Hi, I do not have that login.radius on my system - I think its not used with opensips. I would say there might be an permissions issue. I can remember I had lots of trouble, cause I don't wanted to run everything as root:root.
My setup looks like that seqfile /var/run/opensips/radius.seq with -rw-r--r-- 1 opensips opensips and drwxr-xr-x opensips opensips /etc/radiusclient-ng BR Uwe Leon Li schrieb: > There is no such a file in the directory. Will it be generated by > radiusclient-ng? > > Also, the radiusclient.conf shows: >> # program to call for a RADIUS authenticated login >> >> login_radius /usr/local/sbin/login.radius > > I checked /usr/local/sbin/login.radius, but it is only a dummy script. > How it can be changed? > > Thanks, > Leon > > -----Original Message----- > From: Uwe Kastens [mailto:[email protected]] > Sent: Thursday, 4 June 2009 5:12 PM > To: Leon Li > Cc: [email protected] > Subject: Re: [OpenSIPS-Users] No RADIUS traffic > > Hi, > > If I remember it correctly I had the same problem some day and it was > caused by wrong permissions on /var/run/radius.seq. > > Just a guess > > BR > > Uwe > > > Leon Li schrieb: >> Hi, >> >> >> >> I am try to use RADIUS server. However, after configuration, I found >> there is no RADIUS traffic at all. >> >> >> >> Log shows: >> >> Jun 4 06:45:59 /usr/local/sbin/openser[396]: rc_avpair_new: unknown >> attribute 5 >> >> Jun 4 06:45:59 /usr/local/sbin/openser[396]: >> ERROR:auth_radius:radius_authorize_sterman: rc_auth failed >> >> >> >> But nothing on RADIUS server end. >> >> >> >> OpenSIPs + radiusclient-ng on one box and RADIUS is on another. >> >> >> >> My radiusclient.conf is like: >> >> >> >> # General settings >> >> >> >> # specify which authentication comes first respectively which >> >> # authentication is used. possible values are: "radius" and "local". >> >> # if you specify "radius,local" then the RADIUS server is asked >> >> # first then the local one. if only one keyword is specified only >> >> # this server is asked. >> >> auth_order radius,local >> >> >> >> # maximum login tries a user has >> >> login_tries 4 >> >> >> >> # timeout for all login tries >> >> # if this time is exceeded the user is kicked out >> >> login_timeout 60 >> >> >> >> # name of the nologin file which when it exists disables logins. >> >> # it may be extended by the ttyname which will result in >> >> # a terminal specific lock (e.g. /etc/nologin.ttyS2 will disable >> >> # logins on /dev/ttyS2) >> >> nologin /etc/nologin >> >> >> >> # name of the issue file. it's only display when no username is passed >> >> # on the radlogin command line >> >> issue /usr/local/etc/radiusclient-ng/issue >> >> >> >> # RADIUS settings >> >> >> >> # RADIUS server to use for authentication requests. this config >> >> # item can appear more then one time. if multiple servers are >> >> # defined they are tried in a round robin fashion if one >> >> # server is not answering. >> >> # optionally you can specify a the port number on which is remote >> >> # RADIUS listens separated by a colon from the hostname. if >> >> # no port is specified /etc/services is consulted of the radius >> >> # service. if this fails also a compiled in default is used. >> >> authserver 202.158.212.103:1812 >> >> >> >> # RADIUS server to use for accouting requests. All that I >> >> # said for authserver applies, too. >> >> # >> >> acctserver 202.158.212.103:1813 >> >> >> >> # file holding shared secrets used for the communication >> >> # between the RADIUS client and server >> >> servers /usr/local/etc/radiusclient-ng/servers >> >> >> >> # dictionary of allowed attributes and values >> >> # just like in the normal RADIUS distributions >> >> dictionary /usr/local/etc/radiusclient-ng/dictionary >> >> >> >> # program to call for a RADIUS authenticated login >> >> login_radius /usr/local/sbin/login.radius >> >> >> >> # file which holds sequence number for communication with the >> >> # RADIUS server >> >> seqfile /var/run/radius.seq >> >> >> >> # file which specifies mapping between ttyname and NAS-Port attribute >> >> mapfile /usr/local/etc/radiusclient-ng/port-id-map >> >> >> >> # default authentication realm to append to all usernames if no >> >> # realm was explicitly specified by the user >> >> # the radiusd directly form Livingston doesnt use any realms, so leave >> >> # it blank then >> >> default_realm >> >> #aarnet.edu.au >> >> >> >> # time to wait for a reply from the RADIUS server >> >> radius_timeout 10 >> >> >> >> # resend request this many times before trying the next server >> >> radius_retries 3 >> >> >> >> # local address from which radius packets have to be sent >> >> bindaddr * >> >> >> >> # LOCAL settings >> >> >> >> # program to execute for local login >> >> # it must support the -f flag for preauthenticated login >> >> login_local /bin/login >> >> >> >> Any suggestion will be appreciated. >> >> >> >> Thanks >> >> Leon >> >> >> >> >> >> >> > ------------------------------------------------------------------------ >> _______________________________________________ >> Users mailing list >> [email protected] >> http://lists.opensips.org/cgi-bin/mailman/listinfo/users > > -- kiste lat: 54.322684, lon: 10.13586 _______________________________________________ Users mailing list [email protected] http://lists.opensips.org/cgi-bin/mailman/listinfo/users
