Free Radius Issues

Fajar A. Nugraha list at fajar.net
Wed Mar 2 05:10:38 CET 2011


On Wed, Mar 2, 2011 at 5:48 AM, Chris Kilian
<chris.kilian at seccomglobal.com> wrote:
> Hi
>
> I believe that I have setup the FR configs correctly for use with MYSQL,

How did you determine that you have set it up CORRECTLY?

>  I got it all working just fine when using a flat file and was able to authenticate etc with no issues, since moving to SQL I am getting this.

... cause that would be the first indication that you didn't set it up
correctly :)

>
> rad_recv: Access-Request packet from host 10.5.5.55 port 57593, id=3, length=46
>        User-Name = "chrisk"
>        User-Password = "user-password"
> +- entering group authorize
> ++[preprocess] returns ok
> ++[chap] returns noop
> ++[mschap] returns noop
>    rlm_realm: No '@' in User-Name = "chrisk", looking up realm NULL
>    rlm_realm: No such realm "NULL"
> ++[suffix] returns noop
>  rlm_eap: No EAP-Message, not doing EAP
> ++[eap] returns noop
>        expand: %{User-Name} -> chrisk
> rlm_sql (sql): sql_set_user escaped user --> 'chrisk'
> rlm_sql (sql): Reserving sql socket id: 4
>        expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = 'chrisk'           ORDER BY id
>        expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = 'chrisk'           ORDER BY priority
> rlm_sql (sql): Released sql socket id: 4
> rlm_sql (sql): User chrisk not found

start with that line. "User chrisk not found". What happens when you
execute those select statements manually on MySQL?

SELECT id, username, attribute, value, op           FROM radcheck
     WHERE username = 'chrisk'           ORDER BY id

SELECT groupname           FROM usergroup           WHERE username =
'chrisk'           ORDER BY priority


> The database is very minimal and Im not sure if that's the issue,

There's nothing wrong with having a minimal setup if you get it to
work correctly.
What IS wrong is if you take a quick look at the schema/configs,
decide on a whim that some sections/parts are not needed, remove them,
and complain when it didn't work.

raddb/sql.conf, raddb/sql/mysql/dialup.conf,
raddb/sql/mysql/schema.sql, and doc/rlm_sql.gz should provide a good
place to start.

-- 
Fajar




More information about the Freeradius-Users mailing list