Thanks to both you and Fabrice for the command. Had an extra "}" in our mschap module. Fixed that and got Radius restarted. Now, back to actually getting 802.1x AD integration working...
From: Louis Munro [mailto:[email protected]] Sent: Tuesday, August 12, 2014 11:05 AM To: [email protected] Subject: Re: [PacketFence-users] RADIUS suddenly failing to start Hi Stephen, Try running Freeradius in debug mode to get more output: # radiusd -d /usr/local/pf/raddb -X Please post the output. Regards, -- Louis Munro [email protected]<mailto:[email protected]> :: www.inverse.ca<http://www.inverse.ca> +1.514.447.4918 *125 :: +1 (866) 353-6153 Inverse inc. :: Leaders behind SOGo (www.sogo.nu<http://www.sogo.nu>) and PacketFence (www.packetfence.org<http://www.packetfence.org>) On 2014-08-12, at 10:58 , "Stormont, Stephen (IMS)" <[email protected]<mailto:[email protected]>> wrote: RADIUS had been working on our installation and then suddenly today it died after a system restart. The last lines of /usr/local/pf/logs/radius.log are: Tue Aug 12 10:16:59 2014 : Error: SSL: SSL_read failed inside of TLS (-1), TLS session fails. Tue Aug 12 10:16:59 2014 : Auth: Login incorrect (TLS Alert read:fatal:unknown CA): [host/LT-T430-3.omni.imsweb.com<http://LT-T430-3.omni.imsweb.com>] (from client 172.22.34.2 port 4028 cli 3C-97-0E-AD-B6-6B) Tue Aug 12 10:18:20 2014 : Auth: Login OK: [dd9999] (from client localhost port 12) Tue Aug 12 10:18:38 2014 : Auth: Login OK: [dd9999] (from client localhost port 12) Tue Aug 12 10:19:27 2014 : Info: Signalled to terminate Tue Aug 12 10:19:27 2014 : Info: Exiting normally. After that, the service will not start using the "Services" option in PacketFence. Looking at /usr/local/pf/logs/packetfence.log, it says at the end that radius started however a grep for the service shows that it is not running and nothing is listening on that port. Running radtest says "radclient: no response from server for ID 31 socket 3". End of /usr/local/pf/logs/packetfence.log is below: Aug 12 10:45:25 pfsetvlan(0) FATAL: pfsetvlan: caught SIGTERM - terminating at /usr/share/perl5/File/Tail.pm line 554 (File::Tail::read) Aug 12 10:45:25 pfsetvlan(0) ERROR: pfsetvlan: caught SIGTERM - terminating at /usr/share/perl5/File/Tail.pm line 554 (File::Tail::read) Aug 12 10:45:25 pfsetvlan(0) INFO: stopping pfsetvlan (main::) Aug 12 10:45:25 pfsetvlan(0) FATAL: pfsetvlan: caught SIGTERM - terminating at /usr/share/perl5/File/Tail.pm line 554 (main::END) Aug 12 10:45:25 pfsetvlan(0) FATAL: pfsetvlan: caught SIGTERM - terminating at /usr/share/perl5/File/Tail.pm line 554 END failed--call queue aborted at /usr/local/pf/sbin/pfsetvlan line 554. (main::) Aug 12 10:45:25 pfsetvlan(0) ERROR: pfsetvlan: caught SIGTERM - terminating at /usr/share/perl5/File/Tail.pm line 554 END failed--call queue aborted at /usr/local/pf/sbin/pfsetvlan line 554. (main::) Aug 12 10:46:37 pfcmd.pl(2038) INFO: pidof -x memcached returned 2073 (pf::services::manager::pidFromFile) Aug 12 10:46:37 pfcmd.pl(2038) INFO: verifying process 2073 (pf::services::manager::removeStalePid) Aug 12 10:46:37 pfcmd.pl(2038) INFO: pidof -x memcached returned 2073 (pf::services::manager::pidFromFile) Aug 12 10:46:37 pfcmd.pl(2038) INFO: removing stale pid file /usr/local/pf/var/run/memcached.pid (pf::services::manager::removeStalePid) Aug 12 10:46:37 pfcmd.pl(2038) INFO: pidof -x dhcpd returned 2103 (pf::services::manager::pidFromFile) Aug 12 10:46:37 pfcmd.pl(2038) INFO: verifying process 2103 (pf::services::manager::removeStalePid) Aug 12 10:46:37 pfcmd.pl(2038) INFO: pidof -x dhcpd returned 2103 (pf::services::manager::pidFromFile) Aug 12 10:46:37 pfcmd.pl(2038) INFO: removing stale pid file /usr/local/pf/var/run/dhcpd.pid (pf::services::manager::removeStalePid) Aug 12 10:46:37 pfcmd.pl(2038) INFO: pidof -x snmptrapd returned 2183 (pf::services::manager::pidFromFile) Aug 12 10:46:37 pfcmd.pl(2038) INFO: verifying process 2183 (pf::services::manager::removeStalePid) Aug 12 10:46:37 pfcmd.pl(2038) INFO: pidof -x snmptrapd returned 2183 (pf::services::manager::pidFromFile) Aug 12 10:46:37 pfcmd.pl(2038) INFO: removing stale pid file /usr/local/pf/var/run/snmptrapd.pid (pf::services::manager::removeStalePid) Aug 12 10:46:38 pfcmd.pl(2038) INFO: Instantiate a new iptables modification method. pf::ipset (pf::inline::get_technique) Aug 12 10:46:39 pfcmd.pl(2038) INFO: saving existing iptables to /usr/local/pf/var/iptables.bak (pf::iptables::iptables_save) Aug 12 10:46:39 pfcmd.pl(2038) WARN: We are using IPSET (pf::ipset::iptables_generate) Aug 12 10:46:39 pfcmd.pl(2038) INFO: flushing iptables (pf::ipset::iptables_flush_mangle) Aug 12 10:46:39 pfcmd.pl(2038) INFO: restoring iptables from /usr/local/pf/var/conf/iptables.conf (pf::iptables::iptables_restore) Aug 12 10:46:39 pfcmd.pl(2038) INFO: Daemon memcached took 0.065 seconds to start. (pf::services::manager::launchService) Aug 12 10:46:39 pfcmd.pl(2038) INFO: generating /usr/local/pf/var/conf/ssl-certificates.conf (pf::services::manager::httpd::generateConfig) Aug 12 10:46:39 pfcmd.pl(2038) INFO: generating /usr/local/pf/var/conf/captive-portal-common.conf (pf::services::manager::httpd::generateConfig) Aug 12 10:46:50 pfcmd.pl(2038) INFO: Daemon httpd.admin took 11.291 seconds to start. (pf::services::manager::launchService) Aug 12 10:47:02 pfcmd.pl(2038) INFO: pf::services::manager, /usr/local/pf/lib/pf/services/manager.pm, 155 (pf::services::manager::dhcpd::generateConfig) Aug 12 10:47:02 pfcmd.pl(2038) INFO: Daemon dhcpd took 0.140 seconds to start. (pf::services::manager::launchService) Aug 12 10:47:06 pfcmd.pl(2038) INFO: Daemon httpd.portal took 4.000 seconds to start. (pf::services::manager::launchService) Aug 12 10:47:11 pfcmd.pl(2038) INFO: Daemon httpd.webservices took 1.934 seconds to start. (pf::services::manager::launchService) Aug 12 10:47:12 pfcmd.pl(2038) INFO: Daemon pfdhcplistener_eth1 took 0.006 seconds to start. (pf::services::manager::launchService) Aug 12 10:47:12 pfcmd.pl(2038) INFO: Daemon pfdhcplistener_eth2 took 0.004 seconds to start. (pf::services::manager::launchService) Aug 12 10:47:12 pfcmd.pl(2038) INFO: Daemon pfdhcplistener_eth0 took 0.004 seconds to start. (pf::services::manager::launchService) Aug 12 10:47:15 pfcmd.pl(2038) INFO: Daemon pfdns took 0.005 seconds to start. (pf::services::manager::launchService) Aug 12 10:47:18 pfcmd.pl(2038) INFO: Daemon pfmon took 2.300 seconds to start. (pf::services::manager::launchService) Aug 12 10:47:19 pfcmd.pl(2038) INFO: generating /usr/local/pf/var/conf/snmptrapd.conf (pf::services::manager::snmptrapd::generateConfig) Aug 12 10:47:19 pfcmd.pl(2038) INFO: Daemon snmptrapd took 0.858 seconds to start. (pf::services::manager::launchService) Aug 12 10:47:21 pfsetvlan(2176) INFO: pfsetvlan starting and writing 2179 to /usr/local/pf/var/run/pfsetvlan.pid (pf::services::util::createpid) Aug 12 10:47:21 pfcmd.pl(2038) INFO: Daemon pfsetvlan took 1.547 seconds to start. (pf::services::manager::launchService) Aug 12 10:47:21 pfsetvlan(2176) INFO: Process started (main::) Aug 12 10:47:22 pfcmd.pl(2038) INFO: Daemon radiusd took 1.021 seconds to start. (pf::services::manager::launchService) ________________________________ Information in this e-mail may be confidential. It is intended only for the addressee(s) identified above. If you are not the addressee(s), or an employee or agent of the addressee(s), please note that any dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this e-mail in error, please notify the sender of the error. ------------------------------------------------------------------------------ _______________________________________________ PacketFence-users mailing list [email protected]<mailto:[email protected]> https://lists.sourceforge.net/lists/listinfo/packetfence-users ________________________________ Information in this e-mail may be confidential. It is intended only for the addressee(s) identified above. If you are not the addressee(s), or an employee or agent of the addressee(s), please note that any dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this e-mail in error, please notify the sender of the error.
------------------------------------------------------------------------------
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
