newbie on radiustesting ! Now, Buxey!
Si St
sigbj-st at operamail.com
Thu Apr 17 18:05:46 CEST 2008
> ----- Original Message -----
> From: A.L.M.Buxey at lboro.ac.uk
> To: "FreeRadius users mailing list" <freeradius-users at lists.freeradius.org>
> Subject: Re: newbie on radiustesting !
> Date: Thu, 17 Apr 2008 14:21:44 +0100
>
>
> Hi,
>
> > > By the way does this excerpt from the top page of radiusd.conf
> > tell > anything about the problem?
>
> you are not getting undefined symbols...your uid and gid arent above
> 6000 etc etc so none of it applies
>
> > While changing the eap.conf by accident the group was changed to
> > root instead staying on group radiusd.( I changed betw 2 files:
> > the orig eap.conf and changed eap.conf)
> > So after doing chgrp radiusd eap.conf now the error message has
> > changed to this:
>
> eap.conf isnt an issue - the issue is with being able to read
> /etc/raddb/certs/demoCA/cacert.pem
>
> chmod -R ugo+x //etc/raddb/certs
>
> ?
>
> alan
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
............................................................
Now we are getting somewhere:
linux:/etc/raddb # chmod -R ugo+x /etc/raddb/certs
linux:/etc/raddb # l certs/
insgesamt 53
drwxr-x--x 3 root radiusd 472 2008-03-31 22:53 ./
drwxr-xr-x 5 root root 728 2008-04-17 13:09 ../
-rwxr-x--x 1 root radiusd 721 2005-09-13 04:15 cert-clt.der*
-rwxr-x--x 1 root radiusd 1741 2005-09-13 04:15 cert-clt.p12*
-rwxr-x--x 1 root radiusd 2452 2005-09-13 04:15 cert-clt.pem*
-rwxr-x--x 1 root radiusd 717 2005-09-13 04:15 cert-srv.der*
-rwxr-x--x 1 root radiusd 1733 2005-09-13 04:15 cert-srv.p12*
-rwxr-x--x 1 root radiusd 2439 2005-09-13 04:15 cert-srv.pem*
drwxr-x--x 2 root radiusd 200 2008-03-31 22:53 demoCA/
-rwxr-x--x 1 root radiusd 0 2005-09-13 04:15 dh*
-rwxr-x--x 1 root radiusd 2913 2005-09-13 04:15 newcert.pem*
-rwxr-x--x 1 root radiusd 1753 2005-09-13 04:15 newreq.pem*
-rwxr-x--x 1 root radiusd 1024 2005-09-13 04:15 random*
-rwxr-x--x 1 root radiusd 431 2005-09-13 04:15 README*
-rwxr-x--x 1 root radiusd 954 2005-09-13 04:15 root.der*
-rwxr-x--x 1 root radiusd 1973 2005-09-13 04:15 root.p12*
-rwxr-x--x 1 root radiusd 2764 2005-09-13 04:15 root.pem*
linux:/etc/raddb # radiusd -X
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /etc/raddb/proxy.conf
Config: including file: /etc/raddb/clients.conf
Config: including file: /etc/raddb/snmp.conf
Config: including file: /etc/raddb/eap.conf
Config: including file: /etc/raddb/sql.conf
main: prefix = "/usr"
main: localstatedir = "/var"
main: logdir = "/var/log/radius"
main: libdir = "/usr/lib/freeradius"
main: radacctdir = "/var/log/radius/radacct"
main: hostname_lookups = no
main: max_request_time = 30
main: cleanup_delay = 5
main: max_requests = 1024
main: delete_blocked_requests = 0
main: port = 0
main: allow_core_dumps = no
main: log_stripped_names = no
main: log_file = "/var/log/radius/radius.log"
main: log_auth = no
main: log_auth_badpass = no
main: log_auth_goodpass = no
main: pidfile = "/var/run/radiusd/radiusd.pid"
main: user = "radiusd"
main: group = "radiusd"
main: usercollide = no
main: lower_user = "no"
main: lower_pass = "no"
main: nospace_user = "no"
main: nospace_pass = "no"
main: checkrad = "/usr/sbin/checkrad"
main: proxy_requests = yes
proxy: retry_delay = 5
proxy: retry_count = 3
proxy: synchronous = no
proxy: default_fallback = yes
proxy: dead_time = 120
proxy: post_proxy_authorize = yes
proxy: wake_all_if_all_dead = no
security: max_attributes = 200
security: reject_delay = 1
security: status_server = no
main: debug_level = 0
read_config_files: reading dictionary
read_config_files: reading naslist
read_config_files: reading clients
read_config_files: reading realms
radiusd: entering modules setup
Module: Library search path is /usr/lib/freeradius
Module: Loaded exec
exec: wait = yes
exec: program = "(null)"
exec: input_pairs = "request"
exec: output_pairs = "(null)"
exec: packet_type = "(null)"
rlm_exec: Wait=yes but no output defined. Did you mean output=none?
Module: Instantiated exec (exec)
Module: Loaded expr
Module: Instantiated expr (expr)
Module: Loaded PAP
pap: encryption_scheme = "crypt"
Module: Instantiated pap (pap)
Module: Loaded CHAP
Module: Instantiated chap (chap)
Module: Loaded MS-CHAP
mschap: use_mppe = yes
mschap: require_encryption = no
mschap: require_strong = no
mschap: with_ntdomain_hack = no
mschap: passwd = "(null)"
mschap: authtype = "MS-CHAP"
mschap: ntlm_auth = "(null)"
Module: Instantiated mschap (mschap)
Module: Loaded System
unix: cache = no
unix: passwd = "(null)"
unix: shadow = "(null)"
unix: group = "(null)"
unix: radwtmp = "/var/log/radius/radwtmp"
unix: usegroup = no
unix: cache_reload = 600
Module: Instantiated unix (unix)
Module: Loaded eap
eap: default_eap_type = "md5"
eap: timer_expire = 60
eap: ignore_unknown_eap_types = no
eap: cisco_accounting_username_bug = no
rlm_eap: Loaded and initialized type md5
rlm_eap: Loaded and initialized type leap
gtc: challenge = "Password: "
gtc: auth_type = "PAP"
rlm_eap: Loaded and initialized type gtc
tls: rsa_key_exchange = no
tls: dh_key_exchange = yes
tls: rsa_key_length = 512
tls: dh_key_length = 512
tls: verify_depth = 0
tls: CA_path = "(null)"
tls: pem_file_type = yes
tls: private_key_file = "/etc/raddb/certs/cert-srv.pem"
tls: certificate_file = "/etc/raddb/certs/cert-srv.pem"
tls: CA_file = "/etc/raddb/certs/demoCA/cacert.pem"
tls: private_key_password = "whatever"
tls: dh_file = "/etc/raddb/certs/dh"
tls: random_file = "/etc/raddb/certs/random"
tls: fragment_size = 1024
tls: include_length = yes
tls: check_crl = yes
tls: check_cert_cn = "%{User-Name}"
rlm_eap: Loaded and initialized type tls
mschapv2: with_ntdomain_hack = no
rlm_eap: Loaded and initialized type mschapv2
Module: Instantiated eap (eap)
Module: Loaded preprocess
preprocess: huntgroups = "/etc/raddb/huntgroups"
preprocess: hints = "/etc/raddb/hints"
preprocess: with_ascend_hack = no
preprocess: ascend_channels_per_line = 23
preprocess: with_ntdomain_hack = no
preprocess: with_specialix_jetstream_hack = no
preprocess: with_cisco_vsa_hack = no
Module: Instantiated preprocess (preprocess)
Module: Loaded realm
realm: format = "suffix"
realm: delimiter = "@"
realm: ignore_default = no
realm: ignore_null = no
Module: Instantiated realm (suffix)
Module: Loaded files
files: usersfile = "/etc/raddb/users"
files: acctusersfile = "/etc/raddb/acct_users"
files: preproxy_usersfile = "/etc/raddb/preproxy_users"
files: compat = "no"
Module: Instantiated files (files)
Module: Loaded Acct-Unique-Session-Id
acct_unique: key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port"
Module: Instantiated acct_unique (acct_unique)
Module: Loaded detail
detail: detailfile = "/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d"
detail: detailperm = 384
detail: dirperm = 493
detail: locking = no
Module: Instantiated detail (detail)
Module: Loaded radutmp
radutmp: filename = "/var/log/radius/radutmp"
radutmp: username = "%{User-Name}"
radutmp: case_sensitive = yes
radutmp: check_with_nas = yes
radutmp: perm = 384
radutmp: callerid = yes
Module: Instantiated radutmp (radutmp)
Listening on authentication *:1812
Listening on accounting *:1813
Listening on proxy *:1814
Ready to process requests.
What do you think about this?
You must have done something right!
What do you recommend to proceed with when this seem to be all right?
--
_______________________________________________
Surf the Web in a faster, safer and easier way:
Download Opera 9 at http://www.opera.com
Powered by Outblaze
More information about the Freeradius-Users
mailing list