Shell script execution
mdii
mdii.alias at gmail.com
Thu Apr 16 13:17:17 CEST 2015
Hi, thanks again for the help.
As you said I ran the *radiusd -X *command using the radiusd user, but both
the script and the freeradius call worked.
I also did the following analysis:
[root at ALPRRH sites-available]# *radiusd*
>
[root at ALPRRH sites-available]# ps -elf | grep radiusd
> 5 S radiusd 2891 1 0 80 0 - 71422 poll_s 08:13 ? 00:00:00
> radiusd
> 0 S root 2926 2392 0 80 0 - 25812 pipe_w 08:15 pts/3 00:00:00
> grep radiusd
>
[root at ALPRRH sites-available]# service radiusd stop
> Stopping radiusd: [ OK ]
> [root at ALPRRH sites-available]# *service radiusd start*
> Starting radiusd: [ OK ]
>
[root at ALPRRH sites-available]# ps -elf | grep radiusd
>
5 S radiusd 2952 1 0 80 0 - 38653 poll_s 08:15 ? 00:00:00
> /usr/sbin/radiusd -d /etc/raddb
>
0 S root 2960 2392 0 80 0 - 25812 pipe_w 08:15 pts/3 00:00:00
> grep radiusd
>
[root at ALPRRH sites-available]# service radiusd stop
> Stopping radiusd: [ OK ]
>
[root at ALPRRH sites-available]# */usr/sbin/radiusd*
>
[root at ALPRRH sites-available]# ps -edf | grep radiusd
> radiusd 3230 1 0 08:54 ? 00:00:00 /usr/sbin/radiusd
> root 3237 2392 0 08:54 pts/3 00:00:00 grep radiusd
>
[root at ALPRRH sites-available]# service radiusd stop
> Stopping radiusd: [ OK ]
> [root at ALPRRH sites-available]# *service radiusd start*
> Starting radiusd: [ OK ]
>
[root at ALPRRH sites-available]# ps -elf | grep radiusd
> 5 S radiusd 2952 1 0 80 0 - 38653 poll_s 08:15 ? 00:00:00
> /usr/sbin/radiusd
> 0 S root 2960 2392 0 80 0 - 25812 pipe_w 08:15 pts/3 00:00:00
> grep radiusd
>
On both "service radiusd start", the script call didn't worked.
On both "radiusd" and "/usr/sbin/radiusd" the script call worked
It looks that in both case is the same user (radiusd) that runs the shell
script, but it only works when manually starting Freeradius. Maybe it's a
timing issue?
Is there a way to see any logs when running *service radiusd start *?
My /var/log/raddb/radius.log don't show any detailed information (neither
/var/log/radius/radacct/<client IP>/auth-detail-20150415)...
2015-04-16 12:37 GMT+02:00 Stefan Paetow <Stefan.Paetow at jisc.ac.uk>:
> > as you told but in the* radiusd -X* log I've got WARNING: Unknown module
> > "echo" in string expansion "%"
>
> Ok... that's odd because the echo module is enabled by default in v2.1.12.
> Check in /etc/raddb/modules for a module called 'echo'.
>
> > And it works well. Then I've tried a second time, but without the*
> radiusd
> > -X* command (using *service radiusd start*), and it didn't work.
>
> Then it's a permission issue. Do this:
>
> As root execute: su - --shell=/bin/bash radiusd
>
> It should drop you into user radiusd.
>
> Then as radiusd execute: /usr/sbin/ldap_get_group_info.sh
>
> See whether it works.
>
> Then as radiusd, execute: radiusd -X
>
> Try your request again. You *should* see a message if FR couldn't execute
> the script, complete with error message.
>
> With Regards
>
> Stefan Paetow
> Moonshot Industry & Research Liaison Coordinator
>
> t: +44 (0)1235 822 125
> gpg: 0x3FCE5142
> xmpp: stefanp at jabber.dev.ja.net
> skype: stefan.paetow.janet
> Lumen House, Library Avenue, Harwell Oxford, Didcot, OX11 0SG
>
> jisc.ac.uk
>
> Jisc is a registered charity (number 1149740) and a company limited by
> guarantee which is registered in England under Company No. 5747339, VAT No.
> GB 197 0632 86. Jisc’s registered office is: One Castlepark, Tower Hill,
> Bristol, BS2 0JA. T 0203 697 5800.
> Jisc Collections and Janet Ltd. is a wholly owned Jisc subsidiary and a
> company limited by guarantee which is registered in England under Company
> No. number 2881024, VAT No. GB 197 0632 86. The registered office is: Lumen
> House, Library Avenue, Harwell, Didcot, Oxfordshire, OX11 0SG. T 01235
> 822200.
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
More information about the Freeradius-Users
mailing list