FreeRad crashing (RHEL 9.4, jut patched
Gary Studwell
studwell at ucar.edu
Fri Aug 16 12:48:15 UTC 2024
Hi Jim,
Yes, and thanks for reporting this. I saw this on AlmaLinux 9.4
with freeradius-ldap-3.0.21-40.el9_4.x86_64. I haven't gotten as far as you
with the debugging yet, had to downgrade. The instances that were not
crashing are not serving as a proxies. The instances that were crashing did
so after a minute to two minutes and do have "status_check = status-server"
in proxy.conf. I have two outlier instances that are proxying but not using
status_check (for reasons).
Thanks
Gary Studwell
UCAR/NCAR
On Fri, Aug 16, 2024 at 4:09 AM James Potter via Freeradius-Users <
freeradius-users at lists.freeradius.org> wrote:
> Hi team,
>
> Is anyone else experiencing FreeRad core dumping on RHEL 9.4 with the
> latest patch?
>
> Tum history info 59 gives:
> Packages Altered:
> Upgrade freeradius-3.0.21-40.el9_4.x86_64
> @rhel-9-for-x86_64-appstream-rpms
> Upgraded freeradius-3.0.21-39.el9_3.x86_64 @@System
> Upgrade freeradius-ldap-3.0.21-40.el9_4.x86_64
> @rhel-9-for-x86_64-appstream-rpms
> Upgraded freeradius-ldap-3.0.21-39.el9_3.x86_64 @@System
>
> This appears to be related to status_check = status-server set in proxies
> (commenting it out seems to cause less/no crashes).
> With these lines commented out it runs fine, with these present service
> dies after ~5+ mins of running (running radiusd -X waiting for it to die
> again, its taking its time...)
>
> Change from v39 -> v40 appears to be related to BlastRADIUS vulnerability.
> Is there any issue with the fix for Blast + status_server checks?
>
> Thanks,
>
> Jim Potter
> Jisc
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
More information about the Freeradius-Users
mailing list