radmavis segfault

86 views
Skip to first unread message

Patrick Topping

unread,
May 16, 2025, 3:52:19 PMMay 16
to Event-Driven Servers
I have not been successful in getting radmavis to work with Radius authentication.  Every time radmavis is called, it segfaults.

root@LAB1-RAF-L01

[/usr/local/etc]# printf "0 TACPLUS\n4 patrick\n8 password@123\n49 AUTH\n=\n" | radmavis "group_attribute=Class" "authserver=dev.radius.dev:1812:dhuwher23e1"

0 TACPLUS

4 ptopping

8 password@123

49 AUTH


May 16 12:41:01 LAB1-RAF-L01 kernel: [848723.182738] radmavis[766994]: segfault at 0 ip 0000000000000000 sp 00007ffe902e0908 error 14 in radmavis[56095a781000+1000]

May 16 12:41:01 LAB1-RAF-L01 kernel: [848723.182767] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6.


I have installed both the freeradius-server & freeradius-clients on this server to get radmavis installed.  I have been unsuccessful and had to copy it over from the build directly of the event-driven-servers.  


Below is my mavis config for review.


#    mavis module = tacinfo_cache {

#        directory = /tmp/tacinfo

#    }

 

    mavis module = external {

        exec = /usr/local/sbin/radmavis "radmavis" "group_attribute=Class" "authserver=dev.radius.dev:1812:dfsdfkselr;jwer"

    }

 

    user backend = mavis

    login backend = mavis

    pap backend = mavis



Any help to get passed this would be greatly appreciated.


Thank you.


-Patrick


Patrick Topping

unread,
May 16, 2025, 7:36:16 PMMay 16
to Event-Driven Servers
I have tried loading this on a fresh Ubuntu 24.04 server and I am not seeing radmavis or radmavis-mt being installed in /usr/local/sbin.  Appreciate any help to get through this issue.

Thank you.

-Patrick

Marc Huber

unread,
May 17, 2025, 7:57:21 AMMay 17
to event-driv...@googlegroups.com


Hi Patrick,

both radmavis and radmavis-mt will only be built if the configure scripts detects the radcli or freeradius-client development libraries. Ubuntu: radcli is availabe, so just "apt install libradcli-dev". For freeradius-client: there's no Ubuntu package,  git clone https://github.com/FreeRADIUS/freeradius-client.git and build/install.

I see no segvaults, both variants work just fine on my system. To isolate that further:

./configure --ggdb && make && sudo make install

Then run

( printf "0 TACPLUS\n4 patrick\n8 password@123\n49 AUTH\n=\n" ; sleep 60) | radmavis "group_attribute=Class" "authserver=dev.radius.dev:1812:dhuwher23e1"

In a separate session: check for the "radmavis" pid, then attach gdb or lldb to that pid (gdb -p 12345), enter "cont" and wait for the sleep to timeout. On SEGV you can continue with "bt" (backtrace) and/or "up" to see where the crash occurs.

(I currently have no freeradius setup ready for testing, so I did use tac_plus-ng RADIUS support for that. Shouldn't make any difference.)

Cheers,

Marc

--
You received this message because you are subscribed to the Google Groups "Event-Driven Servers" group.
To unsubscribe from this group and stop receiving emails from it, send an email to event-driven-ser...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/event-driven-servers/7b7a8519-bd32-4935-9b5e-0b7dc366ff14n%40googlegroups.com.

Patrick Topping

unread,
May 19, 2025, 1:00:08 AMMay 19
to Event-Driven Servers
Marc,

Thank you for getting back to me.  I really appreciate it.  I forgot to add to the initial post is that I had installed libradcli-dev, as well as the freeradius-client packages.  I am not sure why the configure script is not processing the libraries during the make and make install because it does recognize them.

root@LAB1-RAF-L01

[/tmp/event-driven-servers]# apt install libradcli-dev

Reading package lists... Done

Building dependency tree... Done

Reading state information... Done

libradcli-dev is already the newest version (1.2.11-1build1).

0 upgraded, 0 newly installed, 0 to remove and 4 not upgraded.


root@LAB1-RAF-L01

[/tmp/event-driven-servers]# ./configure --ggdb && make && sudo make install

==============================================================================================================================================================================

Development files were found for: LIB-ARES, LIB-CRYPT, LIB-CRYPTO, LIB-CURL, LIB-LBER, LIB-LDAP, LIB-PAM, LIB-PCRE2, LIB-PTHREAD, LIB-RADCLI, LIB-SCTP, LIB-SSL, LIB-ZLIB

 

The file

 

    build/Makefile.inc.linux-5.15.0-139-generic-x86_64

 

was just created. You may run "make" now. After that, you may wish to do a "make install". Alternatively, you'll find the compiled binaries (plus some ancillary scripts) in

the

 

    build/linux-5.15.0-139-generic-x86_64/fakeroot/

 

directory structure. It's probably advisable to have a look there in any case, as you may or may not like the particular file system layout, and this will give you a chance

to see it before installing.

 

Please direct support requests to the "Event-Driven Servers" Google Group at

 

    event-driv...@googlegroups.com

    https://groups.google.com/group/event-driven-servers

 

or file an issue at

 

    https://github.com/MarcJHuber/event-driven-servers

 

Support requests sent to the author's private email address may be silently ignored.



make[3]: Entering directory '/tmp/event-driven-servers/mavis/perl'

make[3]: Nothing to be done for 'install'.

make[3]: Leaving directory '/tmp/event-driven-servers/mavis/perl'

make[3]: Entering directory '/tmp/event-driven-servers/mavis/python'

Listing '/usr/local/lib/mavis'...

Listing '/usr/local/lib/mavis/extra'...

make[3]: Leaving directory '/tmp/event-driven-servers/mavis/python'

make[2]: Leaving directory '/tmp/event-driven-servers/build/linux-5.15.0-139-generic-x86_64/mavis'

make[1]: Leaving directory '/tmp/event-driven-servers/mavis'

make[1]: Entering directory '/tmp/event-driven-servers/spawnd'

make[2]: Entering directory '/tmp/event-driven-servers/build/linux-5.15.0-139-generic-x86_64/spawnd'

make[3]: Entering directory '/tmp/event-driven-servers/build/linux-5.15.0-139-generic-x86_64/spawnd'

make[3]: Nothing to be done for 'install'.

make[3]: Leaving directory '/tmp/event-driven-servers/build/linux-5.15.0-139-generic-x86_64/spawnd'

make[2]: Leaving directory '/tmp/event-driven-servers/build/linux-5.15.0-139-generic-x86_64/spawnd'

make[2]: Entering directory '/tmp/event-driven-servers/build/linux-5.15.0-139-generic-x86_64/spawnd'

install -c -m 0755 spawnd /usr/local/sbin/spawnd

make[2]: Leaving directory '/tmp/event-driven-servers/build/linux-5.15.0-139-generic-x86_64/spawnd'

make[1]: Leaving directory '/tmp/event-driven-servers/spawnd'

make[1]: Entering directory '/tmp/event-driven-servers/mavisd'

make[2]: Entering directory '/tmp/event-driven-servers/build/linux-5.15.0-139-generic-x86_64/mavisd'

make[3]: Entering directory '/tmp/event-driven-servers/build/linux-5.15.0-139-generic-x86_64/mavisd'

make[3]: Nothing to be done for 'install'.

make[3]: Leaving directory '/tmp/event-driven-servers/build/linux-5.15.0-139-generic-x86_64/mavisd'

make[2]: Leaving directory '/tmp/event-driven-servers/build/linux-5.15.0-139-generic-x86_64/mavisd'

make[2]: Entering directory '/tmp/event-driven-servers/build/linux-5.15.0-139-generic-x86_64/mavisd'

install -c -m 0755 mavisd /usr/local/sbin/mavisd

make[2]: Leaving directory '/tmp/event-driven-servers/build/linux-5.15.0-139-generic-x86_64/mavisd'

make[1]: Leaving directory '/tmp/event-driven-servers/mavisd'

make[1]: Entering directory '/tmp/event-driven-servers/ftpd'

make[2]: Entering directory '/tmp/event-driven-servers/ftpd/extra'

make[2]: Nothing to be done for 'all'.

make[2]: Leaving directory '/tmp/event-driven-servers/ftpd/extra'

make[2]: Entering directory '/tmp/event-driven-servers/build/linux-5.15.0-139-generic-x86_64/ftpd'

make[3]: Entering directory '/tmp/event-driven-servers/build/linux-5.15.0-139-generic-x86_64/ftpd'

make[4]: Entering directory '/tmp/event-driven-servers/ftpd/extra'

make[4]: Nothing to be done for 'install'.

make[4]: Leaving directory '/tmp/event-driven-servers/ftpd/extra'

make[3]: Leaving directory '/tmp/event-driven-servers/build/linux-5.15.0-139-generic-x86_64/ftpd'

make[2]: Leaving directory '/tmp/event-driven-servers/build/linux-5.15.0-139-generic-x86_64/ftpd'

make[2]: Entering directory '/tmp/event-driven-servers/build/linux-5.15.0-139-generic-x86_64/ftpd'

install -c -m 0755 ftpd /usr/local/sbin/ftpd

make[3]: Entering directory '/tmp/event-driven-servers/ftpd/extra'

make[3]: Nothing to be done for 'install'.

make[3]: Leaving directory '/tmp/event-driven-servers/ftpd/extra'

make[2]: Leaving directory '/tmp/event-driven-servers/build/linux-5.15.0-139-generic-x86_64/ftpd'

make[1]: Leaving directory '/tmp/event-driven-servers/ftpd'

make[1]: Entering directory '/tmp/event-driven-servers/tac_plus'

make[2]: Entering directory '/tmp/event-driven-servers/tac_plus/extra'

make[2]: Nothing to be done for 'all'.

make[2]: Leaving directory '/tmp/event-driven-servers/tac_plus/extra'

make[2]: Entering directory '/tmp/event-driven-servers/build/linux-5.15.0-139-generic-x86_64/tac_plus'

make[3]: Entering directory '/tmp/event-driven-servers/build/linux-5.15.0-139-generic-x86_64/tac_plus'

make[4]: Entering directory '/tmp/event-driven-servers/tac_plus/extra'

make[4]: Nothing to be done for 'install'.

make[4]: Leaving directory '/tmp/event-driven-servers/tac_plus/extra'

make[3]: Leaving directory '/tmp/event-driven-servers/build/linux-5.15.0-139-generic-x86_64/tac_plus'

make[2]: Leaving directory '/tmp/event-driven-servers/build/linux-5.15.0-139-generic-x86_64/tac_plus'

make[2]: Entering directory '/tmp/event-driven-servers/build/linux-5.15.0-139-generic-x86_64/tac_plus'

install -c -m 0755 tac_plus /usr/local/sbin/tac_plus

make[3]: Entering directory '/tmp/event-driven-servers/tac_plus/extra'

make[3]: Nothing to be done for 'install'.

make[3]: Leaving directory '/tmp/event-driven-servers/tac_plus/extra'

make[2]: Leaving directory '/tmp/event-driven-servers/build/linux-5.15.0-139-generic-x86_64/tac_plus'

make[1]: Leaving directory '/tmp/event-driven-servers/tac_plus'

make[1]: Entering directory '/tmp/event-driven-servers/tac_plus-ng'

make[2]: Entering directory '/tmp/event-driven-servers/tac_plus-ng/extra'

make[2]: Nothing to be done for 'all'.

make[2]: Leaving directory '/tmp/event-driven-servers/tac_plus-ng/extra'

make[2]: Entering directory '/tmp/event-driven-servers/build/linux-5.15.0-139-generic-x86_64/tac_plus-ng'

make[3]: Entering directory '/tmp/event-driven-servers/build/linux-5.15.0-139-generic-x86_64/tac_plus-ng'

make[4]: Entering directory '/tmp/event-driven-servers/tac_plus-ng/extra'

make[4]: Nothing to be done for 'install'.

make[4]: Leaving directory '/tmp/event-driven-servers/tac_plus-ng/extra'

make[3]: Leaving directory '/tmp/event-driven-servers/build/linux-5.15.0-139-generic-x86_64/tac_plus-ng'

make[2]: Leaving directory '/tmp/event-driven-servers/build/linux-5.15.0-139-generic-x86_64/tac_plus-ng'

make[2]: Entering directory '/tmp/event-driven-servers/build/linux-5.15.0-139-generic-x86_64/tac_plus-ng'

install -c -m 0755 tac_plus-ng /usr/local/sbin/tac_plus-ng # && ( setcap cap_net_raw,cap_net_bind_service=+ep /usr/local/sbin/tac_plus-ng 2>/dev/null || true )

make[3]: Entering directory '/tmp/event-driven-servers/tac_plus-ng/extra'

make[3]: Nothing to be done for 'install'.

make[3]: Leaving directory '/tmp/event-driven-servers/tac_plus-ng/extra'

make[2]: Leaving directory '/tmp/event-driven-servers/build/linux-5.15.0-139-generic-x86_64/tac_plus-ng'

make[1]: Leaving directory '/tmp/event-driven-servers/tac_plus-ng'

make[1]: Entering directory '/tmp/event-driven-servers/tcprelay'

make[2]: Entering directory '/tmp/event-driven-servers/tcprelay/extra'

make[2]: Nothing to be done for 'all'.

make[2]: Leaving directory '/tmp/event-driven-servers/tcprelay/extra'

make[2]: Entering directory '/tmp/event-driven-servers/build/linux-5.15.0-139-generic-x86_64/tcprelay'

make[3]: Entering directory '/tmp/event-driven-servers/build/linux-5.15.0-139-generic-x86_64/tcprelay'

make[4]: Entering directory '/tmp/event-driven-servers/tcprelay/extra'

make[4]: Nothing to be done for 'install'.

make[4]: Leaving directory '/tmp/event-driven-servers/tcprelay/extra'

make[3]: Leaving directory '/tmp/event-driven-servers/build/linux-5.15.0-139-generic-x86_64/tcprelay'

make[2]: Leaving directory '/tmp/event-driven-servers/build/linux-5.15.0-139-generic-x86_64/tcprelay'

make[2]: Entering directory '/tmp/event-driven-servers/build/linux-5.15.0-139-generic-x86_64/tcprelay'

install -c -m 0755 tcprelay /usr/local/sbin/tcprelay

make[3]: Entering directory '/tmp/event-driven-servers/tcprelay/extra'

make[3]: Nothing to be done for 'install'.

make[3]: Leaving directory '/tmp/event-driven-servers/tcprelay/extra'

make[2]: Leaving directory '/tmp/event-driven-servers/build/linux-5.15.0-139-generic-x86_64/tcprelay'

make[1]: Leaving directory '/tmp/event-driven-servers/tcprelay'

 

 

root@LAB1-RAF-L01

[/tmp/event-driven-servers]# ls -l /usr/local/sbin

total 2792

-rwxr-xr-x 1 root root 973352 May 17 22:40 ftpd

-rwxr-xr-x 1 root root  73480 May 17 22:40 ldapmavis-mt

-rwxr-xr-x 1 root root    506 May 16 15:25 login.radius

-rwxr-xr-x 1 root root  80184 May 17 22:40 mavisd

-rwxr-xr-x 1 root root  25008 May 17 22:40 pammavis

-rwxr-xr-x 1 root root  38384 May 17 22:40 pammavis-mt

-rwxr-xr-x 1 root root  26856 May 16 15:25 radacct

-rwxr-xr-x 1 root root  24000 May 16 15:25 radembedded

-rwxr-xr-x 1 root root  24504 May 16 15:25 radexample

-rwxr-xr-x 1 root root  27296 May 16 15:25 radiusclient

-rwxr-xr-x 1 root root  59552 May 16 15:25 radlogin

-rwxr-xr-x 1 root root  25784 May 16 15:25 radstatus

-rwxr-xr-x 1 root root  19208 May 17 22:40 spawnd

-rwxr-xr-x 1 root root 547688 May 17 22:40 tac_plus

-rwxr-xr-x 1 root root 764288 May 17 22:40 tac_plus-ng

-rwxr-xr-x 1 root root 111984 May 17 22:40 tcprelay

-rwxr-xr-x 1 root root   4181 Feb 17  2023 unminimize


Is it possible that the location(s) / directory(s) that libradcli-dev and freeradius-client are being installed in are different than where the configure script is looking?  

Thank you.

-Patrick

Marc Huber

unread,
May 19, 2025, 12:00:16 PMMay 19
to event-driv...@googlegroups.com
Hi Patrick,

On 19.05.2025 07:00, Patrick Topping wrote:
> Is it possible that the location(s) / directory(s) that libradcli-dev
and freeradius-client are being installed in are different than where
the configure script is looking?

hardly. I just installed Ubuntu 24 in a fresh VM, run "apt install make
gcc perl libradcli-dev libpcre2-dev", followed by "./configure && make
&& sudo make install" and radmavis was readily available. I've no idea
what went wrong on your system.

Cheers,

Marc



Patrick Topping

unread,
May 20, 2025, 10:39:02 AMMay 20
to Event-Driven Servers
Marc,

I have been working on Ubuntu 22.04 with no luck on getting radmavis installed.  I took your commands from the previous message and ran them on a fresh Ubuntu 24.04 system w/out any issues.  I now have radmavis in /usr/local/sbin.  Looking forward to getting TACACS --> Radius authentication tested now.  Thank you for all your help.

One quick follow up question.  What determines if radmavis or radmavis-mt is built on a system?

Thank you again.

-Patrick

Marc Huber

unread,
May 20, 2025, 11:35:34 AMMay 20
to event-driv...@googlegroups.com
Hi Patrick,

the key triggers for both radmavis and radmavis-mt are the presence of
either radcli or freeradius-client development headers and libraries.
The configure script checks for both (but prefers radcli). The actual
checks. cover both headers and libraries (radcli/radcli.h and
libradcli.so, or freeradius-client.h and libfreeradius-client.so), and
checking is done for /usr and /usr/local in the corresponding include
and lib directories.

Cheers,

Marc

Patrick Topping

unread,
May 21, 2025, 1:23:57 PMMay 21
to Event-Driven Servers
Marc,

I have tried running the suggested commands from your previous post.  Below is the output of what I am seeing.

root@snaa-raf-l01
[/usr/local/etc]# /usr/local/sbin/tac_plus-ng /usr/local/etc/tac_plus-ng.cfg

2025-05-21T17:16:40.975202+00:00 snaa-raf-l01 tac_plus-ng[48097]: startup (version 0d749500ced237f3b941c40faaeec18a6f7d8ce6)
2025-05-21T17:16:40.975348+00:00 snaa-raf-l01 tac_plus-ng[48097]: epoll event notification mechanism is being used
2025-05-21T17:16:40.975374+00:00 snaa-raf-l01 tac_plus-ng[48097]: bind to [0.0.0.0]:49 succeeded
2025-05-21T17:16:40.978849+00:00 snaa-raf-l01 tac_plus-ng[48098]: epoll event notification mechanism is being used
2025-05-21T17:16:40.979067+00:00 snaa-raf-l01 tac_plus-ng[48099]: epoll event notification mechanism is being used
2025-05-21T17:16:40.980622+00:00 snaa-raf-l01 tac_plus-ng[48098]: - Version 0d749500ced237f3b941c40faaeec18a6f7d8ce6 initialized
2025-05-21T17:16:40.981145+00:00 snaa-raf-l01 tac_plus-ng[48099]: - Version 0d749500ced237f3b941c40faaeec18a6f7d8ce6 initialized

root@snaa-raf-l01
[/root]# ps -ef | grep radmavis
root       48148   48146  0 17:17 ?        00:00:00 radmavis group_attribute=Class authserver=dev.radius.dev:1812:7XXXXX
root       48149   48146  0 17:17 ?        00:00:00 radmavis group_attribute=Class authserver=dev.radius.dev:1812:7XXXXX
root       48150   48146  0 17:17 ?        00:00:00 radmavis group_attribute=Class authserver=dev.radius.dev:1812:7XXXXX
root       48151   48147  0 17:17 ?        00:00:00 radmavis group_attribute=Class authserver=dev.radius.dev:1812:7XXXXX
root       48152   48146  0 17:17 ?        00:00:00 radmavis group_attribute=Class authserver=dev.radius.dev:1812:7XXXXX
root       48153   48147  0 17:17 ?        00:00:00 radmavis group_attribute=Class authserver=dev.radius.dev:1812:7XXXXX
root       48154   48147  0 17:17 ?        00:00:00 radmavis group_attribute=Class authserver=dev.radius.dev:1812:7XXXXX
root       48155   48147  0 17:17 ?        00:00:00 radmavis group_attribute=Class authserver=dev.radius.dev:1812:7XXXXX

/var/log/syslog

2025-05-21T17:20:40.635687+00:00 snaa-raf-l01 tac_plus-ng[48146]: radmavis: 48397: terminated before finishing first request
2025-05-21T17:20:40.855458+00:00 snaa-raf-l01 kernel: radmavis[48399]: segfault at 0 ip 0000000000000000 sp 00007ffffd678398 error 14 in radmavis[62f1515cb000+1000] likely on CPU 2 (core 2, socket 0)
2025-05-21T17:20:40.855475+00:00 snaa-raf-l01 kernel: Code: Unable to access opcode bytes at 0xffffffffffffffd6.
2025-05-21T17:20:40.943196+00:00 snaa-raf-l01 tac_plus-ng[48146]: radmavis: 48399: terminated before finishing first request
2025-05-21T17:20:41.087136+00:00 snaa-raf-l01 tac_plus-ng[48146]: radmavis: 48401: terminated before finishing first request
2025-05-21T17:20:41.244201+00:00 snaa-raf-l01 tac_plus-ng[48146]: radmavis: 48403: terminated before finishing first request
2025-05-21T17:20:41.346975+00:00 snaa-raf-l01 tac_plus-ng[48146]: radmavis: 48405: terminated before finishing first request
2025-05-21T17:20:41.490245+00:00 snaa-raf-l01 tac_plus-ng[48146]: radmavis: 48407: terminated before finishing first request
2025-05-21T17:20:41.600077+00:00 snaa-raf-l01 tac_plus-ng[48146]: radmavis: 48409: terminated before finishing first request
2025-05-21T17:20:41.702006+00:00 snaa-raf-l01 tac_plus-ng[48146]: radmavis: 48411: terminated before finishing first request
2025-05-21T17:20:41.805067+00:00 snaa-raf-l01 tac_plus-ng[48146]: radmavis: 48413: terminated before finishing first request
2025-05-21T17:20:41.923450+00:00 snaa-raf-l01 tac_plus-ng[48146]: radmavis: 48415: terminated before finishing first request
2025-05-21T17:20:42.063416+00:00 snaa-raf-l01 tac_plus-ng[48146]: radmavis: 48417: terminated before finishing first request
2025-05-21T17:20:42.214990+00:00 snaa-raf-l01 tac_plus-ng[48146]: radmavis: 48419: terminated before finishing first request
2025-05-21T17:20:42.316889+00:00 snaa-raf-l01 tac_plus-ng[48146]: radmavis: 48421: terminated before finishing first request
2025-05-21T17:20:42.462313+00:00 snaa-raf-l01 tac_plus-ng[48146]: radmavis: 48423: terminated before finishing first request
2025-05-21T17:20:42.563245+00:00 snaa-raf-l01 tac_plus-ng[48146]: radmavis: 48425: terminated before finishing first request
2025-05-21T17:20:42.668774+00:00 snaa-raf-l01 tac_plus-ng[48146]: radmavis: 48427: terminated before finishing first request
2025-05-21T17:20:42.811020+00:00 snaa-raf-l01 tac_plus-ng[48146]: radmavis: 48429: terminated before finishing first request
2025-05-21T17:20:42.914866+00:00 snaa-raf-l01 tac_plus-ng[48146]: radmavis: 48431: terminated before finishing first request
2025-05-21T17:20:43.016504+00:00 snaa-raf-l01 tac_plus-ng[48146]: radmavis: 48433: terminated before finishing first request
2025-05-21T17:20:43.116608+00:00 snaa-raf-l01 tac_plus-ng[48146]: radmavis: 48435: terminated before finishing first request
2025-05-21T17:20:43.261913+00:00 snaa-raf-l01 tac_plus-ng[48146]: radmavis: 48437: terminated before finishing first request
2025-05-21T17:20:43.270798+00:00 snaa-raf-l01 tac_plus-ng[48146]: - Error: Stray: 10.12.9.21 packet (sequence number: 3) for session 3365e5a0
2025-05-21T17:20:43.365502+00:00 snaa-raf-l01 tac_plus-ng[48146]: radmavis: 48439: terminated before finishing first request
2025-05-21T17:20:43.365570+00:00 snaa-raf-l01 tac_plus-ng[48146]: external: /usr/local/sbin/radmavis respawning too fast; throttling for 25 seconds.


[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
0x00007013b8d1ba61 in __GI___libc_read (fd=0, buf=0x617700ccdc10, nbytes=4096) at ../sysdeps/unix/sysv/linux/read.c:26

warning: 26 ../sysdeps/unix/sysv/linux/read.c: No such file or directory
(gdb) cont
Continuing.

Program received signal SIGSEGV, Segmentation fault.
0x0000000000000000 in ?? ()
(gdb)


root@snaa-raf-l01
[/var/log/tac_plus]# ( printf "0 TACPLUS\n4 patrick\n8 password@123\n49 AUTH\n=\n" ; sleep 60) | radmavis "group_attribute=Class" "authserver=dev.radius.dev:1812:dhuwher23e1"
0 TACPLUS
4 patrick
8 password@123
49 AUTH
Segmentation fault (core dumped)

Is radmavis supposed to be spawning all these processes?  

Thank you.

-Patrick

Marc Huber

unread,
May 21, 2025, 1:38:23 PMMay 21
to event-driv...@googlegroups.com
Hi Patrick,

On 21.05.2025 19:23, Patrick Topping wrote:
> Program received signal SIGSEGV, Segmentation fault.
> 0x0000000000000000 in ?? ()
> (gdb)

this is where you can run the GDB "bt" and "up" commands to isolate the
issue.

> Is radmavis supposed to be spawning all these processes?

No, tac_plus-ng is restarting these, hoping that one will survive.

Cheers,

Marc

Patrick Topping

unread,
May 21, 2025, 1:39:37 PMMay 21
to Event-Driven Servers
Marc,

I recorded a few more errors in syslog when doing testing.  

root@snaa-raf-l01
[/root]# ( printf "0 TACPLUS\n4 patrick\n8 password@123\n49 AUTH\n=\n" ; sleep 60) | radmavis "group_attribute=Class" "authserver=dev.radius.dev:1812:7XXXXX"

0 TACPLUS
4 patrick
8 password@123
49 AUTH
Segmentation fault (core dumped)

2025-05-21T17:37:11.740454+00:00 snaa-raf-l01 kernel: radmavis[48798]: segfault at 0 ip 0000000000000000 sp 00007fffb86b1d48 error 14 in radmavis[5e25d519a000+1000] likely on CPU 2 (core 2, socket 0)
2025-05-21T17:37:11.740471+00:00 snaa-raf-l01 kernel: Code: Unable to access opcode bytes at 0xffffffffffffffd6


Any thoughts?

-Patrick

Patrick Topping

unread,
May 21, 2025, 2:19:10 PMMay 21
to Event-Driven Servers
Marc,

I hope I am doing this correctly.  I am not seeing anything on the first PID.

root@snaa-raf-l01
[/var/log]# ps -ef | grep radmavis
root       51433       1  0 18:08 ?        00:00:00 [radmavis] <defunct>
root       51854   51852  0 18:14 ?        00:00:00 radmavis group_attribute=Class authserver=dev.radius.dev:1812:7XXXXX
root       51855   51853  0 18:14 ?        00:00:00 radmavis group_attribute=Class authserver=dev.radius.dev:1812:7XXXXX
root       51856   51852  0 18:14 ?        00:00:00 radmavis group_attribute=Class authserver=dev.radius.dev:1812:7XXXXX
root       51857   51853  0 18:14 ?        00:00:00 radmavis group_attribute=Class authserver=dev.radius.dev:1812:7XXXXX
root       51858   51852  0 18:14 ?        00:00:00 radmavis group_attribute=Class authserver=dev.radius.dev:1812:7XXXXX
root       51859   51853  0 18:14 ?        00:00:00 radmavis group_attribute=Class authserver=dev.radius.dev:1812:7XXXXX
root       51860   51852  0 18:14 ?        00:00:00 radmavis group_attribute=Class authserver=dev.radius.dev:1812:7XXXXX
root       51861   51853  0 18:14 ?        00:00:00 radmavis group_attribute=Class authserver=dev.radius.dev:1812:7XXXXX

root@snaa-raf-l01
[/tmp/event-driven-servers]# gdb -p 51854
GNU gdb (Ubuntu 15.0.50.20240403-0ubuntu1) 15.0.50.20240403-git
Copyright (C) 2024 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<https://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
    <http://www.gnu.org/software/gdb/documentation/>.

For help, type "help".
Type "apropos word" to search for commands related to "word".
Attaching to process 51854
Reading symbols from /usr/local/sbin/radmavis...
(No debugging symbols found in /usr/local/sbin/radmavis)
Reading symbols from /lib/x86_64-linux-gnu/libradcli.so.4...
(No debugging symbols found in /lib/x86_64-linux-gnu/libradcli.so.4)
Reading symbols from /lib/x86_64-linux-gnu/libc.so.6...
Reading symbols from /usr/lib/debug/.build-id/42/c84c92e6f98126b3e2230ebfdead22c235b667.debug...
Reading symbols from /lib/x86_64-linux-gnu/libgnutls.so.30...
(No debugging symbols found in /lib/x86_64-linux-gnu/libgnutls.so.30)
Reading symbols from /lib/x86_64-linux-gnu/libnettle.so.8...
(No debugging symbols found in /lib/x86_64-linux-gnu/libnettle.so.8)
Reading symbols from /lib64/ld-linux-x86-64.so.2...
Reading symbols from /usr/lib/debug/.build-id/1c/8db5f83bba514f8fd5f1fb6d7be975be1bb855.debug...
Reading symbols from /lib/x86_64-linux-gnu/libp11-kit.so.0...
(No debugging symbols found in /lib/x86_64-linux-gnu/libp11-kit.so.0)
Reading symbols from /lib/x86_64-linux-gnu/libidn2.so.0...
(No debugging symbols found in /lib/x86_64-linux-gnu/libidn2.so.0)
Reading symbols from /lib/x86_64-linux-gnu/libunistring.so.5...
(No debugging symbols found in /lib/x86_64-linux-gnu/libunistring.so.5)
Reading symbols from /lib/x86_64-linux-gnu/libtasn1.so.6...
(No debugging symbols found in /lib/x86_64-linux-gnu/libtasn1.so.6)
Reading symbols from /lib/x86_64-linux-gnu/libhogweed.so.6...
(No debugging symbols found in /lib/x86_64-linux-gnu/libhogweed.so.6)
Reading symbols from /lib/x86_64-linux-gnu/libgmp.so.10...
(No debugging symbols found in /lib/x86_64-linux-gnu/libgmp.so.10)
Reading symbols from /lib/x86_64-linux-gnu/libffi.so.8...
(No debugging symbols found in /lib/x86_64-linux-gnu/libffi.so.8)

[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
0x0000764c50b1ba61 in __GI___libc_read (fd=0, buf=0x5dcd5fc01c10, nbytes=4096) at ../sysdeps/unix/sysv/linux/read.c:26


warning: 26 ../sysdeps/unix/sysv/linux/read.c: No such file or directory
(gdb) cont
Continuing.
root@snaa-raf-l01
[/var/log/tac_plus]# ( printf "0 TACPLUS\n4 patrick\n8 password@123\n49 AUTH\n=\n" ; sleep 60) | radmavis "group_attribute=Class" "authserver=dev.radius.dev:1812:dhuwher23e1"
0 TACPLUS
4 patrick
8 password@123
49 AUTH
Segmentation fault (core dumped)

2025-05-21T18:14:34.019459+00:00 snaa-raf-l01 kernel: radmavis[51866]: segfault at 0 ip 0000000000000000 sp 00007fffa9257ea8 error 14 in radmavis[5ea149882000+1000] likely on CPU 0 (core 0, socket 0)
2025-05-21T18:14:34.019480+00:00 snaa-raf-l01 kernel: Code: Unable to access opcode bytes at 0xffffffffffffffd6.

Do I need to attach gdb to each radmavis PID?

-Patrick

Marc Huber

unread,
May 21, 2025, 3:26:35 PMMay 21
to event-driv...@googlegroups.com

Hi Patrick,

On 21.05.2025 20:19, Patrick Topping wrote:
warning: 26 ../sysdeps/unix/sysv/linux/read.c: No such file or directory
(gdb) cont
Continuing.

GDB will accept input here, after SEGV. Please try "bt" then, followed by a couple of "up" commands. This should clearly show where the SEGV actually occured.

Do I need to attach gdb to each radmavis PID?

Nope, no need for that, attaching to one crashing process is totally sufficient.

Thanks,

Marc


Patrick Topping

unread,
May 21, 2025, 4:46:47 PMMay 21
to Event-Driven Servers
Marc,

I had to run gdb on all the PIDs in order to grab the data for the one that is SEGV'ing.  Let me know if this is the data you need for further debugging / troubleshooting.

Thank you.

-Patrick

/////////////////////////

root@snaa-raf-l01
[/root]# gdb -p 53129

GNU gdb (Ubuntu 15.0.50.20240403-0ubuntu1) 15.0.50.20240403-git
Copyright (C) 2024 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<https://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
    <http://www.gnu.org/software/gdb/documentation/>.

For help, type "help".
Type "apropos word" to search for commands related to "word".
--Type <RET> for more, q to quit, c to continue without paging--
Attaching to process 53129
Reading symbols from /usr/local/sbin/radmavis...

This GDB supports auto-downloading debuginfo from the following URLs:
  <https://debuginfod.ubuntu.com>
Enable debuginfod for this session? (y or [n])
Debuginfod has been disabled.
To make this setting permanent, add 'set debuginfod enabled off' to .gdbinit.
0x00007372a7b1ba61 in __GI___libc_read (fd=0, buf=0x61ad6aa6bc10, nbytes=4096)
    at ../sysdeps/unix/sysv/linux/read.c:26


warning: 26 ../sysdeps/unix/sysv/linux/read.c: No such file or directory
(gdb) cont
Continuing.

Program received signal SIGSEGV, Segmentation fault.
0x0000000000000000 in ?? ()
(gdb) bt
#0  0x0000000000000000 in ?? ()
#1  0x00007372a7d56855 in ?? () from /lib/x86_64-linux-gnu/libradcli.so.4
#2  0x00007372a7d57719 in rc_aaa_ctx_server () from /lib/x86_64-linux-gnu/libradcli.so.4
#3  0x00007372a7d57ac0 in rc_aaa_ctx () from /lib/x86_64-linux-gnu/libradcli.so.4
#4  0x00007372a7d57b20 in rc_aaa () from /lib/x86_64-linux-gnu/libradcli.so.4
#5  0x00007372a7d57b49 in rc_auth () from /lib/x86_64-linux-gnu/libradcli.so.4
#6  0x000061ad5f492b13 in main ()
(gdb) up
#1  0x00007372a7d56855 in ?? () from /lib/x86_64-linux-gnu/libradcli.so.4
(gdb) up
#2  0x00007372a7d57719 in rc_aaa_ctx_server () from /lib/x86_64-linux-gnu/libradcli.so.4
(gdb) up
#3  0x00007372a7d57ac0 in rc_aaa_ctx () from /lib/x86_64-linux-gnu/libradcli.so.4
(gdb) up
#4  0x00007372a7d57b20 in rc_aaa () from /lib/x86_64-linux-gnu/libradcli.so.4
(gdb) up
#5  0x00007372a7d57b49 in rc_auth () from /lib/x86_64-linux-gnu/libradcli.so.4
(gdb) up
#6  0x000061ad5f492b13 in main ()
(gdb) up
Initial frame selected; you cannot go up.
(gdb)

Marc Huber

unread,
May 22, 2025, 11:11:49 AMMay 22
to event-driv...@googlegroups.com
Hi Patrick,

thanks, I think the issue is that the libradcli routines actually
require a configuation file to be present for initializing some internal
values.

I've pushed f468eb527ae8c0acda84967b547c52f5693ee0dc, please git pull,
rebulid and retry. I hope this resolves the issue, or will at least
cause radmavis to provide a suitable hint.

Thanks,

Marc

On 21.05.2025 20:19, Patrick Topping wrote:
> Marc,
>

Patrick Topping

unread,
May 22, 2025, 4:14:30 PMMay 22
to Event-Driven Servers
Marc,

My apologies for not updating you sooner, but I have found a workaround for this, as well as a better way to deploy and manage tac_plus-ng.  

I found that if I run tac_plus-ng as a Docker container, the issue that I have been seeing with radmavis does not happen.  I have been 100% successful using radmavis and our development Radius servers.  

20:09:05.528205 ens33 Out IP (tos 0x0, ttl 63, id 20585, offset 0, flags [DF], proto UDP (17), length 94)
    SNAA-RAF-L01.xxxx.xxx.com.40770 > 10.45.135.37.radius: [bad udp cksum 0x9eac -> 0xa24f!] RADIUS, length: 66
Access-Request (1), id: 0xab, Authenticator: 00725848966e1500f78a506e130f3785
  User-Name Attribute (1), length: 10, Value: 'username'
    0x0000:  7074 6f70 7069 6e67
  User-Password Attribute (2), length: 18, Value:
    0x0000:  d0a0 0e84 347a 2426 4150 2895 dd7d 8397
  Service-Type Attribute (6), length: 6, Value: Authenticate Only
    0x0000:  0000 0008
  NAS-Port Attribute (5), length: 6, Value: 0
    0x0000:  0000 0000
  NAS-IP-Address Attribute (4), length: 6, Value: 172.17.0.2
    0x0000:  ac11 0002

Is there an option to add to this command to add in the TACACS group?  I see my username in the packets to the Radius server.  I would like to have the group attribute added in the packet to the Radius server.  

I will test the new build you submitted so that your efforts are not wasted.  

Thank you.

-Patrick

Marc Huber

unread,
May 23, 2025, 11:25:46 AMMay 23
to event-driv...@googlegroups.com

Hi Patrick,

great to hear that it works in a container!

Regarding TACACS+ groups: Typically, this works the other way around and the TACACS+ server will receive the RADIUS attribute (Class/25) for evaluation. Causing the TACACS+ server to set an additional MAVIS attribute which can be evaluated by radmavis (e.g., for setting the Class attriburte) sounds interesting, but it's currently not an option. Also, group membership looks unsuitable as the user might be in multiple groups.

Cheers,

Marc

Patrick Topping

unread,
May 29, 2025, 6:03:20 PMMay 29
to Event-Driven Servers
Marc,

Thank. you for the feedback on groups.  

One quick question for you.  Does radmavis support RADSEC?  I have a requirement to ensure that communication from the TACACS server to the Radius backend be secure end to end.  If I am able to do this in tac_plus-ng rather than a proxy, that would be great.  

Thank you.

-Patrick

Marc Huber

unread,
May 30, 2025, 7:04:34 AMMay 30
to event-driv...@googlegroups.com
Hi Patrick,

raccli supports RADSEC, so building radmavis with radcli support and
using a suitable configuration file (/etc/radcli/radiusclient-tls.conf
might be available on your system) might be sufficient. Never tried that.

Cheers,

Marc
Reply all
Reply to author
Forward
0 new messages