Hello,
I get Segmentation faults with the Kerberos module. This is how it
happens:
We have two servers each with Kerberos and Ldap (Active Directory)
installed, if we restart any one of them, freeRadius will produce this
segmentation fault. It will keep segmenting until the server has
shutdown.
We have two freeRadius servers, both basicly identical, and he happens
to both. Kerberos V is configured on both servers (radius) to use DNS
SRV lookups.
We did not have the same problems with version 0.7, don't know if it was
there in 0.7.1.
!!! DEBUG INFO !!!
modcall: entering group authorize
modcall[authorize]: module "preprocess" returns ok
rlm_realm: Looking up realm mydomain.com for User-Name =
"[EMAIL PROTECTED]"
rlm_realm: Found realm mydomain.com
rlm_realm: Adding Stripped-User-Name = "jimbo"
rlm_realm: Proxying request from user jimbo to realm mydomain.com
rlm_realm: Adding Realm = "mydomain.com"
rlm_realm: Authentication realm is LOCAL.
rlm_realm: auth_port is not set. proxy cancelled
modcall[authorize]: module "suffix" returns noop
users: Matched DEFAULT at 8
modcall[authorize]: module "files" returns ok
modcall: entering group redundant
rlm_ldap: - authorize
rlm_ldap: performing user authorization for jimbo
radius_xlat: '(uid=jimbo)'
radius_xlat: 'ou=Internet Service Provider,dc=mydomain,dc=com'
ldap_get_conn: Got Id: 0
rlm_ldap: attempting LDAP reconnection
rlm_ldap: (re)connect to ldap1.mydomain.com:389, authentication 0
rlm_ldap: bind as / to ldap1.mydomain.com:389
rlm_ldap: bind to ldap1.mydomain.com:389 failed: Can't contact LDAP
server
rlm_ldap: (re)connection attempt failed
rlm_ldap: search failed
ldap_release_conn: Release Id: 0
modcall[authorize]: module "ldap1" returns fail
rlm_ldap: - authorize
rlm_ldap: performing user authorization for johnthor
radius_xlat: '(uid=jimbo)'
radius_xlat: 'ou=Internet Service Provider,dc=mydomain,dc=com'
ldap_get_conn: Got Id: 0
rlm_ldap: performing search in ou=Internet Service
Provider,dc=mydomain,dc=com, with filter (uid=jimbo)
rlm_ldap: checking if remote access for johnthor is allowed by
radiusNPAllowDialin
rlm_ldap: looking for check items in directory...
rlm_ldap: Adding radiusNASPortType as NAS-Port-Type, value Async & op=21
rlm_ldap: looking for reply items in directory...
rlm_ldap: user jimbo authorized to use remote access
ldap_release_conn: Release Id: 0
modcall[authorize]: module "ldap2" returns ok
modcall: group redundant returns ok
modcall: group authorize returns ok
rad_check_password: Found Auth-Type Kerberos
auth: type "Kerberos"
modcall: entering group authenticate
rlm_krb5: krb5 server princ name: radius1.mydomain.com
rlm_krb5: [johnthor] krb5_mk_req() failed: Server not found in Kerberos
database
Segmentation fault
Regards
Allister P Maguire
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
