FreeRADIUS 1.1.7 and exec modules
liran tal
liransgarage at gmail.com
Thu May 6 17:47:27 CEST 2010
Hey,
Just to be sure I'm not banging my head around this - is it a known issue
where for a
defined exec module which is later used in the authorize { } section, if it
returns -1 to
reject the user then freeradius doesn't return an access-reject and the
request simply
times out?
Debug log:
rad_recv: Access-Request packet from host x.x.x.x:54545, id=150, length=59
User-Name = "test"
User-Password = "test"
NAS-IP-Address = 255.255.255.255
NAS-Port = 1812
Thu May 6 18:45:00 2010 : Debug: Processing the authorize section of
radiusd.conf
Thu May 6 18:45:00 2010 : Debug: modcall: entering group authorize for
request 9
Thu May 6 18:45:00 2010 : Debug: modsingle[authorize]: calling preprocess
(rlm_preprocess) for request 9
Thu May 6 18:45:00 2010 : Debug: modsingle[authorize]: returned from
preprocess (rlm_preprocess) for request 9
Thu May 6 18:45:00 2010 : Debug: modcall[authorize]: module "preprocess"
returns ok for request 9
Thu May 6 18:45:00 2010 : Debug: modsingle[authorize]: calling chap
(rlm_chap) for request 9
Thu May 6 18:45:00 2010 : Debug: modsingle[authorize]: returned from chap
(rlm_chap) for request 9
Thu May 6 18:45:00 2010 : Debug: modcall[authorize]: module "chap"
returns noop for request 9
Thu May 6 18:45:00 2010 : Debug: modsingle[authorize]: calling mschap
(rlm_mschap) for request 9
Thu May 6 18:45:00 2010 : Debug: modsingle[authorize]: returned from
mschap (rlm_mschap) for request 9
Thu May 6 18:45:00 2010 : Debug: modcall[authorize]: module "mschap"
returns noop for request 9
Thu May 6 18:45:00 2010 : Debug: modsingle[authorize]: calling suffix
(rlm_realm) for request 9
Thu May 6 18:45:00 2010 : Debug: rlm_realm: No '@' in User-Name =
"test", looking up realm NULL
Thu May 6 18:45:00 2010 : Debug: rlm_realm: No such realm "NULL"
Thu May 6 18:45:00 2010 : Debug: modsingle[authorize]: returned from
suffix (rlm_realm) for request 9
Thu May 6 18:45:00 2010 : Debug: modcall[authorize]: module "suffix"
returns noop for request 9
Thu May 6 18:45:00 2010 : Debug: modsingle[authorize]: calling files
(rlm_files) for request 9
Thu May 6 18:45:00 2010 : Debug: modsingle[authorize]: returned from
files (rlm_files) for request 9
Thu May 6 18:45:00 2010 : Debug: modcall[authorize]: module "files"
returns notfound for request 9
Thu May 6 18:45:00 2010 : Debug: modsingle[authorize]: calling
auth-script (rlm_exec) for request 9
Thu May 6 18:45:00 2010 : Debug: Exec-Program output: Access-Reject
Thu May 6 18:45:00 2010 : Debug: Exec-Program-Wait: plaintext:
Access-Reject
Thu May 6 18:45:00 2010 : Debug: Exec-Program: returned: 255
Thu May 6 18:45:00 2010 : Error: rlm_exec (auth-script): External script
failed
Thu May 6 18:45:00 2010 : Debug: modsingle[authorize]: returned from
auth-script (rlm_exec) for request 9
Thu May 6 18:45:00 2010 : Debug: modcall[authorize]: module "auth-script"
returns fail for request 9
Thu May 6 18:45:00 2010 : Debug: modcall: leaving group authorize (returns
fail) for request 9
Thu May 6 18:45:00 2010 : Debug: Finished request 9
Thu May 6 18:45:00 2010 : Debug: Going to the next request
Thu May 6 18:45:00 2010 : Debug: --- Walking the entire request list ---
Regards,
Liran.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20100506/f5951a43/attachment.html>
More information about the Freeradius-Users
mailing list