Hello Anthony,
On Jul 9, 5:00pm, Anthony Chan wrote:
> Subject: (RADIATOR) SessionDatabase problem using Oracle with Fork
> Hi Mike,
>
> I got a problem when running multiple instances of Radiator with
> external Database, Oracle, to enforce Simultaneous-Use limits. The
> problem only exist when "Fork" is used in the config.
>
> For environment, the Radiator runs in a Solaris machine with Oracle
> sqlnet to access the Oracle serve. The sid and tables are created in the
> Oracle server without problem. The Perl module DBI-1.11 and
> DBD-Oracle-1.02 are installed. The version of Oracle is 8.0.5. The
> config files are as follow:
It looks to me like the server restarted or something like that.
We would recommend that you do not use Fork with SQL databases. Some SQL client
libraries (Oracle especially) are not robust after a fork.
Hope that helps.
Cheers.
>
> # radius.cfg
> .
> .
> .
> <Realm DEFAULT>
> <AuthBy FILE>
> Filename /usr/local/etc/config
> # Fork
> </AuthBy>
> AcctLogFileName %L/detail
> </Realm>
>
> <Realm defaultrealm>
> <AuthBy SYSTEM>
> UseGetspnam
> Identifier System
> DefaultReply Service-Type = Framed,\
> Framed-Protocol = PPP
> </AuthBy>
> </Realm>
>
> <SessionDatabase SQL>
> DBSource dbi:Oracle:radius
> DBUsername userid
> DBAuth password
> </SessionDatabase>
>
>
>
> #config
> DEFAULT
> Auth-Type=System,Group=g1,NAS-IP-Address=206.161.55.24,Simultaneous-Use=1
>
> DEFAULT
> Auth-Type=System,Group=g2,NAS-IP-Address=206.161.55.24,Simultaneous-Use=1
>
> DEFAULT
> Auth-Type=System,Group=g3,NAS-IP-Address=206.161.55.24,Simultaneous-Use=1
>
> The configuration above has no problem without the "Fork".
>
> However, when I put back the keyword "Fork", I would get the following
> error messages inside the xterm which start the Radiator:
>
> DBD::Oracle::db do failed: ORA-03113: end-of-file on communication
> channel (DBD ERROR: OCIStmtExecute) at
> /usr/local/lib/perl5/site_perl/Radius/SqlDb.pm line 230.
>
> DBD::Oracle::db disconnect failed: ORA-12545: Connect failed because
> target host or object does not exist (DBD ERROR: OCISessionEnd) at
> /usr/local/lib/perl5/site_perl/Radius/SqlDb.pm line 244.
>
> The above message would print continuously when a new user is getting
> connected.
>
> The logfile with trace 4 has the following message:
>
> *** Received from 206.161.55.24 port 33100 ....
> Code: Access-Request
> Identifier: 183
> Authentic: 1234567890123456
> Attributes:
> User-Name = "t1c"
> Service-Type = Framed-User
> NAS-IP-Address = 206.161.55.24
> NAS-Port = 1234
> NAS-Port-Type = Async
> Framed-IP-Address = 206.161.55.24
> User-Password =
> ""<132>w<184><228>{<198><170>os<163><211><214><4><211><219>"
>
> Fri Jul 9 13:53:58 1999: DEBUG: Handling request with Handler
> 'Realm=DEFAULT'
> Fri Jul 9 13:53:58 1999: DEBUG: Handling with Radius::AuthFILE
> Fri Jul 9 13:53:58 1999: DEBUG: Radius::AuthFILE looks for match with
> t1c
> Fri Jul 9 13:53:58 1999: DEBUG: Radius::AuthFILE looks for match with
> DEFAULT
> Fri Jul 9 13:53:58 1999: DEBUG: Handling with Radius::AuthSYSTEM
> Fri Jul 9 13:53:58 1999: DEBUG: getpwnam got t1c, ZJgPkhMU6EVy., 62360,
> 111, , , Test Account, /export/home/t1c, /usr/bin/ksh
> Fri Jul 9 13:53:58 1999: DEBUG: Radius::AuthSYSTEM looks for match with
> t1c
> Fri Jul 9 13:53:58 1999: DEBUG: Query is: select NASIDENTIFIER,
> NASPORT, ACCTSESSIONID from RADONLINE where USERNAME='t1c'
>
> Fri Jul 9 13:53:58 1999: DEBUG: Radius::AuthSYSTEM ACCEPT:
> Fri Jul 9 13:53:58 1999: DEBUG: Radius::AuthFILE ACCEPT:
> Fri Jul 9 13:53:58 1999: DEBUG: Access accepted for t1c
> Fri Jul 9 13:53:58 1999: DEBUG: Packet dump:
> *** Sending to 206.161.55.24 port 33100 ....
> Code: Access-Accept
> Identifier: 183
> Authentic: 1234567890123456
> Attributes:
> Service-Type = Framed
> Framed-Protocol = PPP
>
> Fri Jul 9 13:53:58 1999: DEBUG: Packet dump:
> *** Received from 206.161.55.24 port 33100 ....
> Code: Accounting-Request
> Identifier: 184
> Authentic:
> <236><202><156><0><203><203><31>S<6><31><200>T<253>><239><182>
> Attributes:
> User-Name = "t1c"
> Service-Type = Framed-User
> NAS-IP-Address = 206.161.55.24
> NAS-Port = 1234
> NAS-Port-Type = Async
> Acct-Session-Id = "1"
> Acct-Status-Type = Start
> Framed-IP-Address = 206.161.55.24
>
> Fri Jul 9 13:53:58 1999: DEBUG: Handling request with Handler
> 'Realm=DEFAULT'
> Fri Jul 9 13:53:58 1999: DEBUG: Handling with Radius::AuthFILE
> Fri Jul 9 13:53:58 1999: DEBUG: Accounting accepted
> Fri Jul 9 13:53:58 1999: DEBUG: Packet dump:
> *** Sending to 206.161.55.24 port 33100 ....
> Code: Accounting-Response
> Identifier: 184
> Authentic:
> <236><202><156><0><203><203><31>S<6><31><200>T<253>><239><182>
> Attributes:
>
> Fri Jul 9 13:53:58 1999: DEBUG: Adding session for t1c, 206.161.55.24,
> 1234
> Fri Jul 9 13:53:58 1999: DEBUG: do query is: delete from RADONLINE
> where NASIDENTIFIER='206.161.55.24' and NASPORT=1234
>
> Fri Jul 9 13:53:58 1999: DEBUG: do query is: insert into RADONLINE
> (USERNAME, NASIDENTIFIER, NASPORT, ACCTSESSIONID, TIME_STAMP,
> FRAMEDIPADDRESS, NASPORTTYPE, SERVICETYPE) values ('t1c',
> '206.161.55.24', 1234, '1', 931499638, '206.161.55.24', 'Async',
> 'Framed-User')
>
> Fri Jul 9 13:53:58 1999: DEBUG: Packet dump:
> *** Received from 206.161.55.24 port 33100 ....
> Code: Accounting-Request
> Identifier: 185
> Authentic:
> <22><200><241><178><140>*<145><3><174><175><230><147>0<235><224><226>
> Attributes:
> User-Name = "t1c"
> Service-Type = Framed-User
> NAS-IP-Address = 206.161.55.24
> NAS-Port = 1234
> NAS-Port-Type = Async
> Acct-Session-Id = "1"
> Acct-Status-Type = Stop
> Framed-IP-Address = 206.161.55.24
> Acct-Delay-Time = 0
> Acct-Session-Time = 1000
> Acct-Input-Octets = 20000
> Acct-Output-Octets = 30000
>
> Fri Jul 9 13:53:58 1999: DEBUG: Handling request with Handler
> 'Realm=DEFAULT'
> Fri Jul 9 13:53:58 1999: DEBUG: Handling with Radius::AuthFILE
> Fri Jul 9 13:53:58 1999: DEBUG: Accounting accepted
> Fri Jul 9 13:53:58 1999: DEBUG: Packet dump:
> *** Sending to 206.161.55.24 port 33100 ....
> Code: Accounting-Response
> Identifier: 185
> Authentic:
> <22><200><241><178><140>*<145><3><174><175><230><147>0<235><224><226>
> Attributes:
>
> Fri Jul 9 13:53:58 1999: DEBUG: Child reaped
> Fri Jul 9 13:53:58 1999: DEBUG: Deleting session for t1c,
> 206.161.55.24, 1234
> Fri Jul 9 13:53:58 1999: DEBUG: do query is: delete from RADONLINE
> where NASIDENTIFIER='206.161.55.24' and NASPORT=1234
>
> Fri Jul 9 13:53:58 1999: DEBUG: Child reaped
> Fri Jul 9 13:53:58 1999: ERR: do failed for 'delete from RADONLINE
> where NASIDENTIFIER='206.161.55.24' and NASPORT=1234': ORA-03113:
> end-of-file on communication channel (DBD ERROR: OCIStmtExecute)
> Fri Jul 9 13:53:58 1999: DEBUG: Child reaped
> Fri Jul 9 13:53:58 1999: DEBUG: Child reaped
> Fri Jul 9 13:53:58 1999: DEBUG: Child reaped
> Fri Jul 9 13:59:11 1999: DEBUG: Reading users file
> /usr/local/etc/config
> Fri Jul 9 13:59:12 1999: INFO: Server started
> Fri Jul 9 13:59:30 1999: DEBUG: Packet dump:
>
> Then, the Radiator stop to enforce Simultaneous-Use limits. When I start
> the Sqlplus and query the database table radonline, nothing is inside
> the table even a user still login.
>
> --
> Cheers,
>
> Anthony Chan
> Sun Professional Services Hong Kong
> 22/F Shui On Centre,
> 8 Harbour Road, Wanchai,
> Hong Kong
>
> Phone: (852) 2820-0674
> Fax : (852) 2802-8655
>
>
>
> ===
> Archive at http://www.thesite.com.au/~radiator/
> To unsubscribe, email '[EMAIL PROTECTED]' with
> 'unsubscribe radiator' in the body of the message.
>-- End of excerpt from Anthony Chan
--
Mike McCauley [EMAIL PROTECTED]
Open System Consultants Pty. Ltd Unix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au
Phone +61 3 9598-0985 Fax +61 3 9598-0955
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8,
NT, Rhapsody
===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
