The problem when I run freeRadius server 4.0 in master: Failed adding new socket to network event loop: Failed inserting filters for FD 15: EFAULT: Bad address with libkqueue v2.6.1-28
Hi guys, I try to run freeradius V4.0 for tacas+. I clone the master and do, without issue, the ./configure, make and make install. I’m on Ubuntu 2304 up-to-date with libkqueue v2.6.1-28. When I do the radius -X, I got this error : #### Opening listener interfaces #### Network - Failed adding new socket to network event loop: Failed inserting filters for FD 17: EFAULT: Bad address /usr/local/etc/raddb/sites-enabled/default[209]: Opening radius I/O interface failed I checked the config files, but cannot find the cause. Could anyone help to tell me how to do, thank you very much. Thks, Baudouin The complete log radiusd -X: IInfo : Copyright 1999-2022 The FreeRADIUS server project and contributors Info : There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A Info : PARTICULAR PURPOSE Info : You may redistribute copies of FreeRADIUS under the terms of the Info : GNU General Public License Info : For more information about these matters, see the file named COPYRIGHT Info : Starting - reading configuration files ... Debug : Including dictionary file "/usr/local/etc/raddb/dictionary" gctx 0x55be4a150e40 report internal refs src/lib/server/main_config.c (1) internal refs src/lib/server/request.c (1) internal refs src/lib/tls/base.c (1) including configuration file /usr/local/etc/raddb/radiusd.conf Including files in directory "/usr/local/etc/raddb/template.d/" including configuration file /usr/local/etc/raddb/template.d/default including configuration file /usr/local/etc/raddb/clients.conf Including files in directory "/usr/local/etc/raddb/global.d/" including configuration file /usr/local/etc/raddb/global.d/ldap Including files in directory "/usr/local/etc/raddb/mods-enabled/" including configuration file /usr/local/etc/raddb/mods-enabled/always including configuration file /usr/local/etc/raddb/mods-enabled/attr_filter including configuration file /usr/local/etc/raddb/mods-enabled/cache_eap including configuration file /usr/local/etc/raddb/mods-enabled/chap including configuration file /usr/local/etc/raddb/mods-enabled/client including configuration file /usr/local/etc/raddb/mods-enabled/delay including configuration file /usr/local/etc/raddb/mods-enabled/detail including configuration file /usr/local/etc/raddb/mods-enabled/detail.log including configuration file /usr/local/etc/raddb/mods-enabled/digest including configuration file /usr/local/etc/raddb/mods-enabled/eap including configuration file /usr/local/etc/raddb/mods-enabled/eap_inner including configuration file /usr/local/etc/raddb/mods-enabled/echo including configuration file /usr/local/etc/raddb/mods-enabled/escape including configuration file /usr/local/etc/raddb/mods-enabled/exec including configuration file /usr/local/etc/raddb/mods-enabled/files including configuration file /usr/local/etc/raddb/mods-enabled/linelog including configuration file /usr/local/etc/raddb/mods-enabled/logintime including configuration file /usr/local/etc/raddb/mods-enabled/mschap including configuration file /usr/local/etc/raddb/mods-enabled/ntlm_auth including configuration file /usr/local/etc/raddb/mods-enabled/pap including configuration file /usr/local/etc/raddb/mods-enabled/passwd including configuration file /usr/local/etc/raddb/mods-enabled/radutmp including configuration file /usr/local/etc/raddb/mods-enabled/soh including configuration file /usr/local/etc/raddb/mods-enabled/sradutmp including configuration file /usr/local/etc/raddb/mods-enabled/stats including configuration file /usr/local/etc/raddb/mods-enabled/unix including configuration file /usr/local/etc/raddb/mods-enabled/unpack including configuration file /usr/local/etc/raddb/mods-enabled/utf8 Including files in directory "/usr/local/etc/raddb/policy.d/" including configuration file /usr/local/etc/raddb/policy.d/abfab-tr including configuration file /usr/local/etc/raddb/policy.d/accounting including configuration file /usr/local/etc/raddb/policy.d/canonicalisation including configuration file /usr/local/etc/raddb/policy.d/control including configuration file /usr/local/etc/raddb/policy.d/cui including configuration file /usr/local/etc/raddb/policy.d/debug including configuration file /usr/local/etc/raddb/policy.d/dhcp including configuration file /usr/local/etc/raddb/policy.d/eap including configuration file /usr/local/etc/raddb/policy.d/filter including configuration file /usr/local/etc/raddb/policy.d/operator-name including configuration file /usr/local/etc/raddb/policy.d/tacacs including configuration file /usr/local/etc/raddb/policy.d/time including configuration file /usr/local/etc/raddb/policy.d/vendor Including files in directory "/usr/local/etc/raddb/sites-enabled/" including configuration file /usr/local/etc/raddb/sites-enabled/default Loaded module process_radius including configuration file /usr/local/etc/raddb/sites-enabled/inner-tunnel Parsing security rules to bootstrap UID / GID / chroot / etc. main { prefix = \/usr\/local security { allow_core_dumps = no allow_vulnerable_openssl = no openssl_fips_mode = no } name = radiusd local_state_dir = "/usr/local/var" run_dir = \/usr\/local\/var\/run\/radiusd } Parsing main configuration main { server default { namespace = radius radius { Access-Request { log { stripped_names = no auth = no auth_badpass = no auth_goodpass = no msg_denied = "You are already logged in - access denied" } session { timeout = 15 max = 4096 } } } Loaded module proto_radius listen { type = Access-Request type = Status-Server transport = udp Loaded module proto_radius_udp udp { ipv4addr = 10.0.100.11 port = 1812 networks { allow = 127/8 allow = 46.192.0.0/15 } max_packet_size = 4096 max_attributes = 255 } limit { cleanup_delay = 5.0 idle_timeout = 60.0 nak_lifetime = 30.0 max_connections = 256 max_clients = 256 max_pending_packets = 256 } priority { Access-Request = high Accounting-Request = low CoA-Request = normal Disconnect-Request = low Status-Server = now } } listen tcp_auth { type = Access-Request type = Status-Server transport = tcp Loaded module proto_radius_tcp tcp { ipaddr = * port = 1812 networks { allow = 127/8 allow = 192.0.2/24 } max_packet_size = 4096 max_attributes = 255 } limit { cleanup_delay = 5.0 idle_timeout = 30.0 nak_lifetime = 30.0 max_connections = 1024 max_clients = 256 max_pending_packets = 256 } priority { Access-Request = high Accounting-Request = low CoA-Request = normal Disconnect-Request = low Status-Server = now } } listen udp_acct { type = Accounting-Request transport = udp udp { ipaddr = * port = 1813 networks { } max_packet_size = 4096 max_attributes = 255 } limit { cleanup_delay = 5.0 idle_timeout = 30.0 nak_lifetime = 30.0 max_connections = 1024 max_clients = 256 max_pending_packets = 256 } priority { Access-Request = high Accounting-Request = low CoA-Request = normal Disconnect-Request = low Status-Server = now } } } server inner-tunnel { namespace = radius radius { Access-Request { log { stripped_names = no auth = no auth_badpass = no auth_goodpass = no msg_denied = "You are already logged in - access denied" } session { timeout = 15 max = 4096 } } } listen { type = Access-Request transport = udp udp { ipaddr = 127.0.0.1 port = 18120 networks { } max_packet_size = 4096 max_attributes = 255 } limit { cleanup_delay = 5.0 idle_timeout = 30.0 nak_lifetime = 30.0 max_connections = 1024 max_clients = 256 max_pending_packets = 256 } priority { Access-Request = high Accounting-Request = low CoA-Request = normal Disconnect-Request = low Status-Server = now } } } security { } sbin_dir = "/usr/local/sbin" logdir = \/usr\/local\/var\/log\/radius radacctdir = \/usr\/local\/var\/log\/radius\/radacct reverse_lookups = no hostname_lookups = yes max_request_time = 30 pidfile = \/usr\/local\/var\/run\/radiusd\/radiusd.pid debug_level = 0 max_requests = 16384 log { colourise = yes } resources { } thread pool { num_networks = 1 num_workers = 0 Setting thread.workers = 2 openssl_async_pool_init = 64 openssl_async_pool_max = 1024 } migrate { } interpret { } } Switching to configured log settings radiusd: #### Loading Clients #### client localhost { ipaddr = 127.0.0.1 secret = <<< secret >>> require_message_authenticator = no proto = * limit { max_connections = 16 lifetime = 0 idle_timeout = 30 } } client localhost_ipv6 { ipv6addr = ::1 secret = <<< secret >>> limit { max_connections = 16 lifetime = 0 idle_timeout = 30s } } Debugger not attached trigger { ... } subsection not found, triggers will be disabled #### Instantiating libraries #### #### Bootstrapping process modules #### Bootstrapping process_radius "default" Creating Auth-Type = pap Creating Auth-Type = chap Creating Auth-Type = mschap Creating Auth-Type = digest Creating Auth-Type = ldap Creating Auth-Type = eap Bootstrapping process_radius "inner-tunnel" #### Bootstrapping protocol modules #### Bootstrapping proto_radius "default.radius" client localhost { ipaddr = 192.0.2.1 secret = <<< secret >>> shortname = sample limit { max_connections = 16 lifetime = 0 idle_timeout = 30s } } Bootstrapping proto_radius "default.tcp_auth" Bootstrapping proto_radius "default.udp_acct" Bootstrapping proto_radius "inner-tunnel.radius" #### Instantiating libraries #### #### Bootstrapping modules #### modules { Loaded module rlm_always always reject { rcode = reject simulcount = 0 mpp = no } always fail { rcode = fail simulcount = 0 mpp = no } always ok { rcode = ok simulcount = 0 mpp = no } always handled { rcode = handled simulcount = 0 mpp = no } always invalid { rcode = invalid simulcount = 0 mpp = no } always disallow { rcode = disallow simulcount = 0 mpp = no } always notfound { rcode = notfound simulcount = 0 mpp = no } always noop { rcode = noop simulcount = 0 mpp = no } always updated { rcode = updated simulcount = 0 mpp = no } Loaded module rlm_attr_filter attr_filter attr_filter.pre-proxy { filename = \/usr\/local\/etc\/raddb\/mods-config\/attr_filter\/pre-proxy key = "%{Realm}" relaxed = no } attr_filter attr_filter.post-proxy { filename = \/usr\/local\/etc\/raddb\/mods-config\/attr_filter\/post-proxy key = "%{Realm}" relaxed = no } attr_filter attr_filter.access_reject { filename = \/usr\/local\/etc\/raddb\/mods-config\/attr_filter\/access_reject key = "%{User-Name}" relaxed = no } attr_filter attr_filter.access_challenge { filename = \/usr\/local\/etc\/raddb\/mods-config\/attr_filter\/access_challenge key = "%{User-Name}" relaxed = no } attr_filter attr_filter.accounting_response { filename = \/usr\/local\/etc\/raddb\/mods-config\/attr_filter\/accounting_response key = "%{User-Name}" relaxed = no } Loaded module rlm_cache cache cache_eap { driver = rbtree Loaded module rlm_cache_rbtree key = %{%{control.State}:-%{%{reply.State}:-%{State}}} ttl = 15 max_entries = 0 epoch = 0 add_stats = no } Loaded module rlm_chap Loaded module rlm_client Loaded module rlm_delay delay { delay = 1.0s relative = no force_reschedule = no } delay delay_reject { delay = "%{%{reply.FreeRADIUS-Response-Delay}:-1}" relative = yes force_reschedule = no } Loaded module rlm_detail detail { filename = \/usr\/local\/var\/log\/radius\/radacct\/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}\/detail-%Y-%m-%d header = %t permissions = 0600 locking = no escape_filenames = no log_packet_header = no } detail auth_log { filename = \/usr\/local\/var\/log\/radius\/radacct\/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}\/auth-detail-%Y-%m-%d header = %t permissions = 0600 locking = no escape_filenames = no log_packet_header = no } detail reply_log { filename = \/usr\/local\/var\/log\/radius\/radacct\/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}\/reply-detail-%Y-%m-%d header = %t permissions = 0600 locking = no escape_filenames = no log_packet_header = no } detail pre_proxy_log { filename = \/usr\/local\/var\/log\/radius\/radacct\/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}\/pre-proxy-detail-%Y-%m-%d header = %t permissions = 0600 locking = no escape_filenames = no log_packet_header = no } detail post_proxy_log { filename = \/usr\/local\/var\/log\/radius\/radacct\/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}\/post-proxy-detail-%Y-%m-%d header = %t permissions = 0600 locking = no escape_filenames = no log_packet_header = no } Loaded module rlm_digest Loaded module rlm_eap eap { require_identity_realm = nai type = md5 Loaded module rlm_eap_md5 type = gtc Loaded module rlm_eap_gtc gtc { challenge = "Password: " auth_type = PAP } type = tls Loaded module rlm_eap_tls tls { tls = tls-common require_client_cert = yes include_length = yes } type = ttls Loaded module rlm_eap_ttls ttls { tls = tls-common virtual_server = "inner-tunnel" include_length = yes require_client_cert = no } type = mschapv2 Loaded module rlm_eap_mschapv2 mschapv2 { with_ntdomain_hack = no auth_type = mschap send_error = no } type = peap Loaded module rlm_eap_peap peap { tls = tls-common virtual_server = "inner-tunnel" soh = no require_client_cert = no } ignore_unknown_eap_types = no } eap inner-eap { require_identity_realm = nai default_eap_type = mschapv2 type = md5 type = gtc gtc { challenge = "Password: " auth_type = PAP } type = mschapv2 mschapv2 { with_ntdomain_hack = no auth_type = mschap send_error = no } type = tls tls { tls = tls-peer require_client_cert = yes include_length = yes } ignore_unknown_eap_types = no } Loaded module rlm_exec exec echo { wait = yes program = "/bin/echo Tmp-String-\0 := %{User-Name}" input_pairs = &request output_pairs = &reply shell_escape = yes env_inherit = no } Loaded module rlm_escape escape { safe_characters = "@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ\0123456789.-_: /äéöüàâæçèéêëîïôœùûüaÿÄÉÖÜßÀÂÆÇÈÉÊËÎÏÔŒÙÛÜŸ" } exec { wait = yes input_pairs = &request shell_escape = yes env_inherit = no timeout = 10 } Loaded module rlm_files files { filename = \/usr\/local\/etc\/raddb\/mods-config\/files\/authorize acctusersfile = \/usr\/local\/etc\/raddb\/mods-config\/files\/accounting key = %{%{Stripped-User-Name}:-%{User-Name}} } Loaded module rlm_linelog linelog { destination = file delimiter = "\n" format = "This is a log message for %{User-Name}" reference = "messages.%{%{reply.Packet-Type}:-default}" file { filename = \/usr\/local\/var\/log\/radius\/linelog permissions = 0600 escape_filenames = no } syslog { severity = "info" } unix { } tcp { server = localhost port = 514 timeout = 2.0 } udp { server = localhost port = 514 timeout = 2.0 } } linelog log_accounting { destination = file delimiter = "\n" format = "" reference = "Accounting-Request.%{%{Acct-Status-Type}:-unknown}" file { filename = \/usr\/local\/var\/log\/radius\/linelog-accounting permissions = 0600 escape_filenames = no } syslog { severity = "info" } unix { } tcp { timeout = 1000 } udp { timeout = 1000 } } Loaded module rlm_logintime logintime { minimum_timeout = 60 } Loaded module rlm_mschap mschap { normalise = yes use_mppe = yes require_encryption = no require_strong = no with_ntdomain_hack = yes passchange { } allow_retry = yes winbind { } } exec ntlm_auth { wait = yes program = "/path/to/ntlm_auth --request-nt-key --domain=MYDOMAIN --username=%(mschap:User-Name) --password=%{User-Password}" shell_escape = yes env_inherit = no } Loaded module rlm_pap pap { normalise = yes } Loaded module rlm_passwd passwd etc_passwd { filename = \/etc\/passwd format = "*User-Name:Crypt-Password:" delimiter = ":" ignore_nislike = no ignore_empty = yes allow_multiple_keys = no hash_size = 100 } Loaded module rlm_radutmp radutmp { filename = \/usr\/local\/var\/log\/radius\/radutmp username = %{User-Name} check_with_nas = yes permissions = 0600 caller_id = no } Loaded module rlm_soh soh { dhcp = yes } radutmp sradutmp { filename = \/usr\/local\/var\/log\/radius\/sradutmp username = "%{User-Name}" check_with_nas = yes permissions = 0644 caller_id = no } Loaded module rlm_stats stats { } Loaded module rlm_unix unix { } Loaded module rlm_unpack Loaded module rlm_utf8 #### Bootstrapping rlm modules #### Bootstrapping rlm_cache "cache_eap" Bootstrapping rlm_delay "delay" Bootstrapping rlm_delay "delay_reject" Bootstrapping rlm_always "disallow" Bootstrapping rlm_eap "eap" Bootstrapping rlm_exec "echo" Bootstrapping rlm_escape "escape" Bootstrapping rlm_exec "exec" Bootstrapping rlm_always "fail" Bootstrapping rlm_always "handled" Bootstrapping rlm_eap "inner-eap" Bootstrapping rlm_always "invalid" Bootstrapping rlm_linelog "linelog" Bootstrapping rlm_linelog "log_accounting" Bootstrapping rlm_mschap "mschap" Bootstrapping rlm_always "noop" Bootstrapping rlm_always "notfound" Bootstrapping rlm_exec "ntlm_auth" Bootstrapping rlm_always "ok" Bootstrapping rlm_always "reject" Bootstrapping rlm_soh "soh" Bootstrapping rlm_unix "unix" Creating attribute Unix-Group Bootstrapping rlm_unpack "unpack" Bootstrapping rlm_always "updated" } # modules #### Instantiating listeners #### Compiling policies in server default { ... } Instantiating proto_radius "default.radius" Instantiating proto_radius "default.tcp_auth" Instantiating proto_radius "default.udp_acct" Instantiating process_radius "default" Compiling policies in - recv Access-Request {...} /usr/local/etc/raddb/sites-enabled/default[793]: Ignoring "-sql" as the "sql" module is not enabled. /usr/local/etc/raddb/sites-enabled/default[809]: Ignoring "-ldap" as the "ldap" module is not enabled. Compiling policies in - send Access-Accept {...} /usr/local/etc/raddb/sites-enabled/default[1115]: Ignoring "-sql" as the "sql" module is not enabled. Compiling policies in - send Access-Challenge {...} Compiling policies in - send Access-Reject {...} /usr/local/etc/raddb/sites-enabled/default[1228]: Ignoring "-sql" as the "sql" module is not enabled. Compiling policies in - recv Accounting-Request {...} Compiling policies in - send Accounting-Response {...} /usr/local/etc/raddb/sites-enabled/default[1443]: Ignoring "-sql" as the "sql" module is not enabled. Compiling policies in - recv Status-Server {...} Compiling policies in - authenticate pap {...} Compiling policies in - authenticate chap {...} Compiling policies in - authenticate mschap {...} Compiling policies in - authenticate digest {...} Compiling policies in - authenticate ldap {...} /usr/local/etc/raddb/sites-enabled/default[978]: Ignoring "-ldap" as the "ldap" module is not enabled. Compiling policies in - authenticate eap {...} Compiling policies in - accounting Start {...} Compiling policies in - accounting Stop {...} Compiling policies in - accounting Alive {...} Compiling policies in - accounting Accounting-On {...} Compiling policies in - accounting Accounting-Off {...} Compiling policies in - accounting Failed {...} /usr/local/etc/raddb/sites-enabled/default[80]: radius { ... } section is unused Compiling policies in server inner-tunnel { ... } Instantiating proto_radius "inner-tunnel.radius" Instantiating process_radius "inner-tunnel" Compiling policies in - recv Access-Request {...} /usr/local/etc/raddb/sites-enabled/inner-tunnel[124]: Ignoring "-sql" as the "sql" module is not enabled. /usr/local/etc/raddb/sites-enabled/inner-tunnel[134]: Ignoring "-ldap" as the "ldap" module is not enabled. Compiling policies in - send Access-Accept {...} /usr/local/etc/raddb/sites-enabled/inner-tunnel[267]: Ignoring "-sql" as the "sql" module is not enabled. Compiling policies in - send Access-Reject {...} /usr/local/etc/raddb/sites-enabled/inner-tunnel[302]: Ignoring "-sql" as the "sql" module is not enabled. Compiling policies in - authenticate pap {...} Compiling policies in - authenticate chap {...} Compiling policies in - authenticate mschap {...} Compiling policies in - authenticate eap {...} src/lib/server/virtual_servers.c[311]: radius { ... } section is unused #### Instantiating rlm modules #### Instantiating rlm_attr_filter "attr_filter.access_challenge" Reading file /usr/local/etc/raddb/mods-config/attr_filter/access_challenge Instantiating rlm_attr_filter "attr_filter.access_reject" Reading file /usr/local/etc/raddb/mods-config/attr_filter/access_reject Instantiating rlm_attr_filter "attr_filter.accounting_response" Reading file /usr/local/etc/raddb/mods-config/attr_filter/accounting_response Instantiating rlm_attr_filter "attr_filter.post-proxy" Reading file /usr/local/etc/raddb/mods-config/attr_filter/post-proxy Instantiating rlm_attr_filter "attr_filter.pre-proxy" Reading file /usr/local/etc/raddb/mods-config/attr_filter/pre-proxy Instantiating rlm_detail "auth_log" auth_log - 'User-Password' suppressed, will not appear in detail output Instantiating rlm_cache "cache_eap" Instantiating rlm_chap "chap" Instantiating rlm_detail "detail" Instantiating rlm_digest "digest" Instantiating rlm_always "disallow" Instantiating rlm_eap "eap" Instantiating rlm_exec "echo" Instantiating rlm_passwd "etc_passwd" Instantiating rlm_exec "exec" Instantiating rlm_always "fail" Instantiating rlm_files "files" Reading file /usr/local/etc/raddb/mods-config/files/authorize Reading file /usr/local/etc/raddb/mods-config/files/accounting Instantiating rlm_always "handled" Instantiating rlm_eap "inner-eap" inner-eap - Failed to find 'authenticate inner-eap {...}' section. EAP authentication will likely not work Instantiating rlm_always "invalid" Instantiating rlm_linelog "linelog" Instantiating rlm_linelog "log_accounting" Instantiating rlm_logintime "logintime" Instantiating rlm_mschap "mschap" mschap - Using internal authentication Instantiating rlm_always "noop" Instantiating rlm_always "notfound" Instantiating rlm_exec "ntlm_auth" Instantiating rlm_always "ok" Instantiating rlm_pap "pap" Instantiating rlm_detail "post_proxy_log" Instantiating rlm_detail "pre_proxy_log" Instantiating rlm_always "reject" Instantiating rlm_detail "reply_log" Instantiating rlm_stats "stats" Instantiating rlm_always "updated" Instantiating _cache_rbtree "cache_eap.rbtree" Instantiating _eap_mschapv2 "eap.mschapv2" Instantiating _eap_peap "eap.peap" tls-config tls-common { chain rsa { format = pem certificate_file = \/usr\/local\/etc\/raddb\/certs\/rsa\/server.pem private_key_password = <<< secret >>> private_key_file = \/usr\/local\/etc\/raddb\/certs\/rsa\/server.key ca_file = \/usr\/local\/etc\/raddb\/certs\/rsa\/ca.pem verify_mode = hard include_root_ca = no } verify_depth = 0 ca_path = \/usr\/local\/etc\/raddb\/certs ca_file = \/usr\/local\/etc\/raddb\/certs\/rsa\/ca.pem dh_file = \/usr\/local\/etc\/raddb\/certs\/dh fragment_size = 1024 cipher_list = "DEFAULT" cipher_server_preference = yes allow_renegotiation = no ecdh_curve = prime256v1 tls_min_version = 1.2 session { mode = auto name = "%{EAP-Type}%{Virtual-Server}" lifetime = 1d require_extended_master_secret = yes require_perfect_forward_secrecy = no } verify { mode = all attribute_mode = client-and-issuer check_crl = no } } tls - A virtual_server must be provided for stateful caching. cache.mode = "auto" rewritten to cache.mode = "stateless" Instantiating _eap_tls "eap.tls" tls - Using cached TLS configuration from previous invocation Instantiating _eap_ttls "eap.ttls" tls - Using cached TLS configuration from previous invocation Instantiating _eap_mschapv2 "inner-eap.mschapv2" Instantiating _eap_tls "inner-eap.tls" tls-config tls-peer { chain { format = pem certificate_file = \/usr\/local\/etc\/raddb\/certs\/rsa\/server.pem private_key_password = <<< secret >>> private_key_file = \/usr\/local\/etc\/raddb\/certs\/rsa\/server.key ca_file = \/usr\/local\/etc\/raddb\/certs\/rsa\/ca.pem verify_mode = hard include_root_ca = no } verify_depth = 0 ca_path = \/usr\/local\/etc\/raddb\/certs ca_file = \/usr\/local\/etc\/raddb\/certs\/rsa\/ca.pem dh_file = \/usr\/local\/etc\/raddb\/certs\/dh fragment_size = 16384 cipher_server_preference = yes allow_renegotiation = no ecdh_curve = "prime256v1" tls_min_version = 1.2 session { mode = auto name = "%{EAP-Type}%{Virtual-Server}" lifetime = 1d require_extended_master_secret = yes require_perfect_forward_secrecy = no } verify { mode = all attribute_mode = client-and-issuer check_crl = no } } tls - A virtual_server must be provided for stateful caching. cache.mode = "auto" rewritten to cache.mode = "stateless" Scheduler created in single-threaded mode #### Opening listener interfaces #### Network - Failed adding new socket to network event loop: Failed inserting filters for FD 17: EFAULT: Bad address /usr/local/etc/raddb/sites-enabled/default[209]: Opening radius I/O interface failed -- *Ce message et toutes les pièces jointes (ci-après le "message") sont établis à l’intention exclusive des destinataires désignés. Il contient des informations confidentielles et pouvant être protégé par le secret professionnel. Si vous recevez ce message par erreur, merci d'en avertir immédiatement l'expéditeur et de détruire le message. Toute utilisation de ce message non conforme à sa destination, toute diffusion ou toute publication, totale ou partielle, est interdite, sauf autorisation expresse de l'émetteur*
On May 16, 2023, at 12:31 PM, Baudouin MESMIN DES VAUX <baudouin.mesmin-des-vaux@wifirst.fr> wrote:
I try to run freeradius V4.0 for tacas+. I clone the master and do, without issue, the ./configure, make and make install. I’m on Ubuntu 2304 up-to-date with libkqueue v2.6.1-28.
You need to use the latest libkqueue from git. The official releases have many bugs, and just don't work. Alan DeKok.
participants (2)
-
Alan DeKok -
Baudouin MESMIN DES VAUX