Hello Jonas, Try that:
https://github.com/inverse-inc/packetfence/blob/devel/docs/common/restart.asciidoc <https://github.com/inverse-inc/packetfence/blob/devel/docs/common/restart.asciidoc> /usr/local/pf/bin/pfcmd fixpermissions /usr/local/pf/bin/pfcmd pfconfig clear_backend systemctl restart packetfence-config /usr/local/pf/bin/pfcmd configreload hard /usr/local/pf/bin/pfcmd service pf restart Tell me if everything restart ? It could be stale configuration in the configuration store. Thanks, Ludovic Zammit Product Support Engineer Principal Cell: +1.613.670.8432 Akamai Technologies - Inverse 145 Broadway Cambridge, MA 02142 Connect with Us: <https://community.akamai.com/> <http://blogs.akamai.com/> <https://twitter.com/akamai> <http://www.facebook.com/AkamaiTechnologies> <http://www.linkedin.com/company/akamai-technologies> <http://www.youtube.com/user/akamaitechnologies?feature=results_main> > On Nov 8, 2021, at 5:05 PM, jonas.stal...@gmx.ch wrote: > > Dear Ludovic > > Many thanks for your appreciated reply. > > I did a manual check as you described. Please see the command reply below. > I’ve taken the password stored in the PF GUI. > > The DB connect seems to work in nearly all the cases, except the described > node check while auth. > > The root login works also fort h DB connect. > > It is (currently) a standalone installed by the current OVA from the website > in version 11.1 (Oct 29th build). > > Thank you very much for your effort! > > Sincerley jonas > > root@SLcsPFCv01:~# mysql -u pf pf -p > Enter password: > Reading table information for completion of table and column names > You can turn off this feature to get a quicker startup with -A > > Welcome to the MariaDB monitor. Commands end with ; or \g. > Your MariaDB connection id is 1455 > Server version: 10.5.12-MariaDB-0+deb11u1 Debian 11 > > Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. > > Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. > > MariaDB [pf]> > MariaDB [pf]> show tables > -> ; > +------------------------------+ > | Tables_in_pf | > +------------------------------+ > | action | > | activation | > | admin_api_audit_log | > | auth_log | > | bandwidth_accounting | > | bandwidth_accounting_history | > | billing | > | chi_cache | > | class | > | dhcp_option82 | > | dhcp_option82_history | > | dhcppool | > | dns_audit_log | > | ip4log | > | ip4log_archive | > | ip4log_history | > | ip6log | > | ip6log_archive | > | ip6log_history | > | key_value_storage | > | keyed | > | locationlog | > | locationlog_history | > | node | > | node_category | > | password | > | person | > | pf_version | > | pki_cas | > | pki_certs | > | pki_profiles | > | pki_revoked_certs | > | radacct | > | radacct_log | > | radius_audit_log | > | radius_nas | > | radreply | > | savedsearch | > | scan | > | security_event | > | sms_carrier | > | tenant | > | user_preference | > | wrix | > +------------------------------+ > 44 rows in set (0.000 sec) > > Von: Zammit, Ludovic <luza...@akamai.com <mailto:luza...@akamai.com>> > Gesendet: Montag, 8. November 2021 18:50 > An: packetfence-users@lists.sourceforge.net > <mailto:packetfence-users@lists.sourceforge.net> > Cc: jonas.stal...@gmx.ch <mailto:jonas.stal...@gmx.ch>; Jonas Stalder > <jonas.stal...@leuchterag.ch <mailto:jonas.stal...@leuchterag.ch>> > Betreff: Re: [PacketFence-users] Database connect error while auth. > > Hello Jonas, > > Try that: > > mysql -u pf pf -p > > Tell me if it works. > > Is the root login works ? > > Do you have a standalone or a cluster? > > Thanks, > > Ludovic Zammit > Product Support Engineer Principal > <~WRD0000.jpg> > Cell: +1.613.670.8432 > Akamai Technologies - Inverse > 145 Broadway > Cambridge, MA 02142 > Connect with Us: > <~WRD0000.jpg> <https://community.akamai.com/><~WRD0000.jpg> > <http://blogs.akamai.com/><~WRD0000.jpg> > <https://urldefense.com/v3/__https://twitter.com/akamai__;!!GjvTz_vk!A0dGGwkAYN5PBko2YiroC40qAE7xKTmMQKn3HSgiWDwDdJHaYPPmq-VTsVw7tg$><~WRD0000.jpg> > > <https://urldefense.com/v3/__http://www.facebook.com/AkamaiTechnologies__;!!GjvTz_vk!A0dGGwkAYN5PBko2YiroC40qAE7xKTmMQKn3HSgiWDwDdJHaYPPmq-U4Npg0Nw$><~WRD0000.jpg> > > <https://urldefense.com/v3/__http://www.linkedin.com/company/akamai-technologies__;!!GjvTz_vk!A0dGGwkAYN5PBko2YiroC40qAE7xKTmMQKn3HSgiWDwDdJHaYPPmq-XIDnAT5g$><~WRD0000.jpg> > > <https://urldefense.com/v3/__http://www.youtube.com/user/akamaitechnologies?feature=results_main__;!!GjvTz_vk!A0dGGwkAYN5PBko2YiroC40qAE7xKTmMQKn3HSgiWDwDdJHaYPPmq-VjyV6Gpw$> > > > >> On Nov 8, 2021, at 9:25 AM, jonas.stalder--- via PacketFence-users >> <packetfence-users@lists.sourceforge.net >> <mailto:packetfence-users@lists.sourceforge.net>> wrote: >> >> Dear Guys >> >> Sorry for asking again, but I still strugle with this issue and would be >> important for me to solve. >> >> I’ve checked the mariadb-log for the corresponding entries and I still >> experience the same issue. >> >> /usr/lib/mysql/SLcsPFCv01.log reports following : >> >> 178841 Connect Access denied for user 'pf'@'localhost' (using password: YES) >> >> To verify the DB configuraiton, I logged in by mysql in 3 constellations : >> >> // without DB PASS >> root@SLcsPFCv01:/usr/local/pf/raddb# mysql -u pf -h localhost >> ERROR 1045 (28000): Access denied for user 'pf'@'localhost' (using password: >> NO) >> >> // with incorrect DB pass >> root@SLcsPFCv01:/usr/local/pf/raddb# mysql -u pf -h localhost -p >> Enter password: >> ERROR 1045 (28000): Access denied for user 'pf'@'localhost' (using password: >> YES) >> >> // with correct DB pass corresponding to the value documented in packet >> fence UI/config. file >> root@SLcsPFCv01:/usr/local/pf/raddb# mysql -u pf -h localhost -p >> Enter password: >> Welcome to the MariaDB monitor. Commands end with ; or \g. >> Your MariaDB connection id is 179254 >> Server version: 10.5.12-MariaDB-0+deb11u1 Debian 11 >> >> Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. >> >> Type 'help;' or '\h' for help. Type '\c' to clear the current input >> statement. >> >> Also the node is present in the db: >> >> MariaDB [pf]> select mac from node; >> +-------------------+ >> | mac | >> +-------------------+ >> | dc:a6:32:b2:5e:02 | >> +-------------------+ >> 1 row in set (0.000 sec) >> >> >> In my view, if this is intendet behavour, the DB access would be blocked all >> the time. >> Due to the fact, that in the rest of the cases, the db can be queried, I’m >> still thinking about a bug, but my report >> (https://github.com/inverse-inc/packetfence/issues/6685 >> <https://urldefense.com/v3/__https:/github.com/inverse-inc/packetfence/issues/6685__;!!GjvTz_vk!EflhieWszggxRu7zqZwlCInSbD2AUdRnSdSxaF0z1g7tPBiiLBMfjwOVSuuxUsZI$>) >> has been closed without any comment. >> >> Could someone give me a hint if this is known behavour or should I reinsist >> regarding a bug. >> >> Or is there probably a workaround ? >> >> Would be great to have a feedback. 1000Thanks in advance!! >> >> Jonas >> >> >> Von: Jonas Stalder via PacketFence-users >> <packetfence-users@lists.sourceforge.net >> <mailto:packetfence-users@lists.sourceforge.net>> >> Gesendet: Samstag, 6. November 2021 17:46 >> An: packetfence-users@lists.sourceforge.net >> <mailto:packetfence-users@lists.sourceforge.net> >> Cc: Jonas Stalder <jonas.stal...@gmx.ch <mailto:jonas.stal...@gmx.ch>> >> Betreff: [PacketFence-users] Database connect error while auth. >> >> Dear Guys >> >> Hope you’re all doing well. >> >> Took me know hours but I still get no authentication from client with 802.1x >> + MAC. >> While looking to the log, I see a auth. Error regarding the a database query. >> >> ->->Nov 6 16:24:56 packetfence packetfence_httpd.aaa[10168]: httpd.aaa(1383) >> FATAL: [mac:[undef]] unable to connect to database: Access denied for user >> 'pf'@'localhost' (using password: YES) at >> /usr/local/pf/lib/CHI/Driver/DBI.pm line 28. >> (pf::CHI::db::db_connect) >> >> The installation has now be cleaned up (reinstalled) two times. The database >> configuration in the setup has been done “automaticly” (by wizard). >> >> I’ve checked the with login “pf”@localhost and also as root manually >> (mysql). I was able to login and check the user-table: >> >> MariaDB [mysql]> select user,host,authentication_string,plugin from >> mysql.user >> -> ; >> +-------------+-----------+-------------------------------------------+-----------------------+ >> | User | Host | authentication_string | >> plugin | >> +-------------+-----------+-------------------------------------------+-----------------------+ >> | mariadb.sys | localhost | | >> mysql_native_password | >> | root | localhost | *5E0316A4B8BD7B23XXXXX0580425566E5 | >> mysql_native_password | >> | mysql | localhost | invalid | >> mysql_native_password | >> | pf | % | *0861D201B2B18B1F8DBEXXXXXXXF626088E47F73 | >> mysql_native_password | >> | pf | localhost | *0861D201B2B1XXXXXXXXEAF626088E47F73 | >> mysql_native_password | >> +-------------+-----------+-------------------------------------------+-----------------------+ >> 5 rows in set (0.001 sec) >> >> A reset of the password for pf@localhost was also successfully. I still get >> the error. >> >> My intention is that this is the error because the auth does not work. >> >> Could there be a bug or does anyone has a good hint for me? >> >> Yours faithfully & thanks for your efforts >> Jonas >> >> >> >> >> // Log======== >> >> Nov 6 16:24:52 packetfence httpd_aaa[1462]: 127.0.0.1 - - >> [06/Nov/2021:17:24:52 +0100] "-" 408 0 0 19 "-" "-" "-" >> Nov 6 16:24:56 packetfence auth[9610]: Adding client 10.123.252.1/32 >> Nov 6 16:24:56 packetfence auth[9610]: (4817) rest: ERROR: Server returned: >> Nov 6 16:24:56 packetfence auth[9610]: (4817) rest: ERROR: >> {"control:PacketFence-Authorization-Status":"allow"} >> Nov 6 16:24:56 packetfence auth[9610]: [mac:dc:a6:32:b2:5e:02] Rejected >> user: dca632b25e02 >> Nov 6 16:24:56 packetfence auth[9610]: (4817) Rejected in post-auth: >> [dca632b25e02] (from client 10.123.252.1/32 port 7 cli dc:a6:32:b2:5e:02) >> Nov 6 16:24:56 packetfence auth[9610]: (4817) Login incorrect (rest: Server >> returned:): [dca632b25e02] (from client 10.123.252.1/32 port 7 cli >> dc:a6:32:b2:5e:02) >> Nov 6 16:24:56 packetfence httpd_aaa_err[1461]: Use of uninitialized value >> $radius_return in numeric eq (==) at /usr/local/pf/lib/pf/radius/rest.pm >> line 48. >> Nov 6 16:24:56 packetfence httpd_aaa_err[1461]: Use of uninitialized value >> $radius_return in numeric eq (==) at /usr/local/pf/lib/pf/radius/rest.pm >> line 53. >> Nov 6 16:24:56 packetfence httpd_aaa_err[1461]: Use of uninitialized value >> $radius_return in numeric eq (==) at /usr/local/pf/lib/pf/radius/rest.pm >> line 53. >> Nov 6 16:24:56 packetfence httpd_aaa_err[1461]: Use of uninitialized value >> $radius_return in numeric eq (==) at /usr/local/pf/lib/pf/radius/rest.pm >> line 53. >> >> ->->Nov 6 16:24:56 packetfence packetfence_httpd.aaa[10168]: httpd.aaa(1383) >> FATAL: [mac:[undef]] unable to connect to database: Access denied for user >> 'pf'@'localhost' (using password: YES) at >> /usr/local/pf/lib/CHI/Driver/DBI.pm line 28. >> (pf::CHI::db::db_connect) >> >> Nov 6 16:24:56 packetfence packetfence_httpd.aaa[10168]: httpd.aaa(1383) >> ERROR: [mac:[undef]] radius authorize failed with error: unable to connect >> to database: Access denied for user 'pf'@'localhost' (using password: YES) >> at /usr/local/pf/lib/CHI/Driver/DBI.pm line 28. >> (pf::api::radius_authorize) >> Nov 6 16:24:56 packetfence packetfence_httpd.aaa[10168]: httpd.aaa(1383) >> WARN: [mac:[undef]] Use of uninitialized value $radius_return in numeric eq >> (==) at /usr/local/pf/lib/pf/radius/rest.pm line 48. >> (pf::radius::rest::format_response) >> Nov 6 16:24:56 packetfence packetfence_httpd.aaa[10168]: httpd.aaa(1383) >> WARN: [mac:[undef]] Use of uninitialized value $radius_return in numeric eq >> (==) at /usr/local/pf/lib/pf/radius/rest.pm line 53. >> (pf::radius::rest::format_response) >> Nov 6 16:24:56 packetfence packetfence_httpd.aaa[10168]: httpd.aaa(1383) >> WARN: [mac:[undef]] Use of uninitialized value $radius_return in numeric eq >> (==) at /usr/local/pf/lib/pf/radius/rest.pm line 53. >> (pf::radius::rest::format_response) >> Nov 6 16:24:56 packetfence packetfence_httpd.aaa[10168]: httpd.aaa(1383) >> WARN: [mac:[undef]] Use of uninitialized value $radius_return in numeric eq >> (==) at /usr/local/pf/lib/pf/radius/rest.pm line 53. >> (pf::radius::rest::format_response) >> Nov 6 16:24:56 packetfence httpd_aaa[1462]: 127.0.0.1 - - >> [06/Nov/2021:17:24:56 +0100] "POST //radius/rest/authorize HTTP/1.1" 401 205 >> 2239 3095 "-" "FreeRADIUS 3.0.25" "127.0.0.1:7070" >> >> _______________________________________________ >> PacketFence-users mailing list >> PacketFence-users@lists.sourceforge.net >> <mailto:PacketFence-users@lists.sourceforge.net> >> https://urldefense.com/v3/__https://lists.sourceforge.net/lists/listinfo/packetfence-users__;!!GjvTz_vk!EflhieWszggxRu7zqZwlCInSbD2AUdRnSdSxaF0z1g7tPBiiLBMfjwOVSpeyQ1yf$ >> >> <https://urldefense.com/v3/__https:/lists.sourceforge.net/lists/listinfo/packetfence-users__;!!GjvTz_vk!EflhieWszggxRu7zqZwlCInSbD2AUdRnSdSxaF0z1g7tPBiiLBMfjwOVSpeyQ1yf$> >> > >
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
