rlm_sql and read_groups
dawson at vt.edu
Tue Jul 12 16:07:40 CEST 2011
Found the source of my problem, thanks to your pointer. While it doesn't seem to matter if FreeRADIUS gets any results from the authorize_group_reply_query, sql.conf requires that it be configured and run in order to be happy. Since we have, in this case, no reply attributes to set (those are only a sometimes thing for us, and not happening the current batch of work we're doing), it returns nothing when it runs the query, but continues happily and authorizes the user.
Also, if there's interest, I can submit the oracle-ized version of the schema that we created. The one included in the source users non-oracle variable types and a few incorrect restrictions (Several items are set unique when, logically, they should not be).
On 12 Jul 2011, at 09:49, Jacob Dawson wrote:
> Didn't look for abbreviated forms of the name, so I didn't see that.
> And I'd say that 'working' is too strong a term, but I haven't determined what's causing the latest failure, as yet. At least it's querying the groups tables, so we're on to new errors, and those are like progress.
> - Jacob
> On 12 Jul 2011, at 09:42, Phil Mayers wrote:
>> On 12/07/11 14:29, Jacob Dawson wrote:
>>> That doesn't make a lot of sense from my quick skim of the config and
>>> the code, as I don't see anywhere that group_membership_query is
>> group_membership_query is defined in the default configs; or is that not what you mean?
>> The call graph is as follows:
>> ...and in sql_get_grouplist we have:
>> if (!inst->config->groupmemb_query ||
>> (inst->config->groupmemb_query == 0))
>> return 0;
>>> referenced, but it definitely triggered FR to respect the read_groups
>> So it's working now?
>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users