Unknown module eap
freeradius newbie here...not sure where I went wrong and someone probably can figure this out in a second. New installation, following guide @ tldp and another ldap guide but I don't think the ldap is the problem here. Not knowing what is significant, I'll just give the whole output. CentOS 5 (freeradius-1.1.3-1.2.el5) still using default certificates so as not to complicate things too much yet. # radiusd -X -f Starting - reading configuration files ... reread_config: reading radiusd.conf Config: including file: /etc/raddb/proxy.conf Config: including file: /etc/raddb/clients.conf Config: including file: /etc/raddb/snmp.conf Config: including file: /etc/raddb/eap.conf main: prefix = "/usr" main: localstatedir = "/var" main: logdir = "/var/log/radius" main: libdir = "/usr/lib" main: radacctdir = "/var/log/radius/radacct" main: hostname_lookups = no main: snmp = no main: max_request_time = 30 main: cleanup_delay = 5 main: max_requests = 1024 main: delete_blocked_requests = 0 main: port = 0 main: allow_core_dumps = no main: log_stripped_names = no main: log_file = "/var/log/radius/radius.log" main: log_auth = no main: log_auth_badpass = no main: log_auth_goodpass = no main: pidfile = "/var/run/radiusd/radiusd.pid" main: user = "radiusd" main: group = "radiusd" main: usercollide = no main: lower_user = "no" main: lower_pass = "no" main: nospace_user = "no" main: nospace_pass = "no" main: checkrad = "/usr/sbin/checkrad" main: proxy_requests = yes proxy: retry_delay = 5 proxy: retry_count = 3 proxy: synchronous = no proxy: default_fallback = yes proxy: dead_time = 120 proxy: post_proxy_authorize = no proxy: wake_all_if_all_dead = no security: max_attributes = 200 security: reject_delay = 1 security: status_server = no main: debug_level = 0 read_config_files: reading dictionary read_config_files: reading naslist Using deprecated naslist file. Support for this will go away soon. read_config_files: reading clients read_config_files: reading realms radiusd: entering modules setup Module: Library search path is /usr/lib Module: Loaded exec exec: wait = yes exec: program = "(null)" exec: input_pairs = "request" exec: output_pairs = "(null)" exec: packet_type = "(null)" rlm_exec: Wait=yes but no output defined. Did you mean output=none? Module: Instantiated exec (exec) Module: Loaded expr Module: Instantiated expr (expr) Module: Loaded PAP pap: encryption_scheme = "crypt" Module: Instantiated pap (pap) Module: Loaded CHAP Module: Instantiated chap (chap) Module: Loaded MS-CHAP mschap: use_mppe = yes mschap: require_encryption = yes mschap: require_strong = yes mschap: with_ntdomain_hack = no mschap: passwd = "(null)" mschap: ntlm_auth = "(null)" Module: Instantiated mschap (mschap) Module: Loaded System unix: cache = no unix: passwd = "(null)" unix: shadow = "/etc/shadow" unix: group = "(null)" unix: radwtmp = "/var/log/radius/radwtmp" unix: usegroup = no unix: cache_reload = 600 Module: Instantiated unix (unix) Module: Loaded eap eap: default_eap_type = "peap" eap: timer_expire = 60 eap: ignore_unknown_eap_types = no eap: cisco_accounting_username_bug = no rlm_eap: Loaded and initialized type md5 rlm_eap: Loaded and initialized type leap gtc: challenge = "Password: " gtc: auth_type = "PAP" rlm_eap: Loaded and initialized type gtc tls: rsa_key_exchange = no tls: dh_key_exchange = yes tls: rsa_key_length = 512 tls: dh_key_length = 512 tls: verify_depth = 0 tls: CA_path = "(null)" tls: pem_file_type = yes tls: private_key_file = "/etc/raddb/certs/cert-srv.pem" tls: certificate_file = "/etc/raddb/certs/cert-srv.pem" tls: CA_file = "/etc/raddb/certs/demoCA/cacert.pem" tls: private_key_password = "whatever" tls: dh_file = "/etc/raddb/certs/dh" tls: random_file = "/etc/raddb/certs/random" tls: fragment_size = 1024 tls: include_length = yes tls: check_crl = no tls: check_cert_cn = "(null)" tls: cipher_list = "(null)" tls: check_cert_issuer = "(null)" rlm_eap_tls: Loading the certificate file as a chain rlm_eap: Loaded and initialized type tls mschapv2: with_ntdomain_hack = no rlm_eap: Loaded and initialized type mschapv2 rlm_eap: No such sub-type for default EAP type peap radiusd.conf[10]: eap: Module instantiation failed. radiusd.conf[1940] Unknown module "eap". radiusd.conf[1887] Failed to parse authenticate section. Can someone toss me a bone here? Craig
Craig White wrote:
freeradius newbie here...not sure where I went wrong and someone probably can figure this out in a second.
You edited the default configuration files and broke it.
CentOS 5 (freeradius-1.1.3-1.2.el5) still using default certificates so as not to complicate things too much yet.
I really suggest upgrading to 2.1.1.
rlm_eap: No such sub-type for default EAP type peap radiusd.conf[10]: eap: Module instantiation failed. radiusd.conf[1940] Unknown module "eap". radiusd.conf[1887] Failed to parse authenticate section.
Can someone toss me a bone here?
You deleted the "peap" section from eap.conf. Or, you configured "default_eap_type = peap", but without un-commenting the peap section in eap.conf. Alan DeKok.
On Sun, 2008-11-16 at 07:55 +0100, Alan DeKok wrote:
Craig White wrote:
freeradius newbie here...not sure where I went wrong and someone probably can figure this out in a second.
You edited the default configuration files and broke it.
CentOS 5 (freeradius-1.1.3-1.2.el5) still using default certificates so as not to complicate things too much yet.
I really suggest upgrading to 2.1.1.
rlm_eap: No such sub-type for default EAP type peap radiusd.conf[10]: eap: Module instantiation failed. radiusd.conf[1940] Unknown module "eap". radiusd.conf[1887] Failed to parse authenticate section.
Can someone toss me a bone here?
You deleted the "peap" section from eap.conf. Or, you configured "default_eap_type = peap", but without un-commenting the peap section in eap.conf.
yup...thanks - the instructions that I was following didn't make it clear for me to do that (uncomment the peap section...duh). I'm sort of working through things one breakage at a time. As for upgrading, duly noted but I don't know what it is that I don't know so I'll stay with the distribution for the time being. I think Red Hat has a newer version on track. Thanks Craig
Alan DeKok wrote:
Craig White wrote:
freeradius newbie here...not sure where I went wrong and someone probably can figure this out in a second.
You edited the default configuration files and broke it.
CentOS 5 (freeradius-1.1.3-1.2.el5) still using default certificates so as not to complicate things too much yet.
I really suggest upgrading to 2.1.1.
You're already running the latest CentOS package which is quite old, yum update won't get you anywhere. The only way to upgrade is to rpmbuild from source, never sinply build from source on a CentOS system if you have a choice. See http://wiki.freeradius.org/Build#Building_RedHat_packages. There isn't much documentation on it and that how-to assumes that you already have everything you need... you must have gcc, rpm-build, and all of the -devel packages installed otherwise it won't build some modules. Watch the ./configure output as it builds to see if you're getting warnings about missing libraries... it may not be missing the library but the -devel for the library. You can ignore things you don't need like Oracle, etc. On CentOS system "cp -a /usr/src/redhat/ rpmbuild" probably will not work, use "mkdir -p ~/rpmbuild/{BUILD,RPMS,SOURCES,SPECS,SRPMS}" in stead. Also watch out for SELinux, it breaks things.
rlm_eap: No such sub-type for default EAP type peap radiusd.conf[10]: eap: Module instantiation failed. radiusd.conf[1940] Unknown module "eap". radiusd.conf[1887] Failed to parse authenticate section.
Can someone toss me a bone here?
You deleted the "peap" section from eap.conf. Or, you configured "default_eap_type = peap", but without un-commenting the peap section in eap.conf.
Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
participants (3)
-
Alan DeKok -
Craig White -
Ted Lum