Handling of loss of mySQL connection

Wed, 21 Nov 2001 16:33:28 -0800 

Hi,
I'm testing V0.3 freeradius with BSDi4.2 and MySQL 3.23.36. I have 
authentication done by SQL, with one 'test' user also listed in the users 
file to handle situations where SQL is not running (e.g. an emergency 
backdoor!)

This works fine if radiusd is started and SQL is not running ... I get an 
error:

rlm_sql: Attempting to connect to sqluser@localhost:/radius
rlm_sql: Couldn't connect socket to MySQL server sqluser@localhost:radius
rlm_sql:  Mysql error 'Can't connect to local MySQL server through socket 
'/tmp/mysql.sock' (61)'
rlm_sql:  Failed to connect DB handle #0
as expected, and if the 'test' user attempts login, the login gets handled 
by the 'users' file entry.

However, if radiusd starts while SQL is running, and then SQL is killed, the 
'test' user  gets an 'Access-Reject' due to SQL being unavailable, rather 
than the request being handled by the 'users' file

rad_recv: Access-Request packet from host w.x.y.z:2150, id=147, length=44
        User-Name = "test"
        Password = "\327@\036d\214\000g\316O\244\t\030\202\n\016\245"
modcall: entering group authorize
  modcall[authorize]: module "preprocess" returns ok
  modcall[authorize]: module "suffix" returns ok
rlm_sql: Reserving sql socket id: 4
radius_xlat:  'test'
sql_escape in:  'test'
sql_escape out:  'test'
sql_set_user:  escaped user --> 'test'
radius_xlat:  'SELECT id,UserName,Attribute,Value FROM radcheck WHERE 
Username = 'test' ORDER BY id'
MYSQL Error: Cannot get result
MYSQL Error: MySQL server has gone away
rlm_sql_getvpdata: database query error
rlm_sql:  SQL query error; rejecting user
rlm_sql: Released sql socket id: 4
  modcall[authorize]: module "sql" returns invalid
modcall: group authorize returns invalid
Sending Access-Reject of id 147 to w.x.y.z:2150

Is this a bug, or have I mis-configured something? My radiusd.conf looks 
like this:
<snip>
authorize {
        preprocess
        suffix
        sql
######### if SQL not running, then fallback on users file #####
        files
}
</snip>

Thanks in advance
Mark


_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to