CentOS7源码编译安装FreeRadius3.17
(一)环境简介1.OS:Centos7.4
2.软件:Freeradiusd3.17(ftp://ftp.freeradius.org/pub/freeradius/freeradius-server-3.0.17.tar.gz)
3.网站:https://freeradius.org/
(二)安装
1.yum安装所需的依赖包
#yum installopenssl openssl-devel libtalloc-devel libtalloc*-y
#yum install openldap-devel python-devel-y
2.解压和编译安装。由于编译安装默认的路径是/usr/local/etc/raddb/下
#wget ftp://ftp.freeradius.org/pub/freeradius/freeradius-server-3.0.17.tar.gz
# tar xf freeradius-server-3.0.17.tar.gz
#cd freeradius-server-3.0.17
#./configure
#make && make install
# cd /usr/local/etc/raddb/
# ls
certs experimental.confmods-availablepanic.gdb radiusd.conf sites-enabled users
clients.confhints mods-config policy.d README.rst templates.conf
dictionary huntgroups mods-enabled proxy.confsites-availabletrigger.conf
3.配置radiusd启动服务文件
# groupadd radiusd
# useradd -g radiusd radiusd -s /sbin/nologin
# vim /usr/lib/systemd/system/radiusd.service
Description=FreeRADIUS high performance RADIUS server.
After=syslog.target network.target ipa.service dirsrv.target krb5kdc.service
Type=forking
PIDFile=/usr/local/var/run/radiusd/radiusd.pid
ExecStartPre=-/bin/chown -R radiusd.radiusd /usr/local/var/run/radiusd
ExecStartPre=/usr/local/sbin/radiusd -C
ExecStart=/usr/local/sbin/radiusd -d /usr/local/etc/raddb
ExecReload=/usr/local/sbin/radiusd -C
ExecReload=/bin/kill -HUP $MAINPID
WantedBy=multi-user.target
4.创建启动服务
# systemctl enable radiusd
# systemctl start radiusd
# systemctl status radiusd
● radiusd.service - FreeRADIUS high performance RADIUS server.
Loaded: loaded (/usr/lib/systemd/system/radiusd.service; enabled; vendor preset: disabled)
Active: active (running) since Tue 2018-08-14 14:11:51 CST; 13min ago
Main PID: 26259 (radiusd)
CGroup: /system.slice/radiusd.service
└─26259 /usr/local/sbin/radiusd -d /usr/local/etc/raddb
Aug 14 14:11:51 localhost.localdomain systemd: Starting FreeRADIUS high performance RADIUS server....
Aug 14 14:11:51 localhost.localdomain systemd: Started FreeRADIUS high performance RADIUS server..
# systemctl restart radiusd
# systemctl status radiusd
● radiusd.service - FreeRADIUS high performance RADIUS server.
Loaded: loaded (/usr/lib/systemd/system/radiusd.service; enabled; vendor preset: disabled)
Active: active (running) since Tue 2018-08-14 14:25:31 CST; 1s ago
Process: 29267 ExecStart=/usr/local/sbin/radiusd -d /usr/local/etc/raddb (code=exited, status=0/SUCCESS)
Process: 29263 ExecStartPre=/usr/local/sbin/radiusd -C (code=exited, status=0/SUCCESS)
Process: 29261 ExecStartPre=/bin/chown -R radiusd.radiusd /usr/local/var/run/radiusd (code=exited, status=0/SUCCESS)
Main PID: 29270 (radiusd)
CGroup: /system.slice/radiusd.service
└─29270 /usr/local/sbin/radiusd -d /usr/local/etc/raddb
Aug 14 14:25:31 localhost.localdomain systemd: Starting FreeRADIUS high performance RADIUS server....
Aug 14 14:25:31 localhost.localdomain systemd: Started FreeRADIUS high performance RADIUS server..
备注:如果系统是centos6.x以下的版本,具体配置如下
# cp /usr/local/sbin/rc.radiusd /etc/init.d/radiused
# /etc/init.d/radiused start
当出现报错的时候“/usr/local/etc/raddb/mods-enabled/ldap: Failed to link to module 'rlm_ldap': /usr/local/lib/rlm_ldap.so: cannot open shared object file: No such file or directory
”
造成服务起不来是由于编译的时候出现warning时编译rlm_ldap失败造成的。需要libldap2-dev 库文件
=== configuring in src/modules/rlm_ldap (/opt/freeradius-server-3.0.17/src/modules/rlm_ldap)
configure: running /bin/sh ./configure --disable-option-checking '--prefix=/usr/local'--cache-file=../../../config.cache --srcdir=.
configure: loading cache ../../../config.cache
checking for gcc... (cached) gcc
checking for C compiler default output file name... a.out
> checking whether the C compiler works... yes
> checking whether we are cross compiling... no
> checking for suffix of executables...
> checking for suffix of object files... o
> checking whether we are using the GNU C compiler... yes
> checking whether gcc accepts -g... yes
> checking for gcc option to accept ISO C89... none needed
> checking for pthread_create in -lpthread... yes
> checking for ldap_init in -lldap_r... no
> checking for ldap.h... no
> configure: WARNING: silently not building rlm_ldap.
> configure: WARNING: FAILURE: rlm_ldap requires:libldap_r ldap.h.
> configure: creating ./config.status
> config.status: creating Makefile
解决办法是
# yum install openldap-devel python-devel-y
既可以解决。
页:
[1]