Dear Cameron Slye, First, only one index (*) is allowed in file format and it must be near user-name. Second, rlm_passwd adds all attrbiutes to config_items, while huntgorups expects it to be in request (request_items). In order to add group name (as you was told it's better to use your own group attribute) to request_items instead of configure_items you must use ~ modificator for group attribute name.
--Wednesday, November 5, 2003, 11:26:19 PM, you wrote to [EMAIL PROTECTED]: CS> I am trying to setup freeradius to read a group file to allow people to CS> use a huntgroup. If I setup the huntgroups file with User-Name = CS> testuser it works, if I set it as Group or Group-Name = ssusers it fails. CS> master.passwd file is authing correctly, that is not the issue. CS> I have changed the order of the authorize section to have group_master CS> before preprocess. I have removed the entire rlm_unix section, that CS> solved the segfaulting, but still rejects request. CS> I am using version 0.9.2 on FreeBSD 4.8 CS> Below is the group file, huntgroup file, and a pruned radiusd -X output CS> of a request. CS> The interesting part.. It gets the group name, but then says no CS> huntgroup access. CS> rlm_passwd: Added Group-Name: 'ssusers' to config_items CS> modcall[authorize]: module "group_master" returns ok for request 0 CS> No huntgroup access: [cslye] (from client test port 0) CS> modcall[authorize]: module "preprocess" returns reject for request 0 CS> modcall: group authorize returns reject for request 0 CS> Any ideas? Thanks.. Sorry for long email, hoping to include CS> everything first time. CS> Next thing I am going to try is putting all the rlm_unix stuff back and CS> getting it to segfault again, on a --enable-developer build. CS> group file: CS> ssusers:testuser,testuser2,testuser3 CS> huntgroup file: CS> slipstream Called-Station-Id =~ "1856$" CS> Group-Name = ssusers CS> Below is the debug output. CS> Starting - reading configuration files ... CS> reread_config: reading radiusd.conf CS> Module: Loaded passwd CS> passwd: filename = "/usr/local/etc/raddb/master.group" CS> passwd: format = "*Group-Name:*,User-Name" CS> passwd: authtype = "(null)" CS> passwd: delimiter = ":" CS> passwd: ignorenislike = yes CS> passwd: allowmultiplekeys = no CS> passwd: hashsize = 100 CS> rlm_passwd: nfields: 2 keyfield 1(User-Name) listable: yes CS> Module: Instantiated passwd (group_master) CS> Module: Loaded preprocess CS> preprocess: huntgroups = "/usr/local/etc/raddb/huntgroups" CS> preprocess: hints = "/usr/local/etc/raddb/hints" CS> preprocess: with_ascend_hack = no CS> preprocess: ascend_channels_per_line = 23 CS> preprocess: with_ntdomain_hack = no CS> preprocess: with_specialix_jetstream_hack = no CS> preprocess: with_cisco_vsa_hack = no CS> Module: Instantiated preprocess (preprocess) CS> passwd: filename = "/usr/local/etc/raddb/master.passwd" CS> passwd: format = "*User-Name:Crypt-Password:" CS> passwd: authtype = "pap" CS> passwd: delimiter = ":" CS> passwd: ignorenislike = yes CS> passwd: allowmultiplekeys = no CS> passwd: hashsize = 100 CS> rlm_passwd: nfields: 3 keyfield 0(User-Name) listable: no CS> Module: Instantiated passwd (passwd_master) CS> Module: Loaded files CS> files: usersfile = "/usr/local/etc/raddb/users" CS> files: acctusersfile = "/usr/local/etc/raddb/acct_users" CS> files: preproxy_usersfile = "/usr/local/etc/raddb/preproxy_users" CS> files: compat = "no" CS> Module: Instantiated files (files) CS> Ready to process requests. CS> rad_recv: Access-Request packet from host XXX.XXX.XXX.XXX:2755, id=137, CS> length=63 CS> User-Name = "testuser" CS> User-Password = "passwd" CS> Framed-Protocol = PPP CS> Called-Station-Id = "9162221856" CS> modcall: entering group authorize for request 0 CS> rlm_passwd: Added Group-Name: 'ssusers' to config_items CS> modcall[authorize]: module "group_master" returns ok for request 0 CS> No huntgroup access: [cslye] (from client test port 0) CS> modcall[authorize]: module "preprocess" returns reject for request 0 CS> modcall: group authorize returns reject for request 0 CS> Delaying request 0 for 1 seconds CS> Finished request 0 CS> Going to the next request CS> --- Walking the entire request list --- CS> Waking up in 1 seconds... CS> --- Walking the entire request list --- CS> Waking up in 1 seconds... CS> --- Walking the entire request list --- CS> Sending Access-Reject of id 137 to XXX.XXX.XXX.XXX:2755 CS> Waking up in 4 seconds... CS> --- Walking the entire request list --- CS> - CS> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- ~/ZARAZA Машина оказалась способной к единственному действию, а именно умножению 2x2, да и то при этом ошибаясь. (Лем) - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
