Greetings list, I'm haveing problem with FreeRADIUS v1.0.1-3 which came with CentOS 4.1 FreeRADIUS refuses to use system accounts for authentication. The latest freeradius-1.0.4 is working correctly. Can we have this update or have to wail till RH release new rpm src? Thanks, -j
> I'm haveing problem with FreeRADIUS v1.0.1-3 which came with > CentOS 4.1 > FreeRADIUS refuses to use system accounts for authentication.Hi Joseph, FreeRadius 1.0.1-3 works fine on my systems using local system authentication (using UNIX instead of PAM). In my users configuration file, I have the following defined: "DEFAULT Auth-Type = System". Please also note, however, that your daemon will require READ access to your /etc/shadow file and you probably have it running with little to no permissions. You should create a new group (ex: shadow) and assign it to your /etc/shadow with read access and add your FreeRadius user into the group. That should correct your authentication issues. I vaguely recall having problems when I first tried to have it use PAM authentication (based on the RHEL3 version), but I haven't looked at the issue since then. Regards, -Joshua
Joseph T Mai wrote:> Greetings list, > > I'm haveing problem with FreeRADIUS v1.0.1-3 which came with CentOS 4.1 > FreeRADIUS refuses to use system accounts for authentication. > > The latest freeradius-1.0.4 is working correctly.I'm having a similar, but different problem. I have two servers, one running RH9 with FR 0.9.1 and another with CentOS-3.5, running freeradius 1.0.1. Both are using a MySQL database on a third server for authentication. The RH9 one is working just fine, but the CentOS version gives "passwords don't match" on everything. I've traced and looked at the queries, etc, and I'm convinced it's getting back the proper fields, but somehow is deciding they don't match. They are MD5-encrypted passwords, I believe. Any ideas? The MySQL is 3.23, and the CentOS has both the mysqlclient10 and MySQL 4.1 client libs, but I'm not sure if that's significant since the CentOS machine definitely can connect to the MySQL DB, and I thought the major changes in client libs might affect that. Thanks. -Scott