Hi Ric,
On Apr 28, 2:30pm, Ric Messier wrote:
> Subject: (RADIATOR) Getting radiator to work with UNIX password file
> Having a bitch of a time getting radiator to work with a UNIX passwd file
> under Solaris. The docs don't seem to be clear about user files, etc. I have
> the following config that I'm trying to get to work.
>
> # segNET radius config file
> # 4.19.1999 - ram
>
> AuthPort 1645
> AcctPort 1646
>
> LogDir /var/log/radius
> DbDir /usr/local/etc/raddb
>
> <Realm DEFAULT>
> RewriteUsername s/^([^@]+).*/$1/
> <AuthBy UNIX>
> Identifier System
> Filename /etc/shadow
> Match ^([^:]*):([^:]*)
> GroupFilename /etc/group
> DefaultReply Service-Type=Framed-User,Framed-Protocol=PPP
> </AuthBy>
> </Realm>
>
> <Client DEFAULT>
> Secret segRET
> Auth-Type System
> </Client>
1. You probably dont need the Match line.
2. Radiator will need to run with root permissions to be able to open the
/etc/shadow file.
3. The Auth-Type in the Client clause makes no sense. You should get a warning
message about this when Radiator starts?
4. From the trace below, it looks like it has not found a dictionary file. You
will need to make sure there is a dictionary file in your /usr/local/etc/raddb.
You should also have got a warning about this at startup?
5. The radius.cfg in the distribution is used by the test suite, and contains
lots of stuff you dont need (eg the SYSLOG etc). I would suggest you start with
the file goodies/simple.cfg, which is a good basic setup, and move on from
there.
6. Looks like your tests with radpwtst are failing because radpwtst is using
its default secret (which is "mysecret"), not the secret you have configured
into your Client clause. You will need to run radpwtst like this:
radpwtst -secret segRET ........
Hope that helps.
>
>
> I had to yank out all the syslog and snmp stuff because I get errors
> locating the library files (did the installation per the instructions and
> the Radius subdirectory is in /usr/local/lib/perl5/site_perl where it us
> supposed to be). Here are excerpts from the logfile:
>
> Mon Apr 19 15:24:18 1999: NOTICE: Request from unknown client 127.0.0.1:
> ignored
> Mon Apr 19 15:24:23 1999: ERR: Attribute number 1 (vendor ) is not defined
> in yo
> ur dictionary
> Mon Apr 19 15:24:23 1999: ERR: Attribute number 6 (vendor ) is not defined
> in yo
> ur dictionary
> Mon Apr 19 15:24:23 1999: ERR: Attribute number 4 (vendor ) is not defined
> in yo
> ur dictionary
> Mon Apr 19 15:24:23 1999: ERR: Attribute number 5 (vendor ) is not defined
> in yo
> ur dictionary
> Mon Apr 19 15:24:23 1999: ERR: Attribute number 61 (vendor ) is not defined
> in y
> our dictionary
> Mon Apr 19 15:24:23 1999: ERR: Attribute number 44 (vendor ) is not defined
> in y
> our dictionary
> Mon Apr 19 15:24:23 1999: ERR: Attribute number 40 (vendor ) is not defined
> in y
> our dictionary
> Mon Apr 19 15:24:23 1999: ERR: Attribute number 41 (vendor ) is not defined
> in y
> our dictionary
> Mon Apr 19 15:24:23 1999: ERR: Attribute number 46 (vendor ) is not defined
> in y
> our dictionary
> Mon Apr 19 15:24:23 1999: ERR: Attribute number 42 (vendor ) is not defined
> in y
> our dictionary
> Mon Apr 19 15:24:23 1999: ERR: Attribute number 43 (vendor ) is not defined
> in y
> our dictionary
> Mon Apr 19 15:24:23 1999: NOTICE: Request from unknown client 127.0.0.1:
> ignored
> Mon Apr 19 15:45:24 1999: NOTICE: SIGTERM received: stopping
> Mon Apr 19 15:45:31 1999: ERR: Could not load Log module
> Radius/LogSYSLOG.pm: Ca
> n't locate syslog.ph in @INC (did you run h2ph?) (@INC contains: .
> /usr/local/li
> b/perl5/sun4-solaris/5.00403 /usr/local/lib/perl5
> /usr/local/lib/perl5/site_perl
> /sun4-solaris /usr/local/lib/perl5/site_perl
> /usr/local/lib/perl5/sun4-solaris .
> ) at /usr/local/lib/perl5/Sys/Syslog.pm line 111, <FILE> chunk 10.
> BEGIN failed--compilation aborted at Radius/LogSYSLOG.pm line 15, <FILE>
> chunk 1
> 0.
>
>
>
> When I run the password tester, I get this for output:
> sending Access-Request...
> Bad authenticator
> sending Accounting-Request Start...
> No reply
> sending Accounting-Request Stop...
> No reply
>
>
>
>
> I'm stumped for the moment. The initial tests ran without problem. Any help
> would be appreciated.
>
> Thanks,
> Ric
>
>
> ===
> To unsubscribe, email '[EMAIL PROTECTED]' with
> 'unsubscribe radiator' in the body of the message.
>-- End of excerpt from Ric Messier
--
Mike McCauley [EMAIL PROTECTED]
Open System Consultants Pty. Ltd Unix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au
Phone +61 3 9598-0985 Fax +61 3 9598-0955
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, external, etc etc on Unix, Win95/8, NT, Rhapsody
===
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
