Ho Fabrice,
this is my auth,conf file:
[root@PacketFence-ZEN conf]# cat /usr/local/pf/raddb/auth.conf
pidfile = /usr/local/pf/var/run/radiusd.pid
$INCLUDE radiusd.conf
listen {
ipaddr = 127.0.0.1
port = 18120
type = auth
virtual_server = packetfence
}
listen {
ipaddr = 10.33.33.50
port = 0
type = auth
virtual_server = packetfence
}
listen {
ipaddr = 10.33.33.50
port = 2083
type = auth+acct
proto = tcp
virtual_server = packetfence
limit {
max_connections = 16
lifetime = 0
idle_timeout = 30
}
tls {
private_key_file = /usr/local/pf/raddb/certs/server.key
certificate_file = /usr/local/pf/raddb/certs/server.crt
ca_file = /usr/local/pf/raddb/certs/ca.pem
dh_file = ${certdir}/dh
fragment_size = 8192
ca_path = ${cadir}
cipher_list = "DEFAULT"
require_client_cert = yes
}
}
listen {
type = control
socket = /usr/local/pf/var/run/radiusd.sock
mode = rw
}
log {
#
# Destination for log messages. This can be one of:
#
# files - log to "file", as defined below.
# syslog - to syslog (see also the "syslog_facility", below.
# stdout - standard output
# stderr - standard error.
#
# The command-line option "-X" over-rides this option, and forces
# logging to go to stdout.
#
destination = syslog
#
# Highlight important messages sent to stderr and stdout.
#
# Option will be ignored (disabled) if output if TERM is not
# an xterm or output is not to a TTY.
#
colourise = yes
#
# The logging messages for the server are appended to the
# tail of this file if destination == "files"
#
# If the server is running in debugging mode, this file is
# NOT used.
#
file = ${logdir}/radius.log
#
# If this configuration parameter is set, then log messages for
# a *request* go to this file, rather than to radius.log.
#
# i.e. This is a log file per request, once the server has accepted
# the request as being from a valid client. Messages that are
# not associated with a request still go to radius.log.
#
# Not all log messages in the server core have been updated to use
# this new internal API. As a result, some messages will still
# go to radius.log. Please submit patches to fix this behavior.
#
# The file name is expanded dynamically. You should ONLY user
# server-side attributes for the filename (e.g. things you control).
# Using this feature MAY also slow down the server substantially,
# especially if you do thinks like SQL calls as part of the
# expansion of the filename.
#
# The name of the log file should use attributes that don't change
# over the lifetime of a request, such as User-Name,
# Virtual-Server or Packet-Src-IP-Address. Otherwise, the log
# messages will be distributed over multiple files.
#
# Logging can be enabled for an individual request by a special
# dynamic expansion macro: %{debug: 1}, where the debug level
# for this request is set to '1' (or 2, 3, etc.). e.g.
#
# ...
# update control {
# Tmp-String-0 = "%{debug:1}"
# }
# ...
#
# The attribute that the value is assigned to is unimportant,
# and should be a "throw-away" attribute with no side effects.
#
#requests = ${logdir}/radiusd-%{%{Virtual-Server}:-DEFAULT}-%Y%m%d.log
#
# Which syslog facility to use, if ${destination} == "syslog"
#
# The exact values permitted here are OS-dependent. You probably
# don't want to change this.
#
syslog_facility = local1
# Log the full User-Name attribute, as it was found in the request.
#
# allowed values: {no, yes}
#
stripped_names = no
# Log authentication requests to the log file.
#
# allowed values: {no, yes}
#
auth = yes
# Log passwords with the authentication requests.
# auth_badpass - logs password if it's rejected
# auth_goodpass - logs password if it's correct
#
# allowed values: {no, yes}
#
auth_badpass = no
auth_goodpass = no
# Log additional text at the end of the "Login OK" messages.
# for these to work, the "auth" and "auth_goodpass" or "auth_badpass"
# configurations above have to be set to "yes".
#
# The strings below are dynamically expanded, which means that
# you can put anything you want in them. However, note that
# this expansion can be slow, and can negatively impact server
# performance.
#
# msg_goodpass = ""
# msg_badpass = ""
# The message when the user exceeds the Simultaneous-Use limit.
#
msg_denied = "You are already logged in - access denied"
}
Luca Messori
_________________________
[Descrizione: mead]
Mead Informatica Srl
SEDE - Via G. Ferraris, 2 - 42122 Reggio Emilia
Tel. +39 0522 265800 Tel. amm.ne 0522265940 - Fax +39 0522 393306
Tel. +39 049 8702540 Fax +39 049 8706249
http://www.meadinformatica.it<http://www.meadinformatica.it/>
-----------------------------------------------------------------------
Questo messaggio puo' contenere informazioni di carattere riservato e
confidenziale. Qualora non foste i destinatari, vi preghiamo di notificarcelo
e di provvedere ad eliminare il messaggio, con gli eventuali allegati, senza
trattenerne copia. Qualsivoglia utilizzo non autorizzato del contenuto
di questo mesaggio espone il responsabile alle conseguenze civili e penali.
This message may contain information which is confidential or privileged. if
you are not the intended recipient, please immediately notify us
and destroy this message and any attachments without retaining a copy. Any
unauthorized use of this message can expose the responsabile party
to civil and/or criminal penalties.
Da: Fabrice Durand via PacketFence-users
[mailto:[email protected]]
Inviato: giovedì 19 ottobre 2017 16:41
A: [email protected]
Cc: Fabrice Durand <[email protected]>
Oggetto: Re: [PacketFence-users] Radiusd don't start after upgarde
Hello Luca,
Can you paste /usr/local/pf/raddb/auth.conf ?
Regards
Fabrice
Le 2017-10-19 à 10:28, Luca Messori via PacketFence-users a écrit :
Hi,
after upgrading to PF 7.3, the Radius daemon don't start
Running it in debug mode, I have this error:
Thu Oct 19 14:25:27 2017 : Error : /usr/local/pf/raddb/auth.conf[6]: Listeners
of type 'auth' MUST be defined in a server.
My auth.conf and auth.conf.example haven't any difference.
Can you help me?
Regards
Luca Messori
_________________________
[Descrizione: mead]
Mead Informatica Srl
SEDE - Via G. Ferraris, 2 - 42122 Reggio Emilia
Tel. +39 0522 265800 Tel. amm.ne 0522265940 - Fax +39 0522 393306
Tel. +39 049 8702540 Fax +39 049 8706249
http://www.meadinformatica.it<http://www.meadinformatica.it/>
-----------------------------------------------------------------------
Questo messaggio puo' contenere informazioni di carattere riservato e
confidenziale. Qualora non foste i destinatari, vi preghiamo di notificarcelo
e di provvedere ad eliminare il messaggio, con gli eventuali allegati, senza
trattenerne copia. Qualsivoglia utilizzo non autorizzato del contenuto
di questo mesaggio espone il responsabile alle conseguenze civili e penali.
This message may contain information which is confidential or privileged. if
you are not the intended recipient, please immediately notify us
and destroy this message and any attachments without retaining a copy. Any
unauthorized use of this message can expose the responsabile party
to civil and/or criminal penalties.
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
[email protected]<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
--
Fabrice Durand
[email protected]<mailto:[email protected]> :: +1.514.447.4918 (x135) ::
www.inverse.ca<http://www.inverse.ca>
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
(http://packetfence.org)
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
