PAM RADIUS freezing when accounting does not configured on RADIUS server
Closed, ResolvedPublicBUG
Actions

Assigned To

None

Authored By

	Unknown Object (User)
	Jan 6 2021, 1:29 PM

Description

When we have a RADIUS server with a configured accounting port instead of 1813 or not configured at all, CLI always be freezing. pam_radius get accounting port from /etc/services.
Will be good to have the possibility to disable pam radius accounting to prevent this issue.

Details

Difficulty level: Unknown (require assessment)
Version: 1.3-rolling-202101060217
Why the issue appeared?: Will be filled on close
Is it a breaking change?: Unspecified (possibly destroys the router)
Issue type: Unspecified (please specify)

Related Objects
Search...

		Status	Subtype	Assigned	Task
		Resolved	BUG	None	T3191 PAM RADIUS freezing when accounting does not configured on RADIUS server
		Resolved	BUG	Viacheslav	T5554 Disable sudo for PAM RADIUS

Event Timeline

Unknown Object (User) created this task.Jan 6 2021, 1:29 PM

pasik added a subscriber: pasik.Jan 6 2021, 2:42 PM

trae32566 awarded a token.Jan 7 2021, 8:15 AM

trae32566 added a subscriber: trae32566.

Maybe disable sent "accounting messages" by default and enable it as a configuration option explicitly?

syncer edited projects, added VyOS 1.3 Equuleus (1.3.0); removed VyOS 1.3 Equuleus.Nov 6 2021, 11:24 AM

syncer edited projects, added VyOS 1.3 Equuleus (1.3.3); removed VyOS 1.3 Equuleus (1.3.0).Aug 29 2022, 7:04 AM

Viacheslav added a project: VyOS 1.4 Sagitta.Feb 27 2023, 8:22 AM

syncer edited projects, added VyOS 1.3 Equuleus (1.3.4); removed VyOS 1.3 Equuleus (1.3.3).Jul 12 2023, 9:40 PM

syncer edited projects, added VyOS 1.3 Equuleus (1.3.5); removed VyOS 1.3 Equuleus (1.3.4).Aug 25 2023, 9:29 PM

Viacheslav added a project: VyOS 1.5 Circinus.Sep 6 2023, 8:39 AM

Viacheslav changed the status of subtask T5554: Disable sudo for PAM RADIUS from Open to In progress.Sep 9 2023, 8:04 AM

syncer edited projects, added VyOS 1.3 Equuleus (1.3.6); removed VyOS 1.3 Equuleus (1.3.5).Dec 17 2023, 11:37 PM

dmbaturin triaged this task as High priority.Jan 9 2024, 5:04 PM

dmbaturin set Issue type to Unspecified (please specify).

Tested in VyOS 1.4.0-rc1 , VyOS 1.3.5 and VyOS 1.5-rolling-202401030023
The configuration
VyOS 1.4.0-rc1:

set interfaces ethernet eth0 address '10.55.8.241/24'
set service ssh
set system login radius server 10.55.8.21 key 'testing123'
set system login radius server 10.55.8.21 port '1812'
set system login radius server 10.55.8.21 timeout '5'
set system login radius source-address '10.55.8.241'

VyOS 1.3.5:

set interfaces ethernet eth0 address '10.55.8.242/24'
set service ssh
set system login radius server 10.55.8.21 key 'testing123'
set system login radius server 10.55.8.21 port '1812'
set system login radius server 10.55.8.21 timeout '5'
set system login radius source-address '10.55.8.242'

VyOS 1.5-rolling-202401030023:

set interfaces ethernet eth0 address '10.55.8.243/24'
set service ssh
set system login radius server 10.55.8.21 key 'testing123'
set system login radius server 10.55.8.21 port '1812'
set system login radius server 10.55.8.21 timeout '5'
set system login radius source-address '10.55.8.243'

In RADIUS server side server does not listen to port 1813 only 1812

Testing:

Works as expected the CLI does not freeze

a.hajiyev closed this task as Resolved.Jan 11 2024, 6:11 AM

Viacheslav closed subtask T5554: Disable sudo for PAM RADIUS as Resolved.Jan 19 2024, 10:20 PM

dmbaturin mentioned this in 1.3.6.Feb 3 2024, 1:59 AM

	F4154507: image.png
	Jan 11 2024, 6:09 AM

	F4154504: image.png
	Jan 11 2024, 6:09 AM

	F4154502: image.png
	Jan 11 2024, 6:09 AM

	F4154496: image.png
	Jan 11 2024, 6:09 AM

PAM RADIUS freezing when accounting does not configured on RADIUS serverClosed, ResolvedPublicBUGActions

Description

Details

Related ObjectsSearch...

Event Timeline

PAM RADIUS freezing when accounting does not configured on RADIUS server
Closed, ResolvedPublicBUG
Actions

Related Objects
Search...