sql question
Felipe Ceglia - PY1NB
felipe-listas at terenet.com.br
Fri Jun 8 17:07:28 CEST 2007
Dear radius gurus,
I am trying to setup radius for mysql auth, but I altough the db tables
seems to be ok, I cannot auth the users.
Any help will be welcome!
Thanks in advance!
here is what I am trying:
[root at intranet raddb]# radtest anavc 2572ava localhost:1645 0 teste
Sending Access-Request of id 139 to 127.0.0.1:1645
User-Name = "anavc"
User-Password = "2572ava"
NAS-IP-Address = intranet
NAS-Port = 0
Re-sending Access-Request of id 139 to 127.0.0.1:1645
User-Name = "anavc"
User-Password =
"\027\257\363\336\323t\270\301\252\320S\213\032y\350\371"
NAS-IP-Address = intranet
NAS-Port = 0
rad_recv: Access-Reject packet from host 127.0.0.1:1645, id=139, length=20
[root at intranet raddb]#
-------------------------------------------------------------------------------------------------------------------------------------------------------------
radiusd -X says:
Ready to process requests.
rad_recv: Access-Request packet from host 127.0.0.1:54564, id=171, length=57
User-Name = "anavc"
User-Password = "2572ava"
NAS-IP-Address = 255.255.255.255
NAS-Port = 0
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
modcall[authorize]: module "preprocess" returns ok for request 0
modcall[authorize]: module "chap" returns noop for request 0
modcall[authorize]: module "mschap" returns noop for request 0
rlm_realm: No '@' in User-Name = "anavc", looking up realm NULL
rlm_realm: Found realm "NULL"
rlm_realm: Adding Stripped-User-Name = "anavc"
rlm_realm: Proxying request from user anavc to realm NULL
rlm_realm: Adding Realm = "NULL"
rlm_realm: Authentication realm is LOCAL.
modcall[authorize]: module "suffix" returns noop for request 0
rlm_eap: No EAP-Message, not doing EAP
modcall[authorize]: module "eap" returns noop for request 0
users: Matched DEFAULT at 173
modcall[authorize]: module "files" returns ok for request 0
radius_xlat: 'anavc'
rlm_sql (sql): sql_set_user escaped user --> 'anavc'
radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE
Username = 'anavc' ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 3
rlm_sql_mysql: query: SELECT id,UserName,Attribute,Value,op FROM
radcheck WHERE Username = 'anavc' ORDER BY id
radius_xlat: 'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'anavc' AND
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
rlm_sql_mysql: query: SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'anavc' AND
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id
radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radreply WHERE
Username = 'anavc' ORDER BY id'
rlm_sql_mysql: query: SELECT id,UserName,Attribute,Value,op FROM
radreply WHERE Username = 'anavc' ORDER BY id
radius_xlat: 'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
FROM radgroupreply,usergroup WHERE usergroup.Username = 'anavc' AND
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql_mysql: query: SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
FROM radgroupreply,usergroup WHERE usergroup.Username = 'anavc' AND
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id
rlm_sql (sql): No matching entry in the database for request from user
[anavc]
rlm_sql (sql): Released sql socket id: 3
modcall[authorize]: module "sql" returns notfound for request 0
modcall: group authorize returns ok for request 0
rad_check_password: Found Auth-Type System
auth: type "System"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 0
modcall[authenticate]: module "unix" returns notfound for request 0
modcall: group authenticate returns notfound for request 0
auth: Failed to validate the user.
Login incorrect: [anavc/2572ava] (from client localhost port 0)
rad_lowerpair: Stripped-User-Name now 'anavc'
rad_lowerpair: User-Password now '2572ava'
rad_rmspace_pair: Stripped-User-Name now 'anavc'
rad_rmspace_pair: User-Password now '2572ava'
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
modcall[authorize]: module "preprocess" returns ok for request 0
modcall[authorize]: module "chap" returns noop for request 0
modcall[authorize]: module "mschap" returns noop for request 0
rlm_realm: Request already proxied. Ignoring.
modcall[authorize]: module "suffix" returns noop for request 0
rlm_eap: No EAP-Message, not doing EAP
modcall[authorize]: module "eap" returns noop for request 0
users: Matched DEFAULT at 173
modcall[authorize]: module "files" returns ok for request 0
radius_xlat: 'anavc'
rlm_sql (sql): sql_set_user escaped user --> 'anavc'
radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE
Username = 'anavc' ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 2
rlm_sql_mysql: query: SELECT id,UserName,Attribute,Value,op FROM
radcheck WHERE Username = 'anavc' ORDER BY id
radius_xlat: 'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'anavc' AND
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
rlm_sql_mysql: query: SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'anavc' AND
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id
radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radreply WHERE
Username = 'anavc' ORDER BY id'
rlm_sql_mysql: query: SELECT id,UserName,Attribute,Value,op FROM
radreply WHERE Username = 'anavc' ORDER BY id
radius_xlat: 'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
FROM radgroupreply,usergroup WHERE usergroup.Username = 'anavc' AND
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql_mysql: query: SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
FROM radgroupreply,usergroup WHERE usergroup.Username = 'anavc' AND
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id
rlm_sql (sql): No matching entry in the database for request from user
[anavc]
rlm_sql (sql): Released sql socket id: 2
modcall[authorize]: module "sql" returns notfound for request 0
modcall: group authorize returns ok for request 0
rad_check_password: Found Auth-Type System
auth: type "System"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 0
modcall[authenticate]: module "unix" returns notfound for request 0
modcall: group authenticate returns notfound for request 0
auth: Failed to validate the user.
Login incorrect: [anavc/2572ava] (from client localhost port 0)
Delaying request 0 for 2 seconds
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 2 seconds...
--- Walking the entire request list ---
Waking up in 2 seconds...
-------------------------------------------------------------------------------------------------------------------------------------------------------------
when I run the queries by hand:
mysql> SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE
Username = 'anavc' ORDER BY id;
+----+----------+---------------+---------+----+
| id | UserName | Attribute | Value | op |
+----+----------+---------------+---------+----+
| 4 | anavc | User-Password | 2572ava | == |
+----+----------+---------------+---------+----+
1 row in set (0.02 sec)
mysql> SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE
Username = 'anavc' ORDER BY id;
+----+----------+---------------+---------+----+
| id | UserName | Attribute | Value | op |
+----+----------+---------------+---------+----+
| 4 | anavc | User-Password | 2572ava | == |
+----+----------+---------------+---------+----+
1 row in set (0.00 sec)
mysql> SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'anavc' AND
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id;
+----+-----------+------------------+-------+----+
| id | GroupName | Attribute | Value | op |
+----+-----------+------------------+-------+----+
| 1 | dialup | Auth-Type | Local | == |
| 2 | dialup | Simultaneous-Use | 1 | == |
+----+-----------+------------------+-------+----+
2 rows in set (0.00 sec)
mysql> SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'anavc' AND
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id;
+----+-----------+------------------+-------+----+
| id | GroupName | Attribute | Value | op |
+----+-----------+------------------+-------+----+
| 1 | dialup | Auth-Type | Local | == |
| 2 | dialup | Simultaneous-Use | 1 | == |
+----+-----------+------------------+-------+----+
2 rows in set (0.00 sec)
mysql> SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'anavc' AND
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id;
+----+-----------+------------------+-------+----+
| id | GroupName | Attribute | Value | op |
+----+-----------+------------------+-------+----+
| 1 | dialup | Auth-Type | Local | == |
| 2 | dialup | Simultaneous-Use | 1 | == |
+----+-----------+------------------+-------+----+
2 rows in set (0.00 sec)
mysql> SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
FROM radgroupreply,usergroup WHERE usergroup.Username = 'anavc' AND
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id;
+----+-----------+--------------------+---------------------+----+
| id | GroupName | Attribute | Value | op |
+----+-----------+--------------------+---------------------+----+
| 27 | dialup | Framed-IP-Address | 255.255.255.254 | == |
| 28 | dialup | Framed-Compression | Van-Jacobson-TCP-IP | == |
| 29 | dialup | Framed-IP-Netmask | 255.255.255.255 | == |
| 30 | dialup | Framed-MTU | 576 | == |
| 31 | dialup | Idle-Timeout | 900 | := |
+----+-----------+--------------------+---------------------+----+
5 rows in set (0.03 sec)
More information about the Freeradius-Users
mailing list