detail: suppress not working in 3.0.0?

Stefan Winter stefan.winter at restena.lu
Mon Jan 6 15:53:36 CET 2014 

Hello,

I am currently converting from v2 to 3.0.0 and want to preserve my old
behaviour of logging packets using a "detail" instance without logging
the User-Password.

The 3.0 raddb template (mods-available/detail.log) seems to look exactly
like the 2.x one; so I've created the following in

/usr/local/freeradius/config/raddb/modules/auth_log_silent

(yes, the directory is called modules, not mods-enabled, that is
intentional and configured like that; radiusd loads that directory
instead of mods-enabled. Please don't beat me up for it.)

        detail auth_log_silent {
                filename =
${radacctdir}/%Y%m%d/%{RESTENA-Service-Type}-service/auth-detail
                permissions = 0600
                suppress {
                        User-Password
                }
        }

But during startup, "permissions" and the "suppress" section get ignored
(filename is picked up though):

  # Instantiating module "auth_log_silent" from file
/usr/local/freeradius/config/raddb/modules/auth_log_silent
  detail auth_log_silent {
        filename =
"/var/log/radius/radacct/%Y%m%d/%{RESTENA-Service-Type}-service/auth-detail"
        header = "%t"
        permissions = 384
        dir_permissions = 493
        locking = no
        log_packet_header = no
  }

And the log files do contain the User-Password attribute. I'm also
staring at the "permissions" line and wonder if it ignores my 0600?

Is the example in raddb/ incorrect?

Greetings,

Stefan Winter

-- 
Stefan WINTER
Ingenieur de Recherche
Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et
de la Recherche
6, rue Richard Coudenhove-Kalergi
L-1359 Luxembourg

Tel: +352 424409 1
Fax: +352 422473

PGP key updated to 4096 Bit RSA - I will encrypt all mails if the
recipient's key is known to me

http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC0DE6A358A39DC66
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0x8A39DC66.asc
Type: application/pgp-keys
Size: 3243 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140106/d5502b20/attachment.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 901 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140106/d5502b20/attachment.pgp>

More information about the Freeradius-Users mailing list