freeradius+mysql
tnt at kalik.co.yu
tnt at kalik.co.yu
Tue May 15 03:19:14 CEST 2007
If this is a new version of Freeradius (1.1.6) you should use
Cleartext-Password and op := in radcheck. You are picking up Auth-Type
System, most likely from users file - find entry:
DEFAULT Auth-Type:= System
and comment it out. I think that's stopping it now.
Ivan Kalik
Kalik Informatika ISP
Dana 14/5/2007, "Hermidio A. Rodrguez Chavez"
<hermidio at ipiscmg.rimed.cu> piše:
>Where's this entries " entries in radcheck and radreply"
>
>OK, here's the way as I'm add the user (I don't know if this way is Ok)
>
>mysql> INSERT INTO radcheck VALUES (1,'jpeterson','Password','==','loco');
>mysql> INSERT INTO radreply VALUES
>(1,'jpeterson','Trapeze-VLAN-Name',':=','corp');
>mysql> INSERT INTO radreply VALUES
>(2,'jpeterson','Session-Timeout',':=','300');
>
>radtest
>
>atenea:/etc/freeradius# radtest jpeterson loco 127.0.0.1 0 mySecret
>Sending Access-Request of id 161 to 127.0.0.1 port 1812
> User-Name = "jpeterson"
> User-Password = "loco"
> NAS-IP-Address = 255.255.255.255
> NAS-Port = 0
>rad_recv: Access-Reject packet from host 127.0.0.1:1812, id=161, length=20
>atenea:/etc/freeradius#
>
>Debug of freeradius
>
>rad_recv: Access-Request packet from host 127.0.0.1:1111, id=168, length=61
> User-Name = "jpeterson"
> User-Password = "loco"
> NAS-IP-Address = 255.255.255.255
> NAS-Port = 0
>Mon May 14 13:21:41 2007 : Debug: Processing the authorize section of
>radiusd.conf
>Mon May 14 13:21:41 2007 : Debug: modcall: entering group authorize for
>request 0
>Mon May 14 13:21:41 2007 : Debug: modsingle[authorize]: calling preprocess
>(rlm_preprocess) for request 0
>Mon May 14 13:21:41 2007 : Debug: modsingle[authorize]: returned from
>preprocess (rlm_preprocess) for request 0
>Mon May 14 13:21:41 2007 : Debug: modcall[authorize]: module "preprocess"
>returns ok for request 0
>Mon May 14 13:21:41 2007 : Debug: modsingle[authorize]: calling chap
>(rlm_chap) for request 0
>Mon May 14 13:21:41 2007 : Debug: modsingle[authorize]: returned from chap
>(rlm_chap) for request 0
>Mon May 14 13:21:41 2007 : Debug: modcall[authorize]: module "chap"
>returns noop for request 0
>Mon May 14 13:21:41 2007 : Debug: modsingle[authorize]: calling mschap
>(rlm_mschap) for request 0
>Mon May 14 13:21:41 2007 : Debug: modsingle[authorize]: returned from
>mschap (rlm_mschap) for request 0
>Mon May 14 13:21:41 2007 : Debug: modcall[authorize]: module "mschap"
>returns noop for request 0
>Mon May 14 13:21:41 2007 : Debug: modsingle[authorize]: calling suffix
>(rlm_realm) for request 0
>Mon May 14 13:21:41 2007 : Debug: rlm_realm: No '@' in User-Name =
>"jpeterson", looking up realm NULL
>Mon May 14 13:21:41 2007 : Debug: rlm_realm: No such realm "NULL"
>Mon May 14 13:21:41 2007 : Debug: modsingle[authorize]: returned from
>suffix (rlm_realm) for request 0
>Mon May 14 13:21:41 2007 : Debug: modcall[authorize]: module "suffix"
>returns noop for request 0
>Mon May 14 13:21:41 2007 : Debug: modsingle[authorize]: calling eap
>(rlm_eap) for request 0
>Mon May 14 13:21:41 2007 : Debug: rlm_eap: No EAP-Message, not doing EAP
>Mon May 14 13:21:41 2007 : Debug: modsingle[authorize]: returned from eap
>(rlm_eap) for request 0
>Mon May 14 13:21:41 2007 : Debug: modcall[authorize]: module "eap" returns
>noop for request 0
>Mon May 14 13:21:41 2007 : Debug: modsingle[authorize]: calling files
>(rlm_files) for request 0
>Mon May 14 13:21:41 2007 : Debug: users: Matched entry DEFAULT at line
>152
>Mon May 14 13:21:41 2007 : Debug: modsingle[authorize]: returned from
>files (rlm_files) for request 0
>Mon May 14 13:21:41 2007 : Debug: modcall[authorize]: module "files"
>returns ok for request 0
>Mon May 14 13:21:41 2007 : Debug: modsingle[authorize]: calling sql
>(rlm_sql) for request 0
>Mon May 14 13:21:41 2007 : Debug: radius_xlat: 'jpeterson'
>Mon May 14 13:21:41 2007 : Debug: rlm_sql (sql): sql_set_user escaped user
>--> 'jpeterson'
>Mon May 14 13:21:41 2007 : Debug: radius_xlat: 'SELECT id, UserName,
>Attribute, Value, op FROM radcheck WHE
>RE Username = BINARY 'jpeterson' ORDER BY id'
>Mon May 14 13:21:41 2007 : Debug: rlm_sql (sql): Reserving sql socket id: 3
>Mon May 14 13:21:41 2007 : Debug: rlm_sql_mysql: query: SELECT id,
>UserName, Attribute, Value, op FROM radcheck
> WHERE Username = BINARY 'jpeterson' ORDER BY id
>--More--
>oupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE
>usergroup.Username = BINARY 'jpeterson' AND usergroup.Group
>Name = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
>Mon May 14 13:21:41 2007 : Debug: rlm_sql_mysql: query: SELECT
>radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribu
>te,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE
>usergroup.Username = BINARY 'jpeterson' AND usergro
>up.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id
>Mon May 14 13:21:41 2007 : Debug: radius_xlat: 'SELECT id, UserName,
>Attribute, Value, op FROM radreply WHE
>RE Username = BINARY 'jpeterson' ORDER BY id'
>Mon May 14 13:21:41 2007 : Debug: rlm_sql_mysql: query: SELECT id,
>UserName, Attribute, Value, op FROM radreply
> WHERE Username = BINARY 'jpeterson' ORDER BY id
>Mon May 14 13:21:41 2007 : Debug: radius_xlat: 'SELECT
>radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgr
>oupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE
>usergroup.Username = BINARY 'jpeterson' AND usergroup.Grou
>pName = radgroupreply.GroupName ORDER BY radgroupreply.id'
>Mon May 14 13:21:41 2007 : Debug: rlm_sql_mysql: query: SELECT
>radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribu
>te,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE
>usergroup.Username = BINARY 'jpeterson' AND usergr
>oup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id
>Mon May 14 13:21:41 2007 : Debug: rlm_sql (sql): Released sql socket id: 3
>Mon May 14 13:21:41 2007 : Debug: modsingle[authorize]: returned from sql
>(rlm_sql) for request 0
>Mon May 14 13:21:41 2007 : Debug: modcall[authorize]: module "sql" returns
>ok for request 0
>Mon May 14 13:21:41 2007 : Debug: modsingle[authorize]: calling daily
>(rlm_counter) for request 0
>Mon May 14 13:21:41 2007 : Debug: rlm_counter: Entering module authorize
>code
>Mon May 14 13:21:41 2007 : Debug: rlm_counter: Could not find Check item
>value pair
>Mon May 14 13:21:41 2007 : Debug: modsingle[authorize]: returned from
>daily (rlm_counter) for request 0
>Mon May 14 13:21:41 2007 : Debug: modcall[authorize]: module "daily"
>returns noop for request 0
>Mon May 14 13:21:41 2007 : Debug: modsingle[authorize]: calling checkval
>(rlm_checkval) for request 0
>Mon May 14 13:21:41 2007 : Debug: rlm_checkval: Could not find item named
>Calling-Station-Id in request
>Mon May 14 13:21:41 2007 : Debug: rlm_checkval: Could not find attribute
>named Calling-Station-Id in check pairs
>Mon May 14 13:21:41 2007 : Debug: modsingle[authorize]: returned from
>checkval (rlm_checkval) for request 0
>Mon May 14 13:21:41 2007 : Debug: modcall[authorize]: module "checkval"
>returns notfound for request 0
>Mon May 14 13:21:41 2007 : Debug: modcall: leaving group authorize (returns
>ok) for request 0
>Mon May 14 13:21:41 2007 : Debug: rad_check_password: Found Auth-Type
>System
>Mon May 14 13:21:41 2007 : Debug: auth: type "System"
>Mon May 14 13:21:41 2007 : Debug: Processing the authenticate section of
>radiusd.conf
>Mon May 14 13:21:41 2007 : Debug: modcall: entering group authenticate for
>request 0
>Mon May 14 13:21:41 2007 : Debug: modsingle[authenticate]: calling unix
>(rlm_unix) for request 0
>Mon May 14 13:21:41 2007 : Debug: modsingle[authenticate]: returned from
>unix (rlm_unix) for request 0
>Mon May 14 13:21:41 2007 : Debug: modcall[authenticate]: module "unix"
>returns notfound for request 0
>Mon May 14 13:21:41 2007 : Debug: modcall: leaving group authenticate
>(returns notfound) for request 0
>Mon May 14 13:21:41 2007 : Debug: auth: Failed to validate the user.
>Mon May 14 13:21:41 2007 : Debug: Delaying request 0 for 1 seconds
>Mon May 14 13:21:41 2007 : Debug: Finished request 0
>Mon May 14 13:21:41 2007 : Debug: Going to the next request
>Mon May 14 13:21:41 2007 : Debug: --- Walking the entire request list ---
>Mon May 14 13:21:41 2007 : Debug: Waking up in 1 seconds...
>--More--
>Mon May 14 13:21:41 2007 : Debug: Finished request 0
>Mon May 14 13:21:41 2007 : Debug: Going to the next request
>Mon May 14 13:21:41 2007 : Debug: --- Walking the entire request list ---
>Mon May 14 13:21:41 2007 : Debug: Waking up in 1 seconds...
>Mon May 14 13:21:42 2007 : Debug: --- Walking the entire request list ---
>Mon May 14 13:21:42 2007 : Debug: Waking up in 1 seconds...
>Mon May 14 13:21:43 2007 : Debug: --- Walking the entire request list ---
>Sending Access-Reject of id 168 to 127.0.0.1 port 1111
>Mon May 14 13:21:43 2007 : Debug: Waking up in 4 seconds...
>Mon May 14 13:21:47 2007 : Debug: --- Walking the entire request list ---
>Mon May 14 13:21:47 2007 : Debug: Cleaning up request 0 ID 168 with
>timestamp 46489aa5
>Mon May 14 13:21:47 2007 : Debug: Nothing to do. Sleeping until we see a
>request.
>
>
>
>
>
>
>
>
>-----Original Message-----
>From:
>freeradius-users-bounces+hermidio=ipiscmg.rimed.cu at lists.freeradius.org
>[mailto:freeradius-users-bounces+hermidio=ipiscmg.rimed.cu at lists.freeradius.
>org] On Behalf Of tnt at kalik.co.yu
>Sent: Monday, May 14, 2007 4:42 PM
>To: FreeRadius users mailing list
>Subject: RE: freeradius+mysql
>
>Post the output from radiusd -X (open 2 ssh windows - 1 for radtest and
>one for debug) so we can see what's going on. Also post your entries in
>radcheck and radreply.
>
>Ivan Kalik
>Kalik Informatika ISP
>
>
>Dana 14/5/2007, "Hermidio A. Rodrguez Chavez"
><hermidio at ipiscmg.rimed.cu> piše:
>
>>Friend, thanks for your reply but where I must add this line?
>>
>>Thanks in advance
>>
>>Hermidio
>>
>>I've configure sql in my radiusd.conf
>>
>>I try to add one users and try too to test with radtest, but not right for
>>me!!!
>>
>>How I must add users ?
>>
>>Please help
>>
>>
>
>-
>List info/subscribe/unsubscribe? See
>http://www.freeradius.org/list/users.html
>
>
>
>-
>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>
More information about the Freeradius-Users
mailing list