Fajar A. Nugraha list at fajar.net
Mon Mar 10 10:55:03 CET 2014


On Mon, Mar 10, 2014 at 4:41 PM, <krylov at ukr.net> wrote:
>
> Good day.
>
> I'd like to install on FreeBSD 9.2
> FreeRadius2 with MySQL
>
> # radiusd -X
> ...
> rad_recv: Access-Request packet from host 1.2.3.4 port 15191, id=95, length=46
>         User-Name = "krylov"
>         User-Password = "password"
> # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default
> +group authorize {
> rlm_sql (sql): Reserving sql socket id: 4
> [sql]   expand:  ->
> [sql] Error generating query; rejecting user
> rlm_sql (sql): Released sql socket id: 4
> ++[sql] = fail
> +} # group authorize = fail
> Using Post-Auth-Type REJECT
>   WARNING: Unknown value specified for Post-Auth-Type.  Cannot perform requested action.
> Delaying reject of request 0 for 1 seconds
> Going to the next request
> Waking up in 0.9 seconds.
> Sending delayed reject for request 0
> Sending Access-Reject of id 95 to 1.2.3.4 port 15191
> Waking up in 4.9 seconds.
> =-=-=-=-=-=-=-=-=-=-=-=-=-=-
> Radius can't create sql-query
> Please, help me. May be anybody nows where is examples or howto...
>

How did you install the package? Did you remove the default queries or
include files?

The defaults is usually good-enough for normal/light usage. Group
authorize queries would be (from
https://github.com/FreeRADIUS/freeradius-server/blob/v2.x.x/raddb/sql/mysql/dialup.conf
):

group_membership_query = "SELECT groupname \
          FROM ${usergroup_table} \
          WHERE username = '%{SQL-User-Name}' \
          ORDER BY priority"
authorize_group_check_query = "SELECT id, groupname, attribute, \
          Value, op \
          FROM ${groupcheck_table} \
          WHERE groupname = '%{Sql-Group}' \
          ORDER BY id"
authorize_group_reply_query = "SELECT id, groupname, attribute, \
          value, op \
          FROM ${groupreply_table} \
          WHERE groupname = '%{Sql-Group}' \
          ORDER BY id"

those queries should be printed out on the debug log. Did you delete
those lines from dialup.conf? Did you remove the lines from sql.conf
that include dialup.conf?

-- 
Fajar


More information about the Freeradius-Users mailing list