Upgrading from FreeRadius 2 to 3. Some pointers.

jan hugo prins jhp at jhprins.org
Thu Sep 21 09:53:33 CEST 2017 


On 09/21/2017 09:41 AM, Matthew Newton wrote:
>> Invalid location for 'if'
> I'm guessing that is because of the 'if' in the LDAP module config? As Alan said, that is not allowed. But if not, please send the whole output of radiusd -X.
>
>

The thing is that the "if" is not in the module config, but in the
authorize section of the site.
I need to select a ldap module based on the realm. In 2.x I could do
this in the authorize section, in 3.x it is not possible anymore.


[root at radius03 raddb]# radiusd -X -xx -f
Thu Sep 21 09:45:33 2017 : Debug: Server was built with:
Thu Sep 21 09:45:33 2017 : Debug:   accounting               : yes
Thu Sep 21 09:45:33 2017 : Debug:   authentication           : yes
Thu Sep 21 09:45:33 2017 : Debug:   ascend-binary-attributes : yes
Thu Sep 21 09:45:33 2017 : Debug:   coa                      : yes
Thu Sep 21 09:45:33 2017 : Debug:   control-socket           : yes
Thu Sep 21 09:45:33 2017 : Debug:   detail                   : yes
Thu Sep 21 09:45:33 2017 : Debug:   dhcp                     : yes
Thu Sep 21 09:45:33 2017 : Debug:   dynamic-clients          : yes
Thu Sep 21 09:45:33 2017 : Debug:   osfc2                    : no
Thu Sep 21 09:45:33 2017 : Debug:   proxy                    : yes
Thu Sep 21 09:45:33 2017 : Debug:   regex-pcre               : yes
Thu Sep 21 09:45:33 2017 : Debug:   regex-posix              : no
Thu Sep 21 09:45:33 2017 : Debug:   regex-posix-extended     : no
Thu Sep 21 09:45:33 2017 : Debug:   session-management       : yes
Thu Sep 21 09:45:33 2017 : Debug:   stats                    : yes
Thu Sep 21 09:45:33 2017 : Debug:   tcp                      : yes
Thu Sep 21 09:45:33 2017 : Debug:   threads                  : yes
Thu Sep 21 09:45:33 2017 : Debug:   tls                      : yes
Thu Sep 21 09:45:33 2017 : Debug:   unlang                   : yes
Thu Sep 21 09:45:33 2017 : Debug:   vmps                     : yes
Thu Sep 21 09:45:33 2017 : Debug:   developer                : no
Thu Sep 21 09:45:33 2017 : Debug: Server core libs:
Thu Sep 21 09:45:33 2017 : Debug:   freeradius-server        : 3.0.15
Thu Sep 21 09:45:33 2017 : Debug:   talloc                   : 2.1.*
Thu Sep 21 09:45:33 2017 : Debug:   ssl                      : 1.0.1e
release
Thu Sep 21 09:45:33 2017 : Debug:   pcre                     : 8.32
2012-11-30
Thu Sep 21 09:45:33 2017 : Debug: Endianness:
Thu Sep 21 09:45:33 2017 : Debug:   little
Thu Sep 21 09:45:33 2017 : Debug: Compilation flags:
Thu Sep 21 09:45:33 2017 : Debug:   cppflags :
Thu Sep 21 09:45:33 2017 : Debug:   cflags   : -I. -Isrc -include
src/freeradius-devel/autoconf.h -include src/freeradius-devel/build.h
-include src/freeradius-devel/features.h -include
src/freeradius-devel/radpaths.h -fno-strict-aliasing -O2 -g -pipe -Wall
-Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong
--param=ssp-buffer-size=4 -grecord-gcc-switches
-specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -m64 -mtune=generic -Wall
-std=c99 -D_GNU_SOURCE -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS
-DOPENSSL_NO_KRB5 -DNDEBUG -DIS_MODULE=1
Thu Sep 21 09:45:33 2017 : Debug:   ldflags  :  -Wl,-z,relro
-specs=/usr/lib/rpm/redhat/redhat-hardened-ld
Thu Sep 21 09:45:33 2017 : Debug:   libs     : -lcrypto -lssl -ltalloc
-lpcre -lnsl -lresolv -ldl -lpthread -lreadline
Thu Sep 21 09:45:33 2017 : Debug:  
Thu Sep 21 09:45:33 2017 : Info: FreeRADIUS Version 3.0.15
Thu Sep 21 09:45:33 2017 : Info: Copyright (C) 1999-2017 The FreeRADIUS
server project and contributors
Thu Sep 21 09:45:33 2017 : Info: There is NO warranty; not even for
MERCHANTABILITY or FITNESS FOR A
Thu Sep 21 09:45:33 2017 : Info: PARTICULAR PURPOSE
Thu Sep 21 09:45:33 2017 : Info: You may redistribute copies of
FreeRADIUS under the terms of the
Thu Sep 21 09:45:33 2017 : Info: GNU General Public License
Thu Sep 21 09:45:33 2017 : Info: For more information about these
matters, see the file named COPYRIGHT
Thu Sep 21 09:45:33 2017 : Info: Starting - reading configuration files ...
Thu Sep 21 09:45:33 2017 : Debug: including dictionary file
/usr/share/freeradius/dictionary
Thu Sep 21 09:45:33 2017 : Debug: including dictionary file
/usr/share/freeradius/dictionary.dhcp
Thu Sep 21 09:45:33 2017 : Debug: including dictionary file
/usr/share/freeradius/dictionary.vqp
Thu Sep 21 09:45:33 2017 : Debug: including dictionary file
/etc/raddb/dictionary
Thu Sep 21 09:45:33 2017 : Debug: including configuration file
/etc/raddb/radiusd.conf
Thu Sep 21 09:45:33 2017 : Debug: including configuration file
/etc/raddb/proxy.conf
Thu Sep 21 09:45:33 2017 : Debug: including configuration file
/etc/raddb/clients.conf
Thu Sep 21 09:45:33 2017 : Debug: including files in directory
/etc/raddb/mods-enabled/
Thu Sep 21 09:45:33 2017 : Debug: including configuration file
/etc/raddb/mods-enabled/ldap
Thu Sep 21 09:45:33 2017 : Debug: including configuration file
/etc/raddb/mods-enabled/realm
Thu Sep 21 09:45:33 2017 : Debug: including configuration file
/etc/raddb/mods-enabled/eap
Thu Sep 21 09:45:33 2017 : Debug: including configuration file
/etc/raddb/mods-enabled/inner-eap
Thu Sep 21 09:45:33 2017 : Debug: including configuration file
/etc/raddb/mods-enabled/files
Thu Sep 21 09:45:33 2017 : Debug: including files in directory
/etc/raddb/policy.d/
Thu Sep 21 09:45:33 2017 : Debug: including configuration file
/etc/raddb/policy.d/cui
Thu Sep 21 09:45:33 2017 : Debug: OPTIMIZING
(${policy.cui_require_operator_name} == yes) --> FALSE
Thu Sep 21 09:45:33 2017 : Debug: OPTIMIZING (no == yes) --> FALSE
Thu Sep 21 09:45:33 2017 : Debug: OPTIMIZING
(${policy.cui_require_operator_name} == yes) --> FALSE
Thu Sep 21 09:45:33 2017 : Debug: OPTIMIZING (no == yes) --> FALSE
Thu Sep 21 09:45:33 2017 : Debug: including configuration file
/etc/raddb/policy.d/accounting
Thu Sep 21 09:45:33 2017 : Debug: including configuration file
/etc/raddb/policy.d/debug
Thu Sep 21 09:45:33 2017 : Debug: including configuration file
/etc/raddb/policy.d/eap
Thu Sep 21 09:45:33 2017 : Debug: including configuration file
/etc/raddb/policy.d/canonicalization
Thu Sep 21 09:45:33 2017 : Debug: including configuration file
/etc/raddb/policy.d/operator-name
Thu Sep 21 09:45:33 2017 : Debug: including configuration file
/etc/raddb/policy.d/dhcp
Thu Sep 21 09:45:33 2017 : Debug: including configuration file
/etc/raddb/policy.d/filter
Thu Sep 21 09:45:33 2017 : Debug: including configuration file
/etc/raddb/policy.d/control
Thu Sep 21 09:45:33 2017 : Debug: including files in directory
/etc/raddb/sites-enabled/
Thu Sep 21 09:45:33 2017 : Debug: including configuration file
/etc/raddb/sites-enabled/betterbe
Thu Sep 21 09:45:33 2017 : Error: /etc/raddb/sites-enabled/betterbe[13]:
Invalid location for 'if'
Thu Sep 21 09:45:33 2017 : Error: Errors reading or parsing
/etc/raddb/radiusd.conf


Jan Hugo

More information about the Freeradius-Users mailing list