Vyjádřeni Software Freedom Conservancy (SFC) k porušování licence AGPLv3 společností Bambu Lab v jejich softwaru Bambu Studio pro 3D tisk. Bambu Studio vychází z PrusaSliceru. Ten zase z Slic3ru. Spuštěn byl projekt baltobu, který kombinuje několik strategií pro řešení problému. SFC zastřeší vývoj svobodné náhrady proprietární knihovny libbambu_networking pomocí reverzního inženýrství a reimplementace, forku OrcaSliceru pro Bambu Lab tiskárny od Paweła Jarczaka a forku celého Bambu Studia pod názvem Viscose.
Správce souborů GNOME Commander (Wikipedie) byl přepsán do Rustu a vydán v nové verzi 2.0.0.
Sway (Wikipedie), dlaždicový (tiling) správce oken pro Wayland kompatibilní s i3, byl vydán ve verzi 1.12. Do vývoje se zapojilo 50 vývojářů. Přehled novinek na GitHubu. Sway 1.12 závisí na wlroots 0.20.0.
Papež Lev XIV. ve své první encyklice Magnifica Humanitas (Skvělé lidství), která se věnuje umělé inteligenci (AI), varoval před dezinformacemi, které AI manipulací s obsahem vytváří. Moc mají podle něj sociální sítě ovládané hrstkou soukromníků. Upozornil také roli digitálních platforem v obchodování s lidmi, které podle něj musí být uznáno jako současná forma otroctví. Papež se také poprvé omluvil za roli, kterou Vatikán sehrál při legitimizaci otroctví, a za to, že jej po staletí neodsoudil.
Český telekomunikační úřad zveřejnil Výroční zprávu za rok 2025 (pdf), která shrnuje jeho hlavní aktivity v oblasti regulace elektronických komunikací, poštovních služeb, digitálních služeb a přípravy na dohled nad umělou inteligencí. Součástí zprávy jsou také data o vývoji trhu, včetně pokračujícího růstu spotřeby mobilních dat a rozšiřování sítí nové generace. Celkový objem přenesených mobilních dat dosáhl v roce 2025 přibližně
… více »Tým sdružení CZ.NIC vyvíjející routovacího daemona BIRD oznámil vydání nových verzí 3.3.0 a 2.19.0. Ty přinášejí podporu pro EVPN/VXLAN a automatizaci BGP na základě router advertisementů. Více informací je k dispozici v archivu uživatelského mailing-listu.
Open source software pro úpravu digitálních fotografií LightZone (Wikipedie) byl vydán v nové verzi 5.0.0. LightZone je dnes k dispozici pod licencí BSD. Původně se jednalo o proprietární software vyvíjený společností Light Crafts. Ta v prosinci 2012 souhlasila s uvolněním zdrojových kódů jako open source [Wayback Machine].
Byla vydána verze 0.84 telnet a ssh klienta PuTTY (Wikipedie). Podrobnosti v přehledu nových vlastností a oprav chyb a Change Logu.
Microsoft představil Azure Linux 4.0 a Azure Container Linux. Na konferenci Open Source Summit North America 2026 organizované konsorciem Linux Foundation a sponzorované také Microsoftem. Azure Linux 4.0 vychází z Fedora Linuxu. Azure Container Linux je založen na projektu Flatcar. Azure Linux (GitHub, Wikipedie) byl původně znám jako CBL-Mariner.
Nové číslo časopisu Raspberry Pi zdarma ke čtení: Raspberry Pi Official Magazine 165 (pdf).
Dobrý den, potřeboval bych poradit. Mám nainstalovaný Freeradius na serveru lenny, chtěl bych jen ověřování na soubor users.
Lokálně mě ověří uživatele, ale pomocí wifi ne. Procházím log a na žádnou chybu jsem nepřišel.
Mohl by mě někdo poradit kde mám chybu? Přikládám výpis obraovky po příkazu freeradius -X a pak po pokusu ověření uživatele:
freeradius -X:
}
client localhost {
ipaddr = 127.0.0.1
require_message_authenticator = no
secret = "testing123"
nastype = "other"
}
client 10.0.140.36 {
require_message_authenticator = no
secret = "123456"
nastype = "other"
}
radiusd: #### Loading Realms and Home Servers ####
proxy server {
retry_delay = 5
retry_count = 3
default_fallback = no
dead_time = 120
wake_all_if_all_dead = no
}
home_server localhost {
ipaddr = 127.0.0.1
port = 1812
type = "auth"
secret = "testing123"
response_window = 20
max_outstanding = 65536
zombie_period = 40
status_check = "status-server"
ping_check = "none"
ping_interval = 30
check_interval = 30
num_answers_to_alive = 3
num_pings_to_alive = 3
revive_interval = 120
status_check_timeout = 4
}
home_server_pool my_auth_failover {
type = fail-over
home_server = localhost
}
realm example.com {
auth_pool = my_auth_failover
}
realm LOCAL {
}
radiusd: #### Instantiating modules ####
instantiate {
Module: Linked to module rlm_exec
Module: Instantiating exec
exec {
wait = yes
input_pairs = "request"
shell_escape = yes
}
Module: Linked to module rlm_expr
Module: Instantiating expr
Module: Linked to module rlm_expiration
Module: Instantiating expiration
expiration {
reply-message = "Password Has Expired "
}
Module: Linked to module rlm_logintime
Module: Instantiating logintime
logintime {
reply-message = "You are calling outside your allowed timespan "
minimum-timeout = 60
}
}
radiusd: #### Loading Virtual Servers ####
server inner-tunnel {
modules {
Module: Checking authenticate {...} for more modules to load
Module: Linked to module rlm_pap
Module: Instantiating pap
pap {
encryption_scheme = "auto"
auto_header = no
}
Module: Linked to module rlm_chap
Module: Instantiating chap
Module: Linked to module rlm_mschap
Module: Instantiating mschap
mschap {
use_mppe = yes
require_encryption = no
require_strong = no
with_ntdomain_hack = no
}
Module: Linked to module rlm_unix
Module: Instantiating unix
unix {
radwtmp = "/var/log/freeradius/radwtmp"
}
Module: Linked to module rlm_eap
Module: Instantiating eap
eap {
default_eap_type = "md5"
timer_expire = 60
ignore_unknown_eap_types = no
cisco_accounting_username_bug = no
}
Module: Linked to sub-module rlm_eap_md5
Module: Instantiating eap-md5
Module: Linked to sub-module rlm_eap_leap
Module: Instantiating eap-leap
Module: Linked to sub-module rlm_eap_gtc
Module: Instantiating eap-gtc
gtc {
challenge = "Password: "
auth_type = "PAP"
}
rlm_eap: Ignoring EAP-Type/tls because we do not have OpenSSL support.
rlm_eap: Ignoring EAP-Type/ttls because we do not have OpenSSL support.
rlm_eap: Ignoring EAP-Type/peap because we do not have OpenSSL support.
Module: Linked to sub-module rlm_eap_mschapv2
Module: Instantiating eap-mschapv2
mschapv2 {
with_ntdomain_hack = no
}
Module: Checking authorize {...} for more modules to load
Module: Linked to module rlm_realm
Module: Instantiating suffix
realm suffix {
format = "suffix"
delimiter = "@"
ignore_default = no
ignore_null = no
}
Module: Linked to module rlm_files
Module: Instantiating files
files {
usersfile = "/etc/freeradius/users"
acctusersfile = "/etc/freeradius/acct_users"
preproxy_usersfile = "/etc/freeradius/preproxy_users"
compat = "no"
}
Module: Checking session {...} for more modules to load
Module: Linked to module rlm_radutmp
Module: Instantiating radutmp
radutmp {
filename = "/var/log/freeradius/radutmp"
username = "%{User-Name}"
case_sensitive = yes
check_with_nas = yes
perm = 384
callerid = yes
}
Module: Checking post-proxy {...} for more modules to load
Module: Checking post-auth {...} for more modules to load
Module: Linked to module rlm_attr_filter
Module: Instantiating attr_filter.access_reject
attr_filter attr_filter.access_reject {
attrsfile = "/etc/freeradius/attrs.access_reject"
key = "%{User-Name}"
}
}
}
server {
modules {
Module: Checking authenticate {...} for more modules to load
Module: Checking authorize {...} for more modules to load
Module: Linked to module rlm_preprocess
Module: Instantiating preprocess
preprocess {
huntgroups = "/etc/freeradius/huntgroups"
hints = "/etc/freeradius/hints"
with_ascend_hack = no
ascend_channels_per_line = 23
with_ntdomain_hack = no
with_specialix_jetstream_hack = no
with_cisco_vsa_hack = no
with_alvarion_vsa_hack = no
}
Module: Checking preacct {...} for more modules to load
Module: Linked to module rlm_acct_unique
Module: Instantiating acct_unique
acct_unique {
key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port"
}
Module: Checking accounting {...} for more modules to load
Module: Linked to module rlm_detail
Module: Instantiating detail
detail {
detailfile = "/var/log/freeradius/radacct/%{Client-IP-Address}/detail-%Y%m%d"
header = "%t"
detailperm = 384
dirperm = 493
locking = no
log_packet_header = no
}
Module: Instantiating attr_filter.accounting_response
attr_filter attr_filter.accounting_response {
attrsfile = "/etc/freeradius/attrs.accounting_response"
key = "%{User-Name}"
}
Module: Checking session {...} for more modules to load
Module: Checking post-proxy {...} for more modules to load
Module: Checking post-auth {...} for more modules to load
}
}
radiusd: #### Opening IP addresses and Ports ####
listen {
type = "auth"
ipaddr = *
port = 0
}
listen {
type = "acct"
ipaddr = *
port = 0
}
main {
snmp = no
smux_password = ""
snmp_write_access = no
}
Listening on authentication address * port 1812
Listening on accounting address * port 1813
Listening on proxy address * port 1814
Ready to process requests.
Výpis po pokusu přihlášení uživatele:
User-Name = "steve"
NAS-IP-Address = 10.0.140.36
NAS-Port = 0
Called-Station-Id = "00-06-25-53-C4-44"
Calling-Station-Id = "00-15-AF-39-16-4C"
NAS-Identifier = "DWL-900AP+"
Framed-MTU = 1380
NAS-Port-Type = Wireless-802.11
EAP-Message = 0x02010016017374657665406578616d706c652e636f6d
Message-Authenticator = 0x00000000000000000000000000000000
Proxy-State = 0x34
Proxying request 0 to home server 127.0.0.1 port 1812
Sending Access-Request of id 38 to 127.0.0.1 port 1812
User-Name = "steve"
NAS-IP-Address = 10.0.140.36
NAS-Port = 0
Called-Station-Id = "00-06-25-53-C4-44"
Calling-Station-Id = "00-15-AF-39-16-4C"
NAS-Identifier = "DWL-900AP+"
Framed-MTU = 1380
NAS-Port-Type = Wireless-802.11
EAP-Message = 0x02010016017374657665406578616d706c652e636f6d
Message-Authenticator = 0x00000000000000000000000000000000
Proxy-State = 0x34
Going to the next request
Waking up in 0.9 seconds.
rad_recv: Access-Request packet from host 127.0.0.1 port 1814, id=38, length=146
User-Name = "steve"
NAS-IP-Address = 10.0.140.36
NAS-Port = 0
Called-Station-Id = "00-06-25-53-C4-44"
Calling-Station-Id = "00-15-AF-39-16-4C"
NAS-Identifier = "DWL-900AP+"
Framed-MTU = 1380
NAS-Port-Type = Wireless-802.11
EAP-Message = 0x02010016017374657665406578616d706c652e636f6d
Message-Authenticator = 0x029564472d5046845551542895755322
Proxy-State = 0x34
+- entering group authorize
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
rlm_realm: No '@' in User-Name = "steve", looking up realm NULL
rlm_realm: No such realm "NULL"
++[suffix] returns noop
rlm_eap: EAP packet type response id 1 length 22
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[unix] returns notfound
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
rlm_pap: WARNING! No "known good" password found for the user. Authentication may fail because of this.
++[pap] returns noop
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
+- entering group authenticate
rlm_eap: Identity does not match User-Name, setting from EAP Identity.
rlm_eap: Failed in handler
++[eap] returns invalid
auth: Failed to validate the user.
Login incorrect: [steve/<via Auth-Type = EAP>] (from client localhost port 0 cli 00-15-AF-39-16-4C)
Found Post-Auth-Type Reject
+- entering group REJECT
expand: %{User-Name} -> steve
attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 1 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 1
Sending Access-Reject of id 38 to 127.0.0.1 port 1814
Proxy-State = 0x34
Waking up in 4.9 seconds.
rad_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=38, length=23
Proxy-State = 0x34
+- entering group post-proxy
rlm_eap: No pre-existing handler found
++[eap] returns noop
Login incorrect (Home Server says so): [steve@example.com/<no User-Password attribute>] (from client 10.0.140.36 port 0 cli 00-15-AF-39-16-4C)
Found Post-Auth-Type Reject
+- entering group REJECT
expand: %{User-Name} -> steve@example.com
attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Sending Access-Reject of id 4 to 10.0.140.36 port 1238
Finished request 0.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 10.0.140.36 port 1238, id=5, length=155
User-Name = "steve@example.com"
NAS-IP-Address = 10.0.140.36
NAS-Port = 0
Called-Station-Id = "00-06-25-53-C4-44"
Calling-Station-Id = "00-15-AF-39-16-4C"
NAS-Identifier = "DWL-900AP+"
Framed-MTU = 1380
NAS-Port-Type = Wireless-802.11
EAP-Message = 0x02010016017374657665406578616d706c652e636f6d
Message-Authenticator = 0x4f5425f4dd6b1b41389eda17d1918b8a
+- entering group authorize
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
rlm_realm: Looking up realm "example.com" for User-Name = "steve@example.com"
rlm_realm: Found realm "example.com"
rlm_realm: Adding Stripped-User-Name = "steve"
rlm_realm: Adding Realm = "example.com"
rlm_realm: Proxying request from user steve to realm example.com
rlm_realm: Preparing to proxy authentication request to realm "example.com"
++[suffix] returns updated
rlm_eap: Request is supposed to be proxied to Realm example.com. Not doing EAP.
++[eap] returns noop
++[unix] returns notfound
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
Sending Access-Request of id 85 to 127.0.0.1 port 1812
User-Name = "steve"
NAS-IP-Address = 10.0.140.36
NAS-Port = 0
Called-Station-Id = "00-06-25-53-C4-44"
Calling-Station-Id = "00-15-AF-39-16-4C"
NAS-Identifier = "DWL-900AP+"
Framed-MTU = 1380
NAS-Port-Type = Wireless-802.11
EAP-Message = 0x02010016017374657665406578616d706c652e636f6d
Message-Authenticator = 0x00000000000000000000000000000000
Proxy-State = 0x35
Proxying request 2 to home server 127.0.0.1 port 1812
Sending Access-Request of id 85 to 127.0.0.1 port 1812
User-Name = "steve"
NAS-IP-Address = 10.0.140.36
NAS-Port = 0
Called-Station-Id = "00-06-25-53-C4-44"
Calling-Station-Id = "00-15-AF-39-16-4C"
NAS-Identifier = "DWL-900AP+"
Framed-MTU = 1380
NAS-Port-Type = Wireless-802.11
EAP-Message = 0x02010016017374657665406578616d706c652e636f6d
Message-Authenticator = 0x00000000000000000000000000000000
Proxy-State = 0x35
Going to the next request
Waking up in 0.9 seconds.
rad_recv: Access-Request packet from host 127.0.0.1 port 1814, id=85, length=146
User-Name = "steve"
NAS-IP-Address = 10.0.140.36
NAS-Port = 0
Called-Station-Id = "00-06-25-53-C4-44"
Calling-Station-Id = "00-15-AF-39-16-4C"
NAS-Identifier = "DWL-900AP+"
Framed-MTU = 1380
NAS-Port-Type = Wireless-802.11
EAP-Message = 0x02010016017374657665406578616d706c652e636f6d
Message-Authenticator = 0x4db0a4fc255b87ca20e388f45a08d9ab
Proxy-State = 0x35
+- entering group authorize
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
rlm_realm: No '@' in User-Name = "steve", looking up realm NULL
rlm_realm: No such realm "NULL"
++[suffix] returns noop
rlm_eap: EAP packet type response id 1 length 22
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[unix] returns notfound
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
rlm_pap: WARNING! No "known good" password found for the user. Authentication may fail because of this.
++[pap] returns noop
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
+- entering group authenticate
rlm_eap: Identity does not match User-Name, setting from EAP Identity.
rlm_eap: Failed in handler
++[eap] returns invalid
auth: Failed to validate the user.
Login incorrect: [steve/<via Auth-Type = EAP>] (from client localhost port 0 cli 00-15-AF-39-16-4C)
Found Post-Auth-Type Reject
+- entering group REJECT
expand: %{User-Name} -> steve
attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 3 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 3
Sending Access-Reject of id 85 to 127.0.0.1 port 1814
Proxy-State = 0x35
Waking up in 1.5 seconds.
rad_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=85, length=23
Proxy-State = 0x35
+- entering group post-proxy
rlm_eap: No pre-existing handler found
++[eap] returns noop
Login incorrect (Home Server says so): [steve@example.com/<no User-Password attribute>] (from client 10.0.140.36 port 0 cli 00-15-AF-39-16-4C)
Found Post-Auth-Type Reject
+- entering group REJECT
expand: %{User-Name} -> steve@example.com
attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Sending Access-Reject of id 5 to 10.0.140.36 port 1238
Finished request 2.
Going to the next request
Waking up in 1.4 seconds.
Cleaning up request 1 ID 38 with timestamp +42
Cleaning up request 0 ID 4 with timestamp +42
Waking up in 3.4 seconds.
Cleaning up request 3 ID 85 with timestamp +45
Cleaning up request 2 ID 5 with timestamp +45
Ready to process requests.
Na otázku zatím nikdo bohužel neodpověděl.
Tiskni
Sdílej:
AbcLinuxu.cz
ITBiz.cz
HDmag.cz
AbcPráce.cz