Check LDAP password with SHA512
Alan DeKok
aland at deployingradius.com
Thu Jan 28 15:29:59 CET 2016
On Jan 28, 2016, at 3:49 AM, Will W. <will at damagesinc.net> wrote:
>
> OK this is getting fun, two systems up, the first one I get working wins.
>
> - original system: SEL 12.1 Freeradius install via repo binaries 3.0.4
> I'm familiar with 2.x but 3.x has a few differences.
> I am guessing that this needs to be changed in
> /etc/raddb/sites-enabled/default
You cannot just use a v2 configuration in a v3 server. This is documented. See the v3 file raddb/README.rst. Or look at the wiki for upgrading documentation.
Despite perennial complaints, most of the server *is* documented. PLEASE read the documentation before making major changes.
> -second system after getting the email about Freeradius 3.1.0 with patch
> for crypt. Ubuntu x86_64 14.04 cloned from github about three hours ago.
> Freeradius 3.1.0
> Still trying to figure out what is wrong with my /dev/urandom file set in
> /etc/freeradius/mods-enabled/ldap
>
> Seems like on both RHEL 7.x and Ubuntu 14.04 when I compile from source and
> run either freeradius -X the first thing that it complained about was:
> random_file = /dev/urandom is world writable.
What is the EXACT ERROR? This is important.
Saying "stuff went wrong" doesn't work well with computers. Computers are literal , and exact.
> Quick chmod 644 and then I
> get an unknown error trying to set the random_file.
It should be Unix administration 101. *Don't* mangle the permissions on files in /dev/.
> Is there a fix for this?
Post the debug output where it gives the error.
No one else sees that problem. The code checks for world-writable files *only* for the server configuration files. e.g. radiusd.conf, proxy.conf, etc. I don't see any code path where your error is possible.
So... what did you do? What did you change? Why did you change it?
Alan DeKok.
More information about the Freeradius-Users
mailing list