Hi Federico!
Check default radiusd.conf and search for realm and suffix. It
looks like you're not calling rlm_realm in authorize.
th.
On 7/11/07, Federico Giannici [EMAIL PROTECTED] wrote:
We have a working FreeRADIUS 1.1.4 running since a lot of months.
Now we have to proxy the requests
Hi Alan!
On 7/5/07, Alan DeKok [EMAIL PROTECTED] wrote:
George Beitis wrote:
... I will use a policy engine to do that
and i want to overwrite the final decision if the user is not authorized
based on my policy.
Is postauth the right place to do this?
Yes.
But you can't turn a
On 7/6/07, George Beitis [EMAIL PROTECTED] wrote:
you actually made a very good point :) I didn't realize there was an
authorize part in the work flow of freeradius. That would be before
postauth, are there any other steps after authorize and before post auth?
For (non-proxied)
On 7/6/07, George Beitis [EMAIL PROTECTED] wrote:
for proxied ones would the last 2 remain the same?
No.
authorize
pre-proxy
post-proxy
post-auth
th.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi Alan!
On 7/6/07, Alan DeKok [EMAIL PROTECTED] wrote:
Isn't authorize better place for that? Even name suggests
authorization should be done there... ;)
No. authorize is run before authentication for historical reasons.
Yes I do understand authorize is run before authenticate and I
On 6/22/07, Stefan Winter [EMAIL PROTECTED] wrote:
attempting to kill a running radsql with ^C doesn't do anything, and kill'ing
it with TERM doesn't impress it either on my system. I had to send KILL to
get rid of it. Is this intentional?
I remember hitting similar problem, when experimenting
On 6/20/07, Andrew Long [EMAIL PROTECTED] wrote:
[EMAIL PROTECTED] SPECS]# rpmbuild -bb freeradius.spec
error: Failed build dependencies:
libtool-ltdl-devel is needed by freeradius-1.1.6-0.i386
On Cent 4.4 there is no libtool-ltdl or devel package.
Edit .spec file and remove
On 6/12/07, lisa laam [EMAIL PROTECTED] wrote:
*** Warning: Linking the shared library rlm_perl.la against the
*** static library
/usr/lib/perl/5.8/auto/DynaLoader/DynaLoader.a is not
portable!
gcc -shared .libs/rlm_perl.o -Wl,--rpath
-Wl,/home/ouahiba/download/freeradius-
Hi!
I have a question regarding proxy failover in FreeRadius 1.x. Proxy
code chooses first active home server for realm and send packet to
that one. If no reply is received after configured number of retries,
request is rejected, other servers are *not* tried. Does version 2.0
have the same
HI Alan!
On 5/27/07, Alan Dekok [EMAIL PROTECTED] wrote:
That's not what the documentation says. It says that a request will
be rejected once it has timed out. If the home server is marked dead
while the request is still alive, AND the NAS retransmits, then the
request will be sent to
On 5/22/07, Ashraf Al-Basti [EMAIL PROTECTED] wrote:
Dear All,
this is what i have,
rlm_sql (sql): Could not link driver rlm_sql_oracle: rlm_sql_oracle.so:
cannot open shared object file: No such file or directory
rlm_sql (sql): Make sure it (and all its dependent libraries!) are in the
On 4/19/07, John Butala [EMAIL PROTECTED] wrote:
We would like to use FreeRADIUS (acting as a proxy server) to set the
Primary-DNS-Server and Secondary-DNS-server attributes in the auth
response to the RADIUS client only if these attributes are not provied
by the end RADIUS server (which we
On 3/18/07, Markus Krause [EMAIL PROTECTED] wrote:
i am writing a perl script to authorize and authenticate users.
authorization works (so the script itself works and seems to be used
by freeradius as expected) but as i do not know how to define the
Auth-Type with the perl script i get the
On 3/15/07, Paul Goodman [EMAIL PROTECTED] wrote:
I am trying to compile the pam_radius-1.3.16 modules on a Solaris 10 system,
but when I run make, I get the following error:
gcc -Wall -fPIC -c pam_radius_auth.c -o pam_radius_auth.o
In file included from pam_radius_auth.h:23,
On 3/15/07, Chris Moody [EMAIL PROTECTED] wrote:
Greetings all,
I am trying to create an RPM of Freeradius 1.1.5 for a Fedora Core 6
install, and following the instructions in the Wiki, the build process
dies with this at the end:
c/include -Ilibeap -c rlm_eap.c -fPIC -DPIC -o
On Mon, Feb 19, 2007 at 02:01:53PM -0500, Kevin Bonner wrote:
On Monday 19 February 2007 13:13, Andrew Long wrote:
freeradius 1.4 on CentOS 4.4
How can I verify the number of threads? I only see one process with
ps aux | grep radiusd
I could have sworn I used to see each thread with
Hi all!
I've come across an issue with verification of {SSHA} encrypted passwords
in FreeRadius 1.1.4. Verification fails for correct passwords. I've
managed to track problem through normify() to base64_decode() function in
rlm_pap.c. This seems to be a culprit:
if (src[length] != '=')
On Sun, Feb 04, 2007 at 01:20:17PM +0100, Federico Giannici wrote:
Unfortunately it works with PAP only!
With CHAP it gives me rlm_chap: Clear text password not available...
Any suggestion?
You may try to stick with User-Password for now, it's still recognized by
rlm_pap. CVS version of
Hi all!
Default attrs file used by rlm_attr_filter contains following DEFAULT
section:
DEFAULT
Service-Type == Framed-User,
Service-Type == Login-User,
Login-Service == Telnet,
Login-Service == Rlogin,
Login-Service == TCP-Clear,
[ ... ]
Framed-Protocol == PPP,
On Wed, Jan 10, 2007 at 05:49:59PM +0100, [EMAIL PROTECTED] wrote:
i'm using freeradius 1.0.1 from Red Hat entreprise 4.
You SHOULD upgrade:
http://freeradius.org/security.html
does not Red Hat supply any security patch with the OS support ?
Yes, they do. Release 1.0.1-3.RHEL4.3
Hi Alan!
Thanks for reply.
On Wed, Jan 10, 2007 at 09:32:37AM -0500, Alan DeKok wrote:
Could you check the code in the CVS head? It was updated
significantly, to clarify some of these issues. I think it may work a
little better.
I have not tried latest CVS code yet, but I have read it.
On Thu, Jan 01, 1970 at 12:00:00AM +, Alan DeKok wrote:
Version 1.1.4 has been released, with a few notable improvements.
Is there good reason for not updating rlm_perl? Version in 1.1.4 is
1.13.4.7 2006/04/27 (same as in 1.1.3 and 1.1.2), even though CVS
contains version 1.45 2006/12/04
22 matches
Mail list logo