(RADIATOR) ORA-03113: end-of-file on communication channel (DBD ERROR: OCIStmtExecute/Describe)
Mariano Absatz
lradius at pert.com.ar
Tue May 8 16:38:02 CDT 2001
Mike, Hugh,
I am getting the following error:
ORA-03113: end-of-file on communication channel (DBD ERROR:
OCIStmtExecute/Describe)
and now that I see it, is the same after the kill -HUP I sent you 'bout
an hour ago...
So maybe the problem isn't with kill -HUP but with Oracle DBD or, most
probably, my way of using it.
Let's start over again, full scenario:
Sun Netra T1 AC200, 1CPU 360MHz, 512Mb RAM, 2x18Gb HD, Solaris 8, Perl
v5.6.1, Radiator 2.18.1, Oracle8i Release 8.1.6.0.0 - Production.
I run two instances of Radiator, one for authentication and one for
accounting.
I'm using a bunch of config files:
radius-auth.cfg (for authentication only settings)
radius-acct.cfg (for accounting only settings)
radius-common.cfg (for everything in common, included from both above)
DBGlobalData.cfg (data base global data, included from radius-common.cfg)
DBUseData.cfg (for including everytime I have to put DBSource/DBUsername/
DBAuth)
clients.cfg (the clients section, a <ClientListSQL>, included from
radius-common.cfg)
I'm attaching all of the config files to this message.
Now, apparently, what's happening is the following:
the first "oracle thing" that ought to be done is to get the
ClientListSQL by doing the corresponding SELECT.
That is apparently working since the host where the radpwtst is being run
and the NAS_Identifier that it provides are accepted (it rejected them
before I inserted the records in the tables).
Next time an oracle query is executed, it fails with the error:
ORA-03113: end-of-file on communication channel (DBD ERROR:
OCIStmtExecute/Describe)
It's the same error, whether I kill -HUP the server (and the
ClientListSQL statement is executed again) or if I try to execute the
statement to authenticate a user... After failing the first time, then it
works OK, or so it seems... but I don't know what's going on.
I'm still not doing SQL accounting so I can't verify the same behavior in
the other instance (but the kill -HUP behavior is the same).
Here there is a trace 4:
Tue May 8 18:30:22 2001: INFO: Server started: Radiator 2.18.1 on dummy-
server
Tue May 8 18:30:27 2001: DEBUG: Packet dump:
*** Received from 127.0.0.1 port 39823 ....
Code: Access-Request
Identifier: 12
Authentic: 1234567890123456
Attributes:
User-Name = "a-user at some-realm"
Service-Type = Framed-User
NAS-IP-Address = 200.59.130.83
NAS-Port = 1234
Called-Station-Id = "123456789"
Calling-Station-Id = "987654321"
NAS-Port-Type = Async
User-Password =
"Z/<237>h%<251><233>:<238><192><220>`<176><12>\<146>"
Tue May 8 18:30:27 2001: DEBUG: Rewrote user name to a-user at some-realm
Tue May 8 18:30:27 2001: DEBUG: Rewrote user name to a-user at some-realm
Tue May 8 18:30:27 2001: DEBUG: Check if Handler should be used to
handle this request
Tue May 8 18:30:27 2001: DEBUG: Handling request with Handler ''
Tue May 8 18:30:27 2001: DEBUG: Deleting session for a-user at some-realm,
200.59.130.83, 1234
Tue May 8 18:30:27 2001: DEBUG: Handling with Radius::AuthSQL
Tue May 8 18:30:27 2001: DEBUG: Handling with Radius::AuthSQL
Tue May 8 18:30:27 2001: DEBUG: Query is: SELECT USU_CLAVE FROM USUARIOS
WHERE USU_CODIGO = 'a-user' AND VISP_CODIGO = 'some-realm'
Tue May 8 18:30:27 2001: ERR: Execute failed for 'SELECT USU_CLAVE FROM
USUARIOS WHERE USU_CODIGO = 'a-user' AND VISP_CODIGO = 'some-realm'': ORA-
03113: end-of-file on communication channel (DBD ERROR:
OCIStmtExecute/Describe)
Tue May 8 18:30:27 2001: DEBUG: Radius::AuthSQL looks for match with a-
user at some-realm
Tue May 8 18:30:27 2001: DEBUG: Radius::AuthSQL ACCEPT:
Tue May 8 18:30:27 2001: DEBUG: Access accepted for a-user at some-realm
Tue May 8 18:30:27 2001: DEBUG: Packet dump:
*** Sending to 127.0.0.1 port 39823 ....
Code: Access-Accept
Identifier: 12
Authentic: 1234567890123456
Attributes:
Tue May 8 18:30:30 2001: DEBUG: Packet dump:
*** Received from 127.0.0.1 port 39824 ....
Code: Access-Request
Identifier: 15
Authentic: 1234567890123456
Attributes:
User-Name = "a-user at some-realm"
Service-Type = Framed-User
NAS-IP-Address = 200.59.130.83
NAS-Port = 1234
Called-Station-Id = "123456789"
Calling-Station-Id = "987654321"
NAS-Port-Type = Async
User-Password =
"Z/<237>h%<251><233>:<238><192><220>`<176><12>\<146>"
Tue May 8 18:30:30 2001: DEBUG: Rewrote user name to a-user at some-realm
Tue May 8 18:30:30 2001: DEBUG: Rewrote user name to a-user at some-realm
Tue May 8 18:30:30 2001: DEBUG: Check if Handler should be used to
handle this request
Tue May 8 18:30:30 2001: DEBUG: Handling request with Handler ''
Tue May 8 18:30:30 2001: DEBUG: Deleting session for a-user at some-realm,
200.59.130.83, 1234
Tue May 8 18:30:30 2001: DEBUG: Handling with Radius::AuthSQL
Tue May 8 18:30:30 2001: DEBUG: Handling with Radius::AuthSQL
Tue May 8 18:30:30 2001: DEBUG: Query is: SELECT USU_CLAVE FROM USUARIOS
WHERE USU_CODIGO = 'a-user' AND VISP_CODIGO = 'some-realm'
Tue May 8 18:30:30 2001: DEBUG: Radius::AuthSQL looks for match with a-
user at some-realm
Tue May 8 18:30:30 2001: DEBUG: Radius::AuthSQL ACCEPT:
Tue May 8 18:30:30 2001: DEBUG: Access accepted for a-user at some-realm
Tue May 8 18:30:30 2001: DEBUG: Packet dump:
*** Sending to 127.0.0.1 port 39824 ....
Code: Access-Accept
Identifier: 15
Authentic: 1234567890123456
Attributes:
Tue May 8 18:30:39 2001: DEBUG: Packet dump:
*** Received from 127.0.0.1 port 39825 ....
Code: Access-Request
Identifier: 24
Authentic: 1234567890123456
Attributes:
User-Name = "a-user at some-realm"
Service-Type = Framed-User
NAS-IP-Address = 200.59.130.83
NAS-Port = 1234
Called-Station-Id = "123456789"
Calling-Station-Id = "987654321"
NAS-Port-Type = Async
User-Password =
"Z/<237>h%<251><233>:<238><192><220>`<176><12>\<146>"
Tue May 8 18:30:39 2001: DEBUG: Rewrote user name to a-user at some-realm
Tue May 8 18:30:39 2001: DEBUG: Rewrote user name to a-user at some-realm
Tue May 8 18:30:39 2001: DEBUG: Check if Handler should be used to
handle this request
Tue May 8 18:30:39 2001: DEBUG: Handling request with Handler ''
Tue May 8 18:30:39 2001: DEBUG: Deleting session for a-user at some-realm,
200.59.130.83, 1234
Tue May 8 18:30:39 2001: DEBUG: Handling with Radius::AuthSQL
Tue May 8 18:30:39 2001: DEBUG: Handling with Radius::AuthSQL
Tue May 8 18:30:39 2001: DEBUG: Query is: SELECT USU_CLAVE FROM USUARIOS
WHERE USU_CODIGO = 'a-user' AND VISP_CODIGO = 'some-realm'
Tue May 8 18:30:39 2001: DEBUG: Radius::AuthSQL looks for match with a-
user at some-realm
Tue May 8 18:30:39 2001: DEBUG: Radius::AuthSQL ACCEPT:
Tue May 8 18:30:39 2001: DEBUG: Access accepted for a-user at some-realm
Tue May 8 18:30:39 2001: DEBUG: Packet dump:
*** Sending to 127.0.0.1 port 39825 ....
Code: Access-Accept
Identifier: 24
Authentic: 1234567890123456
Attributes:
Any thoughts?
-------------- next part --------------
##################################################################
# AUTHENTICATION CONFIGURATION #
##################################################################
# include common configuration and global definitions
include /app/Radiator/etc/radius-common.cfg
LogFile %L/%Y-%m/%{GlobalVar:rad_instance}/debugLog_%d-%q
# For debugging, swap the comments in the 2 following lines
#Trace 0
Trace 4
#Trace:
#0 ERR. Error conditions. Serious and unexpected failures
#1 WARNING. Warning conditions. Unexpected failures
#2 NOTICE. Normal but significant conditions.
#3 INFO. Informational messages.
#4 DEBUG. Debugging messages.
#5 Incoming raw packet dumps in hexadecimal.
#
##################################################################
# PROTOCOL SECTION #
##################################################################
#
# We only do authorization in this instance of Radiator
#
AuthPort 1812
AcctPort
<SNMPAgent>
Port 16112
ROCommunity CONFIGURAR-COMUNIDAD
</SNMPAgent>
-------------- next part --------------
##################################################################
# ACCOUNTING CONFIGURATION #
##################################################################
# include common configuration and global definitions
include /app/Radiator/etc/radius-common.cfg
LogFile %L/%Y-%m/%{GlobalVar:rad_instance}/debugLog_%d-%q
# For debugging, swap the comments in the 2 following lines
#Trace 0
Trace 4
#Trace:
#0 ERR. Error conditions. Serious and unexpected failures
#1 WARNING. Warning conditions. Unexpected failures
#2 NOTICE. Normal but significant conditions.
#3 INFO. Informational messages.
#4 DEBUG. Debugging messages.
#5 Incoming raw packet dumps in hexadecimal.
##################################################################
# PROTOCOL SECTION #
##################################################################
#
# We only do accounting in this instance of Radiator
#
AuthPort
AcctPort 1813
<SNMPAgent>
Port 16113
ROCommunity CONFIGURAR-COMUNIDAD
</SNMPAgent>
-------------- next part --------------
##################################################################
# COMMON CONFIGURATION #
##################################################################
##################################################################
# FILES AND DIRECTORIES SECTION #
##################################################################
LogDir /logs/radius
DbDir /app/Radiator/db
DefineGlobalVar ScriptDir /app/Radiator/scripts
DefineGlobalVar ConfigDir /app/Radiator/etc
DefineGlobalVar TempDir /app/Radiator/tmp
DictionaryFile %{GlobalVar:ConfigDir}/dictionary
PidFile %{GlobalVar:TempDir}/rad-%{GlobalVar:rad_instance}.pid
# DataBase Global Data
include %{GlobalVar:ConfigDir}/DBGlobalData.cfg
##################################################################
# LOGGING SECTION #
##################################################################
<Log FILE>
Identifier fileLoggerMetroAuth
Filename %L/%Y-%m/%{GlobalVar:rad_instance}/stdLog_%d-%q
Trace 3
</Log>
# Log authentication success and failure to a file
# (in fact is only valid for authentication)
<AuthLog FILE>
Identifier authLoggerMetroRED
Filename %L/%Y-%m/%{GlobalVar:rad_instance}_%d-%q
LogSuccess 1
LogFailure 1
SuccessFormat %l:%n:<****>:OK:-
FailureFormat %l:%n:%P:FAIL:%1
</AuthLog>
##################################################################
# REWRITE SECTION #
##################################################################
# REWRITE USER NAME BEFORE ANYTHING ELSE
# Rewrite any Name without realm to our realm
# because defaultrealm does not match on HANDLER
RewriteUsername s/^([^@]+)$/$1\@default-realm/
# change everything in the username to lowercase
RewriteUsername tr/[A-Z]/[a-z]/
##################################################################
# CLIENTS SECTION #
##################################################################
include %{GlobalVar:ConfigDir}/clients.cfg
##################################################################
# AUTHBY SECTION #
##################################################################
<AuthBy SQL>
Identifier UserGetPassword
NoDefault
include %{GlobalVar:ConfigDir}/DBUseData.cfg
AuthSelect SELECT USU_CLAVE \
FROM USUARIOS \
WHERE USU_CODIGO = '%U' AND VISP_CODIGO = '%R'
</AuthBy>
##################################################################
# HANDLER SECTION #
##################################################################
<Handler>
Identifier GlobalHandler
AuthBy UserGetPassword
</Handler>
-------------- next part --------------
##################################################################
# DATABASE GLOBAL DATA #
##################################################################
DefineGlobalVar OracleHost localhost
DefineGlobalVar OracleSID radius
DefineGlobalVar MR_DBSource dbi:Oracle:host=localhost;sid=radius
DefineGlobalVar MR_DBUsername radmin
DefineGlobalVar MR_DBAuth radius
-------------- next part --------------
##################################################################
# DATABASE INVOCATION DATA #
##################################################################
# before you must:
# include %{GlobalVar:ConfigDir}/DBGlobalData.cfg
#
DBSource %{GlobalVar:MR_DBSource}
DBUsername %{GlobalVar:MR_DBUsername}
DBAuth %{GlobalVar:MR_DBAuth}
-------------- next part --------------
##################################################################
# CLIENTS SECTION #
##################################################################
<ClientListSQL>
# Client (NAS) info is in the database
include %{GlobalVar:ConfigDir}/DBUseData.cfg
GetClientQuery SELECT \
NAS_IDENTIFIER, NAS_SECRET, \
NAS_IGNOREACCTSIGNATURE, NAS_DUPINTERVAL, \
NAS_DEFAULTREALM, NAS_TYPE, NAS_SNMPCOMMUNITY, \
NAS_LIVINGSTONOFFS, NAS_LIVINGSTONHOLE, \
NAS_FRAMEDGROUPBASEADDRESS, NAS_FRAMEDGROUPMAXPORTSPERCLAS, \
NAS_REWRITEUSERNAME, NAS_NOIGNOREDUPLICATES, \
NAS_PREHANDLERHOOK \
FROM NAS_SERVICIO_CALIDAD
</ClientListSQL>
More information about the radiator
mailing list