Re: FreeRADIUS and databases
On Thu, Nov 22, 2012 at 10:07 PM, Yann R. Moupinda wrote: > Now i want let Freeradius to use a mysql database or in best case a sqlite > database if possible. > The sqlite3 database containing the sim information (triplets) is located on > another linux board. mysql should be easy. sqlite db on another host, not so easy. Your best bet might be to use nfs. I'd say for requirement just stick with mysql or whatever-db-accessible-over-network that you choose. -- Fajar - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: FreeRADIUS and databases
Yann R. Moupinda wrote: > shortly i realized a successful eap-sim authentication test using a simple > flat file 'simtriplets.dat' containing the triplets. > Now i want let Freeradius to use a mysql database or in best case a sqlite > database if possible. > The sqlite3 database containing the sim information (triplets) is > located on > another linux board. > Does anybody have any idea how i can manage it? Use a network connection between the two systems. That's what networks are for. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Debian build the freeradius package with unixodbc support
On Fri, Nov 23, 2012 at 3:33 AM, Dominick Rivard wrote: > I also want to let you know that it has been replaced by libiodbc2-dev but No, it hasn't. http://packages.debian.org/wheezy/unixodbc-dev http://packages.ubuntu.com/raring/unixodbc-dev iodbc is another different package. > then you have to > create a symlink: ln -s /usr/lib/libodbc.so.1 /usr/lib/libodbc.so because it > isn't created when installing the package. > unixodbc-dev has libodbc.so: http://packages.debian.org/wheezy/amd64/unixodbc-dev/filelist > Now I have a freeradius and MSSQL backend working and being tested for a > future production move. I'm just wondering, why didn't you just use iodbc? That seems to be the default in debian, and should work for mssql. -- Fajar - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Debian build the freeradius package with unixodbc support
Hi, I finally got everything compiling and work just fine. You can see the answer I provided to my own question on serverfault. http://serverfault.com/a/451350/99708 Thank you for the unixodbc-dev dependencies I was missing. I also want to let you know that it has been replaced by libiodbc2-dev but then you have to create a symlink: ln -s /usr/lib/libodbc.so.1 /usr/lib/libodbc.so because it isn't created when installing the package. Now I have a freeradius and MSSQL backend working and being tested for a future production move. Best. Dominick -Original Message- From: freeradius-users-bounces+drivard=datavalet@lists.freeradius.org [mailto:freeradius-users-bounces+drivard=datavalet@lists.freeradius.org] On Behalf Of Fajar A. Nugraha Sent: November-13-12 9:58 PM To: FreeRadius users mailing list Subject: Re: Debian build the freeradius package with unixodbc support On Wed, Nov 14, 2012 at 4:22 AM, Dominick Rivard wrote: > Here is what I am trying to achieve, we want to install freeradius > using a Microsoft SQL backend. I read on the internet that we need to > achieve this goal using the unixodbc driver. That's not the only way. unixodbc and iodbc are (mostly) driver-compatible. > This is actually working. But I found out downloading the freeradius > tarbal that it can't use the rlm_sql_unixodbc driver, because in the > debian/rules file they compile it using the flag: > > --without-rlm_sql_unixodbc > Do you have any idea of what I am missing to compile it successfully? Short version? Just run "apt-get install freeradius-iodbc", and configure iodbc for mysql. Long version: there are ways you can change the debian recipe to get it to build odbc module (i.e. one of the requirements is that you need to install unixodbc-dev first), but it's MUCH easier to just use whatever the distro provide and support. Debian and Ubuntu has 2.1.12 with backported security patches, and 2.2.0 is available from my ppa: https://launchpad.net/~freeradius/+archive/stable. -- Fajar - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: rlm_perl without DynaLoader
Julius Plenz wrote: > Hi, Alan! > > * Alan DeKok [2012-11-22 15:22]: >>> Why is this an error case, rather than "no libs, no unloading >>> necessary"? >> It's a minor bug. > > Thank you for the bug fix I found at > https://github.com/FreeRADIUS/freeradius-server/commit/bfaf23b7d930364d680e76c14c1abedb2a1fb421 > > However, by fixing the minor bug, you seem to have introduced a major > one: FreeRADIUS segfaults on startup. Backtrace: ... > Maybe you shouldn't have moved the newXS() call to *before* the > perl_parse(inst->perl, xs_init, ...) call? Moving it after that line > fixes the segfault. Ok, fixed. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: vendor number of dictionary not working
>> So I tried other numbers and realized, that only numbers are accepted, >> who are smaller than 2^15. The largest working number is 32766. >> What is going wrong here? > > You're running a version of FreeRADIUS which is 5 years old. Oops, I run the latests version(*1) from SLES11SP2 (the commercial Version from Novell/SuSE) with all patches installed. Upgrade to a newer version than the vision delivered with SLES11SP2 not possible, because we loose support. I'll open a SR (*1) - freeradius-server-2.1.1 Thanks Meike! - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: rlm_perl without DynaLoader
Hi, Alan! * Alan DeKok [2012-11-22 15:22]: > > Why is this an error case, rather than "no libs, no unloading > > necessary"? > > It's a minor bug. Thank you for the bug fix I found at https://github.com/FreeRADIUS/freeradius-server/commit/bfaf23b7d930364d680e76c14c1abedb2a1fb421 However, by fixing the minor bug, you seem to have introduced a major one: FreeRADIUS segfaults on startup. Backtrace: #0 0x7fe8bc912ffe in Perl_newXS () from /usr/lib/libperl.so.5.10 #1 0x7fe8bcc495d4 in perl_instantiate (conf=0x24451a0, instance=0x2589c98) at rlm_perl.c:484 #2 0x0041a413 in find_module_instance (modules=, instname=0x2448150 "perl", do_link=) at modules.c:610 #3 0x0041c273 in do_compile_modsingle (parent=0x0, component=, ci=0x2448110, grouptype=, modname=0x7fffa89e15d0) at modcall.c:1921 #4 0x0041a8f1 in load_component_section (cs=0x2447c50, components=, comp=1) at modules.c:898 #5 0x0041adbc in load_byserver (cs=0x2447ad0) at modules.c:1099 #6 0x0041b1c8 in virtual_servers_load (config=0x243f100) at modules.c:1230 #7 0x0041b520 in setup_modules (reload=, config=0x243f100) at modules.c:1558 #8 0x004194ea in read_mainconfig (reload=) at mainconfig.c:967 #9 0x0041e2fe in main (argc=6, argv=0x7fffa89e1ee8) at radiusd.c:270 Maybe you shouldn't have moved the newXS() call to *before* the perl_parse(inst->perl, xs_init, ...) call? Moving it after that line fixes the segfault. Julius - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: vendor number of dictionary not working
Meike Stone wrote: > The number of the dictionary is reserved by IANA > (http://www.iana.org/assignments/enterprise-numbers) and correct. > > So I tried other numbers and realized, that only numbers are accepted, > who are smaller than 2^15. The largest working number is 32766. > What is going wrong here? You're running a version of FreeRADIUS which is 5 years old. Upgrade. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
vendor number of dictionary not working
Hello, I try to include a additional dictionary from fdXtended via $INCLUDE/etc/raddb/dictionary.fdXtended in the dirctionary file. I get the error: including dictionary file /etc/raddb/dictionary Errors reading dictionary: dict_init: /etc/raddb/dictionary.fdXtended[1]: dict_init: /etc/raddb/dictionary.fdXtended[1]: dict_init: The file /etc/raddb/dictionary.fdXtended looks like: VENDOR fdXtended 34536 BEGIN-VENDOR fdXtended ATTRIBUTE fdXtended-Bandwidth-Up 1 integer ATTRIBUTE fdXtended-Bandwidth-Down 2 integer ATTRIBUTE fdXtended-PostAuthURL 3 string ATTRIBUTE fdXtended-One2onenat-IP 4 string ATTRIBUTE fdXtended-ContentFilter 5 integer ATTRIBUTE fdXtended-NetworkPolicy 6 integer ATTRIBUTE fdXtended-BytesDown 7 integer ATTRIBUTE fdXtended-BytesUp 8 integer ATTRIBUTE fdXtended-Expiration 9 string ATTRIBUTE fdXtended-SessionTimeout 10 integer ATTRIBUTE fdXtended-Wan-Interface 11 string END-VENDOR fdXtended === The number of the dictionary is reserved by IANA (http://www.iana.org/assignments/enterprise-numbers) and correct. So I tried other numbers and realized, that only numbers are accepted, who are smaller than 2^15. The largest working number is 32766. What is going wrong here? Thanks Meike - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
FreeRADIUS and databases
Hi guys, shortly i realized a successful eap-sim authentication test using a simple flat file 'simtriplets.dat' containing the triplets. Now i want let Freeradius to use a mysql database or in best case a sqlite database if possible. The sqlite3 database containing the sim information (triplets) is located on another linux board. Does anybody have any idea how i can manage it? best regards Yann - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: rlm_perl without DynaLoader
Julius Plenz wrote: > when using rlm_perl with a very simple Perl script that does *not* use > DynaLoader to load some *.so files, upon thread exit, FreeRADIUS > (current v2.x.x branch) throws errors: > > Error: Could not get @DynaLoader::dl_librefs for unloading. That shouldn't be an error. I'll go fix that. > Why is this an error case, rather than "no libs, no unloading > necessary"? It's a minor bug. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
rlm_perl without DynaLoader
Hi, when using rlm_perl with a very simple Perl script that does *not* use DynaLoader to load some *.so files, upon thread exit, FreeRADIUS (current v2.x.x branch) throws errors: Error: Could not get @DynaLoader::dl_librefs for unloading. The errors originate from rlm_perl_get_handles(), which is invoked via pthread_key_create(key, rlm_destroy_perl): https://github.com/FreeRADIUS/freeradius-server/blob/v2.x.x/src/modules/rlm_perl/rlm_perl.c#L154 Adding an (otherwise useless) 'require DynaLoader;' to the Perl script fixes the errors. Why is this an error case, rather than "no libs, no unloading necessary"? Thanks, Julius - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Freeradiux -X tells me it's in use how to get the log back?
Hi, >Failed binding to authentication address * port 1812: Address already in >use the daemon is already running. killall radiusd or ps aux | grep radiusd find the process number and then 'kill -9 http://www.freeradius.org/list/users.html
Re: Freeradiux -X tells me it's in use how to get the log back?
On 22 Nov 2012, at 09:41, Tzvika Gelber wrote: > I need to see the connection log when users login to the radius > i was using freeradius -X and it was working great > > yesterday it started giving this error : > > } > Module: Checking session {...} for more modules to load > Module: Checking post-proxy {...} for more modules to load > Module: Checking post-auth {...} for more modules to load > } # modules > } # server > radiusd: Opening IP addresses and Ports > listen { > type = "auth" > ipaddr = * > port = 0 > Failed binding to authentication address * port 1812: Address already in use > /etc/freeradius/radiusd.conf[240]: Error binding to port for 0.0.0.0 port 1812 > > how do i free it so i will get the log again? (I am running in superuser > mode.) > Thank you uh killall freeradius... -Arran - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Git master branch & Debian build
On Thu, Nov 22, 2012 at 09:32:57AM +0100, Olivier Beytrison wrote: > Same thing on a clean system, with debian package or normal compilation. > Is there a way to actually see the commands used during the building > process, as it is with "standard" building system ? Edit scripts/boiler.mk (and other .mk files in that dir), remove @ characters at the beginning of the lines. Matthew -- Matthew Newton, Ph.D. Systems Architect (UNIX and Networks), Network Services, I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom For IT help contact helpdesk extn. 2253, - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Freeradiux -X tells me it's in use how to get the log back?
I need to see the connection log when users login to the radius i was using freeradius -X and it was working great yesterday it started giving this error : } Module: Checking session {...} for more modules to load Module: Checking post-proxy {...} for more modules to load Module: Checking post-auth {...} for more modules to load } # modules } # server radiusd: Opening IP addresses and Ports listen { type = "auth" ipaddr = * port = 0 Failed binding to authentication address * port 1812: Address already in use /etc/freeradius/radiusd.conf[240]: Error binding to port for 0.0.0.0 port 1812 how do i free it so i will get the log again? (I am running in superuser mode.) Thank you -- Sometimes you just glow in the dark... - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Git master branch & Debian build
On 22.11.2012 08:51, Olivier Beytrison wrote: > On 21.11.2012 17:13, Alan DeKok wrote: >> Olivier Beytrison wrote: >>> Aside this, I've been able to compile and make the packages, it >>> correctly loads the configuration, but I back at a previous problem : >>> /usr/local/freeradius/etc/raddb/mods-enabled/eap[17]: Failed to link to >>> module 'rlm_eap': /usr/local/freeradius/lib/rlm_eap.so: undefined >>> symbol: eap_wireformat >> >> I've pushed a fix. It was an error in the new build system. > > I've made a fresh clone right now from git. Tested again. Building is > ok. Freeradius still complains about rlm_eap [1]. Just to be sure I'll > try to install the deb package on a clean system. Will report later > about it. Same thing on a clean system, with debian package or normal compilation. Is there a way to actually see the commands used during the building process, as it is with "standard" building system ? nm -A build/lib/.libs/*.a | grep eap_wireformat build/lib/.libs/libfreeradius-eap.a:eapcommon.o:0160 T eap_wireformat build/lib/.libs/rlm_eap.a:eap.o: U eap_wireformat symbols are there. Should freeradius load libfreeradius-eap before rlm_eap. Not sure as you manually load the modules libs. Olivier -- Olivier Beytrison Network & Security Engineer, HES-SO Fribourg Mail: oliv...@heliosnet.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html