Я пытаюсь настроить сервер Freeradius, но когда я пытаюсь запустить его с
# service freeradius start Job for freeradius.service failed because the control process exited with error code. See "systemctl status freeradius.service" and "journalctl -xe" for details. когда я пишу журнал, я получаю это
-- The start-up result is done. Dec 30 16:03:05 pppie sudo[19994]: dilian : TTY=pts/0 ; PWD=/home/dilian ; USER=root ; COMMAND=/bin/su Dec 30 16:03:05 pppie sudo[19994]: pam_unix(sudo:session): session opened for user root by dilian(uid=0) Dec 30 16:03:06 pppie su[19995]: Successful su for root by root Dec 30 16:03:06 pppie su[19995]: + /dev/pts/0 root:root Dec 30 16:03:06 pppie su[19995]: pam_unix(su:session): session opened for user root by dilian(uid=0) Dec 30 16:03:06 pppie su[19995]: pam_systemd(su:session): Cannot create session: Already running in a session Dec 30 16:03:28 pppie systemd[1]: Starting LSB: Radius Daemon... -- Subject: Unit freeradius.service has begun start-up -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit freeradius.service has begun starting up. Dec 30 16:03:28 pppie freeradius[20039]: * Starting FreeRADIUS daemon freeradius Dec 30 16:03:28 pppie freeradius[20039]: ...fail! Dec 30 16:03:28 pppie systemd[1]: freeradius.service: Control process exited, code=exited status=1 Dec 30 16:03:28 pppie systemd[1]: Failed to start LSB: Radius Daemon. -- Subject: Unit freeradius.service has failed -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit freeradius.service has failed. -- -- The result is failed. Dec 30 16:03:28 pppie systemd[1]: freeradius.service: Unit entered failed state. Dec 30 16:03:28 pppie systemd[1]: freeradius.service: Failed with result 'exit-code'. И когда я пытаюсь "freeradius -X", я добираюсь до последней линии, и она остается там, ничего не делая.
> # freeradius -X freeradius: FreeRADIUS Version 2.2.8, for host x86_64-pc-linux-gnu, built on Apr > 5 2016 at 13:40:43 Copyright (C) 1999-2015 The FreeRADIUS server > project and contributors. There is NO warranty; not even for > MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. You may > redistribute copies of FreeRADIUS under the terms of the GNU General > Public License. For more information about these matters, see the file > named COPYRIGHT. Starting - reading configuration files ... including > configuration file /etc/freeradius/radiusd.conf including > configuration file /etc/freeradius/proxy.conf including configuration > file /etc/freeradius/clients.conf including configuration file > /etc/freeradius/snmp.conf including configuration file > /etc/freeradius/nibs.conf main { > user = "nobody" > group = "nobody" > allow_core_dumps = no } including dictionary file /etc/freeradius/dictionary main { > name = "radiusd" > prefix = "/usr/local" > localstatedir = "/var" > sbindir = "/usr/local/sbin" > logdir = "/var/log" > run_dir = "/var/run/radiusd" > libdir = "/usr/local/lib" > radacctdir = "/var/log/radacct" > hostname_lookups = no > max_request_time = 30 > cleanup_delay = 5 > max_requests = 1024 > pidfile = "/var/run/radiusd/radiusd.pid" > checkrad = "/usr/local/sbin/checkrad" > debug_level = 0 > proxy_requests = no > log_auth = no > log_auth_badpass = yes > log_auth_goodpass = yes > log_stripped_names = no security { > max_attributes = 200 > reject_delay = 1 > status_server = no > allow_vulnerable_openssl = no } } radiusd: #### Loading Realms and Home Servers #### proxy server { > retry_delay = 5 > retry_count = 3 > default_fallback = no > dead_time = 120 > wake_all_if_all_dead = no } home_server localhost { > ipaddr = 127.0.0.1 > port = 1812 > type = "auth" > secret = "testing123" > response_window = 20 > max_outstanding = 65536 > require_message_authenticator = yes > zombie_period = 40 > status_check = "status-server" > ping_interval = 30 > check_interval = 30 > num_answers_to_alive = 3 > num_pings_to_alive = 3 > revive_interval = 120 > status_check_timeout = 4 coa { > irt = 2 > mrt = 16 > mrc = 5 > mrd = 30 } } home_server_pool my_auth_failover { > type = fail-over > home_server = localhost } realm example.com { > auth_pool = my_auth_failover } realm LOCAL { } radiusd: #### Loading Clients #### client localhost { > ipaddr = 127.0.0.1 > require_message_authenticator = no > secret = "testing123" > nastype = "other" } radiusd: #### Instantiating modules #### instantiate { Module: Linked to module rlm_exec Module: > Instantiating module "exec" from file /etc/freeradius/radiusd.conf > exec { > wait = yes > input_pairs = "request" > shell_escape = yes } Module: Linked to module rlm_expr Module: Instantiating module "expr" from file > /etc/freeradius/radiusd.conf } radiusd: #### Loading Virtual Servers > #### server { # from file /etc/freeradius/radiusd.conf modules { } # modules } # server radiusd: #### Opening IP addresses and Ports #### > bind_address = * WARNING: The directive 'bind_address' is deprecated, and will be removed in futu > re versions of FreeRADIUS. Please edit the configuration files to use > the direct > ive 'listen'. Listening on authentication address * port 1812 > Listening on accounting address * port 1813 Ready to process requests. нет сообщения об ошибке, и я не знаю, что делать, чтобы это исправить ... я использую Ubuntu server 16.04
если у кого-то есть идея, что не так? 10 раз за ваше время.
Когда я попробую
root@pppie:/home/dilian# freeradius -f -lstdout -XXX Fri Jan 6 14:05:36 2017 : Info: freeradius: FreeRADIUS Version 2.2.8, for host x86_64-pc-linux-gnu, built on Apr 5 2016 at 13:40:43 Fri Jan 6 14:05:36 2017 : Debug: Server was built with: Fri Jan 6 14:05:36 2017 : Debug: accounting Fri Jan 6 14:05:36 2017 : Debug: authentication Fri Jan 6 14:05:36 2017 : Debug: WITH_DHCP Fri Jan 6 14:05:36 2017 : Debug: WITH_VMPS Fri Jan 6 14:05:36 2017 : Debug: Server core libs: Fri Jan 6 14:05:36 2017 : Debug: ssl: OpenSSL 1.0.2g 1 Mar 2016 Fri Jan 6 14:05:36 2017 : Info: Copyright (C) 1999-2015 The FreeRADIUS server project and contributors. Fri Jan 6 14:05:36 2017 : Info: There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A Fri Jan 6 14:05:36 2017 : Info: PARTICULAR PURPOSE. Fri Jan 6 14:05:36 2017 : Info: You may redistribute copies of FreeRADIUS under the terms of the Fri Jan 6 14:05:36 2017 : Info: GNU General Public License. Fri Jan 6 14:05:36 2017 : Info: For more information about these matters, see the file named COPYRIGHT. Fri Jan 6 14:05:36 2017 : Info: Starting - reading configuration files ... Fri Jan 6 14:05:36 2017 : Debug: including configuration file /etc/freeradius/radiusd.conf Fri Jan 6 14:05:36 2017 : Debug: including configuration file /etc/freeradius/proxy.conf Fri Jan 6 14:05:36 2017 : Debug: including configuration file /etc/freeradius/clients.conf Fri Jan 6 14:05:36 2017 : Debug: including configuration file /etc/freeradius/snmp.conf Fri Jan 6 14:05:36 2017 : Debug: including configuration file /etc/freeradius/nibs.conf Fri Jan 6 14:05:36 2017 : Debug: main { Fri Jan 6 14:05:36 2017 : Debug: user = "nobody" Fri Jan 6 14:05:36 2017 : Debug: group = "nobody" Fri Jan 6 14:05:36 2017 : Debug: allow_core_dumps = no Fri Jan 6 14:05:36 2017 : Debug: } Fri Jan 6 14:05:36 2017 : Debug: including dictionary file /etc/freeradius/dictionary Fri Jan 6 14:05:36 2017 : Debug: main { Fri Jan 6 14:05:36 2017 : Debug: name = "radiusd" Fri Jan 6 14:05:36 2017 : Debug: prefix = "/usr/local" Fri Jan 6 14:05:36 2017 : Debug: localstatedir = "/var" Fri Jan 6 14:05:36 2017 : Debug: sbindir = "/usr/local/sbin" Fri Jan 6 14:05:36 2017 : Debug: logdir = "/var/log" Fri Jan 6 14:05:36 2017 : Debug: run_dir = "/var/run/radiusd" Fri Jan 6 14:05:36 2017 : Debug: libdir = "/usr/local/lib" Fri Jan 6 14:05:36 2017 : Debug: radacctdir = "/var/log/radacct" Fri Jan 6 14:05:36 2017 : Debug: hostname_lookups = no Fri Jan 6 14:05:36 2017 : Debug: max_request_time = 30 Fri Jan 6 14:05:36 2017 : Debug: cleanup_delay = 5 Fri Jan 6 14:05:36 2017 : Debug: max_requests = 1024 Fri Jan 6 14:05:36 2017 : Debug: pidfile = "/var/run/radiusd/radiusd.pid" Fri Jan 6 14:05:36 2017 : Debug: checkrad = "/usr/local/sbin/checkrad" Fri Jan 6 14:05:36 2017 : Debug: debug_level = 0 Fri Jan 6 14:05:36 2017 : Debug: proxy_requests = no Fri Jan 6 14:05:36 2017 : Debug: log_auth = no Fri Jan 6 14:05:36 2017 : Debug: log_auth_badpass = yes Fri Jan 6 14:05:36 2017 : Debug: log_auth_goodpass = yes Fri Jan 6 14:05:36 2017 : Debug: log_stripped_names = no Fri Jan 6 14:05:36 2017 : Debug: security { Fri Jan 6 14:05:36 2017 : Debug: max_attributes = 200 Fri Jan 6 14:05:36 2017 : Debug: reject_delay = 1 Fri Jan 6 14:05:36 2017 : Debug: status_server = no Fri Jan 6 14:05:36 2017 : Debug: allow_vulnerable_openssl = no Fri Jan 6 14:05:36 2017 : Debug: } Fri Jan 6 14:05:36 2017 : Debug: } Fri Jan 6 14:05:36 2017 : Debug: radiusd: #### Loading Realms and Home Servers #### Fri Jan 6 14:05:36 2017 : Debug: proxy server { Fri Jan 6 14:05:36 2017 : Debug: retry_delay = 5 Fri Jan 6 14:05:36 2017 : Debug: retry_count = 3 Fri Jan 6 14:05:36 2017 : Debug: default_fallback = no Fri Jan 6 14:05:36 2017 : Debug: dead_time = 120 Fri Jan 6 14:05:36 2017 : Debug: wake_all_if_all_dead = no Fri Jan 6 14:05:36 2017 : Debug: } Fri Jan 6 14:05:36 2017 : Debug: home_server localhost { Fri Jan 6 14:05:36 2017 : Debug: ipaddr = 127.0.0.1 Fri Jan 6 14:05:36 2017 : Debug: port = 1812 Fri Jan 6 14:05:36 2017 : Debug: type = "auth" Fri Jan 6 14:05:36 2017 : Debug: secret = "testing123" Fri Jan 6 14:05:36 2017 : Debug: response_window = 20 Fri Jan 6 14:05:36 2017 : Debug: max_outstanding = 65536 Fri Jan 6 14:05:36 2017 : Debug: require_message_authenticator = yes Fri Jan 6 14:05:36 2017 : Debug: zombie_period = 40 Fri Jan 6 14:05:36 2017 : Debug: status_check = "status-server" Fri Jan 6 14:05:36 2017 : Debug: ping_interval = 30 Fri Jan 6 14:05:36 2017 : Debug: check_interval = 30 Fri Jan 6 14:05:36 2017 : Debug: num_answers_to_alive = 3 Fri Jan 6 14:05:36 2017 : Debug: num_pings_to_alive = 3 Fri Jan 6 14:05:36 2017 : Debug: revive_interval = 120 Fri Jan 6 14:05:36 2017 : Debug: status_check_timeout = 4 Fri Jan 6 14:05:36 2017 : Debug: coa { Fri Jan 6 14:05:36 2017 : Debug: irt = 2 Fri Jan 6 14:05:36 2017 : Debug: mrt = 16 Fri Jan 6 14:05:36 2017 : Debug: mrc = 5 Fri Jan 6 14:05:36 2017 : Debug: mrd = 30 Fri Jan 6 14:05:36 2017 : Debug: } Fri Jan 6 14:05:36 2017 : Debug: } Fri Jan 6 14:05:36 2017 : Debug: home_server_pool my_auth_failover { Fri Jan 6 14:05:36 2017 : Debug: type = fail-over Fri Jan 6 14:05:36 2017 : Debug: home_server = localhost Fri Jan 6 14:05:36 2017 : Debug: } Fri Jan 6 14:05:36 2017 : Debug: realm example.com { Fri Jan 6 14:05:36 2017 : Debug: auth_pool = my_auth_failover Fri Jan 6 14:05:36 2017 : Debug: } Fri Jan 6 14:05:36 2017 : Debug: realm LOCAL { Fri Jan 6 14:05:36 2017 : Debug: } Fri Jan 6 14:05:36 2017 : Debug: radiusd: #### Loading Clients #### Fri Jan 6 14:05:36 2017 : Debug: client localhost { Fri Jan 6 14:05:36 2017 : Debug: ipaddr = 127.0.0.1 Fri Jan 6 14:05:36 2017 : Debug: require_message_authenticator = no Fri Jan 6 14:05:36 2017 : Debug: secret = "testing123" Fri Jan 6 14:05:36 2017 : Debug: nastype = "other" Fri Jan 6 14:05:36 2017 : Debug: } Fri Jan 6 14:05:36 2017 : Debug: radiusd: #### Instantiating modules #### Fri Jan 6 14:05:36 2017 : Debug: instantiate { Fri Jan 6 14:05:36 2017 : Debug: (Loaded rlm_exec, checking if it's valid) Fri Jan 6 14:05:36 2017 : Debug: Module: Linked to module rlm_exec Fri Jan 6 14:05:36 2017 : Debug: Module: Instantiating module "exec" from file /etc/freeradius/radiusd.conf Fri Jan 6 14:05:36 2017 : Debug: exec { Fri Jan 6 14:05:36 2017 : Debug: wait = yes Fri Jan 6 14:05:36 2017 : Debug: input_pairs = "request" Fri Jan 6 14:05:36 2017 : Debug: shell_escape = yes Fri Jan 6 14:05:36 2017 : Debug: } Fri Jan 6 14:05:36 2017 : Debug: (Loaded rlm_expr, checking if it's valid) Fri Jan 6 14:05:36 2017 : Debug: Module: Linked to module rlm_expr Fri Jan 6 14:05:36 2017 : Debug: Module: Instantiating module "expr" from file /etc/freeradius/radiusd.conf Fri Jan 6 14:05:36 2017 : Debug: } Fri Jan 6 14:05:36 2017 : Debug: radiusd: #### Loading Virtual Servers #### Fri Jan 6 14:05:36 2017 : Debug: server { # from file /etc/freeradius/radiusd.conf Fri Jan 6 14:05:36 2017 : Debug: modules { Fri Jan 6 14:05:36 2017 : Debug: } # modules Fri Jan 6 14:05:36 2017 : Debug: } # server Fri Jan 6 14:05:36 2017 : Debug: radiusd: #### Opening IP addresses and Ports #### Fri Jan 6 14:05:36 2017 : Debug: bind_address = * Fri Jan 6 14:05:36 2017 : Info: WARNING: The directive 'bind_address' is deprecated, and will be removed in future versions of FreeRADIUS. Please edit the configuration files to use the directive 'listen'. Fri Jan 6 14:05:36 2017 : Debug: Listening on authentication address * port 1812 Fri Jan 6 14:05:36 2017 : Debug: Listening on accounting address * port 1813 Fri Jan 6 14:05:36 2017 : Info: Ready to process requests. и снова он остается на линии, готовой к обработке запросов.
Когда я пытаюсь начать это с:
root@pppie:/home/dilian# /etc/init.d/freeradius start [....] Starting freeradius (via systemctl): freeradius.serviceJob for freeradius.service failed because the control process exited with error code. See "systemctl status freeradius.service" and "journalctl -xe" for details. failed! Я бегу как root
Скорее всего, проблема с разрешениями.
При использовании -X процесс FreeRADIUS не переключает пользователей, он продолжает работать как тот, кто его выполнял.
Начать freeradius с:
-f -lstdout -xxx -f Запустить на переднем плане-lstdout войти в стандартный вывод-xxx установить подробность ведения журнала так же, как -XЗатем он будет работать с настроенным UID / GID.
Моей первой попыткой было использование локального хоста. Детали клиента, которые я использовал для localhost, были источником моей проблемы.
когда я ввел следующее для тестирования клиента:
клиент 127.0.0.1
служба запущена, и я смог завершить установку на Ubuntu 16.04