FreeRadius Log File ?

Konne bridge_stone at gmx.net
Thu Jun 29 20:46:32 CEST 2006 

Scott Miller wrote:

>>>Hello all - I have freeradius with mysql up and running perfectly.  I
>>>recently "upgraded" from icradius because it seems to have dropped off
>>>      
>>>
>>the
>>    
>>
>>>face of the earth.  Anyways - there was a feature in icradius where I
>>>      
>>>
>>could
>>    
>>
>>>poll the log file to get customers authentication status.  I created a
>>>      
>>>
>>link
>>    
>>
>>>to a php file which referenced this log file for our techs to help with
>>>troubleshooting.  The file looks like this:
>>>
>>>
>>><?php
>>>
>>>include ('header.php');
>>>$file ="/var/log/radius.log";
>>>$limit="60";
>>>
>>>$fp = popen("/usr/bin/tail -$limit $file", 'r');
>>>if (! $fp ) {
>>> echo 'unable to pipe command';
>>>}
>>>
>>>while (!feof($fp) ) {
>>>  $line = fgets($fp, 4096);
>>>print $line."<br>";
>>>
>>>}
>>>
>>>include ('footer.php');
>>>?>
>>>
>>>But - there doesn't seem to be any log file I can poll this type of info
>>>from.  Here's an excerpt of what I was able to get with the above:
>>>
>>>Wed Jun 28 13:22:13 2006: Auth: Login OK: [sshort] (from nas
>>>      
>>>
>>CiscoAS5300/S0)
>>    
>>
>>>socket 0 (0 sec)
>>>Wed Jun 28 13:22:56 2006: Auth: Login OK: [lilia] (from nas Cisco
>>>      
>>>
>>AS5300/S0)
>>    
>>
>>>socket 0 (0 sec)
>>>Wed Jun 28 13:23:03 2006: Auth: Login OK: [eaglesight] (from nas
>>>CiscoAS5300/S0) socket 0 (0 sec)
>>>Wed Jun 28 13:23:56 2006: Auth: Login OK: [dierman] (from nas
>>>CiscoAS5300/S0) socket 0 (0 sec)
>>>Wed Jun 28 13:23:58 2006: Auth: Login OK: [rprice] (from nas
>>>      
>>>
>>CiscoAS5300/S0)
>>    
>>
>>>socket 0 (0 sec)
>>>Wed Jun 28 13:25:32 2006: Auth: Login OK: [hafens] (from nas
>>>      
>>>
>>CiscoAS5300/S0)
>>    
>>
>>>socket 0 (0 sec)
>>>Wed Jun 28 13:25:43 2006: Auth: Login OK: [edie_a] (from nas
>>>      
>>>
>>CiscoAS5300/S0)
>>    
>>
>>>socket 0 (0 sec)
>>>Wed Jun 28 13:26:09 2006: Auth: Login OK: [megameg] (from nas
>>>CiscoAS5300/S0) socket 0 (0 sec)
>>>Wed Jun 28 13:26:35 2006: Auth: Login OK: [stinger] (from nas
>>>CiscoAS5300/S0) socket 0 (0 sec)
>>>Wed Jun 28 13:26:39 2006: Auth: Login OK: [inahat] (from nas
>>>      
>>>
>>CiscoAS5300/S0)
>>    
>>
>>>socket 0 (0 sec)
>>>Wed Jun 28 14:26:57 2006: Auth: Login OK: [cafe] (from
>>>nascore219.interbel.net/S10101001) socket 0 (0 sec)
>>>
>>>
>>>Do we have a log file we can poll this type of info from, or does it
>>>      
>>>
>>store
>>    
>>
>>>it in the mysql database somewhere?
>>>
>>>Thanks,
>>>Scott Miller
>>>
>>>------------------------------
>>>
>>>Additional Information:
>>>
>>>I did find in the radiusd.conf file:
>>>
>>># allowed values: {no, yes}
>>>#
>>>log_stripped_names = yes
>>>
>>>#  Log authentication requests to the log file.
>>>#
>>>#  allowed values: {no, yes}
>>>#
>>>log_auth = yes
>>>
>>>#  Log passwords with the authentication requests.
>>>#  log_auth_badpass  - logs password if it's rejected
>>>#  log_auth_goodpass - logs password if it's correct
>>>#
>>>#  allowed values: {no, yes}
>>>#
>>>log_auth_badpass = yes
>>>log_auth_goodpass = yes
>>>
>>>But have not found where this log file resides.
>>>
>>>Thanks,
>>>Scott Miller
>>>
>>>
>>>-
>>>List info/subscribe/unsubscribe? See
>>>      
>>>
>>http://www.freeradius.org/list/users.html
>>    
>>
>>>
>>>
>>>      
>>>
>>hi,
>>
>>in the radius.conf there must be on the top the path variables of
>>radius... something like following :
>>See 'doc/variables.txt' for more information.
>>
>>     23 prefix = /usr/local
>>     24 exec_prefix = ${prefix}
>>     25 sysconfdir = /etc/
>>     26 localstatedir = ${prefix}/var
>>     27 sbindir = ${exec_prefix}/sbin
>>     28 logdir = ${localstatedir}/log/radius
>>     29 raddbdir = ${sysconfdir}/raddb
>>     30 radacctdir = ${logdir}/radacct
>>     31
>>     32 #  Location of config and logfiles.
>>     33 confdir = ${raddbdir}
>>     34 run_dir = ${localstatedir}/run/radiusd
>>     35
>>     36 #
>>     37 #  The logging messages for the server are appended to the
>>     38 #  tail of this file.
>>     39 #
>>     40 log_file = ${logdir}/radius.log
>>
>>
>>bye
>>-
>>    
>>
> <>
>
>
> [Scott Miller]
> I have verified my radius.conf file contains the following:
>
> prefix = /usr/local
> exec_prefix = ${prefix}
> sysconfdir = ${prefix}/etc
> localstatedir = ${prefix}/var
> sbindir = ${exec_prefix}/sbin
> logdir = ${localstatedir}/log/radius
> raddbdir = ${sysconfdir}/raddb
> radacctdir = ${logdir}/radacct
>
> There was no log file in /usr/local/log/radius/
>
> <>
> So I created the file radius.log in that directory - change the 
> permissions
> to 777, but still nothing gets written to it.
>
> -
> List info/subscribe/unsubscribe? See 
> http://www.freeradius.org/list/users.html

<>
the log file will be created in

/usr/local/var/log/radius/radius.log NOT in /usr/local/log/radius/radius.log

you can check if the radius.log file will be created by writing in the cli:

/etc/init.d/freeradius stop
/etc/init.d/freeradius start

now the radius.log file must be otherwise i dont know

bye

More information about the Freeradius-Users mailing list