FreeRADIUS and PostgresSQL

John Gardner John.Gardner at southtyneside.gov.uk
Tue Dec 1 09:29:17 CET 2009


Hi everyone

I'm using Oracle Enterprise Linux (Red Hat EL clone) and the packaged
version of FreeRADIUS (1.1.3) to ultimately authenticate some Linux
machines centrally.

I've been following the HOWTO at http://wiki.freeradius.org/SQL_HOWTO
but some of it does appear to be out of date.

I've managed to successfully authenticate using the users file, but when
I try to authenticate against the test data I've put in the database I'm
getting the following in the logs;

rad_recv: Access-Request packet from host 127.0.0.1:38929, id=223,
length=64
	User-Name = "john.gardner"
	User-Password = "xxxxxxxxxx"
	NAS-IP-Address = 255.255.255.255
	NAS-Port = 1812
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 2
  modcall[authorize]: module "preprocess" returns ok for request 2
  modcall[authorize]: module "chap" returns noop for request 2
  modcall[authorize]: module "mschap" returns noop for request 2
    rlm_realm: No '@' in User-Name = "john.gardner", looking up realm
NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 2
  rlm_eap: No EAP-Message, not doing EAP
  modcall[authorize]: module "eap" returns noop for request 2
    users: Matched entry DEFAULT at line 155
  modcall[authorize]: module "files" returns ok for request 2
radius_xlat:  'john.gardner'
rlm_sql (sql): sql_set_user escaped user --> 'john.gardner'
radius_xlat:  'SELECT id, UserName, Attribute, Value, Op ??FROM radcheck
??WHERE Username = 'john.gardner' ??ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 2
rlm_sql_postgresql: query: SELECT id, UserName, Attribute, Value, Op
??FROM radcheck ??WHERE Username = 'john.gardner' ??ORDER BY id
rlm_sql_postgresql: Status: PGRES_TUPLES_OK
rlm_sql_postgresql: affected rows = 
rlm_sql: Failed to create the pair: Unknown attribute
"Cleartext-Password"
rlm_sql (sql): Error getting data from database
rlm_sql (sql): SQL query error; rejecting user
rlm_sql (sql): Released sql socket id: 2
  modcall[authorize]: module "sql" returns fail for request 2
modcall: leaving group authorize (returns fail) for request 2
Finished request 2
Going to the next request

Now, it appears that the problem is to do with 'Cleartext-Password' I've
stored in the database, but this seems to be correct according to the
HOWTO.  Can anyone see the problem just from the log?  Is there a list
of all the correct data that could entered into the database?

Thanks in advance

John


This email and any files transmitted with it are intended solely for the named recipient and may contain sensitive, confidential or protectively marked material up to the central government classification of ?RESTRICTED" which must be handled accordingly.  If you have received this e-mail in error, please immediately notify the sender by e-mail and delete from your system, unless you are the named recipient (or authorised to receive it for the recipient) you are not permitted to copy, use, store, publish, disseminate or disclose it to anyone else.


E-mail transmission cannot be guaranteed to be secure or error-free as it could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses and therefore the Council accept no liability for any such errors or omissions.  


Unless explicitly stated otherwise views or opinions expressed in this email are solely those of the author and do not necessarily represent those of the Council and are not intended to be legally binding.

 

All Council network traffic and GCSX traffic may be subject to recording and/or monitoring in accordance with relevant legislation.



South Tyneside Council, Town Hall & Civic Offices, Westoe Road, South Shields, Tyne & Wear, NE33 2RL, Tel: 0191 427 1717, Website: www.southtyneside.info





More information about the Freeradius-Users mailing list