installing problem on Debian
*** Warning: Linking the shared library rlm_perl.la against the *** static library /usr/lib/perl/5.8/auto/DynaLoader/DynaLoader.a is not portable! rm -fr .libs/rlm_perl.la .libs/rlm_perl.* .libs/rlm_perl-1.0.0-pre0.* gcc -shared rlm_perl.lo -L/usr/local/lib /usr/lib/perl/5.8/auto/DynaLoader/DynaLoader.a -L/usr/lib/perl/5.8/CORE -lperl -ldl -lm -lpthread -lc -lcrypt -lnsl -lresolv -lpthread -Wl,-E -Wl,-soname -Wl,rlm_perl-1.0.0-pre0.so -o .libs/rlm_perl-1.0.0-pre0.so /usr/bin/ld: cannot find -lperl collect2: ld returned 1 exit status make[6]: *** [rlm_perl.la] Error 1 make[6]: Leaving directory `/root/freeradius-snapshot-20040517/src/modules/rlm_perl' make[5]: *** [common] Error 1 make[5]: Leaving directory `/root/freeradius-snapshot-20040517/src/modules' make[4]: *** [all] Error 2 make[4]: Leaving directory `/root/freeradius-snapshot-20040517/src/modules' make[3]: *** [common] Error 1 make[3]: Leaving directory `/root/freeradius-snapshot-20040517/src' make[2]: *** [all] Error 2 make[2]: Leaving directory `/root/freeradius-snapshot-20040517/src' make[1]: *** [common] Error 1 make[1]: Leaving directory `/root/freeradius-snapshot-20040517' make: *** [all] Error 2 this is the error I have every time I try to "make" I install it with ./configure --with-experimental-modules and I have the same error with all the release I try... also with the lst one. thanks in advantage byez Polverni Davide - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
FreeRadius Logging Abilities
I am totally lost here. I am getting this type entry in my radius.log listing the radius server contacting us. Sat Oct 1 12:05:07 2005 : Auth: Login OK: [EMAIL PROTECTED] (from client upstream-radius5 port 7490 cli 2199340456) and I have a lot of useless (to us) account log directories in the radacct logging directory. What I want to do is lower the amount of detail in the accounting logs to a single file that can be rotated or just do away with it. We run 90% as a proxy server anyway, and the accounting tables in the database provide us with any reports we need. What i want to see in radius.log is an entry like this showing the nas-ip host/node name instead of radius client: Fri Sep 30 20:04:37 2005: Auth: Login OK: [EMAIL PROTECTED] (from nas nas5.tempe1.az.us.da.qwest.net/S7428) socket 0 (0 sec) I have searched through the examples and text in every config file in the /etc/raddb and cannot find a way to accomplish this. The FreeRadius logging options look quite powerful so I am assuming there is a reasonably easy way of doing this that I am missing and/or not comprehending. I tried commenting out the detail area to eliminate accounting logs, but then radius complained bitterly about not having a detail section. Any clues how to accomplish this goal? The wanted format for radius.log is an absolute must. The entire log is useless to us showing the contacting radius client. We need to know the network node they dialed into. -- Chuck - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Freeradius - Where to start and where to get the right answer
Alan DeKok wrote: >I'll see if I can get one set up. Vladimir Vuksan wrote: >I recommend DokuWiki Wikipedia and many others are using MediaWiki.org. I did a quick test installation at http://s92562228.onlinehome.us/wiki If you need any assistance ... and no, I have not used any other RADIUS server before. Gunther - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Freeradius - Where to start and where to get the right answer
Alan DeKok wrote: "Gunther" <[EMAIL PROTECTED]> wrote: I could imaging that a wiki site, updated from quite a bunch of people, could solve a lot of problems. I'll see if I can get one set up. I recommend DokuWiki http://wiki.splitbrain.org/wiki:dokuwiki It is simple to install and configure. Requires no database to be used and has nice extensions. I think Wiki is a great idea. Vladimir - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Freeradius and NFS
Wulf Kaiser <[EMAIL PROTECTED]> wrote: > But how do i tell the radiusd to read another conf than the original > radiusd.conf? "man radiusd" ? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Freeradius - Where to start and where to get the right answer
"Gunther" <[EMAIL PROTECTED]> wrote: > I could imaging that a wiki site, updated from quite a bunch of people, > could solve a lot of problems. I'll see if I can get one set up. As for documentation, have you tried using commercial servers? There's a reason most people get support contracts. Many commercial servers *can't* be configured without being on-line to support. That's intentional. It makes them more money. And from talking to contractors who've installed multiple RADIUS systems, the comments I've heard are that the FreeRADIUS documentation *is* better than the commercial servers. But it could always be better, of course. Feel free to submit patches. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Freeradius - Where to start and where to get the right answer
Nicolas Baradakis wrote: >You're right, the documentation isn't up-to-date. As you said, this is free software, >and any patch against the documentation will be greatly appreciated. > >Volunteers can submit their patches here: >http://bugs.freeradius.org/ Thanks for the hint! Didn't know that changes for the documentation would have to be filed as bugs. I could imaging that a wiki site, updated from quite a bunch of people, could solve a lot of problems. But I am glad that there is the search feature (ht://Dig) for this mailing list. ... and now back to my original problem ...dig, dig, dig ;-) Gunther - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Freeradius and NFS
Hi, after several problems, i managed it to install Freeradius on our NFS Server (running Solaris 9). The NFS Server exports a part of his '/usr/local' - including freeradius - to our main LDAP Server and to the Failover Machine. Starting Freeradius on the main LDAP Server works - it authenticates our WLAN and VPN Users. But now i want it running on both directory servers to have a real Failover for Freeradius, too. So i modified the startscript (also exported via NFS on both machines) and added: RAD_CONF=$RADDBDIR/`/usr/bin/uname -n`_radiusd.conf RAD_PID=$rundir/`/usr/bin/uname -n`_radius.pid I have also copied the radiusd.conf to ldap_radiusd.conf and ldapFailover_radiusd.conf and modified both to call machine specific log and pid files. Recently, i have done the same with the Apache Web Server, and it works with the following lines in the start section of apachectl: $HTTPD -k $ARGV -f $HTTPD_CONF But how do i tell the radiusd to read another conf than the original radiusd.conf? Whatever i tried, the output was [EMAIL PROTECTED]<80> /etc/init.d/radius.server start -n Starting FreeRADIUS: Sat Oct 1 12:30:52 2005 : Info: Starting - reading configuration files ... Sat Oct 1 12:30:52 2005 : Error: Unable to open file "/usr/local/freeradius/etc/radiusd.conf": No such file or directory Sat Oct 1 12:30:52 2005 : Error: Errors reading radiusd.conf The uname works, here are some debug outputs: Reading configuration from /usr/local/freeradius/etc/ldap_radiusd.conf... Generating PID in /usr/local/freeradius/var/run/radiusd/ldap_radius.pid... Any Ideas or tipps? mit freundlichem Gruss, Wulf Kaiser IT Services Web Development | Database Administration Webmaster www.mpimf-heidelberg.mpg.de Zentrale Hard- und Softwarebeschaffung Max-Planck-Institut für medizinische Forschung Jahnstrasse 29 69120 Heidelberg Fon +49 6221 486560 Fax +49 6221 486561 Mobil +49 172 6235901 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Freeradius - Where to start and where to get the righ answer
Gunther wrote: > I found out the hard way that documentation is not a pet project of > FR. The only up-to-date documentation I found so far is reading the > source code for hours, days, weeks ... There are lots of features I > could not find anywhere in any kind of documentation, but in the > source code, e.g. positional parameters for the SQL nas table. You're right, the documentation isn't up-to-date. As you said, this is free software, and any patch against the documentation will be greatly appreciated. Volunteers can submit their patches here: http://bugs.freeradius.org/ -- Nicolas Baradakis - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Freeradius - Where to start and where to get the righ answer
After using FR 1.0.5 for testing for a while with a FR+MySQL configuration, I found out the hard way that documentation is not a pet project of FR. The only up-to-date documentation I found so far is reading the source code for hours, days, weeks ... There are lots of features I could not find anywhere in any kind of documentation, but in the source code, e.g. positional parameters for the SQL nas table. Or you can use the IP or domain name within the nas table for the 'nasname'. What happens to dynamic DNS addresses? etc Anyhow, it is a nice piece of software, working most of the times very well! Additional guidance, a wiki or ... could be extremely helpful for the project ... maybe it even exists somewhere. I found my way around, but I am kind of stuck when it comes to the accounting records. Sometimes I simply do not get a stoptime and therefore the session is supposed to be still online. I can then take maybe the idle time, add it to the last startime and see if it makes 'sense'. I had 4+ records with empty starttime for a nas. All I like to do for instance ... - User got 24h (or other time period) allocated - When session ends an updated record for the next session time could be generated - When user logs in again, the remaining session time will be granted But what happens when radacct does not get the stoptime for the last session? Anyhow, is there anything, anywhere (up-to-date) where I can find further information? Going through ever source file is quite a time consuming act. Anyhow, Open Source is best ... I can apply changes without requesting a license change ;-) And where can you directly communicate with the developers ... Thanks! G. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: freeradius and MS SQL -- anyone got it working?
On Friday 30 September 2005 21:28, Duane Cox wrote: > There are a few qwerks with getting FreeRadius to work with MSSQL. thought so... :) > First thing, the FreeTDS files have been removed (more like > abandonded) from FreeRadius. > If you really want to call FreeTDS direclty, you will have to > download the files from the "attic". > But more than that you will also have to update the files as they do > not currently compile properly, they are a bit old. > I would suggest to go with unixodbc or iodbc, even though using > FreeTDS is IMHO the best way, it's not supported. oh... ok, then I'll go with unixodbc. > Second, in order to get MSSQL to work with the current version of > FreeRadius 1.0.5, you will need to install either unixodbc or iodbc. > I chose unixodbc; and in doing so it requires FreeTDS. So install > both FreeTDS and unixODBC. > > Third. You will need to include mssql.conf and call > rlm_sql_unixodbc. The mssql.conf has to many tricks to it. First > the default driver is invalid and the "server" is really the DSN and > must match that name found in /etc/odbc.ini. Also /etc/odbc.ini must > be readable by the freeradius daemon. Also, there is an extra > statement in the mssql.conf that is totaly not used and can be > deleted; it's "authenticate_query". > > These things should help you out. If you need any further > assistance, ie. configure/make commands and file contents ask again. Thanks. :) Could you give me an example how the /etc/odbc.ini has to look like? Cheers Arne -- Arne Götje (高盛華) <[EMAIL PROTECTED]> PGP/GnuPG key: 1024D/685D1E8C Fingerprint: 2056 F6B7 DEA8 B478 311F 1C34 6E9F D06E 685D 1E8C Key available at wwwkeys.pgp.net. Encrypted e-mail preferred. pgpPOfX8g5J3U.pgp Description: PGP signature - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
