Hi everyone
I guess I've found another bug in freeradius. I'm now using freeradius 0.81
running on Solaris 7 / sparc
I got turned on authentication against /etc/shadow, /etc/passwd, /etc/group
The problem is when the line of definition for some group located in
/etc/group file exceeds 511 characters, loading of next data is aborted, and
the huntgroups based on the unix group criteria fails all the time
I got /unix/passwd caching turned on all the time in radiusd.conf. All works
fine if the ascii line for specified group is no longer than 511 characters
(maybe magic border of 512 characters ??? )
DEFAULT Group == "oper_15", Auth-Type := System
Service-Type = Shell-User,
cisco-avpair = "shell:priv-lvl=15"
DEFAULT Group == "oper_1", Auth-Type := System
Service-Type = Shell-User,
cisco-avpair = "shell:priv-lvl=1"
And the huntgroups
[...]
warszawa NAS-IP-Address == 126.0.1.10
Group == warszawa
warszawa NAS-IP-Address == 126.0.1.11
Group == warszawa
[...]
olsztyn NAS-IP-Address == 126.119.0.2
Group == olsztyn
olsztyn NAS-IP-Address == 126.119.0.3
Group == olsztyn
[...]
etc
/etc/group file
oper_15::101:expert,aloboda,grzes,mariusz,zbyszek,szczepan,pgrubek,mirek,mic
hal,muki,jzuk,mkozak,mistar,tmalyska,jkusinsk,mmazur,pgrom,mtomczyk,remik,ch
aciek,bachman,pkowalcz,kd,michus,peterk,pch,drw,marks,kupkap,jacek,adam,mist
ela,bolekg,irzenski,andrew,marysia,jakub,zakrzewski,pietrzaks,wziecht,maku,t
omkii,wwlodarski,pjenner,sczartowski,kcieslik,zpawelki,dudziak,backup,goral,
wosik,ania,pawlo,darek,kania,kobe,hania,dagma,kasiar,elan,mgudzak,kasiac,raf
al,enable,jkawka,magdar
oper_1::102:service,chabrosj,marior,mchorazy,marcinsw,starcu,kamilaf,kkryste
k,przemekz,mariuszw,rafald,robertp,marcins,irekp,piotro,teresap,saymon,pgaje
w,opole_k,opole_m,rafalr,roberta,katowice,konradpl,maritom,rwil1,rwil,richi,
kris,jmatyja,robert,grzkow,tompa,zbyszek1,polub,przemek,kkrystek1,rydzu,amaz
urek,conswatcher,keczte,liber,romek,radek,gonera,boss,pionsieci,radko,hbaran
,robertpo,psemenczuk
[...]
krakow::113:bolekg,irzenski,andrew,backup,ania,pawlo,darek,kania,kobe,hania,
dagma,kasiar,elan,mgudzak,kasiac,rafal,jkawka,szczepan
[...]
dcn::117:remik,chaciek,bachman,pkowalcz,kd,michus,backup,ania,pawlo,darek,ka
nia,kobe,hania,dagma,kasiar,elan,mgudzak,kasiac,rafal,jkawka,goral,wosik,rad
ko,rafalr,hbaran,magdar,psemenczuk,daras,daniel,mariuszc,krisbo,pbielecki,an
dreas,kostek,kczarnecki,jacjel,adamk,frost,pawson,ruto,szmytek,wrzesiu,zielu
,shadi,kkrystek,marekk,michalc,przemekz,mariuszw,rafald,robertpo,marcins,ire
kp,piotro,kamilaf,teresap,saymon,marior,szczepan,marcinsw,mchorazy,starcu,mu
ki,aloboda,nfmuser
CHECK OUT the "DCN" group - its almost size of 512 characters, when I add
another user, whole is doomed
Can you check this out ???
> Adam Loboda
> Polish Telco
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
