radutmp file not created

Khapare Joshi khapare77 at gmail.com
Wed Apr 30 14:03:16 CEST 2014 

hi
I am not able to do radwho since radutmp is not created, In Radius -X it
tells me radutmp module is loaded and file should be /var/log/radius/radutmp

Freeradius version is : freeradius-2.2.3-6.el6.x86_64

Module: Linked to module rlm_radutmp
Module: Instantiating module "radutmp" from file /etc/raddb/modules/radutmp
  radutmp {
      filename = "/var/log/radius/radutmp"
      username = "%{User-Name}"
      case_sensitive = yes
      check_with_nas = yes
      perm = 384
      callerid = yes
  }



And, In /var/log/radius/radacct/192.168.1.1/auth-detail-20140430, NAS seem
to sending request packet to the server

Wed Apr 30 10:58:41 2014
        Packet-Type = Access-Request
        EAP-Message = 0x020900061a03
        FreeRADIUS-Proxied-To = 127.0.0.1
        User-Name = "testuser at ba.com"
        State = 0x882dba688924a0df1b204ef3b696b63f
        Calling-Station-Id = "00215c5b8ef3"
        Called-Station-Id = "dca5f44de9c0:eduroam-tmp"
        NAS-Port = 1
        Cisco-AVPair = "audit-session-id=82d0a5f700000e5a535fb9e9"
        NAS-IP-Address = 192.168.1.1
        NAS-Identifier = "mywireless1"
        Airespace-Wlan-Id = 310
        Service-Type = Framed-User
        Framed-MTU = 1300
        NAS-Port-Type = Wireless-802.11

In /etc/raddb/sites-enabled/default accounting section radutmp is
uncommented

And, still radutmp file is not created in /var/log/radius directory.


When I run the freeradius in debug mode (radiusd -X) and test authenticate
user I get following:

Listening on proxy address * port 1814
Ready to process requests.
rad_recv: Access-Request packet from host 127.0.0.1 port 54636, id=127,
length=139
    User-Name = "testuser at ba.com"
    NAS-IP-Address = 192.168.1.1
    NAS-Port = 0
    Message-Authenticator = 0xee4209c0650849c1f6d60a5f94bf5a9b
    MS-CHAP-Challenge = 0x3feecd0086804485
    MS-CHAP-Response =
0x000100000000000000000000000000000000000000000000000077ac654ce5135ab5f8690098e68c7e403bfcc24bb714d293
# Executing section authorize from file /etc/raddb/sites-enabled/default
+group authorize {
++[preprocess] = ok
++[chap] = noop
[mschap] Found MS-CHAP attributes.  Setting 'Auth-Type  = mschap'
++[mschap] = ok
++[digest] = noop
[suffix] Looking up realm "ba.com" for User-Name = "testuser at ba.com"
[suffix] Found realm "ba.com"
[suffix] Adding Stripped-User-Name = "testuser"
[suffix] Adding Realm = "ba.com"
[suffix] Authentication realm is LOCAL.
++[suffix] = ok
[eap] No EAP-Message, not doing EAP
++[eap] = noop
[files] users: Matched entry DEFAULT at line 3
++[files] = ok
[ldap] performing user authorization for testuser
[ldap]     expand: %{Stripped-User-Name} -> testuser
[ldap]     expand: (uid=%{%{Stripped-User-Name}:-%{User-Name}}) ->
(uid=testuser)
[ldap]     expand: ou=People,dc=BA,dc=com -> ou=People,dc=BA,dc=com
  [ldap] ldap_get_conn: Checking Id: 0
  [ldap] ldap_get_conn: Got Id: 0
  [ldap] attempting LDAP reconnection
  [ldap] (re)connect to ldap.ba.com:389, authentication 0
  [ldap] bind as / to ldap.ba.com:389
  [ldap] waiting for bind result ...
  [ldap] Bind was successful
  [ldap] performing search in ou=People,dc=BA,dc=com, with filter
(uid=testuser)
[ldap] looking for check items in directory...
[ldap] looking for reply items in directory...
WARNING: No "known good" password was found in LDAP.  Are you sure that the
user is configured correctly?
  [ldap] ldap_release_conn: Release Id: 0
++[ldap] = ok
++[expiration] = noop
++[logintime] = noop
[pap] WARNING! No "known good" password found for the user.  Authentication
may fail because of this.
++[pap] = noop
+} # group authorize = ok
Found Auth-Type = MSCHAP
# Executing group from file /etc/raddb/sites-enabled/default
+group MS-CHAP {
[mschap] Client is using MS-CHAPv1 with NT-Password
[mschap]     expand: %{Stripped-User-Name} -> testuser
[mschap]     expand:
--username=%{%{Stripped-User-Name}:-%{%{User-Name}:-None}} ->
--username=testuser
[mschap]  mschap1: 3f
[mschap]     expand: %{mschap:Challenge} -> 3feecd0086804485
[mschap]     expand: --challenge=%{%{mschap:Challenge}:-00} ->
--challenge=3feecd0086804485
[mschap]     expand: %{mschap:NT-Response} ->
77ac654ce5135ab5f8690098e68c7e403bfcc24bb714d293
[mschap]     expand: --nt-response=%{%{mschap:NT-Response}:-00} ->
--nt-response=77ac654ce5135ab5f8690098e68c7e403bfcc24bb714d293
Exec output: NT_KEY: 04066C8C6B0E8CFCABBB0AB6760971F7
Exec plaintext: NT_KEY: 04066C8C6B0E8CFCABBB0AB6760971F7
[mschap] Exec: program returned: 0
[mschap] adding MS-CHAPv1 MPPE keys
++[mschap] = ok
+} # group MS-CHAP = ok
# Executing section session from file /etc/raddb/sites-enabled/default
+group session {
[radutmp]     expand: /var/log/radius/radutmp -> /var/log/radius/radutmp
++[radutmp] = ok


So, even though it says radutmp = ok the file /var/log/radius/radutmp is
not created. I must be doing something wrong or my configuration is not
correct for radutmp. I appericiate some inputs.

Thanks

K
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140430/892e1ce3/attachment-0001.html>

More information about the Freeradius-Users mailing list