radiusd halts when LDAP bind fails.
D.J.Hartburn at kent.ac.uk
Tue Oct 4 12:16:32 CEST 2016
Alan give me this same advice when I had problems with Redhat, LDAP and
v3.0.4 back in May.
I decided as we pay for support to go the correct route and ask RH to
upgrade their package to 3.0.11 and put our deployment project on hold.
It has been a busy summer so we probably would not have progressed too
Updating to 3.0.11 looks a long way off, perhaps more than a year away.
If they do go with that version it is not likely to be the latest by the
time they deploy. Although they have recently provided me with a test
patched version of v3.0.4 which has fixed my particular issue it has
been a long process and who knows what other bugs are lurking in there?
Meanwhile I tried compiling my own version of 3.0.11, building it as a
RPM package so it would nicely slot in, in the same way as the official
release. It was very quick and simple to do.
The following two link proved very useful during this process
Download SPEC file and latest source from:
http://koji.fedoraproject.org/koji/packageinfo?packageID=298 You need
the src.rpm package
No hint of any errors, it all seems to work brilliantly.
While it is our policy to use RHEL supplied packages where ever
possible, I can not think of any good reason not to continue compiling
my own. When you can compile and deploy in 10 minutes and receive help
here or log a case with RHEL and wait months, it is an easy decision.
On 27/09/16 22:29, Alan DeKok wrote:
>> On Sep 27, 2016, at 5:23 PM, Scott McLane Gardner <sgardne at uark.edu> wrote:
>> Thank you. I found a workaround that works for me. Since we're using systemd, I told the service "Restart=always". This works for me for now. I will definitely look into upgrading, but we like to stay on whatever version the RHEL repo's provide.
> I wish people would complain to RedHat when their 3 year-old version of the server fails. As it stands now, you're paying RedHat for support, and are getting no support. You then ask *us* for support, and we help you, without getting paid.
> This should be a lesson that RH is bad, and you should upgrade to a version of the server that *we* support. Because we support you. RedHat doesn't.
> Alan DeKok.
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users