Realm
I've been testing freeradius the last few days, I've found the functionality I'm looking for, but wonder if I can do it in a better way. If I specify DEFAULT Called-Station-ID =22, Proxy-To-Realm:=domain.com in the users file, then the real domain.com is appened to any customer whose called-station-id was identified as 22. What I would like to do (since I have prefixes across my entire state), is use some sort of wildcard system. we identify our customers by the last 4 digits only. Example: Customer A = XXX XXX Realm domain1.com Customer B = XXX XXX Realm domain2.com Is there any way to do a wildcard for Called-Station-ID, like DEFAULT Called-Station-Id= xx5522, Proxy-To-Realm := domain1.com DEFAULT Called-Station-Id= xx5533, Proxy-To-Realm := domain2.com DEFAULT Called-Station-Id= xx5544, Proxy-To-Realm := domain3.com If this doesn't work, and I'm really going about this in the wrong way, some pointers to the right direction would be great. Regards MIKE - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Group membership in users file
Hello everybody... I can't get the Group check attribute to work when using the users file. This is how my users file looks like: -- SNIP -- test22 Auth-Type:=Local,User-Password==testest,Group:=Colubris-APs Colubris-AVPAIR+=default-user-smtp-redirect=mail.attbi.com, Fall-Through = Yes DEFAULT Group == Colubris-APs Colubris-AVPAIR:=login-page=https://192.168.0.1; -- SNIP -- FreeRadius matches the first one (test22), but not the following DEFAULT, indeed only the first Colubris-AVPAIR is returned. ciao Navid ps. freeradius version = 0.9.0 signature.asc Description: This is a digitally signed message part
Re: Proxy-to-Realm
Michael Baird [EMAIL PROTECTED] wrote: Is there any way to do a wildcard for Called-Station-ID, like DEFAULT Called-Station-Id= xx5522, Proxy-To-Realm := domain1.com DEFAULT Called-Station-Id= xx5533, Proxy-To-Realm := domain2.com DEFAULT Called-Station-Id= xx5544, Proxy-To-Realm := domain3.com Regexes. DEFAULT Called-Station-Id =~ 5544$, Proxy-To-Realm := domain3.com Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Group membership in users file
Navid Sheikhol Eslami [EMAIL PROTECTED] wrote: I can't get the Group check attribute to work when using the users file. See the FAQ for an example of using the Group attribute. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Newbie-ish HUP question (0.9.0)
- Original Message - From: Fenn Bailey [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, July 30, 2003 2:06 AM Subject: Newbie-ish HUP question (0.9.0) read_config_files: reading dictionary read_config_files: reading naslist Using deprecated naslist file. Support for this will go away soon. read_config_files: reading clients Using deprecated clients file. Support for this will go away soon. read_config_files: reading realms Using deprecated realms file. Support for this will go away soon. dies silently at this point - It looks like you modified a file it was used originally to configure freeradius and you shouldn't use it anymore. Try to check with the HowTo to see if you are changing the files you should and if you changed other one try to comment any change you did on it, just in order to follow the normal course of the application. It used to happen that if you change one old file like the clients instead of clients.conf it refuses to work. :) Bye Ivan D. Barrera EECIS Staff University of Delaware. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: generating Accounting messages
Hi Ron I am actually having the same problem too... I would be really grateful if you could email me your solution, or mail it here to the list. How are you going to close the accouting session though? (when the user hangs up) Kveja / Best regards / Brynjar Hauksson ICQ# 15512204 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Alan DeKok Sent: Thursday, July 31, 2003 12:23 AM To: [EMAIL PROTECTED] Subject: Re: generating Accounting messages Ron Wahler [EMAIL PROTECTED] wrote: In this case I was thinking of generating an Acct-Session-ID some how. I assume that it just needs to be a unique ID identifying the users accounting session between my server and the Accounting server. See any problems with that ? Nope. See the 'acct_unique_id' module. You'll need to do something similar to create an Acct-Session-Id, because you *don't* want to keep track of it on the server. i.e. Generate a fake Acct-Session-Id based on an MD5-hash of the client IP address, user name, and NAS port. That should work... Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Group membership in users file
I guess my approach was just wrong then :) Any suggestion to do the same thing, but with a different Check attribute? :) Navid On Wed, 2003-07-30 at 16:33, Alan DeKok wrote: Navid Sheikhol Eslami [EMAIL PROTECTED] wrote: Thank you Alan, I did read the FAQ and all the documentation in /doc. It explains how to match a DEFAULT entry based on the Group, assuming that the user belongs to it but I'm not sure that my line: test22 Auth-Type:=3DLocal,User-Password=3D=3Dtestest,Group:=3DColubris-= APs is associating the user test22 to the group Colubrus-APs, since: It isn't. The Group attribute doesn't work that way. The Group attribute LOOKS UP a user in a Unix group. There is no way to use it to assign a user to a group. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html signature.asc Description: This is a digitally signed message part
Re: Attribute rewriting based on NAS/huntgroup?
On Wed, 30 Jul 2003, Jason Downs wrote: This might be a stupid question, but I am just not seeing it... I've looked over all of the documentation, the code, searched through the archives, etc. I'm just going to have to come right out and ask at this point. Is it possible to cause an attribute rewrite rule to only be used when the packet is coming from a particular NAS-IP-Address / huntgroup? Let's say that you need to add '@foo.com' (if it's not present) to User-Names coming from the NAS 1.2.3.4... Possible? Yes, see doc/Autz-Type something like: DEFAULT NAS-IP-Address == 1.2.3.4, Autz-Type := Rewrite autztype Rewrite { attr_rewrite } (On a side note, who is in charge of the rlm_ldap module? I have a patch for them to look at.) Me and Adrian Pavlykevych [EMAIL PROTECTED] mainly. -- Jason Downs [EMAIL PROTECTED] - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- Kostas Kalevras Network Operations Center [EMAIL PROTECTED] National Technical University of Athens, Greece Work Phone: +30 210 7721861 'Go back to the shadow' Gandalf - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Cisco Access Levels
On Wed, 30 Jul 2003, Robert LaGrasse wrote: Someone had an sample posted the other day. I don't recall the exact syntax, but you could start with something like this. When you define the user in the users file I believe you will use this as a reply item. I have not tried sending vendor specific attributes to a cisco, so maybe someone else can provide a little more information. Hope this helps. cisco-avpair= shell:priv-lvl=15 John McKinney Hi All: I didn't see this in the FAQ, but I'm sure someone has done this before: I want to set the server up to authenticate/authorize telnet access against the local linux user database. I need one group of users to have regular old login access, and the other to have priviledge level (15) access. If there is an example of this somewhere, just point the way. I'm a newbie here, so please be gentle :) Thanks in advance for your help. -B - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Local user authentication.
You are right. I thought I was using freeradius but it wasn't. All the config files were certainly very similar. We've downloaded the latest version of freeradius now and it works fine. Thanks. -Original Message- From: Alan DeKok [mailto:[EMAIL PROTECTED] Sent: Thursday, 31 July 2003 12:13 AM To: [EMAIL PROTECTED] Cc: Tran, Julian Subject: Re: Local user authentication. Tran, Julian [EMAIL PROTECTED] wrote: I just want to do local user authentication on freeradius. My users file contains testAuth-Type := Local, Password == test1234 I get the following errors in the log and I can't work out why. Jul 29 16:19:43: Main.info: Starting - reading configuration files ... Jul 29 16:19:43: Main.info: reading /usr/local/etc/raddb/config You are not using FreeRADIUS. Stop posting to this list. Alan DeKok. This E-Mail is intended only for the addressee. Its use is limited to that intended by the author at the time and it is not to be distributed without the author's consent. Unless otherwise stated, the State of Queensland accepts no liability for the contents of this E-Mail except where subsequently confirmed in writing. The opinions expressed in this E-Mail are those of the author and do not necessarily represent the views of the State of Queensland. This E-Mail is confidential and may be subject to a claim of legal privilege. If you have received this E-Mail in error, please notify the author and delete this message immediately. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Newbie-ish HUP question (0.9.0)
It looks like you modified a file it was used originally to configure freeradius and you shouldn't use it anymore. Try to check with the HowTo to see if you are changing the files you should and if you changed other one try to comment any change you did on it, just in order to follow the normal course of the application. It used to happen that if you change one old file like the clients instead of clients.conf it refuses to work. :) Thanks for the tip, the main problem is it does it even if I don't touch any files at all, eg: just start it and issue a HUP. I have also found, it does the same thing with any signal sent to the process; it outputs that Error: sql_postgresql: calling unimplemented message and dies. Probably not a good thing :) I deleted the deprecated clients, realms and naslist files (you can see the open failure below) and included the strace output. It looks much the same unfortunately :\ --- read(15, #\n# dictionary.wispr\n#\n#\tVSAs or..., 4096) = 996 read(15, , 4096) = 0 close(15) = 0 munmap(0x4024d000, 4096)= 0 open(/usr/share/freeradius/dictionary.xedia, O_RDONLY) = 15 fstat64(15, {st_mode=S_IFREG|0644, st_size=766, ...}) = 0 old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x4024d000 read(15, ..., 4096) = 766 read(15, , 4096) = 0 close(15) = 0 munmap(0x4024d000, 4096)= 0 read(14, 3\tinteger\nATTRIBUTE\tAcct-Session..., 4096) = 4096 read(14, \t1010\tdate\nATTRIBUTE\tAutz-Type\t\t..., 4096) = 4096 read(14, Acct-Terminate-CauseId..., 4096) = 4096 read(14, e\tAccounting-Request\t\t4\nVALUE\t\tR..., 4096) = 462 read(14, , 4096) = 0 close(14) = 0 munmap(0x40216000, 4096)= 0 read(13, , 4096) = 0 close(13) = 0 munmap(0x40017000, 4096)= 0 open(/etc/freeradius/naslist, O_RDONLY) = -1 ENOENT (No such file or directory) open(/etc/freeradius/clients, O_RDONLY) = -1 ENOENT (No such file or directory) open(/etc/freeradius/realms, O_RDONLY) = -1 ENOENT (No such file or directory) getrlimit(0x4, 0xbfffe520) = 0 setrlimit(RLIMIT_CORE, {rlim_cur=0, rlim_max=RLIM_INFINITY}) = 0 open(/etc/group, O_RDONLY)= 13 fcntl64(13, F_GETFD)= 0 fcntl64(13, F_SETFD, FD_CLOEXEC)= 0 fstat64(13, {st_mode=S_IFREG|0644, st_size=519, ...}) = 0 old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40017000 _llseek(13, 0, [0], SEEK_CUR) = 0 read(13, root:x:0:\ndaemon:x:1:\nbin:x:2:\ns..., 4096) = 519 close(13) = 0 munmap(0x40017000, 4096)= 0 setgid32(0x67) = 0 open(/etc/passwd, O_RDONLY) = 13 fcntl64(13, F_GETFD)= 0 fcntl64(13, F_SETFD, FD_CLOEXEC)= 0 fstat64(13, {st_mode=S_IFREG|0644, st_size=1354, ...}) = 0 old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40017000 _llseek(13, 0, [0], SEEK_CUR) = 0 read(13, root:x:0:0:root:/root:/bin/bash\n..., 4096) = 1354 close(13) = 0 munmap(0x40017000, 4096)= 0 setuid32(0x69) = 0 munmap(0x40234000, 10040) = 0 munmap(0x40237000, 11824) = 0 rt_sigaction(SIGPIPE, {SIG_IGN}, {SIG_IGN}, 8) = 0 send(7, X, 1, 0) = 1 rt_sigaction(SIGPIPE, {SIG_IGN}, {SIG_IGN}, 8) = 0 close(7)= 0 open(/var/log/freeradius/radius.log, O_WRONLY|O_APPEND|O_CREAT, 0666) = 7 fstat64(7, {st_mode=S_IFREG|0644, st_size=30259, ...}) = 0 old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40017000 fstat64(7, {st_mode=S_IFREG|0644, st_size=30259, ...}) = 0 _llseek(7, 30259, [30259], SEEK_SET)= 0 time(NULL) = 1059609253 write(7, Thu Jul 31 09:54:13 2003 : Error..., 81) = 81 close(7)= 0 munmap(0x40017000, 4096)= 0 write(12, [EMAIL PROTECTED]..., 148) = 148 rt_sigprocmask(SIG_SETMASK, NULL, [RTMIN], 8) = 0 rt_sigsuspend([] unfinished ... --- SIGRTMIN (Real-time signal 0) --- ... rt_sigsuspend resumed ) = -1 EINTR (Interrupted system call) sigreturn() = ? (mask now [RTMIN]) wait4(9795, NULL, __WCLONE, NULL) = 9795 munmap(0x40014000, 4096)= 0 _exit(1) --- Fenn. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Uninstall
How do I uninstall freeradius?? mobile:/usr/local/src/freeradius-0.9.0# make uninstall make: *** No rule to make target `uninstall'. Stop. I didnt find how to in package docs. Tom - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Uninstall
rm -rf $radiusdprefix :) On Wed, 2003-07-30 at 21:49, Antonio Alberto Lobato wrote: How do I uninstall freeradius?? mobile:/usr/local/src/freeradius-0.9.0# make uninstall make: *** No rule to make target `uninstall'. Stop. I didnt find how to in package docs. Tom - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- Gustavo A. Lozano Noldata Corporation [EMAIL PROTECTED] Calle 46 No. 40-19 CTO Bogota D.C. Colombia Noldata Corporation http://noldata.com I know not with what weapons World War III will be fought, but World War IV will be fought with sticks and stones. Albert Einstein - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Uninstall
On 30 Jul 2003 21:58:01 -0500 Gustavo Lozano [EMAIL PROTECTED] escreveu: rm -rf $radiusdprefix sorry, this variable is not set. What is radiusdprefix variable? On Wed, 2003-07-30 at 21:49, Antonio Alberto Lobato wrote: How do I uninstall freeradius?? mobile:/usr/local/src/freeradius-0.9.0# make uninstall make: *** No rule to make target `uninstall'. Stop. I didnt find how to in package docs. Tom - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Uninstall
Sorry again :-) I didnt see your last mail before send my last. TOm - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Uninstall
when you run configure you type something like: ./configure --prefix=/your/place/for/install that is what you want to erase On Wed, 2003-07-30 at 22:11, Antonio Alberto Lobato wrote: On 30 Jul 2003 21:58:01 -0500 Gustavo Lozano [EMAIL PROTECTED] escreveu: rm -rf $radiusdprefix sorry, this variable is not set. What is radiusdprefix variable? On Wed, 2003-07-30 at 21:49, Antonio Alberto Lobato wrote: How do I uninstall freeradius?? mobile:/usr/local/src/freeradius-0.9.0# make uninstall make: *** No rule to make target `uninstall'. Stop. I didnt find how to in package docs. Tom - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- Gustavo A. Lozano Noldata Corporation [EMAIL PROTECTED] Calle 46 No. 40-19 CTO Bogota D.C. Colombia Noldata Corporation http://noldata.com I know not with what weapons World War III will be fought, but World War IV will be fought with sticks and stones. Albert Einstein - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Uninstall
On Thu, 31 Jul 2003 12:59:35 +1000 Fenn Bailey [EMAIL PROTECTED] escreveu: Basically, there is no 'uninstall' as such unless you build and installed it as a debian package (go debian!). It most likely built to a single directory (eg: /usr/local/radiusd/) or whatever, which is referred to (somewhere?) as $radiusdprefix or whatever ;) but in this case, make install putted things in /usr/local/(bin,sbin,share/etc/etc...), not in only one dir :-( Just delete everything under that tree and it (might) be gone). I gotta admit, I don't know where 'make install' usually puts things as I've been using the debian package builder. I tried, but got trouble: mobile:/usr/local/src/freeradius-0.9.0# debian/rules binary ... ... checking for gdbm.h... no checking for gdbm_open in -lgdbm... no checking for gdbm_fdesc... (cached) no configure: error: set --without-rlm_counter to disable it explicitly. configure: error: ./configure failed for src/modules/rlm_counter make: *** [stamp-build] Error 1 How do I solve this, or, if gdbm (??) its not important, may I disable this without another troubles? Thanks - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Uninstall
On Thu, 31 Jul 2003 00:31:16 -0300 Antonio Alberto Lobato [EMAIL PROTECTED] escreveu: configure: error: ./configure failed for src/modules/rlm_counter make: *** [stamp-build] Error 1 How do I solve this, or, if gdbm (??) its not important, may I disable this without another troubles? I already solved. Thank you all :-) Tom - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html