Error: rlm_sql_unixodbc: SQL down 08S01 [unixODBC][FreeTDS][SQL Server]Unable to connect: Adaptive Server is unavailable or does not exist
I am having trouble starting freeradius at boot on CentOS 6.4. It starts, but it does not connect to my database; however, if run it manually from the command the it works fine. I think there is permission issue somewhere. See the log below: when I run following command as root it works # radiusd Sat May 25 10:26:20 2013 : Info: rlm_sql (sql): Driver rlm_sql_unixodbc (module rlm_sql_unixodbc) loaded and linked Sat May 25 10:26:20 2013 : Info: rlm_sql (sql): Attempting to connect to radius@EBHorizon:5000/Horizon Sat May 25 10:26:20 2013 : Info: rlm_sql (sql): Attempting to connect rlm_sql_unixodbc #0 Sat May 25 10:26:20 2013 : Info: rlm_sql (sql): Connected new DB handle, #0 Sat May 25 10:26:20 2013 : Info: rlm_sql (sql): Attempting to connect rlm_sql_unixodbc #1 Sat May 25 10:26:20 2013 : Info: rlm_sql (sql): Connected new DB handle, #1 Sat May 25 10:26:20 2013 : Info: rlm_sql (sql): Attempting to connect rlm_sql_unixodbc #2 Sat May 25 10:26:21 2013 : Info: rlm_sql (sql): Connected new DB handle, #2 Sat May 25 10:26:21 2013 : Info: rlm_sql (sql): Attempting to connect rlm_sql_unixodbc #3 Sat May 25 10:26:21 2013 : Info: rlm_sql (sql): Connected new DB handle, #3 Sat May 25 10:26:21 2013 : Info: rlm_sql (sql): Attempting to connect rlm_sql_unixodbc #4 Sat May 25 10:26:21 2013 : Info: rlm_sql (sql): Connected new DB handle, #4 Sat May 25 10:26:21 2013 : Info: Loaded virtual server default Sat May 25 10:26:21 2013 : Info: Loaded virtual server inner-tunnel Sat May 25 10:26:21 2013 : Info: ... adding new socket proxy address * port 35688 Sat May 25 10:26:21 2013 : Info: Ready to process requests. When I run the command below it does not connect. #service radiusd start Sat May 25 10:29:05 2013 : Info: rlm_sql (sql): Driver rlm_sql_unixodbc (module rlm_sql_unixodbc) loaded and linked Sat May 25 10:29:05 2013 : Info: rlm_sql (sql): Attempting to connect to radius@EBHorizon:5000/Horizon Sat May 25 10:29:05 2013 : Info: rlm_sql (sql): Attempting to connect rlm_sql_unixodbc #0 Sat May 25 10:29:05 2013 : Error: rlm_sql_unixodbc: SQL down 08S01 [unixODBC][FreeTDS][SQL Server]Unable to connect: Adaptive Server is unavailable or does not exist Sat May 25 10:29:05 2013 : Error: rlm_sql_unixodbc: Connection failed Sat May 25 10:29:05 2013 : Error: rlm_sql (sql): Failed to connect DB handle #0 Sat May 25 10:29:05 2013 : Info: Loaded virtual server default Sat May 25 10:29:05 2013 : Info: Loaded virtual server inner-tunnel Sat May 25 10:29:05 2013 : Info: ... adding new socket proxy address * port 59524 Sat May 25 10:29:05 2013 : Info: Ready to process requests. Any help would be greatly appreciated. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Error: rlm_sql_unixodbc: SQL down 08S01 [unixODBC][FreeTDS][SQL Server]Unable to connect: Adaptive Server is unavailable or does not exist
You are right I temporarily disabled SE Linux with echo 0 /selinux/enforce and it worked. Now I just need to figure out exactly what it is blocking. Thanks for the help! From: Alan DeKok [al...@deployingradius.com] Sent: Saturday, May 25, 2013 7:44 PM To: FreeRadius users mailing list Subject: Re: Error: rlm_sql_unixodbc: SQL down 08S01 [unixODBC][FreeTDS][SQL Server]Unable to connect: Adaptive Server is unavailable or doesnot exist Bill Grant wrote: I am having trouble starting freeradius at boot on CentOS 6.4. It starts, but it does not connect to my database; however, if run it manually from the command the it works fine. I think there is permission issue somewhere. See the log below: when I run following command as root it works It's probably some SELinux rule. The normal Linux APIs allow *any* process to make outbound connections. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Error: rlm_sql_unixodbc: SQL down 08S01 [unixODBC][FreeTDS][SQL Server]Unable to connect: Adaptive Server is unavailable or does not exist
I was able to fix it by doing the following. I installed setroubleshoot yum install setroubleshoot Then I ran the following command sealert -a /var/log/audit/audit.log /path/to/mylogfile.txt mylogfile.txt showed: found 3 alerts in /var/log/audit/audit.log SELinux is preventing /usr/sbin/radiusd from create access on the semaphore . * Plugin catchall (100. confidence) suggests *** If you believe that radiusd should be allowed create access on the sem by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # grep radiusd /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp SELinux is preventing /usr/sbin/radiusd from search access on the directory /home. * Plugin catchall (100. confidence) suggests *** If you believe that radiusd should be allowed search access on the home directory by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # grep radiusd /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp SELinux is preventing /usr/sbin/radiusd from name_connect access on the tcp_socket . * Plugin catchall (100. confidence) suggests *** If you believe that radiusd should be allowed name_connect access on the tcp_socket by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # grep radiusd /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp I ran the commands listed above: grep radiusd /var/log/audit/audit.log | audit2allow -M mypol semodule -i mypol.pp That fixed the problem, thanks again. From: Bill Grant [wgr...@ebpl.org] Sent: Saturday, May 25, 2013 8:29 PM To: FreeRadius users mailing list Subject: RE: Error: rlm_sql_unixodbc: SQL down 08S01 [unixODBC][FreeTDS][SQL Server]Unable to connect: Adaptive Server is unavailable or doesnot exist You are right I temporarily disabled SE Linux with echo 0 /selinux/enforce and it worked. Now I just need to figure out exactly what it is blocking. Thanks for the help! From: Alan DeKok [al...@deployingradius.com] Sent: Saturday, May 25, 2013 7:44 PM To: FreeRadius users mailing list Subject: Re: Error: rlm_sql_unixodbc: SQL down 08S01 [unixODBC][FreeTDS][SQL Server]Unable to connect: Adaptive Server is unavailable or doesnot exist Bill Grant wrote: I am having trouble starting freeradius at boot on CentOS 6.4. It starts, but it does not connect to my database; however, if run it manually from the command the it works fine. I think there is permission issue somewhere. See the log below: when I run following command as root it works It's probably some SELinux rule. The normal Linux APIs allow *any* process to make outbound connections. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
