authentication against script problem

Kenneth Penza kennethpenza at yahoo.com
Mon Mar 19 09:30:05 CET 2007


People,

   I am trying to get user authenticated against a
shell script. I have added the following configuration
to freeradius:

under the modules section i have added
        exec myauth {
                wait = yes
                program =
"/etc/raddb/myscripts/auth.sh %{User-Name}"
                input_pairs = request
                output_pairs = reply
                packet_type = Access-Request
        }
and under the authorize section I have added 
      myauth

The contents of the script:
[root at fedora5 raddb]# cat /etc/raddb/myscripts/auth.sh
#!/bin/bash
echo $1 >> /tmp/myauth.out
exit 0
[root at fedora5 raddb]#


	On restarting the server,and attempting to connect to
the radius server I get 

[root at fedora5 ~]# echo
"User-Name=user1,User-Password=pass1" |radclient -x 
localhost:1812  auth testing123
Sending Access-Request of id 244 to 127.0.0.1:1812
        User-Name = "user1"
        User-Password = "pass1"
rad_recv: Access-Reject packet from host
127.0.0.1:1812, id=244, length=20
[root at fedora5 ~]#

and in the session from I have started he radius
server using /usr/sbin/radiusd -X -A 
I get:
Ready to process requests.
rad_recv: Access-Request packet from host
127.0.0.1:32772, id=244, length=45
        User-Name = "user1"
        User-Password = "pass1"
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
  modcall[authorize]: module "preprocess" returns ok
for request 0
  modcall[authorize]: module "chap" returns noop for
request 0
  modcall[authorize]: module "mschap" returns noop for
request 0
    rlm_realm: No '@' in User-Name = "user1", looking
up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for
request 0
  rlm_eap: No EAP-Message, not doing EAP
  modcall[authorize]: module "eap" returns noop for
request 0
radius_xlat:  '/etc/raddb/myscripts/auth.sh user1'
Exec-Program: /etc/raddb/myscripts/auth.sh user1
Exec-Program output:
Exec-Program: returned: 0
  modcall[authorize]: module "myauth" returns ok for
request 0
modcall: group authorize returns ok for request 0
auth: No authenticate method (Auth-Type) configuration
found for the request: Rejecting the user
auth: Failed to validate the user.
Login incorrect: [user1/pass1] (from client localhost
port 0)
Delaying request 0 for 1 seconds
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 244 to 127.0.0.1:32772
Waking up in 4 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 244 with timestamp 45fd3d21
Nothing to do.  Sleeping until we see a request.


 I am missing some configuration? 


Thanks in advance for you help
Kenneth


 
____________________________________________________________________________________
Looking for earth-friendly autos? 
Browse Top Cars by "Green Rating" at Yahoo! Autos' Green Center.
http://autos.yahoo.com/green_center/



More information about the Freeradius-Users mailing list