On Sun, Aug 19, 2001 at 12:04:54PM +0600, Nimal Ratnayake wrote:
>
> Hi,
>
> I am using Freeradius 0.2 on FreeBSD 4.3 (i386).
>
> I have some users defined in another file called users.slip. My users
> file looks like:
>
> $INCLUDE users.slip
> DEFAULT Auth-Type := System
> Fall-Through = Yes
> ..... (rest same as in the original file that came with the
> distribution)
>
> radiusd replies with Access-Accept for users defined in the file
> users.slip but sends Access-Reject for users defined in the system
> password file.
>
> However, when I run radiusd in the debug mode (with flags -x -y), it
> replies with Access-Accept for users defined in users.slip plus those in
> the system password file having valid shell. But it replies with
> Access-Reject for users that do not have a valid shell (I use
> /nonexistent as the shell for POP only users)
I guess you're running radiusd with non-root privs (check your radiusd
config file). When starting radiusd in debug mode, it does not drop
root privileges (if you're debugging it from root, which is, um, not good)
The non-registered shell thing is OK, it is the way users are accepted for
other services too (ftpd for example). Just create an 'exit 0' script and
add it to /etc/shells. (but don't create /nonexistent)
>
> I have tested this using radtest on the localhost as well as from a
> Cisco box.
>
> Has anyone else had a similar problem? Any help on this will be
> apprecaietd.
>
> Nimal R.
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--
Players win and winners play
Have a lucky day
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
