Hi,
I try to authenticate freeradius
2.1.8 using mysql5.0.26.
Information of my system:
1. OS is SuSE Linux SLES10 SP2.
2. I have installed following RPM for FreeRadius
2.1.8:
#rpm -qa |grep
freeradius
freeradius-server-utils-2.1.8-1.1
freeradius-client-libs-1.1.6-4.1
freeradius-server-2.1.8-1.1
freeradius-client-devel-1.1.6-4.1
freeradius-server-devel-2.1.8-1.1
freeradius-client-1.1.6-4.1
freeradius-server-debuginfo-2.1.8-1.1
freeradius-server-libs-2.1.8-1.1
3. installed following MySQL RPM:
# rpm -qa |grep
mysql
apache2-mod_auth_mysql-3.0.0-14.2
mysql-5.0.26-12.18
mysql-shared-5.0.26-12.18
perl-DBD-mysql-3.0002-15.2
php5-mysql-5.2.5-9.5
mysql-client-5.0.26-12.18
I have successfully installed the RPM for
freeradius and test for authentication using file "users"
is successful.
When I tried to authenticate
via MySQL, it failed. There is no connection record to MySQL in log
file of MySQL.
Searching the WWW, I found out
there is a RPM named freeradius-mysql* for Red Hat FC. There is no such RPM for
SuSE in download website of freeradius.org.
Is corresponding RPM
required for SLES10SP2? Where to download? Or,
such functionality is already included in one of my installed
RPM?
Terminal 1 message:
# radtest user1 test1 localhost 1812
RAD7429secret
Sending Access-Request of id 250 to 127.0.0.1 port
1812
User-Name =
"user1"
User-Password =
"test1"
NAS-IP-Address =
158.182.158.61
NAS-Port =
1812
rad_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=250,
length=20
Terminal 2 message:
Listening on authentication address * port
1812
Listening on accounting address * port 1813
Listening on command file
/var/run/radiusd/radiusd.sock
Listening on proxy address * port 1814
Ready
to process requests.
rad_recv: Access-Request packet from host 127.0.0.1 port
32768, id=250, length
=57
User-Name = "user1"
User-Password
= "test1"
NAS-IP-Address =
158.182.158.61
NAS-Port =
1812
+- entering group authorize {...}
++[preprocess] returns
ok
[auth_log] expand:
/var/log/radius/radacct/%{Client-IP-Address}/auth-deta
il-%Y%m%d ->
/var/log/radius/radacct/127.0.0.1/auth-detail-20100428
[auth_log]
/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d exp
ands to
/var/log/radius/radacct/127.0.0.1/auth-detail-20100428
[auth_log]
expand: %t -> Wed Apr 28 20:38:07 2010
++[auth_log] returns ok
++[chap]
returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "user1", looking up realm
NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] No
EAP-Message, not doing EAP
++[eap] returns noop
++[unix] returns
notfound
[sql] expand: %{User-Name} -> user1
[sql] sql_set_user escaped user --> 'user1'
rlm_sql (sql):
Ignoring unconnected handle 4..
rlm_sql (sql): Ignoring unconnected handle
3..
rlm_sql (sql): Ignoring unconnected handle 2..
rlm_sql (sql): Ignoring
unconnected handle 1..
rlm_sql (sql): Ignoring unconnected handle
0..
rlm_sql (sql): There are no DB handles to use! skipped 5, tried to
connect 0
++[sql] returns fail
Using Post-Auth-Type Reject
+-
entering group REJECT
{...}
[attr_filter.access_reject] expand:
%{User-Name} -> user1
attr_filter: Matched entry DEFAULT at line
11
++[attr_filter.access_reject] returns updated
Delaying reject of
request 0 for 1 seconds
Going to the next request
Waking up in 0.9
seconds.
Sending delayed reject for request 0
Sending Access-Reject of id
250 to 127.0.0.1 port 32768
Waking up in 4.9 seconds.
Cleaning up request
0 ID 250 with timestamp +10
Ready to process requests.
---------------
Cheers,
Joe
__________ Information from ESET Smart Security, version of virus signature database 5066 (20100427) __________
The message was checked by ESET Smart Security.
http://www.eset.com