rlm_sql module do not write sql requests into log file
Laurent Bourqui
freeradius at apicus.ch
Thu Apr 21 13:47:47 CEST 2016
Hi Alan,
> You're using 3.0.4. Please use 3.0.11. This issues is fixed in recent versions of the server.
Thanks for your answer. I have downloaded version 3.0.11, compiled it and started the server. Somehow I still have the same problem. The variable is defined but the log file is not written.
Below the mods-enabled/sql configuration file:
sql {
driver = "rlm_sql_postgresql"
postgresql {
send_application_name = yes
}
dialect = "postgresql"
server = "localhost"
login = "xxxxxxx"
password = "xxxxxxxx"
radius_db = "radius"
acct_table1 = "radacct"
acct_table2 = "radacct"
postauth_table = "radpostauth"
authcheck_table = "radcheck"
groupcheck_table = "radgroupcheck"
authreply_table = "radreply"
groupreply_table = "radgroupreply"
usergroup_table = "radusergroup"
read_groups = no
read_profiles = no
delete_stale_sessions = yes
logfile = ${logdir}/sqllog.sql
pool {
start = 5
min = 2
max = ${thread[pool].max_servers}
spare = 3
uses = 0
lifetime = 0
idle_timeout = 60
}
read_clients = no
client_table = "nas"
# Read database-specific queries
$INCLUDE ${modconfdir}/${.:name}/main/${dialect}/queries.conf
}
I would have expected with this configuration that all sql requests would be logged in ${logdir}/sqllog.sql and it does not.
Running the server in debugging mode I found out that the logfile variable is completed correctly:
-------------snip------------------
Mon Apr 11 21:16:13 2016 : Debug: # Loaded module rlm_sql
Mon Apr 11 21:16:13 2016 : Debug: # Loading module "sql" from file /usr/local/etc/raddb/mods-enabled/sql
Mon Apr 11 21:16:13 2016 : Debug: sql {
Mon Apr 11 21:16:13 2016 : Debug: driver = "rlm_sql_postgresql"
Mon Apr 11 21:16:13 2016 : Debug: server = "localhost"
Mon Apr 11 21:16:13 2016 : Debug: port = 0
Mon Apr 11 21:16:13 2016 : Debug: login = "radius"
Mon Apr 11 21:16:13 2016 : Debug: password = "xxxxxxxxx"
Mon Apr 11 21:16:13 2016 : Debug: radius_db = "xxxxxxxxx"
Mon Apr 11 21:16:13 2016 : Debug: read_groups = no
Mon Apr 11 21:16:13 2016 : Debug: read_profiles = no
Mon Apr 11 21:16:13 2016 : Debug: read_clients = no
Mon Apr 11 21:16:13 2016 : Debug: delete_stale_sessions = yes
Mon Apr 11 21:16:13 2016 : Debug: sql_user_name = "%{User-Name}"
Mon Apr 11 21:16:13 2016 : Debug: logfile = "/var/log/radius/sqllog.sql"
Mon Apr 11 21:16:13 2016 : Debug: default_user_profile = ""
Mon Apr 11 21:16:13 2016 : Debug: client_query = "SELECT id, nasname, shortname, type, secret, server FROM nas"
Mon Apr 11 21:16:13 2016 : Debug: authorize_check_query = "SELECT id, UserName, Attribute, Value, Op FROM radcheck WHERE Username = '%{SQL-User-Name}' ORDER BY id"
Mon Apr 11 21:16:13 2016 : Debug: authorize_reply_query = "SELECT id, UserName, Attribute, Value, Op FROM radreply WHERE Username = '%{SQL-User-Name}' ORDER BY id"
Mon Apr 11 21:16:13 2016 : Debug: authorize_group_check_query = "SELECT id, GroupName, Attribute, Value, op FROM radgroupcheck WHERE GroupName = '%{Sql-Group}' ORDER BY id"
Mon Apr 11 21:16:13 2016 : Debug: authorize_group_reply_query = "SELECT id, GroupName, Attribute, Value, op FROM radgroupreply WHERE GroupName = '%{Sql-Group}' ORDER BY id"
Mon Apr 11 21:16:13 2016 : Debug: group_membership_query = "SELECT GroupName FROM radusergroup WHERE UserName='%{SQL-User-Name}' ORDER BY priority"
Mon Apr 11 21:16:13 2016 : Debug: safe_characters = "@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /"
Mon Apr 11 21:16:13 2016 : Debug: accounting {
-------------snip------------------
Freeradius Version:
[root at dev radius]# radiusd -v
radiusd: FreeRADIUS Version 3.0.11, for host x86_64-unknown-linux-gnu, built on Apr 9 2016 at 14:53:45
Copyright (C) 1999-2016 The FreeRADIUS server project and contributors
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE
You may redistribute copies of FreeRADIUS under the terms of the
GNU General Public License
For more information about these matters, see the file named COPYRIGHT
[root at dev radius]#
Running on CentOS:
[root at dev radius]# uname -a
Linux dev 3.10.0-327.13.1.el7.x86_64 #1 SMP Thu Mar 31 16:04:38 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
[root at dev radius]#
Is there something which I configured wrong ?
Any help is welcome.
Regards
Laurent
----- Original Message -----
From: "Alan DeKok" <aland at deployingradius.com>
To: "FreeRadius users mailing list" <freeradius-users at lists.freeradius.org>
Sent: Monday, March 28, 2016 7:10:02 PM
Subject: Re: ram_sql module do not write sql requests into log file
On Mar 27, 2016, at 6:51 PM, Laurent Bourqui <freeradius at apicus.ch> wrote:
> I'm currently trying to make the rim_sql run as I want. It's doing quite OK, but I'm having trouble to use the logfile configuration parameter in the sql configuration. As far I understood, this would log every sql requests in the file given in this argument. Basically I would like to have all requests logged in ${logdir}/sqllog.sql, mainly for debugging purpose.
>
> Unfortunatelly this is not working at all, the attribute is configured but nothing is written in the log file. I have also tried to touch the file manually in order to have it configured with the correct rights.
You're using 3.0.4. Please use 3.0.11. This issues is fixed in recent versions of the server.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list