It seems that you do not have the sql support compiled in your radius.
I assume you are using Linux.
1. Check your installed postgresql packages with the following command:
'rpm -qa | grep postgresql'
I got three 'postgresql' packages in my system.
[EMAIL PROTECTED] main]# rpm -qa | grep postgresql
postgresql-libs-7.2.2-1
postgresql-server-7.2.2-1
postgresql-7.2.2-1
If you check the contents of these packages, you will see that none of
these contain header files necessary
for radius compilation, e.g.
[EMAIL PROTECTED] main]#rpm -q -l postgresql-7.2.2-1 | less
You need to install the postgresql developer packages,
postgresql-devel-7.2.2.-1 (?) first.
I use MySQL so the package I use is different from yours.
2. Rerun 'configure' and 'make' on the subdirectory
src/modules/rlm_sql/drivers/rlm_sql_postgresql.
You should see some files generated in it, e.g. sql_postgresql.o,
sql_postgresql.lo, rlm_sql_postgresql.a,
rlm_sql_postgresql.la, etc.
In the subdirectory src/modules/rlm_sql/drivers/rlm_sql_postgresql/.lib,
you should also get several
rlm_sql_postgresql.so* files.
3. If step 2 is not successful, you need to capture the output of the build
process and do your own analysis.
Otherwise, you can go to the root level of FreeRADIUS source code and do
a clean build:
rm config.caches config.log config.status
./configure; make; make install
4. In /usr/local/etc/raddb/radiusd.conf, you need to change the line
$INCLUDE ${confdir}/sql.conf
to
$INCLUDE ${confdir}/postgresql.conf
Read that file for the DB schema location.
5. Run scripts/create-users.pl to create some dummy users, stored in
radius.users in that same directory, then
modify scripts/users2mysql.pl to use postgresql DB connection to insert
the users to DB.
6. Run '/usr/local/sbin/radiusd -X | tee rad.out' to capture the output in
rad.out
Note that I am also a newbie in both RADIUS and FreeRADIUS. The above steps
are from my own knowledge, do
it at your own discretion :)
A good place to look for information is
http://www.frontios.com/freeradius.html
So far I have not gotten to the point where I can also use the information,
i.e. 'User-Password' attribute
stored in 'radcheck' table to do 'authenticaion' yet. I am looking at the
source code to see where to
do/hack it.
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Sarven
Sent: Tuesday, July 01, 2003 5:30 PM
To: [EMAIL PROTECTED]
Subject: RE:authenticating user via postgres config
thanks alex
I have tried what you suggested but without much success. When I actually
add the sql entry in the
authenticate section and start radiusd in debug mode --> I get an error
stating
root:/usr/local/etc/raddb# radiusd -x
Starting - reading configuration files ...
Module: Loaded System
Module: Instantiated unix (unix)
Module: Loaded preprocess
Module: Instantiated preprocess (preprocess)
Module: Loaded realm
Module: Instantiated realm (suffix)
ERROR: Cannot find a configuration entry for module "sql".
hence my question : do I need to add further instruction in the module
section on radiusd.conf
to make this work.
Thank you for your response
cheers
raven
-----Original Message-----
>From what I can read in the document, there is NO authentication method for
the
DB. They can only be used for authorization, i.e. verify that the user is
recognized (exists) by the DB.
I have a different scenario though, if I put the user name and password in
etc/raddb/users,
I can authenticate the user. If I add the user in the DB, and put the 'sql'
before 'files'
in the authorize section in radiusd.conf, the authorization part succeeds
but the authentication
part failed.
e.g. when the radius.conf is configured like this
authorize {
...
files
sql
...
}
authenticate {
authtype PAP {
pap
}
authtype CHAP {
chap
}
authtype MS-CHAP {
mschap
}
unix
}
and I have the following user in etc/raddb/users
"ulxp" Auth-Type := Local, User-Password == "xbr"
Service-Type = Outbound-User,
Reply-Message = "Hello, %u"
The authentication works fine.
[EMAIL PROTECTED] root]# radtest ulxp xbr 192.168.1.101 1 secret
Sending Access-Request of id 122 to 192.168.1.101:1812
User-Name = "ulxp"
User-Password = "\260\031y\325\033F\271v8\257{\323\022\332\235@"
NAS-IP-Address = longhorn
NAS-Port = 1
rad_recv: Access-Accept packet from host 192.168.1.101:1812, id=122,
length=39
Service-Type = Outbound-User
Reply-Message = "Hello, ulxp"
The radius server trace indicates that the authentication is done at the
same
time authorization is done, i.e. it reads the 'users' for authorization and
finds that the user password matches
the one from the request, it does the authentication, too.
But if I switch files and sql in authorize section, then the authorization
is done in sql. The user is found
in radcheck table, and authorization passed. But since there is nothing to
authenticate it, the
access request gets rejected.
I have not figure out a way to use the information stored in the DB, i.e.
'User-Password',
to authenticate the user.
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of
[EMAIL PROTECTED]
Sent: Wednesday, July 02, 2003 2:32 AM
To: [EMAIL PROTECTED]
Subject: authenticating user via postgres config
Hi all,
I needed some help to configure freeradius (0.8) to authenticate users using
a postgres database. I tried reading whatever docs (very few)
I could find and I am confused as how to go about configuring radius.conf
file. I have looked at the authenticate section but how do I
actually instruct radius to use sql to authenticate and do I need to add
some more instructions in the modules section ..like Unix or Pam,
something similar for sql perhaps...
any help will be appreciated
cheers
Raven
(I have already had a look at postgres.conf file and the database exists on
the local machine, the database radius and all the required
tables already created. Also have rlm_sql_postgresql.* in the shared lib dir
</usr/local/lib>)
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
