Getting error only when *not* running in debug mode....

Mark J. Bobak mark at bobak.net
Fri Jun 18 20:22:27 CEST 2021 

Hi Alan,

Ok, I took your advice.  I have started over, and not touched PAM at all.
I now have:
Ubuntu 20.04.2 LTS
freeradius 3.0.23
mysql 8.0.25
daloRadius 1.1-2

And, so far, so good.  I have a user defined in MySQL, and radtest will
return an Access-Accept, so that's good, but there is no totp integration
yet.

I'm a little lost on how to configure totp, and while I'm guessing it's
well documented somewhere, my Google-fu seems to be lacking.  I can't seem
to find anything on totp module configuration.  Can someone point me in
the right direction?

Thanks,

-Mark



On Thu, Jun 17, 2021 at 10:57 AM Alan DeKok <aland at deployingradius.com>
wrote:

> On Jun 17, 2021, at 10:23 AM, Mark J. Bobak <mark at bobak.net> wrote:
> >
> > Ok, I guess I'll have to do some research on PAM.
>
>   Yup.  TBH, I've found RADIUS easier than some of the PAM stuff.
>
> > But I tried 'sudo service freeradius debug', and it started in debug
> mode,
> > and when I tried radtest, it worked.  So, I checked how freeradius is
> > running (root or freerad) and it's still running as 'freerad':
> > ubuntu at radius1:~$ ps -ef|grep freerad
> > root        8784    8497  0 14:19 pts/0    00:00:00 sudo service
> freeradius
> > debug
> > root        8785    8784  0 14:19 pts/0    00:00:00 /bin/sh
> > /etc/init.d/freeradius debug
> > freerad     8801    8785  0 14:19 pts/0    00:00:00 /usr/sbin/freeradius
> -X
> > ubuntu      8812    8627  0 14:20 pts/1    00:00:00 grep --color=auto
> > freerad
> >
> > So, I'm not sure what's going on here.  Running as root works.  Running
> as
> > freerad fails.  Running as freerad w/ debug also works.
>
>   It's OS / PAM / permissions.  This really isn't an issue for FreeRADIUS,
> it's the limitation of the system on which FreeRADIUS is running.
>
>   My $0.02 would just be to dump PAM, and use the totp module which is now
> included in 3.0.22+.  It works, and it doesn't have all of these horrible
> issues.
>
>   Alan DeKok.
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html

More information about the Freeradius-Users mailing list