The problem when I run freeRadius server 4.0 in master: Failed adding new socket to network event loop: Failed inserting filters for FD 15: EFAULT: Bad address with libkqueue v2.6.1-28

Baudouin MESMIN DES VAUX baudouin.mesmin-des-vaux at wifirst.fr
Tue May 16 16:31:00 UTC 2023


Hi guys,

I try to run freeradius V4.0 for tacas+.
I clone the master and do, without issue, the ./configure, make and make
install.
I’m on Ubuntu 2304 up-to-date with libkqueue v2.6.1-28.
When I do the radius -X, I got this error :
#### Opening listener interfaces ####
Network - Failed adding new socket to network event loop: Failed inserting
filters for FD 17: EFAULT: Bad address
/usr/local/etc/raddb/sites-enabled/default[209]: Opening radius I/O
interface failed

I checked the config files, but cannot find the cause.
Could anyone help to tell me how to do, thank you very much.

Thks,
Baudouin

The complete log radiusd -X:
IInfo  : Copyright 1999-2022 The FreeRADIUS server project and contributors
Info  : There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
Info  : PARTICULAR PURPOSE
Info  : You may redistribute copies of FreeRADIUS under the terms of the
Info  : GNU General Public License
Info  : For more information about these matters, see the file named
COPYRIGHT
Info  : Starting - reading configuration files ...
Debug : Including dictionary file "/usr/local/etc/raddb/dictionary"
gctx 0x55be4a150e40 report
internal refs src/lib/server/main_config.c (1)
internal refs src/lib/server/request.c (1)
internal refs src/lib/tls/base.c (1)
including configuration file /usr/local/etc/raddb/radiusd.conf
Including files in directory "/usr/local/etc/raddb/template.d/"
including configuration file /usr/local/etc/raddb/template.d/default
including configuration file /usr/local/etc/raddb/clients.conf
Including files in directory "/usr/local/etc/raddb/global.d/"
including configuration file /usr/local/etc/raddb/global.d/ldap
Including files in directory "/usr/local/etc/raddb/mods-enabled/"
including configuration file /usr/local/etc/raddb/mods-enabled/always
including configuration file /usr/local/etc/raddb/mods-enabled/attr_filter
including configuration file /usr/local/etc/raddb/mods-enabled/cache_eap
including configuration file /usr/local/etc/raddb/mods-enabled/chap
including configuration file /usr/local/etc/raddb/mods-enabled/client
including configuration file /usr/local/etc/raddb/mods-enabled/delay
including configuration file /usr/local/etc/raddb/mods-enabled/detail
including configuration file /usr/local/etc/raddb/mods-enabled/detail.log
including configuration file /usr/local/etc/raddb/mods-enabled/digest
including configuration file /usr/local/etc/raddb/mods-enabled/eap
including configuration file /usr/local/etc/raddb/mods-enabled/eap_inner
including configuration file /usr/local/etc/raddb/mods-enabled/echo
including configuration file /usr/local/etc/raddb/mods-enabled/escape
including configuration file /usr/local/etc/raddb/mods-enabled/exec
including configuration file /usr/local/etc/raddb/mods-enabled/files
including configuration file /usr/local/etc/raddb/mods-enabled/linelog
including configuration file /usr/local/etc/raddb/mods-enabled/logintime
including configuration file /usr/local/etc/raddb/mods-enabled/mschap
including configuration file /usr/local/etc/raddb/mods-enabled/ntlm_auth
including configuration file /usr/local/etc/raddb/mods-enabled/pap
including configuration file /usr/local/etc/raddb/mods-enabled/passwd
including configuration file /usr/local/etc/raddb/mods-enabled/radutmp
including configuration file /usr/local/etc/raddb/mods-enabled/soh
including configuration file /usr/local/etc/raddb/mods-enabled/sradutmp
including configuration file /usr/local/etc/raddb/mods-enabled/stats
including configuration file /usr/local/etc/raddb/mods-enabled/unix
including configuration file /usr/local/etc/raddb/mods-enabled/unpack
including configuration file /usr/local/etc/raddb/mods-enabled/utf8
Including files in directory "/usr/local/etc/raddb/policy.d/"
including configuration file /usr/local/etc/raddb/policy.d/abfab-tr
including configuration file /usr/local/etc/raddb/policy.d/accounting
including configuration file /usr/local/etc/raddb/policy.d/canonicalisation
including configuration file /usr/local/etc/raddb/policy.d/control
including configuration file /usr/local/etc/raddb/policy.d/cui
including configuration file /usr/local/etc/raddb/policy.d/debug
including configuration file /usr/local/etc/raddb/policy.d/dhcp
including configuration file /usr/local/etc/raddb/policy.d/eap
including configuration file /usr/local/etc/raddb/policy.d/filter
including configuration file /usr/local/etc/raddb/policy.d/operator-name
including configuration file /usr/local/etc/raddb/policy.d/tacacs
including configuration file /usr/local/etc/raddb/policy.d/time
including configuration file /usr/local/etc/raddb/policy.d/vendor
Including files in directory "/usr/local/etc/raddb/sites-enabled/"
including configuration file /usr/local/etc/raddb/sites-enabled/default
Loaded module process_radius
including configuration file /usr/local/etc/raddb/sites-enabled/inner-tunnel
Parsing security rules to bootstrap UID / GID / chroot / etc.
main {
  prefix = \/usr\/local
  security {
    allow_core_dumps = no
    allow_vulnerable_openssl = no
    openssl_fips_mode = no
  }
  name = radiusd
  local_state_dir = "/usr/local/var"
  run_dir = \/usr\/local\/var\/run\/radiusd
}
Parsing main configuration
main {
  server default {
    namespace = radius
    radius {
      Access-Request {
        log {
          stripped_names = no
          auth = no
          auth_badpass = no
          auth_goodpass = no
          msg_denied = "You are already logged in - access denied"
        }
        session {
          timeout = 15
          max = 4096
        }
      }
    }
Loaded module proto_radius
    listen {
      type = Access-Request
      type = Status-Server
      transport = udp
Loaded module proto_radius_udp
      udp {
        ipv4addr = 10.0.100.11
        port = 1812
        networks {
          allow = 127/8
          allow = 46.192.0.0/15
        }
        max_packet_size = 4096
        max_attributes = 255
      }
      limit {
        cleanup_delay = 5.0
        idle_timeout = 60.0
        nak_lifetime = 30.0
        max_connections = 256
        max_clients = 256
        max_pending_packets = 256
      }
      priority {
        Access-Request = high
        Accounting-Request = low
        CoA-Request = normal
        Disconnect-Request = low
        Status-Server = now
      }
    }
    listen tcp_auth {
      type = Access-Request
      type = Status-Server
      transport = tcp
Loaded module proto_radius_tcp
      tcp {
        ipaddr = *
        port = 1812
        networks {
          allow = 127/8
          allow = 192.0.2/24
        }
        max_packet_size = 4096
        max_attributes = 255
      }
      limit {
        cleanup_delay = 5.0
        idle_timeout = 30.0
        nak_lifetime = 30.0
        max_connections = 1024
        max_clients = 256
        max_pending_packets = 256
      }
      priority {
        Access-Request = high
        Accounting-Request = low
        CoA-Request = normal
        Disconnect-Request = low
        Status-Server = now
      }
    }
    listen udp_acct {
      type = Accounting-Request
      transport = udp
      udp {
        ipaddr = *
        port = 1813
        networks {
        }
        max_packet_size = 4096
        max_attributes = 255
      }
      limit {
        cleanup_delay = 5.0
        idle_timeout = 30.0
        nak_lifetime = 30.0
        max_connections = 1024
        max_clients = 256
        max_pending_packets = 256
      }
      priority {
        Access-Request = high
        Accounting-Request = low
        CoA-Request = normal
        Disconnect-Request = low
        Status-Server = now
      }
    }
  }
  server inner-tunnel {
    namespace = radius
    radius {
      Access-Request {
        log {
          stripped_names = no
          auth = no
          auth_badpass = no
          auth_goodpass = no
          msg_denied = "You are already logged in - access denied"
        }
        session {
          timeout = 15
          max = 4096
        }
      }
    }
    listen {
      type = Access-Request
      transport = udp
      udp {
        ipaddr = 127.0.0.1
        port = 18120
        networks {
        }
        max_packet_size = 4096
        max_attributes = 255
      }
      limit {
        cleanup_delay = 5.0
        idle_timeout = 30.0
        nak_lifetime = 30.0
        max_connections = 1024
        max_clients = 256
        max_pending_packets = 256
      }
      priority {
        Access-Request = high
        Accounting-Request = low
        CoA-Request = normal
        Disconnect-Request = low
        Status-Server = now
      }
    }
  }
  security {
  }
  sbin_dir = "/usr/local/sbin"
  logdir = \/usr\/local\/var\/log\/radius
  radacctdir = \/usr\/local\/var\/log\/radius\/radacct
  reverse_lookups = no
  hostname_lookups = yes
  max_request_time = 30
  pidfile = \/usr\/local\/var\/run\/radiusd\/radiusd.pid
  debug_level = 0
  max_requests = 16384
  log {
    colourise = yes
  }
  resources {
  }
  thread pool {
    num_networks = 1
    num_workers = 0
Setting thread.workers = 2
    openssl_async_pool_init = 64
    openssl_async_pool_max = 1024
  }
  migrate {
  }
  interpret {
  }
}
Switching to configured log settings
radiusd: #### Loading Clients ####
  client localhost {
    ipaddr = 127.0.0.1
    secret = <<< secret >>>
    require_message_authenticator = no
    proto = *
    limit {
      max_connections = 16
      lifetime = 0
      idle_timeout = 30
    }
  }
  client localhost_ipv6 {
    ipv6addr = ::1
    secret = <<< secret >>>
    limit {
      max_connections = 16
      lifetime = 0
      idle_timeout = 30s
    }
  }
Debugger not attached
trigger { ... } subsection not found, triggers will be disabled
#### Instantiating libraries ####
#### Bootstrapping process modules ####
Bootstrapping process_radius "default"
Creating Auth-Type = pap
Creating Auth-Type = chap
Creating Auth-Type = mschap
Creating Auth-Type = digest
Creating Auth-Type = ldap
Creating Auth-Type = eap
Bootstrapping process_radius "inner-tunnel"
#### Bootstrapping protocol modules ####
Bootstrapping proto_radius "default.radius"
    client localhost {
      ipaddr = 192.0.2.1
      secret = <<< secret >>>
      shortname = sample
      limit {
        max_connections = 16
        lifetime = 0
        idle_timeout = 30s
      }
    }
Bootstrapping proto_radius "default.tcp_auth"
Bootstrapping proto_radius "default.udp_acct"
Bootstrapping proto_radius "inner-tunnel.radius"
#### Instantiating libraries ####
#### Bootstrapping modules ####
 modules {
Loaded module rlm_always
    always reject {
      rcode = reject
      simulcount = 0
      mpp = no
    }
    always fail {
      rcode = fail
      simulcount = 0
      mpp = no
    }
    always ok {
      rcode = ok
      simulcount = 0
      mpp = no
    }
    always handled {
      rcode = handled
      simulcount = 0
      mpp = no
    }
    always invalid {
      rcode = invalid
      simulcount = 0
      mpp = no
    }
    always disallow {
      rcode = disallow
      simulcount = 0
      mpp = no
    }
    always notfound {
      rcode = notfound
      simulcount = 0
      mpp = no
    }
    always noop {
      rcode = noop
      simulcount = 0
      mpp = no
    }
    always updated {
      rcode = updated
      simulcount = 0
      mpp = no
    }
Loaded module rlm_attr_filter
    attr_filter attr_filter.pre-proxy {
      filename =
\/usr\/local\/etc\/raddb\/mods-config\/attr_filter\/pre-proxy
      key = "%{Realm}"
      relaxed = no
    }
    attr_filter attr_filter.post-proxy {
      filename =
\/usr\/local\/etc\/raddb\/mods-config\/attr_filter\/post-proxy
      key = "%{Realm}"
      relaxed = no
    }
    attr_filter attr_filter.access_reject {
      filename =
\/usr\/local\/etc\/raddb\/mods-config\/attr_filter\/access_reject
      key = "%{User-Name}"
      relaxed = no
    }
    attr_filter attr_filter.access_challenge {
      filename =
\/usr\/local\/etc\/raddb\/mods-config\/attr_filter\/access_challenge
      key = "%{User-Name}"
      relaxed = no
    }
    attr_filter attr_filter.accounting_response {
      filename =
\/usr\/local\/etc\/raddb\/mods-config\/attr_filter\/accounting_response
      key = "%{User-Name}"
      relaxed = no
    }
Loaded module rlm_cache
    cache cache_eap {
      driver = rbtree
Loaded module rlm_cache_rbtree
      key = %{%{control.State}:-%{%{reply.State}:-%{State}}}
      ttl = 15
      max_entries = 0
      epoch = 0
      add_stats = no
    }
Loaded module rlm_chap
Loaded module rlm_client
Loaded module rlm_delay
    delay {
      delay = 1.0s
      relative = no
      force_reschedule = no
    }
    delay delay_reject {
      delay = "%{%{reply.FreeRADIUS-Response-Delay}:-1}"
      relative = yes
      force_reschedule = no
    }
Loaded module rlm_detail
    detail {
      filename =
\/usr\/local\/var\/log\/radius\/radacct\/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}\/detail-%Y-%m-%d
      header = %t
      permissions = 0600
      locking = no
      escape_filenames = no
      log_packet_header = no
    }
    detail auth_log {
      filename =
\/usr\/local\/var\/log\/radius\/radacct\/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}\/auth-detail-%Y-%m-%d
      header = %t
      permissions = 0600
      locking = no
      escape_filenames = no
      log_packet_header = no
    }
    detail reply_log {
      filename =
\/usr\/local\/var\/log\/radius\/radacct\/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}\/reply-detail-%Y-%m-%d
      header = %t
      permissions = 0600
      locking = no
      escape_filenames = no
      log_packet_header = no
    }
    detail pre_proxy_log {
      filename =
\/usr\/local\/var\/log\/radius\/radacct\/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}\/pre-proxy-detail-%Y-%m-%d
      header = %t
      permissions = 0600
      locking = no
      escape_filenames = no
      log_packet_header = no
    }
    detail post_proxy_log {
      filename =
\/usr\/local\/var\/log\/radius\/radacct\/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}\/post-proxy-detail-%Y-%m-%d
      header = %t
      permissions = 0600
      locking = no
      escape_filenames = no
      log_packet_header = no
    }
Loaded module rlm_digest
Loaded module rlm_eap
    eap {
      require_identity_realm = nai
      type = md5
Loaded module rlm_eap_md5
      type = gtc
Loaded module rlm_eap_gtc
      gtc {
        challenge = "Password: "
        auth_type = PAP
      }
      type = tls
Loaded module rlm_eap_tls
      tls {
        tls = tls-common
        require_client_cert = yes
        include_length = yes
      }
      type = ttls
Loaded module rlm_eap_ttls
      ttls {
        tls = tls-common
        virtual_server = "inner-tunnel"
        include_length = yes
        require_client_cert = no
      }
      type = mschapv2
Loaded module rlm_eap_mschapv2
      mschapv2 {
        with_ntdomain_hack = no
        auth_type = mschap
        send_error = no
      }
      type = peap
Loaded module rlm_eap_peap
      peap {
        tls = tls-common
        virtual_server = "inner-tunnel"
        soh = no
        require_client_cert = no
      }
      ignore_unknown_eap_types = no
    }
    eap inner-eap {
      require_identity_realm = nai
      default_eap_type = mschapv2
      type = md5
      type = gtc
      gtc {
        challenge = "Password: "
        auth_type = PAP
      }
      type = mschapv2
      mschapv2 {
        with_ntdomain_hack = no
        auth_type = mschap
        send_error = no
      }
      type = tls
      tls {
        tls = tls-peer
        require_client_cert = yes
        include_length = yes
      }
      ignore_unknown_eap_types = no
    }
Loaded module rlm_exec
    exec echo {
      wait = yes
      program = "/bin/echo Tmp-String-\0 := %{User-Name}"
      input_pairs = &request
      output_pairs = &reply
      shell_escape = yes
      env_inherit = no
    }
Loaded module rlm_escape
    escape {
      safe_characters =
"@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ\0123456789.-_:
/äéöüàâæçèéêëîïôœùûüaÿÄÉÖÜßÀÂÆÇÈÉÊËÎÏÔŒÙÛÜŸ"
    }
    exec {
      wait = yes
      input_pairs = &request
      shell_escape = yes
      env_inherit = no
      timeout = 10
    }
Loaded module rlm_files
    files {
      filename = \/usr\/local\/etc\/raddb\/mods-config\/files\/authorize
      acctusersfile =
\/usr\/local\/etc\/raddb\/mods-config\/files\/accounting
      key = %{%{Stripped-User-Name}:-%{User-Name}}
    }
Loaded module rlm_linelog
    linelog {
      destination = file
      delimiter = "\n"
      format = "This is a log message for %{User-Name}"
      reference = "messages.%{%{reply.Packet-Type}:-default}"
      file {
        filename = \/usr\/local\/var\/log\/radius\/linelog
        permissions = 0600
        escape_filenames = no
      }
      syslog {
        severity = "info"
      }
      unix {
      }
      tcp {
        server = localhost
        port = 514
        timeout = 2.0
      }
      udp {
        server = localhost
        port = 514
        timeout = 2.0
      }
    }
    linelog log_accounting {
      destination = file
      delimiter = "\n"
      format = ""
      reference = "Accounting-Request.%{%{Acct-Status-Type}:-unknown}"
      file {
        filename = \/usr\/local\/var\/log\/radius\/linelog-accounting
        permissions = 0600
        escape_filenames = no
      }
      syslog {
        severity = "info"
      }
      unix {
      }
      tcp {
        timeout = 1000
      }
      udp {
        timeout = 1000
      }
    }
Loaded module rlm_logintime
    logintime {
      minimum_timeout = 60
    }
Loaded module rlm_mschap
    mschap {
      normalise = yes
      use_mppe = yes
      require_encryption = no
      require_strong = no
      with_ntdomain_hack = yes
      passchange {
      }
      allow_retry = yes
      winbind {
      }
    }
    exec ntlm_auth {
      wait = yes
      program = "/path/to/ntlm_auth --request-nt-key --domain=MYDOMAIN
--username=%(mschap:User-Name) --password=%{User-Password}"
      shell_escape = yes
      env_inherit = no
    }
Loaded module rlm_pap
    pap {
      normalise = yes
    }
Loaded module rlm_passwd
    passwd etc_passwd {
      filename = \/etc\/passwd
      format = "*User-Name:Crypt-Password:"
      delimiter = ":"
      ignore_nislike = no
      ignore_empty = yes
      allow_multiple_keys = no
      hash_size = 100
    }
Loaded module rlm_radutmp
    radutmp {
      filename = \/usr\/local\/var\/log\/radius\/radutmp
      username = %{User-Name}
      check_with_nas = yes
      permissions = 0600
      caller_id = no
    }
Loaded module rlm_soh
    soh {
      dhcp = yes
    }
    radutmp sradutmp {
      filename = \/usr\/local\/var\/log\/radius\/sradutmp
      username = "%{User-Name}"
      check_with_nas = yes
      permissions = 0644
      caller_id = no
    }
Loaded module rlm_stats
    stats {
    }
Loaded module rlm_unix
    unix {
    }
Loaded module rlm_unpack
Loaded module rlm_utf8
#### Bootstrapping rlm modules ####
Bootstrapping rlm_cache "cache_eap"
Bootstrapping rlm_delay "delay"
Bootstrapping rlm_delay "delay_reject"
Bootstrapping rlm_always "disallow"
Bootstrapping rlm_eap "eap"
Bootstrapping rlm_exec "echo"
Bootstrapping rlm_escape "escape"
Bootstrapping rlm_exec "exec"
Bootstrapping rlm_always "fail"
Bootstrapping rlm_always "handled"
Bootstrapping rlm_eap "inner-eap"
Bootstrapping rlm_always "invalid"
Bootstrapping rlm_linelog "linelog"
Bootstrapping rlm_linelog "log_accounting"
Bootstrapping rlm_mschap "mschap"
Bootstrapping rlm_always "noop"
Bootstrapping rlm_always "notfound"
Bootstrapping rlm_exec "ntlm_auth"
Bootstrapping rlm_always "ok"
Bootstrapping rlm_always "reject"
Bootstrapping rlm_soh "soh"
Bootstrapping rlm_unix "unix"
Creating attribute Unix-Group
Bootstrapping rlm_unpack "unpack"
Bootstrapping rlm_always "updated"
 } # modules
#### Instantiating listeners ####
Compiling policies in server default { ... }
Instantiating proto_radius "default.radius"
Instantiating proto_radius "default.tcp_auth"
Instantiating proto_radius "default.udp_acct"
Instantiating process_radius "default"
Compiling policies in - recv Access-Request {...}
/usr/local/etc/raddb/sites-enabled/default[793]: Ignoring "-sql" as the
"sql" module is not enabled.
/usr/local/etc/raddb/sites-enabled/default[809]: Ignoring "-ldap" as the
"ldap" module is not enabled.
Compiling policies in - send Access-Accept {...}
/usr/local/etc/raddb/sites-enabled/default[1115]: Ignoring "-sql" as the
"sql" module is not enabled.
Compiling policies in - send Access-Challenge {...}
Compiling policies in - send Access-Reject {...}
/usr/local/etc/raddb/sites-enabled/default[1228]: Ignoring "-sql" as the
"sql" module is not enabled.
Compiling policies in - recv Accounting-Request {...}
Compiling policies in - send Accounting-Response {...}
/usr/local/etc/raddb/sites-enabled/default[1443]: Ignoring "-sql" as the
"sql" module is not enabled.
Compiling policies in - recv Status-Server {...}
Compiling policies in - authenticate pap {...}
Compiling policies in - authenticate chap {...}
Compiling policies in - authenticate mschap {...}
Compiling policies in - authenticate digest {...}
Compiling policies in - authenticate ldap {...}
/usr/local/etc/raddb/sites-enabled/default[978]: Ignoring "-ldap" as the
"ldap" module is not enabled.
Compiling policies in - authenticate eap {...}
Compiling policies in - accounting Start {...}
Compiling policies in - accounting Stop {...}
Compiling policies in - accounting Alive {...}
Compiling policies in - accounting Accounting-On {...}
Compiling policies in - accounting Accounting-Off {...}
Compiling policies in - accounting Failed {...}
/usr/local/etc/raddb/sites-enabled/default[80]: radius  { ... } section is
unused
Compiling policies in server inner-tunnel { ... }
Instantiating proto_radius "inner-tunnel.radius"
Instantiating process_radius "inner-tunnel"
Compiling policies in - recv Access-Request {...}
/usr/local/etc/raddb/sites-enabled/inner-tunnel[124]: Ignoring "-sql" as
the "sql" module is not enabled.
/usr/local/etc/raddb/sites-enabled/inner-tunnel[134]: Ignoring "-ldap" as
the "ldap" module is not enabled.
Compiling policies in - send Access-Accept {...}
/usr/local/etc/raddb/sites-enabled/inner-tunnel[267]: Ignoring "-sql" as
the "sql" module is not enabled.
Compiling policies in - send Access-Reject {...}
/usr/local/etc/raddb/sites-enabled/inner-tunnel[302]: Ignoring "-sql" as
the "sql" module is not enabled.
Compiling policies in - authenticate pap {...}
Compiling policies in - authenticate chap {...}
Compiling policies in - authenticate mschap {...}
Compiling policies in - authenticate eap {...}
src/lib/server/virtual_servers.c[311]: radius  { ... } section is unused
#### Instantiating rlm modules ####
Instantiating rlm_attr_filter "attr_filter.access_challenge"
Reading file /usr/local/etc/raddb/mods-config/attr_filter/access_challenge
Instantiating rlm_attr_filter "attr_filter.access_reject"
Reading file /usr/local/etc/raddb/mods-config/attr_filter/access_reject
Instantiating rlm_attr_filter "attr_filter.accounting_response"
Reading file
/usr/local/etc/raddb/mods-config/attr_filter/accounting_response
Instantiating rlm_attr_filter "attr_filter.post-proxy"
Reading file /usr/local/etc/raddb/mods-config/attr_filter/post-proxy
Instantiating rlm_attr_filter "attr_filter.pre-proxy"
Reading file /usr/local/etc/raddb/mods-config/attr_filter/pre-proxy
Instantiating rlm_detail "auth_log"
auth_log - 'User-Password' suppressed, will not appear in detail output
Instantiating rlm_cache "cache_eap"
Instantiating rlm_chap "chap"
Instantiating rlm_detail "detail"
Instantiating rlm_digest "digest"
Instantiating rlm_always "disallow"
Instantiating rlm_eap "eap"
Instantiating rlm_exec "echo"
Instantiating rlm_passwd "etc_passwd"
Instantiating rlm_exec "exec"
Instantiating rlm_always "fail"
Instantiating rlm_files "files"
Reading file /usr/local/etc/raddb/mods-config/files/authorize
Reading file /usr/local/etc/raddb/mods-config/files/accounting
Instantiating rlm_always "handled"
Instantiating rlm_eap "inner-eap"
inner-eap - Failed to find 'authenticate inner-eap {...}' section.  EAP
authentication will likely not work
Instantiating rlm_always "invalid"
Instantiating rlm_linelog "linelog"
Instantiating rlm_linelog "log_accounting"
Instantiating rlm_logintime "logintime"
Instantiating rlm_mschap "mschap"
mschap - Using internal authentication
Instantiating rlm_always "noop"
Instantiating rlm_always "notfound"
Instantiating rlm_exec "ntlm_auth"
Instantiating rlm_always "ok"
Instantiating rlm_pap "pap"
Instantiating rlm_detail "post_proxy_log"
Instantiating rlm_detail "pre_proxy_log"
Instantiating rlm_always "reject"
Instantiating rlm_detail "reply_log"
Instantiating rlm_stats "stats"
Instantiating rlm_always "updated"
Instantiating _cache_rbtree "cache_eap.rbtree"
Instantiating _eap_mschapv2 "eap.mschapv2"
Instantiating _eap_peap "eap.peap"
      tls-config tls-common {
        chain rsa {
          format = pem
          certificate_file =
\/usr\/local\/etc\/raddb\/certs\/rsa\/server.pem
          private_key_password = <<< secret >>>
          private_key_file =
\/usr\/local\/etc\/raddb\/certs\/rsa\/server.key
          ca_file = \/usr\/local\/etc\/raddb\/certs\/rsa\/ca.pem
          verify_mode = hard
          include_root_ca = no
        }
        verify_depth = 0
        ca_path = \/usr\/local\/etc\/raddb\/certs
        ca_file = \/usr\/local\/etc\/raddb\/certs\/rsa\/ca.pem
        dh_file = \/usr\/local\/etc\/raddb\/certs\/dh
        fragment_size = 1024
        cipher_list = "DEFAULT"
        cipher_server_preference = yes
        allow_renegotiation = no
        ecdh_curve = prime256v1
        tls_min_version = 1.2
        session {
          mode = auto
          name = "%{EAP-Type}%{Virtual-Server}"
          lifetime = 1d
          require_extended_master_secret = yes
          require_perfect_forward_secrecy = no
        }
        verify {
          mode = all
          attribute_mode = client-and-issuer
          check_crl = no
        }
      }
tls - A virtual_server must be provided for stateful caching. cache.mode =
"auto" rewritten to cache.mode = "stateless"
Instantiating _eap_tls "eap.tls"
tls - Using cached TLS configuration from previous invocation
Instantiating _eap_ttls "eap.ttls"
tls - Using cached TLS configuration from previous invocation
Instantiating _eap_mschapv2 "inner-eap.mschapv2"
Instantiating _eap_tls "inner-eap.tls"
      tls-config tls-peer {
        chain {
          format = pem
          certificate_file =
\/usr\/local\/etc\/raddb\/certs\/rsa\/server.pem
          private_key_password = <<< secret >>>
          private_key_file =
\/usr\/local\/etc\/raddb\/certs\/rsa\/server.key
          ca_file = \/usr\/local\/etc\/raddb\/certs\/rsa\/ca.pem
          verify_mode = hard
          include_root_ca = no
        }
        verify_depth = 0
        ca_path = \/usr\/local\/etc\/raddb\/certs
        ca_file = \/usr\/local\/etc\/raddb\/certs\/rsa\/ca.pem
        dh_file = \/usr\/local\/etc\/raddb\/certs\/dh
        fragment_size = 16384
        cipher_server_preference = yes
        allow_renegotiation = no
        ecdh_curve = "prime256v1"
        tls_min_version = 1.2
        session {
          mode = auto
          name = "%{EAP-Type}%{Virtual-Server}"
          lifetime = 1d
          require_extended_master_secret = yes
          require_perfect_forward_secrecy = no
        }
        verify {
          mode = all
          attribute_mode = client-and-issuer
          check_crl = no
        }
      }
tls - A virtual_server must be provided for stateful caching. cache.mode =
"auto" rewritten to cache.mode = "stateless"
Scheduler created in single-threaded mode
#### Opening listener interfaces ####
Network - Failed adding new socket to network event loop: Failed inserting
filters for FD 17: EFAULT: Bad address
/usr/local/etc/raddb/sites-enabled/default[209]: Opening radius I/O
interface failed

-- 
*Ce message et toutes les pièces jointes (ci-après le "message") sont 
établis à l’intention exclusive des destinataires désignés. Il contient des 
informations confidentielles et pouvant être protégé par le secret 
professionnel. Si vous recevez ce message par erreur, merci d'en avertir 
immédiatement l'expéditeur et de détruire le message. Toute utilisation de 
ce message non conforme à sa destination, toute diffusion ou toute 
publication, totale ou partielle, est interdite, sauf autorisation expresse 
de l'émetteur*


More information about the Freeradius-Users mailing list