I have no need for a details log the data stored in /var/log/radius.log is more than sufficient for me.

So by commenting out detail { } in the radiusd.conf file should stop this?


I know I'm running a ancient version of free radius.. sadly it's what RHEL came with and it's what we have as 'stable'. I'll look at upgrading but I'm afraid this is one of those wonderful 100% uptime required services.

Thanks again all,

-Tim Eberhard

On Tue, Jan 6, 2009 at 11:51 AM, <A.L.M.Buxey@lboro.ac.uk> wrote:
Hi,

> Background info:

yes, ancient version

> Our /etc/raddb/radiusd.conf clearly states to not log passwords:
> #  allowed values: {no, yes}
> #
> log_auth_badpass = no
> log_auth_goodpass = no

correct - in the main log

> However it's logging good password auth's still..
>

no, this is the detail file - and you've enabled the
detail logging module - which has an option for stopping
the password from being logged...however, I think that
was only from version 1.1.x  - see the current version
docs and/or the current config files from the recent
release (download the tar.gz file, extract and then view
the config.

do you need or use the detail files in any of your
processes? if not, then disable the detail module
(comment out calls to it)

alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html