rpms/freeradius
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Fix triggers

Browse Source 
Resolves: Bug#1110407
Resolves: Bug#1110414
Resolves: Bug#1110186
Resolves: Bug#1109164
This commit is contained in:
Nikolai Kondrashov 2014-10-29 14:18:12 +02:00
parent aba3ebe6cb
commit d3ba025501
7 changed files with 673 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

280
freeradius-connection-fall-through-to-global-module-triggers.patch Normal file
View File

@ -0,0 +1,280 @@
From 132992fe92d53d62499d8c4672feafe210efc573 Mon Sep 17 00:00:00 2001
From: Nikolai Kondrashov <Nikolai.Kondrashov@redhat.com>
Date: Fri, 24 Oct 2014 14:37:11 +0300
Subject: [PATCH 4/4] connection: Fall through to global module triggers
Make module connection pool triggers use global module trigger
configuration, if there is no "trigger" section in the pool section.
Use fully-qualified module-specific trigger names for module-specific
connection pools in connection.c.
E.g. trigger "modules.ldap.open", instead of just "open" for pools
initialized with fr_connection_pool_module_init, being passed "ldap"
config section.
Send triggers even if the pool has no "trigger" section.
This makes exec_trigger fall through to global module triggers, if the
pool configuration doesn't have the "trigger" section.
---
src/include/connection.h | 3 +-
src/main/connection.c | 81 ++++++++++++++++++++++++++++++------------------
2 files changed, 53 insertions(+), 31 deletions(-)
diff --git a/src/include/connection.h b/src/include/connection.h
index e3752d5..eaf44e8 100644
--- a/src/include/connection.h
+++ b/src/include/connection.h
@@ -81,7 +81,8 @@ fr_connection_pool_t *fr_connection_pool_init(CONF_SECTION *parent,
void *opaque,
fr_connection_create_t c,
fr_connection_alive_t a,
- char const *prefix);
+ char const *log_prefix,
+ char const *trigger_prefix);
void fr_connection_pool_delete(fr_connection_pool_t *pool);
void *fr_connection_get(fr_connection_pool_t *pool);
diff --git a/src/main/connection.c b/src/main/connection.c
index 5f0c8f6..aec4f9d 100644
--- a/src/main/connection.c
+++ b/src/main/connection.c
@@ -110,10 +110,6 @@ struct fr_connection_pool_t {
uint32_t idle_timeout; //!< How long a connection can be idle
//!< before being closed.
- bool trigger; //!< If true execute connection triggers
- //!< associated with the connection
- //!< pool.
-
bool spread; //!< If true requests will be spread
//!< across all connections, instead of
//!< re-using the most recently used
@@ -158,6 +154,11 @@ struct fr_connection_pool_t {
//!< messages created by the connection
//!< pool code.
+ char const *trigger_prefix; //!< Prefix to prepend to
+ //!< names of all triggers
+ //!< fired by the connection
+ //!< pool code.
+
fr_connection_create_t create; //!< Function used to create new
//!< connections.
fr_connection_alive_t alive; //!< Function used to check status
@@ -271,6 +272,20 @@ static void fr_connection_link_tail(fr_connection_pool_t *pool,
}
}
+/** Send a connection pool trigger.
+ *
+ * @param[in] pool to send trigger for.
+ * @param[in] name_suffix trigger name suffix.
+ */
+static void fr_connection_exec_trigger(fr_connection_pool_t *pool,
+ char const *name_suffix)
+{
+ char name[64];
+ rad_assert(pool != NULL);
+ rad_assert(name_suffix != NULL);
+ snprintf(name, sizeof(name), "%s%s", pool->trigger_prefix, name_suffix);
+ exec_trigger(NULL, pool->cs, name, true);
+}
/** Spawns a new connection
*
@@ -403,7 +418,7 @@ static fr_connection_t *fr_connection_spawn(fr_connection_pool_t *pool,
pthread_mutex_unlock(&pool->mutex);
- if (pool->trigger) exec_trigger(NULL, pool->cs, "open", true);
+ fr_connection_exec_trigger(pool, "open");
return this;
}
@@ -436,7 +451,7 @@ static void fr_connection_close(fr_connection_pool_t *pool,
pool->active--;
}
- if (pool->trigger) exec_trigger(NULL, pool->cs, "close", true);
+ fr_connection_exec_trigger(pool, "close");
fr_connection_unlink(pool, this);
rad_assert(pool->num > 0);
@@ -542,7 +557,7 @@ void fr_connection_pool_delete(fr_connection_pool_t *pool)
fr_connection_close(pool, this);
}
- if (pool->trigger) exec_trigger(NULL, pool->cs, "stop", true);
+ fr_connection_exec_trigger(pool, "stop");
rad_assert(pool->head == NULL);
rad_assert(pool->tail == NULL);
@@ -559,33 +574,36 @@ void fr_connection_pool_delete(fr_connection_pool_t *pool)
* @param[in] opaque data pointer to pass to callbacks.
* @param[in] c Callback to create new connections.
* @param[in] a Callback to check the status of connections.
- * @param[in] prefix override, if NULL will be set automatically from the module CONF_SECTION.
+ * @param[in] log_prefix override, if NULL will be set automatically from the module CONF_SECTION.
* @return A new connection pool or NULL on error.
*/
fr_connection_pool_t *fr_connection_pool_module_init(CONF_SECTION *module,
void *opaque,
fr_connection_create_t c,
fr_connection_alive_t a,
- char const *prefix)
+ char const *log_prefix)
{
CONF_SECTION *cs, *mycs;
char buff[128];
+ char trigger_prefix[64];
fr_connection_pool_t *pool;
+ char const *cs_name1, *cs_name2;
int ret;
#define CONNECTION_POOL_CF_KEY "connection_pool"
#define parent_name(_x) cf_section_name(cf_item_parent(cf_sectiontoitem(_x)))
- if (!prefix) {
- char const *cs_name1, *cs_name2;
- cs_name1 = cf_section_name1(module);
- cs_name2 = cf_section_name2(module);
- if (!cs_name2) cs_name2 = cs_name1;
+ cs_name1 = cf_section_name1(module);
+ cs_name2 = cf_section_name2(module);
+ if (!cs_name2) cs_name2 = cs_name1;
+
+ snprintf(trigger_prefix, sizeof(trigger_prefix), "modules.%s.", cs_name1);
+ if (!log_prefix) {
snprintf(buff, sizeof(buff), "rlm_%s (%s)", cs_name1, cs_name2);
- prefix = buff;
+ log_prefix = buff;
}
/*
@@ -597,11 +615,11 @@ fr_connection_pool_t *fr_connection_pool_module_init(CONF_SECTION *module,
return NULL;
case 1:
- DEBUG4("%s: Using pool section from \"%s\"", prefix, parent_name(cs));
+ DEBUG4("%s: Using pool section from \"%s\"", log_prefix, parent_name(cs));
break;
case 0:
- DEBUG4("%s: Using local pool section", prefix);
+ DEBUG4("%s: Using local pool section", log_prefix);
break;
}
@@ -610,7 +628,7 @@ fr_connection_pool_t *fr_connection_pool_module_init(CONF_SECTION *module,
*/
mycs = cf_section_sub_find(module, "pool");
if (!mycs) {
- DEBUG4("%s: Adding pool section to \"%s\" to store pool references", prefix,
+ DEBUG4("%s: Adding pool section to \"%s\" to store pool references", log_prefix,
cf_section_name(module));
mycs = cf_section_alloc(module, "pool", NULL);
@@ -622,7 +640,7 @@ fr_connection_pool_t *fr_connection_pool_module_init(CONF_SECTION *module,
* Use our own local pool.
*/
if (!cs) {
- DEBUG4("%s: \"%s.pool\" section not found, using \"%s.pool\"", prefix,
+ DEBUG4("%s: \"%s.pool\" section not found, using \"%s.pool\"", log_prefix,
parent_name(cs), parent_name(mycs));
cs = mycs;
}
@@ -636,16 +654,16 @@ fr_connection_pool_t *fr_connection_pool_module_init(CONF_SECTION *module,
*/
pool = cf_data_find(cs, CONNECTION_POOL_CF_KEY);
if (!pool) {
- DEBUG4("%s: No pool reference found in \"%s.pool\"", prefix, parent_name(cs));
- pool = fr_connection_pool_init(module, cs, opaque, c, a, prefix);
+ DEBUG4("%s: No pool reference found in \"%s.pool\"", log_prefix, parent_name(cs));
+ pool = fr_connection_pool_init(module, cs, opaque, c, a, log_prefix, trigger_prefix);
if (!pool) return NULL;
- DEBUG4("%s: Adding pool reference %p to \"%s.pool\"", prefix, pool, parent_name(cs));
+ DEBUG4("%s: Adding pool reference %p to \"%s.pool\"", log_prefix, pool, parent_name(cs));
cf_data_add(cs, CONNECTION_POOL_CF_KEY, pool, NULL);
return pool;
}
- DEBUG4("%s: Found pool reference %p in \"%s.pool\"", prefix, pool, parent_name(cs));
+ DEBUG4("%s: Found pool reference %p in \"%s.pool\"", log_prefix, pool, parent_name(cs));
/*
* We're reusing pool data add it to our local config
@@ -653,7 +671,7 @@ fr_connection_pool_t *fr_connection_pool_module_init(CONF_SECTION *module,
* re-use a pool through this module.
*/
if (mycs != cs) {
- DEBUG4("%s: Copying pool reference %p from \"%s.pool\" to \"%s.pool\"", prefix, pool,
+ DEBUG4("%s: Copying pool reference %p from \"%s.pool\" to \"%s.pool\"", log_prefix, pool,
parent_name(cs), parent_name(mycs));
cf_data_add(mycs, CONNECTION_POOL_CF_KEY, pool, NULL);
}
@@ -676,7 +694,8 @@ fr_connection_pool_t *fr_connection_pool_module_init(CONF_SECTION *module,
* @param[in] opaque data pointer to pass to callbacks.
* @param[in] c Callback to create new connections.
* @param[in] a Callback to check the status of connections.
- * @param[in] prefix to prepend to all log messages.
+ * @param[in] log_prefix prefix to prepend to all log messages.
+ * @param[in] trigger_prefix prefix to prepend to all trigger names.
* @return A new connection pool or NULL on error.
*/
fr_connection_pool_t *fr_connection_pool_init(CONF_SECTION *parent,
@@ -684,7 +703,8 @@ fr_connection_pool_t *fr_connection_pool_init(CONF_SECTION *parent,
void *opaque,
fr_connection_create_t c,
fr_connection_alive_t a,
- char const *prefix)
+ char const *log_prefix,
+ char const *trigger_prefix)
{
uint32_t i;
fr_connection_pool_t *pool;
@@ -720,7 +740,9 @@ fr_connection_pool_t *fr_connection_pool_init(CONF_SECTION *parent,
pool->head = pool->tail = NULL;
- pool->log_prefix = prefix ? talloc_typed_strdup(pool, prefix) : "core";
+ pool->log_prefix = log_prefix ? talloc_typed_strdup(pool, log_prefix) : "core";
+ pool->trigger_prefix = trigger_prefix ?
+ talloc_typed_strdup(pool, trigger_prefix) : "";
#ifdef HAVE_PTHREAD_H
pthread_mutex_init(&pool->mutex, NULL);
@@ -729,7 +751,6 @@ fr_connection_pool_t *fr_connection_pool_init(CONF_SECTION *parent,
DEBUG("%s: Initialising connection pool", pool->log_prefix);
if (cf_section_parse(cs, pool, connection_config) < 0) goto error;
- if (cf_section_sub_find(cs, "trigger")) pool->trigger = true;
/*
* Some simple limits
@@ -780,7 +801,7 @@ fr_connection_pool_t *fr_connection_pool_init(CONF_SECTION *parent,
}
}
- if (pool->trigger) exec_trigger(NULL, pool->cs, "start", true);
+ fr_connection_exec_trigger(pool, "start");
return pool;
}
@@ -1222,7 +1243,7 @@ void *fr_connection_reconnect(fr_connection_pool_t *pool, void *conn)
return NULL;
}
- if (pool->trigger) exec_trigger(NULL, pool->cs, "close", true);
+ fr_connection_exec_trigger(pool, "close");
this->connection = new_conn;
pthread_mutex_unlock(&pool->mutex);
--
2.1.1

139
freeradius-exec-dont-assume-request-presence-when-logging.patch Normal file
View File

@ -0,0 +1,139 @@
From 13c5c908548c29ab30ae2e274a5d2baa96eadae4 Mon Sep 17 00:00:00 2001
From: Nikolai Kondrashov <Nikolai.Kondrashov@redhat.com>
Date: Wed, 15 Oct 2014 20:03:11 +0300
Subject: [PATCH 1/4] exec: Don't assume request presence when logging
Use DEBUG* macros for logging, instead of RDEBUG* macros in
radius_start_program and radius_readfrom_program as these are not
guaranteed to be invoked with a valid request.
For example, not from most of the exec_trigger invocations.
---
src/include/radiusd.h | 2 +-
src/main/exec.c | 22 +++++++++++-----------
src/modules/rlm_mschap/rlm_mschap.c | 2 +-
3 files changed, 13 insertions(+), 13 deletions(-)
diff --git a/src/include/radiusd.h b/src/include/radiusd.h
index 21d510b..ebe3a21 100644
--- a/src/include/radiusd.h
+++ b/src/include/radiusd.h
@@ -606,7 +606,7 @@ int rad_virtual_server(REQUEST *);
pid_t radius_start_program(char const *cmd, REQUEST *request, bool exec_wait,
int *input_fd, int *output_fd,
VALUE_PAIR *input_pairs, bool shell_escape);
-int radius_readfrom_program(REQUEST *request, int fd, pid_t pid, int timeout,
+int radius_readfrom_program(int fd, pid_t pid, int timeout,
char *answer, int left);
int radius_exec_program(REQUEST *request, char const *cmd, bool exec_wait, bool shell_escape,
char *user_msg, size_t msg_len, int timeout,
diff --git a/src/main/exec.c b/src/main/exec.c
index b421053..1188d0a 100644
--- a/src/main/exec.c
+++ b/src/main/exec.c
@@ -103,16 +103,16 @@ pid_t radius_start_program(char const *cmd, REQUEST *request, bool exec_wait,
argc = rad_expand_xlat(request, cmd, MAX_ARGV, argv, true, sizeof(argv_buf), argv_buf);
if (argc <= 0) {
- RDEBUG("invalid command line '%s'.", cmd);
+ DEBUG("invalid command line '%s'.", cmd);
return -1;
}
#ifndef NDEBUG
if (debug_flag > 2) {
- RDEBUG3("executing cmd %s", cmd);
+ DEBUG3("executing cmd %s", cmd);
for (i = 0; i < argc; i++) {
- RDEBUG3("\t[%d] %s", i, argv[i]);
+ DEBUG3("\t[%d] %s", i, argv[i]);
}
}
#endif
@@ -124,13 +124,13 @@ pid_t radius_start_program(char const *cmd, REQUEST *request, bool exec_wait,
if (exec_wait) {
if (input_fd) {
if (pipe(to_child) != 0) {
- RDEBUG("Couldn't open pipe to child: %s", fr_syserror(errno));
+ DEBUG("Couldn't open pipe to child: %s", fr_syserror(errno));
return -1;
}
}
if (output_fd) {
if (pipe(from_child) != 0) {
- RDEBUG("Couldn't open pipe from child: %s", fr_syserror(errno));
+ DEBUG("Couldn't open pipe from child: %s", fr_syserror(errno));
/* safe because these either need closing or are == -1 */
close(to_child[0]);
close(to_child[1]);
@@ -206,7 +206,7 @@ pid_t radius_start_program(char const *cmd, REQUEST *request, bool exec_wait,
*/
devnull = open("/dev/null", O_RDWR);
if (devnull < 0) {
- RDEBUG("Failed opening /dev/null: %s\n", fr_syserror(errno));
+ DEBUG("Failed opening /dev/null: %s\n", fr_syserror(errno));
/*
* Where the status code is interpreted as a module rcode
@@ -287,7 +287,7 @@ pid_t radius_start_program(char const *cmd, REQUEST *request, bool exec_wait,
* Parent process.
*/
if (pid < 0) {
- RDEBUG("Couldn't fork %s: %s", argv[0], fr_syserror(errno));
+ DEBUG("Couldn't fork %s: %s", argv[0], fr_syserror(errno));
if (exec_wait) {
/* safe because these either need closing or are == -1 */
close(to_child[0]);
@@ -320,7 +320,7 @@ pid_t radius_start_program(char const *cmd, REQUEST *request, bool exec_wait,
return pid;
#else
if (exec_wait) {
- RDEBUG("Wait is not supported");
+ DEBUG("Wait is not supported");
return -1;
}
@@ -366,7 +366,7 @@ pid_t radius_start_program(char const *cmd, REQUEST *request, bool exec_wait,
* @param left length of buffer.
* @return -1 on error, or length of output.
*/
-int radius_readfrom_program(REQUEST *request, int fd, pid_t pid, int timeout,
+int radius_readfrom_program(int fd, pid_t pid, int timeout,
char *answer, int left)
{
int done = 0;
@@ -422,7 +422,7 @@ int radius_readfrom_program(REQUEST *request, int fd, pid_t pid, int timeout,
rcode = select(fd + 1, &fds, NULL, NULL, &wake);
if (rcode == 0) {
too_long:
- RDEBUG("Child PID %u is taking too much time: forcing failure and killing child.", pid);
+ DEBUG("Child PID %u is taking too much time: forcing failure and killing child.", pid);
kill(pid, SIGTERM);
close(fd); /* should give SIGPIPE to child, too */
@@ -536,7 +536,7 @@ int radius_exec_program(REQUEST *request, char const *cmd, bool exec_wait, bool
}
#ifndef __MINGW32__
- len = radius_readfrom_program(request, from_child, pid, timeout, answer, sizeof(answer));
+ len = radius_readfrom_program(from_child, pid, timeout, answer, sizeof(answer));
if (len < 0) {
/*
* Failure - radius_readfrom_program will
diff --git a/src/modules/rlm_mschap/rlm_mschap.c b/src/modules/rlm_mschap/rlm_mschap.c
index 0101ddf..03f94a9 100644
--- a/src/modules/rlm_mschap/rlm_mschap.c
+++ b/src/modules/rlm_mschap/rlm_mschap.c
@@ -794,7 +794,7 @@ static int CC_HINT(nonnull (1, 2, 4, 5)) do_mschap_cpw(rlm_mschap_t *inst,
/*
* Read from the child
*/
- len = radius_readfrom_program(request, from_child, pid, 10, buf, sizeof(buf));
+ len = radius_readfrom_program(from_child, pid, 10, buf, sizeof(buf));
if (len < 0) {
/* radius_readfrom_program will have closed from_child for us */
REDEBUG("Failure reading from child");
--
2.1.1

59
freeradius-ignore-SIGTERM-when-firing-stop-and-signal.term.patch Normal file
View File

@ -0,0 +1,59 @@
From b5b92669c32b50b2f96a3ae53d4222d6cb3d1287 Mon Sep 17 00:00:00 2001
From: Nikolai Kondrashov <Nikolai.Kondrashov@redhat.com>
Date: Tue, 28 Oct 2014 15:57:56 +0200
Subject: [PATCH 1/1] Ignore SIGTERM when firing stop and signal.term
Move firing "server.stop" and "server.signal.term" triggers beyond
setting SIGTERM action to SIG_IGN in main().
This way handler commands for these triggers don't receive SIGTERM with
the rest of the process group and don't possibly terminate before doing
their work. E.g. snmptrap manages to send the notifications.
---
src/main/process.c | 1 -
src/main/radiusd.c | 10 ++++++++--
2 files changed, 8 insertions(+), 3 deletions(-)
diff --git a/src/main/process.c b/src/main/process.c
index 7e1a51e..f427205 100644
--- a/src/main/process.c
+++ b/src/main/process.c
@@ -4536,7 +4536,6 @@ static void handle_signal_self(int flag)
fr_event_loop_exit(el, 1);
} else {
INFO("Signalled to terminate");
- exec_trigger(NULL, NULL, "server.signal.term", true);
fr_event_loop_exit(el, 2);
}
diff --git a/src/main/radiusd.c b/src/main/radiusd.c
index 620d7d4..86c7013 100644
--- a/src/main/radiusd.c
+++ b/src/main/radiusd.c
@@ -592,8 +592,6 @@ int main(int argc, char *argv[])
INFO("Exiting normally");
}
- exec_trigger(NULL, NULL, "server.stop", false);
-
/*
* Ignore the TERM signal: we're
* about to die.
@@ -601,6 +599,14 @@ int main(int argc, char *argv[])
signal(SIGTERM, SIG_IGN);
/*
+ * Fire signal and stop triggers after ignoring SIGTERM, so handlers are
+ * not killed with the rest of the process group, below.
+ */
+ if (status == 2)
+ exec_trigger(NULL, NULL, "server.signal.term", true);
+ exec_trigger(NULL, NULL, "server.stop", false);
+
+ /*
* Send a TERM signal to all
* associated processes
* (including us, which gets
--
2.1.1

30
freeradius-raddb-remove-extra-apostrophe-from-trigger.conf.patch Normal file
View File

@ -0,0 +1,30 @@
From e37dbd2dd0f20ff255ddc934296afa67e59695c6 Mon Sep 17 00:00:00 2001
From: Nikolai Kondrashov <Nikolai.Kondrashov@redhat.com>
Date: Thu, 16 Oct 2014 13:48:32 +0300
Subject: [PATCH 2/4] raddb: Remove extra apostrophe from trigger.conf
Remove a spurious apostrophe from trigger.conf's trigger.modules.args.
This fixes module triggers, otherwise producing this error:
rad_expand_xlat: Invalid string passed as argument
---
raddb/trigger.conf | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/raddb/trigger.conf b/raddb/trigger.conf
index aa846c3..b80089c 100644
--- a/raddb/trigger.conf
+++ b/raddb/trigger.conf
@@ -194,7 +194,7 @@ trigger {
# "trigger" subsection in the module configuration.
modules {
# Common arguments
- args = "radiusdModuleName s ldap' radiusdModuleInstance s ''"
+ args = "radiusdModuleName s ldap radiusdModuleInstance s ''"
# The files module
files {
--
2.1.1

70
freeradius-raddb-update-triggers-in-trigger.conf.patch Normal file
View File

@ -0,0 +1,70 @@
From 7162088ec80add0e83d1073b67001546be3d0d8d Mon Sep 17 00:00:00 2001
From: Nikolai Kondrashov <Nikolai.Kondrashov@redhat.com>
Date: Thu, 23 Oct 2014 13:56:46 +0300
Subject: [PATCH 1/1] raddb: Update triggers in trigger.conf
Update trigger.conf's available triggers and comments to correspond to
actual code.
---
raddb/trigger.conf | 23 ++++++++++++-----------
1 file changed, 12 insertions(+), 11 deletions(-)
diff --git a/raddb/trigger.conf b/raddb/trigger.conf
index 44f9f36..413a182 100644
--- a/raddb/trigger.conf
+++ b/raddb/trigger.conf
@@ -222,11 +222,8 @@ trigger {
# A connection to the DB has been closed
close = "${snmptrap}::serverModuleConnectionDown ${args}"
- # Failed to open a new connection to the DB
- fail = "${snmptrap}::serverModuleConnectionFail ${args}"
-
- # There are no DB handles available.
- none = "${snmptrap}::serverModuleConnectionNone ${args}"
+ # The module has been HUP'd via radmin
+ hup = "${snmptrap}::serverModuleHup ${args}"
}
# The SQL module
@@ -243,12 +240,13 @@ trigger {
# Failed to open a new connection to the DB
fail = "${snmptrap}::serverModuleConnectionFail ${args}"
- # There are no DB handles available.
- none = "${snmptrap}::serverModuleConnectionNone ${args}"
+ # The module has been HUP'd via radmin
+ hup = "${snmptrap}::serverModuleHup ${args}"
}
- # You can use the same opn / close / fail / none triggers for
- # any module which uses the "pool" directive.
+ # You can also use connection pool's start/stop/open/close triggers
+ # for any module which uses the "pool" section, here and under
+ # pool.trigger in module configuration.
}
}
@@ -267,10 +265,9 @@ trigger {
# home_server_pool.fallback
# home_server_pool.normal
# modules.*.hup
-# modules.ldap.fail
+# modules.ldap.timeout
# modules.sql.close
# modules.sql.fail
-# modules.sql.none
# modules.sql.open
# server.client.add
# server.max_requests
@@ -278,3 +275,7 @@ trigger {
# server.signal.term
# server.start
# server.stop
+# server.thread.max_threads
+# server.thread.start
+# server.thread.stop
+# server.thread.unresponsive
--
2.1.1

83
freeradius-raddb-use-appropriate-module-names-in-traps.patch Normal file
View File

@ -0,0 +1,83 @@
From 039f85dfe9a09478c9581b87113e73e2205abd53 Mon Sep 17 00:00:00 2001
From: Nikolai Kondrashov <Nikolai.Kondrashov@redhat.com>
Date: Thu, 16 Oct 2014 13:59:51 +0300
Subject: [PATCH 3/4] raddb: Use appropriate module names in traps
Specify appropriate module names for all module traps in trigger.conf,
instead of using "ldap" for all.
---
raddb/trigger.conf | 29 +++++++++++++++++++----------
1 file changed, 19 insertions(+), 10 deletions(-)
diff --git a/raddb/trigger.conf b/raddb/trigger.conf
index b80089c..44f9f36 100644
--- a/raddb/trigger.conf
+++ b/raddb/trigger.conf
@@ -194,12 +194,15 @@ trigger {
# "trigger" subsection in the module configuration.
modules {
# Common arguments
- args = "radiusdModuleName s ldap radiusdModuleInstance s ''"
+ args = "radiusdModuleInstance s ''"
# The files module
files {
+ # Common arguments
+ args = "radiusdModuleName s files ${..args}"
+
# The module has been HUP'd via radmin
- hup = "${snmptrap}::serverModuleHup ${..args}"
+ hup = "${snmptrap}::serverModuleHup ${args}"
# Note that "hup" can be used for every module
# which can be HUP'd via radmin
@@ -210,32 +213,38 @@ trigger {
# an LDAP connection ofr every "bind as user". Be aware that
# this will likely produce a lot of triggers.
ldap {
+ # Common arguments
+ args = "radiusdModuleName s ldap ${..args}"
+
# A new connection to the DB has been opened
- open = "${snmptrap}::serverModuleConnectionUp ${..args}"
+ open = "${snmptrap}::serverModuleConnectionUp ${args}"
# A connection to the DB has been closed
- close = "${snmptrap}::serverModuleConnectionDown ${..args}"
+ close = "${snmptrap}::serverModuleConnectionDown ${args}"
# Failed to open a new connection to the DB
- fail = "${snmptrap}::serverModuleConnectionFail ${..args}"
+ fail = "${snmptrap}::serverModuleConnectionFail ${args}"
# There are no DB handles available.
- none = "${snmptrap}::serverModuleConnectionNone ${..args}"
+ none = "${snmptrap}::serverModuleConnectionNone ${args}"
}
# The SQL module
sql {
+ # Common arguments
+ args = "radiusdModuleName s sql ${..args}"
+
# A new connection to the DB has been opened
- open = "${snmptrap}::serverModuleConnectionUp ${..args}"
+ open = "${snmptrap}::serverModuleConnectionUp ${args}"
# A connection to the DB has been closed
- close = "${snmptrap}::serverModuleConnectionDown ${..args}"
+ close = "${snmptrap}::serverModuleConnectionDown ${args}"
# Failed to open a new connection to the DB
- fail = "${snmptrap}::serverModuleConnectionFail ${..args}"
+ fail = "${snmptrap}::serverModuleConnectionFail ${args}"
# There are no DB handles available.
- none = "${snmptrap}::serverModuleConnectionNone ${..args}"
+ none = "${snmptrap}::serverModuleConnectionNone ${args}"
}
# You can use the same opn / close / fail / none triggers for
--
2.1.1

12
freeradius.spec
View File

@ -33,6 +33,12 @@ Patch9: freeradius-dont-swap-uint128-printing-on-be.patch
Patch10: freeradius-fix-dhcp-dictionary-loading.patch
Patch11: freeradius-mention-eap-md5-in-radtest-synopsis.patch
Patch12: freeradius-add-P-option-to-radtest-synopsis.patch
Patch13: freeradius-exec-dont-assume-request-presence-when-logging.patch
Patch14: freeradius-raddb-remove-extra-apostrophe-from-trigger.conf.patch
Patch15: freeradius-raddb-use-appropriate-module-names-in-traps.patch
Patch16: freeradius-connection-fall-through-to-global-module-triggers.patch
Patch17: freeradius-ignore-SIGTERM-when-firing-stop-and-signal.term.patch
Patch18: freeradius-raddb-update-triggers-in-trigger.conf.patch
%global docdir %{?_pkgdocdir}%{!?_pkgdocdir:%{_docdir}/%{name}-%{version}}
@ -201,6 +207,12 @@ This plugin provides the unixODBC support for the FreeRADIUS server project.
%patch10 -p1
%patch11 -p1
%patch12 -p1
%patch13 -p1
%patch14 -p1
%patch15 -p1
%patch16 -p1
%patch17 -p1
%patch18 -p1
%build
# Force compile/link options, extra security for network facing daemon