standard attributes

Hi ,

Is there a way to include both standard attributes and VSAa on Freeradius running on Centos7?

The below path doesn’t have any dictionaries

[root@host-80-194-79-145 share]# cd /usr/share/
[root@host-80-194-79-145 share]# ls | egrep dictionary


I am asking because after installation , I get the below error while trying to start "radiusd -X"

[root@host-80-194-79-145 share]# systemctl start radiusd.service
Job for radiusd.service failed because the control process exited with error code. See "systemctl status radiusd.service" and "journalctl -xe" for details.
[root@host-80-194-79-145 share]# systemctl status radiusd.service
● radiusd.service - FreeRADIUS high performance RADIUS server.
   Loaded: loaded (/usr/lib/systemd/system/radiusd.service; disabled; vendor preset: disabled)
   Active: failed (Result: exit-code) since Tue 2021-02-09 19:02:39 GMT; 11s ago
  Process: 2874 ExecStartPre=/usr/sbin/radiusd -C (code=exited, status=1/FAILURE)
  Process: 2872 ExecStartPre=/bin/chown -R radiusd.radiusd /var/run/radiusd (code=exited, status=0/SUCCESS)

Feb 09 19:02:38 host-80-194-79-145.static.cable.virginmedia.com systemd[1]: S...
Feb 09 19:02:39 host-80-194-79-145.static.cable.virginmedia.com systemd[1]: r...
Feb 09 19:02:39 host-80-194-79-145.static.cable.virginmedia.com systemd[1]: F...
Feb 09 19:02:39 host-80-194-79-145.static.cable.virginmedia.com systemd[1]: U...
Feb 09 19:02:39 host-80-194-79-145.static.cable.virginmedia.com systemd[1]: r...
Hint: Some lines were ellipsized, use -l to show in full.
[root@host-80-194-79-145 share]# systemctl status radiusd.service -l
● radiusd.service - FreeRADIUS high performance RADIUS server.
   Loaded: loaded (/usr/lib/systemd/system/radiusd.service; disabled; vendor preset: disabled)
   Active: failed (Result: exit-code) since Tue 2021-02-09 19:02:39 GMT; 38s ago
  Process: 2874 ExecStartPre=/usr/sbin/radiusd -C (code=exited, status=1/FAILURE)
  Process: 2872 ExecStartPre=/bin/chown -R radiusd.radiusd /var/run/radiusd (code=exited, status=0/SUCCESS)

Feb 09 19:02:38 host-80-194-79-145.static.cable.virginmedia.com systemd[1]: Starting FreeRADIUS high performance RADIUS server....
Feb 09 19:02:39 host-80-194-79-145.static.cable.virginmedia.com systemd[1]: radiusd.service: control process exited, code=exited status=1
Feb 09 19:02:39 host-80-194-79-145.static.cable.virginmedia.com systemd[1]: Failed to start FreeRADIUS high performance RADIUS server..
Feb 09 19:02:39 host-80-194-79-145.static.cable.virginmedia.com systemd[1]: Unit radiusd.service entered failed state.
Feb 09 19:02:39 host-80-194-79-145.static.cable.virginmedia.com systemd[1]: radiusd.service failed.
[root@host-80-194-79-145 share]# systemctl stop radiusd.service
[root@host-80-194-79-145 share]# systemctl start radiusd.service
Job for radiusd.service failed because the control process exited with error code. See "systemctl status radiusd.service" and "journalctl -xe" for details.
[root@host-80-194-79-145 share]# journalctl -xe
WARNING: terminal is not fully functional
Feb 09 19:02:39 host-80-194-79-145.static.cable.virginmedia.com systemd[1]: radiFeb 09 19:02:39 host-80-194-79-145.static.cable.virginmedia.com polkitd[24270]: Feb 09 19:03:32 host-80-194-79-145.static.cable.virginmedia.com polkitd[24270]: Feb 09 19:03:32 host-80-194-79-145.static.cable.virginmedia.com polkitd[24270]: Feb 09 19:03:37 host-80-194-79-145.static.cable.virginmedia.com polkitd[24270]: Feb 09 19:03:37 host-80-194-79-145.static.cable.virginmedia.com systemd[1]: Star-- Subject: Unit radiusd.service has begun start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit radiusd.service has begun starting up.
Feb 09 19:03:37 host-80-194-79-145.static.cable.virginmedia.com systemd[1]: radiFeb 09 19:03:37 host-80-194-79-145.static.cable.virginmedia.com systemd[1]: Fail-- Subject: Unit radiusd.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit radiusd.service has failed.
--
-- The result is failed.
Feb 09 19:03:37 host-80-194-79-145.static.cable.virginmedia.com systemd[1]: UnitFeb 09 19:03:37 host-80-194-79-145.static.cable.virginmedia.com systemd[1]: radiFeb 09 19:03:37 host-80-194-7lines 1338-1360/1360 (END)edia.com polkitd[24270]: lines 1338-1360/1360 (END)
[root@host-80-194-79-145 share]#
[root@host-80-194-79-145 share]#
[root@host-80-194-79-145 share]#
[root@host-80-194-79-145 share]#
[root@host-80-194-79-145 share]#
[root@host-80-194-79-145 share]# journalctl -xe
WARNING: terminal is not fully functional
Feb 09 19:02:39 host-80-194-79-145.static.cable.virginmedia.com systemd[1]: radiFeb 09 19:02:39 host-80-194-79-145.static.cable.virginmedia.com polkitd[24270]: Feb 09 19:03:32 host-80-194-79-145.static.cable.virginmedia.com polkitd[24270]: Feb 09 19:03:32 host-80-194-79-145.static.cable.virginmedia.com polkitd[24270]: Feb 09 19:03:37 host-80-194-79-145.static.cable.virginmedia.com polkitd[24270]: Feb 09 19:03:37 host-80-194-79-145.static.cable.virginmedia.com systemd[1]: Star-- Subject: Unit radiusd.service has begun start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit radiusd.service has begun starting up.
Feb 09 19:03:37 host-80-194-79-145.static.cable.virginmedia.com systemd[1]: radiFeb 09 19:03:37 host-80-194-79-145.static.cable.virginmedia.com systemd[1]: Fail-- Subject: Unit radiusd.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit radiusd.service has failed.
--
-- The result is failed.
Feb 09 19:03:37 host-80-194-79-145.static.cable.virginmedia.com systemd[1]: UnitFeb 09 19:03:37 host-80-194-79-145.static.cable.virginmedia.com systemd[1]: radiFeb 09 19:03:37 host-80-194-7lines 1338-1360/1360 (END)edia.com polkitd[24270]: lines 1338-1360/1360 (END)
[root@host-80-194-79-145 share]#
[root@host-80-194-79-145 share]#
[root@host-80-194-79-145 share]#
[root@host-80-194-79-145 share]#
[root@host-80-194-79-145 share]# radiusd -X
FreeRADIUS Version 3.0.13
Copyright (C) 1999-2017 The FreeRADIUS server project and contributors
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE
You may redistribute copies of FreeRADIUS under the terms of the
GNU General Public License
For more information about these matters, see the file named COPYRIGHT
Starting - reading configuration files ...
including dictionary file /usr/share/freeradius/dictionary
including dictionary file /usr/share/freeradius/dictionary.dhcp
including dictionary file /usr/share/freeradius/dictionary.vqp
Errors reading /etc/raddb/dictionary: dict_init: /etc/raddb/dictionary[30]: Couldn't open dictionary "/usr/share/freeradius/dictionary.nokia19.txt": No such file or directory

Thanks,
Hazem
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

On Feb 9, 2021, at 2:37 PM, Hassan, Hazem (Nokia - EG/Cairo) <[hidden email]> wrote:
> Is there a way to include both standard attributes and VSAa on Freeradius running on Centos7?

  All attributes are defined by name.  Whether it's a RFC attribute or a VSA doesn't make any difference.

> The below path doesn’t have any dictionaries
>
> [root@host-80-194-79-145 share]# cd /usr/share/
> [root@host-80-194-79-145 share]# ls | egrep dictionary

  The "ls" command is only looking at the current directory.  It's not doing a recursive search.

> I am asking because after installation , I get the below error while trying to start "radiusd -X"
...
> [root@host-80-194-79-145 share]# radiusd -X
> FreeRADIUS Version 3.0.13

  You should really be using 3.0.21.  It has a number of fixes with respect to systemd.

  The default configuration doesn't have "dictionary.nokia19.txt""

  Someone edited the dictionary and broke it.  Don't do that.

  Revert to the default dictionaries, and it will work.

  Alan DeKok.


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Thanks Alan ,

Still have the same problem after deleting nokia.txt dictionary and returned the following error :

[root@host-80-194-79-145 /]# radiusd -X
.....................
reading pairlist file /etc/raddb/mods-config/files/authorize
/etc/raddb/mods-config/files/authorize[1]: Parse error (check) for entry root@brlb-WM-services2:/etc/freeradius/3.0#: Expecting operator
Failed reading /etc/raddb/mods-config/files/authorize
/etc/raddb/mods-enabled/files[9]: Instantiation failed for module "files"


Any idea?

Thanks,
Hazem


-----Original Message-----
From: Freeradius-Users <freeradius-users-bounces+hazem.hassan=[hidden email]> On Behalf Of Alan DeKok
Sent: Tuesday, February 9, 2021 9:46 PM
To: FreeRadius users mailing list <[hidden email]>
Subject: Re: standard attributes

On Feb 9, 2021, at 2:37 PM, Hassan, Hazem (Nokia - EG/Cairo) <[hidden email]> wrote:
> Is there a way to include both standard attributes and VSAa on Freeradius running on Centos7?

  All attributes are defined by name.  Whether it's a RFC attribute or a VSA doesn't make any difference.

> The below path doesn’t have any dictionaries
>
> [root@host-80-194-79-145 share]# cd /usr/share/
> [root@host-80-194-79-145 share]# ls | egrep dictionary

  The "ls" command is only looking at the current directory.  It's not doing a recursive search.

> I am asking because after installation , I get the below error while trying to start "radiusd -X"
...
> [root@host-80-194-79-145 share]# radiusd -X FreeRADIUS Version 3.0.13

  You should really be using 3.0.21.  It has a number of fixes with respect to systemd.

  The default configuration doesn't have "dictionary.nokia19.txt""

  Someone edited the dictionary and broke it.  Don't do that.

  Revert to the default dictionaries, and it will work.

  Alan DeKok.


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

It is OK Alan now 😊


-----Original Message-----
From: Freeradius-Users <freeradius-users-bounces+hazem.hassan=[hidden email]> On Behalf Of Hassan, Hazem (Nokia - EG/Cairo)
Sent: Tuesday, February 9, 2021 10:05 PM
To: FreeRadius users mailing list <[hidden email]>
Subject: Suspected SPAM - RE: standard attributes

Thanks Alan ,

Still have the same problem after deleting nokia.txt dictionary and returned the following error :

[root@host-80-194-79-145 /]# radiusd -X
.....................
reading pairlist file /etc/raddb/mods-config/files/authorize
/etc/raddb/mods-config/files/authorize[1]: Parse error (check) for entry root@brlb-WM-services2:/etc/freeradius/3.0#: Expecting operator Failed reading /etc/raddb/mods-config/files/authorize
/etc/raddb/mods-enabled/files[9]: Instantiation failed for module "files"


Any idea?

Thanks,
Hazem


-----Original Message-----
From: Freeradius-Users <freeradius-users-bounces+hazem.hassan=[hidden email]> On Behalf Of Alan DeKok
Sent: Tuesday, February 9, 2021 9:46 PM
To: FreeRadius users mailing list <[hidden email]>
Subject: Re: standard attributes

On Feb 9, 2021, at 2:37 PM, Hassan, Hazem (Nokia - EG/Cairo) <[hidden email]> wrote:
> Is there a way to include both standard attributes and VSAa on Freeradius running on Centos7?

  All attributes are defined by name.  Whether it's a RFC attribute or a VSA doesn't make any difference.

> The below path doesn’t have any dictionaries
>
> [root@host-80-194-79-145 share]# cd /usr/share/
> [root@host-80-194-79-145 share]# ls | egrep dictionary

  The "ls" command is only looking at the current directory.  It's not doing a recursive search.

> I am asking because after installation , I get the below error while trying to start "radiusd -X"
...
> [root@host-80-194-79-145 share]# radiusd -X FreeRADIUS Version 3.0.13

  You should really be using 3.0.21.  It has a number of fixes with respect to systemd.

  The default configuration doesn't have "dictionary.nokia19.txt""

  Someone edited the dictionary and broke it.  Don't do that.

  Revert to the default dictionaries, and it will work.

  Alan DeKok.


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

hi,

looks like that file has a problematic entry... probably incorrect
characters after being edited in a hurry

alan

On Tue, 9 Feb 2021 at 20:05, Hassan, Hazem (Nokia - EG/Cairo)
<[hidden email]> wrote:
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html