Hello All,
I took Andrew's advice on the 'cache = yes' parameter, but no joy. I
have included the radiusd -X debug output for your perusal.
Cheers,
Tom
Begin Debug Output
--------------------------------------------------
ahost# /usr/local/sbin/radiusd -X
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /usr/local/etc/raddb/proxy.conf
Config: including file: /usr/local/etc/raddb/clients.conf
Config: including file: /usr/local/etc/raddb/sql.conf
main: prefix = "/usr/local"
main: localstatedir = "/var"
main: logdir = "/var/log/radius"
main: libdir = "/usr/local/lib"
main: radacctdir = "/var/log/radius/radacct"
main: hostname_lookups = no
read_config_files: reading dictionary
read_config_files: reading clients
read_config_files: reading realms
read_config_files: reading naslist
main: max_request_time = 30
main: cleanup_delay = 5
main: max_requests = 1024
main: delete_blocked_requests = 0
main: port = 0
main: allow_core_dumps = no
main: log_stripped_names = no
main: log_auth = yes
main: log_auth_badpass = no
main: log_auth_goodpass = no
main: pidfile = "/var/log/radius/radiusd.pid"
main: user = "root"
main: group = "wheel"
main: usercollide = no
main: lower_user = "no"
main: lower_pass = "no"
main: nospace_user = "no"
main: nospace_pass = "no"
main: proxy_requests = yes
proxy: retry_delay = 5
proxy: retry_count = 3
proxy: synchronous = no
proxy: default_fallback = no
proxy: dead_time = 120
main: debug_level = 0
read_config_files: entering modules setup
Module: Library search path is /usr/local/lib
Module: Loaded System
unix: cache = yes
unix: passwd = "/etc/passwd"
unix: shadow = "/etc/master.passwd"
unix: group = "/etc/group"
unix: radwtmp = "/var/log/radius/radwtmp"
unix: usegroup = no
unix: cache_reload = 600
HASH: Reinitializing hash structures and lists for caching...
HASH: Stored 23 entries from /etc/passwd
HASH: Stored 30 entries from /etc/group
Module: Instantiated unix (unix)
Module: Loaded preprocess
preprocess: huntgroups = "/usr/local/etc/raddb/huntgroups"
preprocess: hints = "/usr/local/etc/raddb/hints"
preprocess: with_ascend_hack = no
preprocess: ascend_channels_per_line = 23
preprocess: with_ntdomain_hack = no
preprocess: with_specialix_jetstream_hack = no
preprocess: with_cisco_vsa_hack = no
Module: Instantiated preprocess (preprocess)
Module: Loaded realm
realm: format = "suffix"
realm: delimiter = "@"
Module: Instantiated realm (suffix)
Module: Loaded files
files: usersfile = "/usr/local/etc/raddb/users"
files: acctusersfile = "/usr/local/etc/raddb/acct_users"
files: compat = "no"
Module: Instantiated files (files)
Module: Loaded detail
detail: detailfile = "/var/log/radius/radacct/%{Client-IP-Address}/detail"
detail: detailperm = 384
detail: dirperm = 493
Module: Instantiated detail (detail)
Module: Loaded radutmp
radutmp: filename = "/var/log/radius/radutmp"
radutmp: username = "%{User-Name}"
radutmp: perm = 384
radutmp: callerid = yes
Module: Instantiated radutmp (radutmp)
Listening on IP address *, ports 1812/udp and 1813/udp, with proxy on 1814/udp.
Ready to process requests.
rad_recv: Access-Request packet from host *removed*, id=72, length=64
User-Name = "jdoe"
Password = "*removed*"
Service-Type = 0
NAS-IP-Address = *removed*
NAS-Port = 1
modcall: entering group authorize
modcall[authorize]: module "preprocess" returns ok
modcall[authorize]: module "suffix" returns ok
users: Matched DEFAULT at 145
modcall[authorize]: module "files" returns ok
modcall: group authorize returns ok
rad_check_password: Found Auth-Type System
auth: type "System"
modcall: entering group authenticate
HASH: user jdoe found in hashtable bucket 93595
modcall[authenticate]: module "unix" returns reject
modcall: group authenticate returns reject
auth: Failed to validate the user.
Login incorrect: [jdoe] (from nas UNKNOWN-NAS port 1)
Sending Access-Reject of id 72 to *removed*
Finished request 0
Going to the next request
Andrew Tait wrote:
>Change it to cache = yes.
>
>There is a bug in the non-caching code.
>
>Andrew Tait
>System Administrator
>Country NetLink Pty, Ltd
>E-Mail: [EMAIL PROTECTED]
>WWW: http://www.cnl.com.au
>30 Bank St Cobram, VIC 3644, Australia
>Ph: +61 (03) 58 711 000
>Fax: +61 (03) 58 711 874
>
>"It's the smell! If there is such a thing." Agent Smith - The Matrix
>
>----- Original Message -----
>From: "Thomas Keitel" <[EMAIL PROTECTED]>
>To: <[EMAIL PROTECTED]>
>Sent: Wednesday, March 13, 2002 12:23 PM
>Subject: Re: /etc/passwd / System auth not working
>
>
>>Hello Again,
>>
>>Everything in the config is stock except for:
>>
>> #
>> # Cache /etc/passwd, /etc/shadow, and /etc/group
>> #
>> # The default is to NOT cache them. However, caching
>>them can
>> # speed up system authentications by a substantial
>>
>amount.
>
>> #
>> # allowed values: {no, yes}
>> cache = no
>> # Reload the cache every 600 seconds (10mins). 0 to
>>
>disable.
>
>> cache_reload = 600
>>
>> #
>> # Define the locations of the normal passwd, shadow, and
>> # group files.
>> #
>> # 'shadow' is commented out by default, because not all
>> # systems have shadow passwords.
>> #
>> passwd = /etc/passwd
>> shadow = /etc/master.passwd
>> group = /etc/group
>>
>>
>> #
>> # Where the 'wtmp' file is located.
>> # This will be moved to it's own module soon..
>> #
>> radwtmp = ${logdir}/radwtmp
>> }
>>
>>Switched to running radius as root, but is there a way to use system
>>auth w/o this? Perhaps running as username radius?
>>
>>Thanks,
>>
>>Tom
>>
>>
>>
>>
>>Roy Hooper wrote:
>>
>>>Are you running the server as root?
>>>Are you running without passwd and shadow set in the unix configuration
>>>block?
>>>
>>>Why don't you post your config file, and then I'll peruse the code to see
>>>what might be getting in the way if it is not a config error.
>>>
>>>--
>>>Roy Hooper
>>>Project Manager & Senior UNIX Consultant
>>>Decisive Technologies Inc.
>>>
>>>
>>>----- Original Message -----
>>>From: "Thomas Keitel" <[EMAIL PROTECTED]>
>>>To: <[EMAIL PROTECTED]>
>>>Sent: Tuesday, March 12, 2002 6:14 PM
>>>Subject: /etc/passwd / System auth not working
>>>
>>>
>>>Hello All,
>>>
>>>New to the list. I have the faq and googled this to tears but, I have
>>>having a hard time getting freeradius .4 to correctly auth users against
>>>the FreeBSD 4.5 passwd file. The password is correct and I am at a loss.
>>>
>>>Thanks,
>>>
>>>Tom
>>>
>>>radius.log:
>>>
>>>Message: Auth: rlm_unix : [jdoe]: invalid password
>>>Message: Auth: Login incorrect: [jdoe/jdspw] (from nas UNKOWN-NAS port
>>>
>1)
>
>>>
>>>radiusd debug:
>>>
>>>modcall: entering group authorize
>>> modcall[authorize]: module "preprocess" returns ok
>>> modcall[authorize]: module "suffix" returns ok
>>> users: Matched DEFAULT at 145
>>> modcall[authorize]: module "files" returns ok
>>>modcall: group authorize returns ok
>>> rad_check_password: Found Auth-Type System
>>>auth: type "System"
>>>modcall: entering group authenticate
>>>rlm_unix: [jdoe]: invalid password
>>> modcall[authenticate]: module "unix" returns reject
>>>modcall: group authenticate returns reject
>>>auth: Failed to validate the user.
>>>
>>>
>>>
>>>
>>>
>>>-
>>>List info/subscribe/unsubscribe? See
>>>http://www.freeradius.org/list/users.html
>>>
>>>
>>>
>>>
>>>-
>>>List info/subscribe/unsubscribe? See
>>>
>http://www.freeradius.org/list/users.html
>
>>>
>>
>>
>>-
>>List info/subscribe/unsubscribe? See
>>
>http://www.freeradius.org/list/users.html
>
>
>
>-
>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
