processes invoked goes <defunct>

Fabio fabio.ped at libero.it
Thu Jun 1 15:21:59 CEST 2006 

Hi,
I am using freeradius 1.0.5, configured so that when a user fails the password for X times, a mail is sent to a sysadmin.
I have added the following to modules section:

exec accept_notify {
  wait = no
  program = "/usr/local/etc/raddb/radius_reject_notify %{User-Name} accept %{FreeRADIUS-Proxied-To}"
  input_pairs = request
}
exec reject_notify {
  wait = no
  program = "/usr/local/etc/raddb/radius_reject_notify %{User-Name} reject %{FreeRADIUS-Proxied-To}"
  input_pairs = request
}

and this is my posth-auth section:
post-auth {
  accept_notify

  Post-Auth-Type REJECT {
    reject_notify
  }
}

radius_reject_notify is the bash script attached.

However, when a user log in and the script is executed, I see that the script remains in a <defunct> state. After some time I see hundreds of such processes:

Output of ps -e:
13110 ?        00:00:00 radius_reject_n <defunct>
13232 ?        00:00:00 radius_reject_n <defunct>
13233 ?        00:00:00 radius_reject_n <defunct>
....

Has someone idea why freeradius does not close correctly my script?

Thanks,

  Fabio



radius_reject_notify:

#!/bin/bash
#
#Sintax:
#
#mail_notify user access type
#  user:   user name
#  access: accept or reject
#  type:   accepted only if ( == FreeRADIUS-Proxied-To ) == 127.0.0.1
#

# TRY: number of retry
TRY=10

FAILED_USERS_DIR=/tmp/radius_user_fail/
MAIL_ADMINS="admin at domain.com"

USER_RETRY=0
CURRENT_USER=$1
ACCESS=$2


failed() {
mkdir -p $FAILED_USERS_DIR

        if
                [ -e $FAILED_USERS_DIR/$CURRENT_USER ]
        then
                USER_RETRY=`cat $FAILED_USERS_DIR/$CURRENT_USER`
        fi

        USER_RETRY=$(( USER_RETRY + 1 ))
        echo $USER_RETRY > $FAILED_USERS_DIR/$CURRENT_USER

        if (( USER_RETRY == $TRY ))
        then
                #Limit exceded!
                send_mail
        fi ;
}

success() {
        if
                [ -e $FAILED_USERS_DIR/$CURRENT_USER ]
        then
                rm -f $FAILED_USERS_DIR/$CURRENT_USER
        fi
}

send_mail() {
        HOSTNAME=`hostname`
        env MAILRC=/dev/null from=radius.admin@$HOSTNAME smtp=smtp.domain.com nail -n -s "RADIUS - Autentication failed $TRY
 times" $MAIL_ADMINS <<-END
$CURRENT_USER failed authentication for $TRY times.
END

}

case $3 in
        '127.0.0.1')

        case $ACCESS in
                'accept')
                success
                ;;
                'reject')
                failed
                ;;
        esac
        ;;
esac

More information about the Freeradius-Users mailing list