guest acces?

Matt Ashfield mda at unb.ca
Fri Mar 2 16:37:47 CET 2007


I've uncommented the unix line in authenticate and left the /etc/shadow, 
/etc/group, /etc/password files commented out of the unix module definition
part:
unix {
 cache = no
 cache_reload = 600
 #passwd = /etc/passwd
 #shadow = /etc/shadow
 #group = /etc/group
 radwtmp = ${logdir}/radwtmp                                              
}


but am still getting the following in my log:

Auth: rlm_unix: [baduser]: invalid password
Debug:   modsingle[authenticate]: returned from unix (rlm_unix) for request
0
Debug:   modcall[authenticate]: module "unix" returns reject for request 0


I am 100% positive I'm putting the password in correctly.

The user "baduser" has a shell of /sbin/nologin. Would that account for any
of this?

Thanks

Matt
mda at unb.ca 


-----Original Message-----
From: Alan DeKok [mailto:aland at deployingradius.com] 
Sent: March 2, 2007 4:47 AM
To: mda at unb.ca; FreeRadius users mailing list
Subject: Re: guest acces?

Matt Ashfield wrote:
> Now I know Alan does not recommend DEFAULT Auth-Type, but for here, I
think
> it might be necessary. So in my users file, I added the following:
> 
> DEFAULT Auth-Type := System
>         Fall-Through = Yes

  Don't use ":=", use "=".

> Thinking that would allow my users who have accounts on the server to
login.
> However, that is not working because in the logs in debug mode I see:
> 
> Debug: modcall: group authorize returns ok for request 0
> Debug:   rad_check_password:  Found Auth-Type System
> Debug: auth: type "System"
> Debug:   ERROR: Unknown value specified for Auth-Type.  Cannot perform
> requested action.
> Debug: auth: Failed to validate the user.

  You deleted the "unix" entry from the "authenticate" section.

  Alan DeKok.
--
  http://deployingradius.com       - The web site of the book
  http://deployingradius.com/blog/ - The blog




More information about the Freeradius-Users mailing list