[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Help-gnu-radius] sql question
|
From: |
Sergey Poznyakoff |
|
Subject: |
Re: [Help-gnu-radius] sql question |
|
Date: |
Thu, 19 Jul 2001 14:29:46 +0300 |
> I can mount database only if source-ip 127.0.0.1 is specified in config =
> file but then I can not contact radius from my NAS. If I omit specifying =
> source-ip attribute, or if I put my real IP address in config file then =
> I van contact my radius server but can not do authentication through SQL =
> because for some reason database is not connetced.
You should certainly put your real IP address in source-ip statement
or omit the statement altogether if your machine has only one
interface.
It seems that your permissions database is misconfigured. You should
configure it so, that your radius user (the one defined in `login'
statement of raddb/sqlserver file) has proper rights to access
authentication/accounting tables when connected from your *real* ip.
Here's an example of permission configuration for the default database
structure:
use mysql
# Authentication tables:
grant select on DB.password to radius@'IP-ADDRESS';
grant select on DB.groups to radius@'IP-ADDRESS';
# Accounting tables:
grant select,insert,update on DB.calls to radius@'IP-ADDRESS';
# To set the password for radius@'IP-ADDRESS':
update user set Password=password('guessme')
where User='radius' and Host='IP-ADDRESS';
# Flush changes and quit mysql:
flush privileges;
quit;
Substitute DB with your database name, and IP-ADDESS with your server
IP address or hostname.
You can check the current permissions by listing contents of
mysql.* tables. For more information about this, please refer to
MySQL documentation.
Regards,
Sergey