Enabling debug level on server

Dan M dan.red.beard at gmail.com
Fri Dec 4 19:15:11 CET 2020

I need to get debug output without being able to start the server with -X.
After reviewing your reply to: Requests being rejected with "Invalid user" and reviewing the related docs 
I see two options: radmin OR possibly in authorize section
Both require config changes and both have challenges in our locked down environment.  

For using radmin
- update control-socket file with socket file name, uid, gid, mode = rw
- enable control-socket by creating the symlink
- restart

Invoke radmin issue useful commands: (possibly using the -f socket_file and -I input_file)
show debug level
show module list
debug file [filename full path]  
# If I don't set the filename will debug go to the current log file?
# e.g.  from:  log { destination = files  file = ${logdir}/radius.log ...
# Can I just use the same logfile filename and base logging and debug will go to same file?
# Can the debug file name be set permanently in the config somewhere?  
set debug level 1 
# (What is a good/recommended level?)
- watch for failures and go read the debug data

Alternately, in Vers 3.17 can I just add the below to my authorize section?:
update control {
       Tmp-String-0 = "%{debug:1}"
Does it REQUIRE a conditional?  If so would: "if ( "A" ==  "A") { ... }" suffice?

Thanks in advance
Dan Mullen

Scanned by McAfee and confirmed virus-free.	
Find out more here: https://bit.ly/2zCJMrO

More information about the Freeradius-Users mailing list