Hello Fabrice, Thank you very much for the response.
This is the error i get when i attempt to run that command; [root@PacketFence pf]# curl https://patch-diff.githubusercontent.com/raw/inverse-inc/packetfence/pull/3967.diff| patch -p1 % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 5708 0 5708 0 0 7087 0 --:--:-- --:--:-- --:--:-- 7081 patching file conf/profiles.conf.defaults Hunk #1 FAILED at 32. 1 out of 1 hunk FAILED -- saving rejects to file conf/profiles.conf.defaults.rej can't find file to patch at input line 14 Perhaps you used the wrong -p or --strip option? The text leading up to this was: -------------------------- |diff --git a/docs/api/spec/components/schemas/configconnectionprofile.yaml b/docs/api/spec/components/schemas/configconnectionprofile.yaml |index 7dbe71a1134..48aae9bcc1c 100644 |--- a/docs/api/spec/components/schemas/configconnectionprofile.yaml |+++ b/docs/api/spec/components/schemas/configconnectionprofile.yaml -------------------------- File to patch: On Wed, Feb 13, 2019 at 6:28 PM Durand fabrice via PacketFence-users < [email protected]> wrote: > Hello William, > > can you try that: > > > https://patch-diff.githubusercontent.com/raw/inverse-inc/packetfence/pull/3967.diff > > cd /usr/local/pf > > curl > https://patch-diff.githubusercontent.com/raw/inverse-inc/packetfence/pull/3967.diff| > patch -p1 --dry-run > > if there is no error > > curl > https://patch-diff.githubusercontent.com/raw/inverse-inc/packetfence/pull/3967.diff| > patch -p1 > > restart packetfence and in the connection profile 802.1X-Profile and > check: dot1x_unset_on_unmatch > > And retry. > > let me know if it help > > Regards > > Fabrice > > > Le 19-02-13 à 17 h 43, William Blake MacIsaac via PacketFence-users a > écrit : > > I'm hoping someone can help me. I'm trying to setup 802.1x-Wireless to > allow users to connect to a SSID utilizing domain credentials. The problem > is, when users connect and enter there username and password, they are not > being tested against the Authentication sources i have setup, they are just > being allowed to connect, regardless if they are part of the group or not. > I can even delete the whole authentication source and they are still being > authenticated.. what the hell? :(, please help > > > [image: image.png] > > :19:39 PacketFence packetfence_httpd.aaa: httpd.aaa(8345) INFO: > [mac:8c:f5:a3:a2:d4:18] handling radius autz request: from switch_ip => > (10.100.2.254), connection_type => Wireless-802.11-EAP,switch_mac => > (00:15:5d:01:3d:00), mac => [8c:f5:a3:a2:d4:18], port => 12290, username => > "bmacisaaca", ssid => YC-IT (pf::radius::authorize) > Feb 13 14:19:39 PacketFence packetfence_httpd.aaa: httpd.aaa(8345) INFO: > [mac:8c:f5:a3:a2:d4:18] Instantiate profile 802.1X-Profile > (pf::Connection::ProfileFactory::_from_profile) > Feb 13 14:19:39 PacketFence packetfence_httpd.aaa: httpd.aaa(8345) INFO: > [mac:8c:f5:a3:a2:d4:18] Found authentication source(s) : > 'local,8021X-Wireless' for realm 'null' > (pf::config::util::filter_authentication_sources) > Feb 13 14:19:39 PacketFence packetfence_httpd.aaa: httpd.aaa(8345) WARN: > [mac:8c:f5:a3:a2:d4:18] Calling match with empty/invalid rule class. > Defaulting to 'authentication' (pf::authentication::match2) > Feb 13 14:19:39 PacketFence packetfence_httpd.aaa: httpd.aaa(8345) INFO: > [mac:8c:f5:a3:a2:d4:18] Using sources local, 8021X-Wireless for matching > (pf::authentication::match2) > Feb 13 14:19:39 PacketFence packetfence_httpd.aaa: httpd.aaa(8345) INFO: > [mac:8c:f5:a3:a2:d4:18] LDAP testing connection (pf::LDAP::expire_if) > Feb 13 14:19:39 PacketFence packetfence_httpd.aaa: httpd.aaa(8345) INFO: > [mac:8c:f5:a3:a2:d4:18] Role has already been computed and we don't want to > recompute it. Getting role from node_info (pf::role::getRegisteredRole) > Feb 13 14:19:39 PacketFence packetfence_httpd.aaa: httpd.aaa(8345) INFO: > [mac:8c:f5:a3:a2:d4:18] Username was defined "bmacisaaca" - returning role > 'YC-IT-WIFI' (pf::role::getRegisteredRole) > Feb 13 14:19:39 PacketFence packetfence_httpd.aaa: httpd.aaa(8345) INFO: > [mac:8c:f5:a3:a2:d4:18] PID: "bmacisaaca", Status: reg Returned VLAN: > (undefined), Role: YC-IT-WIFI (pf::role::fetchRoleForNode) > Feb 13 14:19:39 PacketFence packetfence_httpd.aaa: httpd.aaa(8345) WARN: > [mac:8c:f5:a3:a2:d4:18] No parameter YC-IT-WIFIVlan found in > conf/switches.conf for the switch 10.100.2.254 (pf::Switch::getVlanByName) > Feb 13 14:19:39 PacketFence pfqueue: pfqueue(33849) INFO: [mac:unknown] > undefined source id provided (pf::lookup::person::lookup_person) > Feb 13 14:19:39 PacketFence packetfence_httpd.aaa: httpd.aaa(8345) INFO: > [mac:8c:f5:a3:a2:d4:18] violation 1300003 force-closed for > 8c:f5:a3:a2:d4:18 (pf::violation::violation_force_close) > Feb 13 14:19:39 PacketFence packetfence_httpd.aaa: httpd.aaa(8345) INFO: > [mac:8c:f5:a3:a2:d4:18] Instantiate profile 802.1X-Profile > (pf::Connection::ProfileFactory::_from_profile) > Feb 13 14:21:15 PacketFence packetfence_httpd.aaa: httpd.aaa(8345) INFO: > [mac:8c:f5:a3:a2:d4:18] handling radius autz request: from switch_ip => > (10.100.2.254), connection_type => Wireless-802.11-EAP,switch_mac => > (00:15:5d:01:3d:00), mac => [8c:f5:a3:a2:d4:18], port => 12290, username => > "bmacisaaca", ssid => YC-IT (pf::radius::authorize) > Feb 13 14:21:15 PacketFence packetfence_httpd.aaa: httpd.aaa(8345) INFO: > [mac:8c:f5:a3:a2:d4:18] Instantiate profile 802.1X-Profile > (pf::Connection::ProfileFactory::_from_profile) > Feb 13 14:21:15 PacketFence packetfence_httpd.aaa: httpd.aaa(8345) INFO: > [mac:8c:f5:a3:a2:d4:18] Found authentication source(s) : 'local' for realm > 'null' (pf::config::util::filter_authentication_sources) > Feb 13 14:21:15 PacketFence packetfence_httpd.aaa: httpd.aaa(8345) WARN: > [mac:8c:f5:a3:a2:d4:18] Calling match with empty/invalid rule class. > Defaulting to 'authentication' (pf::authentication::match2) > Feb 13 14:21:15 PacketFence packetfence_httpd.aaa: httpd.aaa(8345) INFO: > [mac:8c:f5:a3:a2:d4:18] Using sources local for matching > (pf::authentication::match2) > Feb 13 14:21:15 PacketFence packetfence_httpd.aaa: httpd.aaa(8345) INFO: > [mac:8c:f5:a3:a2:d4:18] Role has already been computed and we don't want to > recompute it. Getting role from node_info (pf::role::getRegisteredRole) > Feb 13 14:21:15 PacketFence packetfence_httpd.aaa: httpd.aaa(8345) INFO: > [mac:8c:f5:a3:a2:d4:18] Username was defined "bmacisaaca" - returning role > 'YC-IT-WIFI' (pf::role::getRegisteredRole) > Feb 13 14:21:15 PacketFence packetfence_httpd.aaa: httpd.aaa(8345) INFO: > [mac:8c:f5:a3:a2:d4:18] PID: "bmacisaaca", Status: reg Returned VLAN: > (undefined), Role: YC-IT-WIFI (pf::role::fetchRoleForNode) > Feb 13 14:21:15 PacketFence packetfence_httpd.aaa: httpd.aaa(8345) WARN: > [mac:8c:f5:a3:a2:d4:18] No parameter YC-IT-WIFIVlan found in > conf/switches.conf for the switch 10.100.2.254 (pf::Switch::getVlanByName) > Feb 13 14:21:15 PacketFence packetfence_httpd.aaa: httpd.aaa(8345) INFO: > [mac:8c:f5:a3:a2:d4:18] violation 1300003 force-closed for > 8c:f5:a3:a2:d4:18 (pf::violation::violation_force_close) > Feb 13 14:21:15 PacketFence packetfence_httpd.aaa: httpd.aaa(8345) INFO: > [mac:8c:f5:a3:a2:d4:18] Instantiate profile 802.1X-Profile > (pf::Connection::ProfileFactory::_from_profile) > Feb 13 14:21:15 PacketFence pfqueue: pfqueue(32627) INFO: [mac:unknown] > undefined source id provided (pf::lookup::person::lookup_person) > ^C > [root@PacketFence logs]# tail -f packetfence.log > Feb 13 14:28:49 PacketFence packetfence_httpd.aaa: httpd.aaa(8345) INFO: > [mac:8c:f5:a3:a2:d4:18] Found authentication source(s) : 'local' for realm > 'null' (pf::config::util::filter_authentication_sources) > Feb 13 14:28:49 PacketFence packetfence_httpd.aaa: httpd.aaa(8345) WARN: > [mac:8c:f5:a3:a2:d4:18] Calling match with empty/invalid rule class. > Defaulting to 'authentication' (pf::authentication::match2) > Feb 13 14:28:49 PacketFence packetfence_httpd.aaa: httpd.aaa(8345) INFO: > [mac:8c:f5:a3:a2:d4:18] Using sources local for matching > (pf::authentication::match2) > Feb 13 14:28:49 PacketFence pfqueue: pfqueue(101125) INFO: [mac:unknown] > undefined source id provided (pf::lookup::person::lookup_person) > Feb 13 14:28:49 PacketFence packetfence_httpd.aaa: httpd.aaa(8345) INFO: > [mac:8c:f5:a3:a2:d4:18] Role has already been computed and we don't want to > recompute it. Getting role from node_info (pf::role::getRegisteredRole) > Feb 13 14:28:49 PacketFence packetfence_httpd.aaa: httpd.aaa(8345) INFO: > [mac:8c:f5:a3:a2:d4:18] Username was defined "bmacisaaca" - returning role > 'YC-IT-WIFI' (pf::role::getRegisteredRole) > Feb 13 14:28:49 PacketFence packetfence_httpd.aaa: httpd.aaa(8345) INFO: > [mac:8c:f5:a3:a2:d4:18] PID: "bmacisaaca", Status: reg Returned VLAN: > (undefined), Role: YC-IT-WIFI (pf::role::fetchRoleForNode) > Feb 13 14:28:49 PacketFence packetfence_httpd.aaa: httpd.aaa(8345) WARN: > [mac:8c:f5:a3:a2:d4:18] No parameter YC-IT-WIFIVlan found in > conf/switches.conf for the switch 10.100.2.254 (pf::Switch::getVlanByName) > Feb 13 14:28:49 PacketFence packetfence_httpd.aaa: httpd.aaa(8345) INFO: > [mac:8c:f5:a3:a2:d4:18] violation 1300003 force-closed for > 8c:f5:a3:a2:d4:18 (pf::violation::violation_force_close) > Feb 13 14:28:49 PacketFence packetfence_httpd.aaa: httpd.aaa(8345) INFO: > [mac:8c:f5:a3:a2:d4:18] Instantiate profile 802.1X-Profile > (pf::Connection::ProfileFactory::_from_profile) > > > > > > > > _______________________________________________ > PacketFence-users mailing > [email protected]https://lists.sourceforge.net/lists/listinfo/packetfence-users > > _______________________________________________ > PacketFence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users >
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
