auth-type local trouble in 2.0.1

Ivan Kalik tnt at kalik.net
Fri Mar 21 17:11:16 CET 2008


No, it's not a bug. All the documentation suggests not to use
User-Password and not to set Auth-Type.

Ivan Kalik
Kalik Informatika ISP


Dana 21/3/2008, "Oleg Kozheltsev" <axel at dnepr.net> piše:

>Hello,
>
>After update from 1.1.7 to 2.0.1 on FreeBSD 6.3 (from ports), 'users'
>file seems not fully read...
>
>TEST            User-Password == "TEST", Auth-Type := Local
>                 Exec-Program-Wait = "/home/corp/aaa/auth_test"
>
>1.1.7 debug:
>
>   Processing the authorize section of radiusd.conf
>modcall: entering group authorize for request 1
>   modcall[authorize]: module "preprocess" returns ok for request 1
>radius_xlat:  '/var/corp/radacct/1.1.1.1/2008/03/auth-detail-20080321'
>rlm_detail:
>/var/corp/radacct/%{Client-IP-Address}/%Y/%m/auth-detail-%Y%m%d expands
>to /var/corp/radacct/1.1.1.1/2008/03/auth-detail-20080321
>   modcall[authorize]: module "auth_log" returns ok for request 1
>     users: Matched entry TEST at line 218
>   modcall[authorize]: module "files" returns ok for request 1
>modcall: leaving group authorize (returns ok) for request 1
>   rad_check_password:  Found Auth-Type Local
>auth: type Local
>auth: user supplied User-Password matches local User-Password
>
>2.0.1 debug:
>
>+- entering group authorize
>++[preprocess] returns ok
>         expand:
>/var/corp/radacct/%{Client-IP-Address}/%Y/%m/auth-detail-%Y%m%d ->
>/var/corp/radacct/1.1.1.1/2008/03/auth-detail-20080321
>rlm_detail:
>/var/corp/radacct/%{Client-IP-Address}/%Y/%m/auth-detail-%Y%m%d expands
>to /var/corp/radacct/1.1.1.1/2008/03/auth-detail-20080321
>         expand: %t -> Fri Mar 21 17:45:57 2008
>++[auth_log] returns ok
>WARNING: Found User-Password == "...".
>WARNING: Are you sure you don't mean Cleartext-Password?
>WARNING: See "man rlm_pap" for more information.
>     users: Matched entry TEST at line 218
>++[files] returns ok
>   rad_check_password:  Found Auth-Type Local
>auth: type Local
>auth: No password configured for the user
>Login incorrect (No password configured for the user): [TEST/TEST] (from
>client c3640 port 0 cli 77777777)
>auth: Failed to validate the user.
>Login incorrect: [TEST/TEST] (from client c3640 port 0 cli 7777777)
>
>Sample config files readed, web and list archive searched - no one have
>same problem. In 2.x configs something must be added? No one use this?
>Can someone:
>
>"...You should first discuss it on the users list, to see if anyone can
>reproduce it..."
>
>please :) or this is bug, and he must be reported?... Thanks
>-
>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>




More information about the Freeradius-Users mailing list