Loading fails without reporting an error
Lovaas,Steven
Steven.Lovaas at ColoState.EDU
Thu Jul 11 15:18:58 CEST 2013
Thanks, Adam... this got me looking at the right thing.
I had a mismatch between the type of the home_server localhost (auth), and the attribute used in one of the realms pointing to the pool that references that home server (pool, instead of auth_pool). Changing the type of the localhost home_server allowed FR to complete loading.
Steve
-----Original Message-----
From: freeradius-users-bounces+steven.lovaas=colostate.edu at lists.freeradius.org [mailto:freeradius-users-bounces+steven.lovaas=colostate.edu at lists.freeradius.org] On Behalf Of Adam Bishop
Sent: Thursday, July 11, 2013 4:29 AM
To: FreeRadius users mailing list
Subject: Re: Loading fails without reporting an error
On 11 Jul 2013, at 08:40, Alan DeKok <aland at DEPLOYINGRADIUS.COM> wrote:
> Lovaas,Steven wrote:
> Hmm... it looks like there's a problem with the file. It doesn't
> stop, it *exits*.
>
> See doc/bugs. That should help finding out where it's exiting.
I think I saw this issue a week or so ago - I've not been able to reproduce this on an out-of-the-box configuration; just dropping the home_server and home_server_pool stanzas into proxy.conf on a new installation doesn't cause the issue.
It seems to occur when you have a home server configured with "type = auth".
Simply changing the home_server type to auth+acct makes the config parser happy again.
Debug log follows; I'm building debug symbols at the moment to see if I can get GDB to give anything more useful.
Adam Bishop
gpg: 0x6609D460
Janet, the UK's research and education network.
--------------------------------------------------------------------------------
[root at orps2 raddb]# radiusd -X
FreeRADIUS Version 2.1.12, for host x86_64-redhat-linux-gnu, built on May 22 2013 at 10:50:32 Copyright (C) 1999-2009 The FreeRADIUS server project and contributors.
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
You may redistribute copies of FreeRADIUS under the terms of the GNU General Public License v2.
Starting - reading configuration files ...
including configuration file /etc/raddb/radiusd.conf including configuration file /etc/raddb/proxy.conf including configuration file /etc/raddb/nrps/nrps.conf including configuration file /etc/raddb/nrps/nrps-client.conf including configuration file /etc/raddb/nrps/nrps-server.conf including configuration file /etc/raddb/clients.conf including files in directory /etc/raddb/modules-enabled/ including configuration file /etc/raddb/modules-enabled/expiration
including configuration file /etc/raddb/modules-enabled/sql_log
including configuration file /etc/raddb/modules-enabled/expr including configuration file /etc/raddb/modules-enabled/always including configuration file /etc/raddb/modules-enabled/mschap including configuration file /etc/raddb/modules-enabled/attr_filter
including configuration file /etc/raddb/modules-enabled/exec including configuration file /etc/raddb/modules-enabled/ntlm_auth
including configuration file /etc/raddb/modules-enabled/files including configuration file /etc/raddb/eap.conf including configuration file /etc/raddb/policy.conf including files in directory /etc/raddb/sites-enabled/ including configuration file /etc/raddb/sites-enabled/status including configuration file /etc/raddb/sites-enabled/moonshot including configuration file /etc/raddb/preproxy.conf including configuration file /etc/raddb/sites-enabled/transport
including configuration file /etc/raddb/preproxy.conf including configuration file /etc/raddb/sites-enabled/power including configuration file /etc/raddb/sites-enabled/eduroam including configuration file /etc/raddb/sites-enabled/ems including configuration file /etc/raddb/preproxy.conf including configuration file /etc/raddb/sites-enabled/inner-tunnel
including configuration file /etc/raddb/sites-enabled/control-socket
including configuration file /etc/raddb/sites-enabled/infrastructure
including configuration file /etc/raddb/sites-enabled/default including configuration file /etc/raddb/preproxy.conf main {
user = "radiusd"
group = "radiusd"
allow_core_dumps = no
}
including dictionary file /etc/raddb/dictionary main {
name = "radiusd"
prefix = "/usr"
localstatedir = "/var"
sbindir = "/usr/sbin"
logdir = "/var/log/radius"
run_dir = "/var/run/radiusd"
libdir = "/usr/lib64/freeradius"
radacctdir = "/var/log/radius/radacct"
hostname_lookups = no
max_request_time = 30
cleanup_delay = 5
max_requests = 4096
pidfile = "/var/run/radiusd/radiusd.pid"
checkrad = "/usr/sbin/checkrad"
debug_level = 0
proxy_requests = yes
log {
stripped_names = no
auth = no
auth_badpass = no
auth_goodpass = no
}
security {
max_attributes = 200
reject_delay = 1
status_server = yes
}
}
radiusd: #### Loading Realms and Home Servers #### proxy server {
retry_delay = 5
retry_count = 3
default_fallback = no
dead_time = 120
wake_all_if_all_dead = no
}
home_server ms-perf0 {
ipv6addr = 2001:630:50:d009:250:56ff:fe88:c376 IPv6 address [2001:630:50:d009:250:56ff:fe88:c376]
port = 1812
type = "auth+acct"
secret = ""
response_window = 30
max_outstanding = 65536
require_message_authenticator = yes
zombie_period = 40
status_check = "status-server"
ping_interval = 30
check_interval = 30
num_answers_to_alive = 3
num_pings_to_alive = 3
revive_interval = 300
status_check_timeout = 4
}
home_server ms-perf1 {
ipaddr = 193.63.63.244
port = 1812
type = "auth+acct"
secret = ""
response_window = 30
max_outstanding = 65536
require_message_authenticator = yes
zombie_period = 40
status_check = "status-server"
ping_interval = 30
check_interval = 30
num_answers_to_alive = 3
num_pings_to_alive = 3
revive_interval = 300
status_check_timeout = 4
}
home_server eduroam0 {
ipv6addr = roaming0.ja.net IPv6 address [2001:630:1:128::185]
port = 1812
type = "auth"
secret = ""
response_window = 30
max_outstanding = 65536
require_message_authenticator = yes
zombie_period = 40
status_check = "status-server"
ping_interval = 30
check_interval = 30
num_answers_to_alive = 3
num_pings_to_alive = 3
revive_interval = 300
status_check_timeout = 4
}
home_server eduroam1 {
ipv6addr = roaming1.ja.net IPv6 address [2001:630:1:12a::233]
port = 1812
type = "auth"
secret = ""
response_window = 30
max_outstanding = 65536
require_message_authenticator = yes
zombie_period = 40
status_check = "status-server"
ping_interval = 30
check_interval = 30
num_answers_to_alive = 3
num_pings_to_alive = 3
revive_interval = 300
status_check_timeout = 4
}
home_server eduroam2 {
ipv6addr = roaming2.ja.net IPv6 address [2001:630:1:129::249]
port = 1812
type = "auth"
secret = ""
response_window = 30
max_outstanding = 65536
require_message_authenticator = yes
zombie_period = 40
status_check = "status-server"
ping_interval = 30
check_interval = 30
num_answers_to_alive = 3
num_pings_to_alive = 3
revive_interval = 300
status_check_timeout = 4
}
home_server_pool eduroam {
type = client-port-balance
home_server = eduroam0
home_server = eduroam1
home_server = eduroam2
}
[root at orps2 raddb]#
Janet(UK) is a trading name of Jisc Collections and Janet Limited, a not-for-profit company which is registered in England under No. 2881024 and whose Registered Office is at Lumen House, Library Avenue, Harwell Oxford, Didcot, Oxfordshire. OX11 0SG. VAT No. 614944238
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list