kill -HUP sometimes causes "rlm_pap: mschap xlat failed"

Jan Weiher jan at buksy.de
Thu Apr 12 15:59:56 CEST 2012


Hi,

I've got a strange problem with FR 2.1.12, sometimes (not always) when
logrotate ran, freeradius goes bonkers and responds to every pap request
with "mschap xlat failed". Restarting FR fixes this magically and all
works fine again. I created a small and hackish script, which restarts
FR when this happens. The output showed that about every second week
(logrotate runs weekly) this happens. Because FR works fine again after
a restart, restarting FR in debug mode is not an option to get more
information. But here is a snipped from my radiusd.log showing the symptom:

Sun Apr  8 06:49:50 2012 : Info: HUP - loading modules
Sun Apr  8 06:49:50 2012 : Info:  Module: Reloaded module
"attr_filter.access_reject"
Sun Apr  8 06:49:50 2012 : Info:  Module: Reloaded module "mschap"
Sun Apr  8 06:49:50 2012 : Info:  Module: Reloaded module "radutmp"
Sun Apr  8 06:49:50 2012 : Info:  Module: Reloaded module "macs"
Sun Apr  8 06:49:50 2012 : Info:  Module: Reloaded module "pap"
Sun Apr  8 06:49:50 2012 : Info: Loaded virtual server <default>
Sun Apr  8 06:49:50 2012 : Info: Loaded virtual server inner-tunnel-ldap
Sun Apr  8 06:50:01 2012 : Auth: Login incorrect (rlm_pap: mschap xlat
failed): [someuser] (from client watchdog port 0)
Sun Apr  8 06:50:02 2012 : Info: Signalled to terminate
Sun Apr  8 06:50:02 2012 : Info: Exiting normally.
Sun Apr  8 06:50:02 2012 : Info: Loaded virtual server <default>
Sun Apr  8 06:50:02 2012 : Info: Loaded virtual server inner-tunnel-ldap
Sun Apr  8 06:50:02 2012 : Info: Ready to process requests.
Sun Apr  8 06:55:01 2012 : Auth: Login OK: [someuser] (from client
watchdog port 0)

So my script ran radtest with the "someuser" credentials (which should
always work), which failed, it then restarted FR and all worked fine
again...

Is there any more information I can provide?

all the best,
Jan


More information about the Freeradius-Users mailing list