processes invoked goes <defunct>

Fabio Pedretti fabio.pedretti at ing.unibs.it
Thu Aug 24 17:05:59 CEST 2006


I have just upgraded to 1.1.3, but I get again the same error.

Fabio

> "Fabio" <fabio.ped at libero.it> wrote:
>
> Install 1.1.2.
>
>  Alan DeKok.

My previous message (Thu Jun 1 15:21:59 CEST 2006):

Hi,
I am using freeradius 1.0.5, configured so that when a user fails the  
password for X times, a mail is sent to a sysadmin.
I have added the following to modules section:

exec accept_notify {
   wait = no
   program = "/usr/local/etc/raddb/radius_reject_notify %{User-Name}  
accept %{FreeRADIUS-Proxied-To}"
   input_pairs = request
}
exec reject_notify {
   wait = no
   program = "/usr/local/etc/raddb/radius_reject_notify %{User-Name}  
reject %{FreeRADIUS-Proxied-To}"
   input_pairs = request
}

and this is my posth-auth section:
post-auth {
   accept_notify

   Post-Auth-Type REJECT {
     reject_notify
   }
}

radius_reject_notify is the bash script attached.

However, when a user log in and the script is executed, I see that the  
script remains in a <defunct> state. After some time I see hundreds of  
such processes:

Output of ps -e:
13110 ?        00:00:00 radius_reject_n <defunct>
13232 ?        00:00:00 radius_reject_n <defunct>
13233 ?        00:00:00 radius_reject_n <defunct>
....

Has someone idea why freeradius does not close correctly my script?

Thanks,

   Fabio



radius_reject_notify:

#!/bin/bash
#
#Sintax:
#
#mail_notify user access type
#  user:   user name
#  access: accept or reject
#  type:   accepted only if ( == FreeRADIUS-Proxied-To ) == 127.0.0.1
#

# TRY: number of retry
TRY=10

FAILED_USERS_DIR=/tmp/radius_user_fail/
MAIL_ADMINS="admin at domain.com"

USER_RETRY=0
CURRENT_USER=$1
ACCESS=$2


failed() {
mkdir -p $FAILED_USERS_DIR

         if
                 [ -e $FAILED_USERS_DIR/$CURRENT_USER ]
         then
                 USER_RETRY=`cat $FAILED_USERS_DIR/$CURRENT_USER`
         fi

         USER_RETRY=$(( USER_RETRY + 1 ))
         echo $USER_RETRY > $FAILED_USERS_DIR/$CURRENT_USER

         if (( USER_RETRY == $TRY ))
         then
                 #Limit exceded!
                 send_mail
         fi ;
}

success() {
         if
                 [ -e $FAILED_USERS_DIR/$CURRENT_USER ]
         then
                 rm -f $FAILED_USERS_DIR/$CURRENT_USER
         fi
}

send_mail() {
         HOSTNAME=`hostname`
         env MAILRC=/dev/null from=radius.admin@$HOSTNAME  
smtp=smtp.domain.com nail -n -s "RADIUS - Autentication failed $TRY
  times" $MAIL_ADMINS <<-END
$CURRENT_USER failed authentication for $TRY times.
END

}

case $3 in
         '127.0.0.1')

         case $ACCESS in
                 'accept')
                 success
                 ;;
                 'reject')
                 failed
                 ;;
         esac
         ;;
esac





More information about the Freeradius-Users mailing list