Freeradius and Mysql

Discussion in 'HOWTO-Related Questions' started by uvstudios, Jan 17, 2010.

  1. uvstudios

    uvstudios New Member

    I can not figure out why when I try to run the freeradius server it will not start. I always end up with the same error. Railed binding to authentication address * port 1812: Address already in use /etc/raddb/radiusd.conf[240]: Error binding to port for 0.0.0.0 port 1812. I've also had to other errors when i comment out the $INCLUDE sql.conf file. So there must be something wrong with my set up. Below is the code executed to run the freeradius server, maybe someone can understand it more than i can

    Code:
    [root@radius tmp]# radiusd -X
    FreeRADIUS Version 2.1.7, for host i386-redhat-linux-gnu, built on Sep 18 2009 at 10:59:17
    Copyright (C) 1999-2009 The FreeRADIUS server project and contributors. 
    There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A 
    PARTICULAR PURPOSE. 
    You may redistribute copies of FreeRADIUS under the terms of the 
    GNU General Public License v2. 
    Starting - reading configuration files ...
    including configuration file /etc/raddb/radiusd.conf
    including configuration file /etc/raddb/proxy.conf
    including configuration file /etc/raddb/clients.conf
    including files in directory /etc/raddb/modules/
    including configuration file /etc/raddb/modules/passwd
    including configuration file /etc/raddb/modules/sql_log
    including configuration file /etc/raddb/modules/logintime
    including configuration file /etc/raddb/modules/cui
    including configuration file /etc/raddb/modules/wimax
    including configuration file /etc/raddb/modules/mac2vlan
    including configuration file /etc/raddb/modules/sqlcounter_expire_on_login
    including configuration file /etc/raddb/modules/ippool
    including configuration file /etc/raddb/modules/attr_filter
    including configuration file /etc/raddb/modules/inner-eap
    including configuration file /etc/raddb/modules/chap
    including configuration file /etc/raddb/modules/perl
    including configuration file /etc/raddb/modules/realm
    including configuration file /etc/raddb/modules/files
    including configuration file /etc/raddb/modules/etc_group
    including configuration file /etc/raddb/modules/linelog
    including configuration file /etc/raddb/modules/smbpasswd
    including configuration file /etc/raddb/modules/detail.example.com
    including configuration file /etc/raddb/modules/checkval
    including configuration file /etc/raddb/modules/always
    including configuration file /etc/raddb/modules/radutmp
    including configuration file /etc/raddb/modules/detail
    including configuration file /etc/raddb/modules/attr_rewrite
    including configuration file /etc/raddb/modules/exec
    including configuration file /etc/raddb/modules/expiration
    including configuration file /etc/raddb/modules/mschap
    including configuration file /etc/raddb/modules/smsotp
    including configuration file /etc/raddb/modules/pap
    including configuration file /etc/raddb/modules/counter
    including configuration file /etc/raddb/modules/policy
    including configuration file /etc/raddb/modules/acct_unique
    including configuration file /etc/raddb/modules/otp
    including configuration file /etc/raddb/modules/mac2ip
    including configuration file /etc/raddb/modules/unix
    including configuration file /etc/raddb/modules/expr
    including configuration file /etc/raddb/modules/preprocess
    including configuration file /etc/raddb/modules/echo
    including configuration file /etc/raddb/modules/detail.log
    including configuration file /etc/raddb/modules/digest
    including configuration file /etc/raddb/modules/sradutmp
    including configuration file /etc/raddb/modules/pam
    including configuration file /etc/raddb/eap.conf
    including configuration file /etc/raddb/sql.conf
    including configuration file /etc/raddb/sql/mysql/dialup.conf
    including configuration file /etc/raddb/policy.conf
    including files in directory /etc/raddb/sites-enabled/
    including configuration file /etc/raddb/sites-enabled/inner-tunnel
    including configuration file /etc/raddb/sites-enabled/default
    including configuration file /etc/raddb/sites-enabled/control-socket
    group = radiusd
    user = radiusd
    including dictionary file /etc/raddb/dictionary
    main {
    	prefix = "/usr"
    	localstatedir = "/var"
    	logdir = "/var/log/radius"
    	libdir = "/usr/lib/freeradius"
    	radacctdir = "/var/log/radius/radacct"
    	hostname_lookups = no
    	max_request_time = 30
    	cleanup_delay = 5
    	max_requests = 1024
    	allow_core_dumps = no
    	pidfile = "/var/run/radiusd/radiusd.pid"
    	checkrad = "/usr/sbin/checkrad"
    	debug_level = 0
    	proxy_requests = yes
     log {
    	stripped_names = no
    	auth = no
    	auth_badpass = no
    	auth_goodpass = no
     }
     security {
    	max_attributes = 200
    	reject_delay = 1
    	status_server = yes
     }
    }
    radiusd: #### Loading Realms and Home Servers ####
     proxy server {
    	retry_delay = 5
    	retry_count = 3
    	default_fallback = no
    	dead_time = 120
    	wake_all_if_all_dead = no
     }
     home_server localhost {
    	ipaddr = 127.0.0.1
    	port = 1812
    	type = "auth"
    	secret = "testing123"
    	response_window = 20
    	max_outstanding = 65536
    	require_message_authenticator = no
    	zombie_period = 40
    	status_check = "status-server"
    	ping_interval = 30
    	check_interval = 30
    	num_answers_to_alive = 3
    	num_pings_to_alive = 3
    	revive_interval = 120
    	status_check_timeout = 4
    	irt = 2
    	mrt = 16
    	mrc = 5
    	mrd = 30
     }
     home_server_pool my_auth_failover {
    	type = fail-over
    	home_server = localhost
     }
     realm example.com {
    	auth_pool = my_auth_failover
     }
     realm LOCAL {
     }
    radiusd: #### Loading Clients ####
     client localhost {
    	ipaddr = 127.0.0.1
    	require_message_authenticator = no
    	secret = "testing123"
    	nastype = "other"
     }
    radiusd: #### Instantiating modules ####
     instantiate {
     Module: Linked to module rlm_exec
     Module: Instantiating exec
      exec {
    	wait = no
    	input_pairs = "request"
    	shell_escape = yes
      }
     Module: Linked to module rlm_expr
     Module: Instantiating expr
     Module: Linked to module rlm_expiration
     Module: Instantiating expiration
      expiration {
    	reply-message = "Password Has Expired  "
      }
     Module: Linked to module rlm_logintime
     Module: Instantiating logintime
      logintime {
    	reply-message = "You are calling outside your allowed timespan  "
    	minimum-timeout = 60
      }
     }
    radiusd: #### Loading Virtual Servers ####
    server inner-tunnel {
     modules {
     Module: Checking authenticate {...} for more modules to load
     Module: Linked to module rlm_pap
     Module: Instantiating pap
      pap {
    	encryption_scheme = "auto"
    	auto_header = no
      }
     Module: Linked to module rlm_chap
     Module: Instantiating chap
     Module: Linked to module rlm_mschap
     Module: Instantiating mschap
      mschap {
    	use_mppe = yes
    	require_encryption = no
    	require_strong = no
    	with_ntdomain_hack = no
      }
     Module: Linked to module rlm_unix
     Module: Instantiating unix
      unix {
    	radwtmp = "/var/log/radius/radwtmp"
      }
     Module: Linked to module rlm_eap
     Module: Instantiating eap
      eap {
    	default_eap_type = "md5"
    	timer_expire = 60
    	ignore_unknown_eap_types = no
    	cisco_accounting_username_bug = no
    	max_sessions = 2048
      }
     Module: Linked to sub-module rlm_eap_md5
     Module: Instantiating eap-md5
     Module: Linked to sub-module rlm_eap_leap
     Module: Instantiating eap-leap
     Module: Linked to sub-module rlm_eap_gtc
     Module: Instantiating eap-gtc
       gtc {
    	challenge = "Password: "
    	auth_type = "PAP"
       }
     Module: Linked to sub-module rlm_eap_tls
     Module: Instantiating eap-tls
       tls {
    	rsa_key_exchange = no
    	dh_key_exchange = yes
    	rsa_key_length = 512
    	dh_key_length = 512
    	verify_depth = 0
    	pem_file_type = yes
    	private_key_file = "/etc/raddb/certs/server.pem"
    	certificate_file = "/etc/raddb/certs/server.pem"
    	CA_file = "/etc/raddb/certs/ca.pem"
    	private_key_password = "whatever"
    	dh_file = "/etc/raddb/certs/dh"
    	random_file = "/etc/raddb/certs/random"
    	fragment_size = 1024
    	include_length = yes
    	check_crl = no
    	cipher_list = "DEFAULT"
    	make_cert_command = "/etc/raddb/certs/bootstrap"
        cache {
    	enable = no
    	lifetime = 24
    	max_entries = 255
        }
       }
     Module: Linked to sub-module rlm_eap_ttls
     Module: Instantiating eap-ttls
       ttls {
    	default_eap_type = "md5"
    	copy_request_to_tunnel = no
    	use_tunneled_reply = no
    	virtual_server = "inner-tunnel"
    	include_length = yes
       }
     Module: Linked to sub-module rlm_eap_peap
     Module: Instantiating eap-peap
       peap {
    	default_eap_type = "mschapv2"
    	copy_request_to_tunnel = no
    	use_tunneled_reply = no
    	proxy_tunneled_request_as_eap = yes
    	virtual_server = "inner-tunnel"
       }
     Module: Linked to sub-module rlm_eap_mschapv2
     Module: Instantiating eap-mschapv2
       mschapv2 {
    	with_ntdomain_hack = no
       }
     Module: Checking authorize {...} for more modules to load
     Module: Linked to module rlm_realm
     Module: Instantiating suffix
      realm suffix {
    	format = "suffix"
    	delimiter = "@"
    	ignore_default = no
    	ignore_null = no
      }
     Module: Linked to module rlm_files
     Module: Instantiating files
      files {
    	usersfile = "/etc/raddb/users"
    	acctusersfile = "/etc/raddb/acct_users"
    	preproxy_usersfile = "/etc/raddb/preproxy_users"
    	compat = "no"
      }
     Module: Checking session {...} for more modules to load
     Module: Linked to module rlm_radutmp
     Module: Instantiating radutmp
      radutmp {
    	filename = "/var/log/radius/radutmp"
    	username = "%{User-Name}"
    	case_sensitive = yes
    	check_with_nas = yes
    	perm = 384
    	callerid = yes
      }
     Module: Checking post-proxy {...} for more modules to load
     Module: Checking post-auth {...} for more modules to load
     Module: Linked to module rlm_attr_filter
     Module: Instantiating attr_filter.access_reject
      attr_filter attr_filter.access_reject {
    	attrsfile = "/etc/raddb/attrs.access_reject"
    	key = "%{User-Name}"
      }
     } # modules
    } # server
    server {
     modules {
     Module: Checking authenticate {...} for more modules to load
     Module: Checking authorize {...} for more modules to load
     Module: Linked to module rlm_preprocess
     Module: Instantiating preprocess
      preprocess {
    	huntgroups = "/etc/raddb/huntgroups"
    	hints = "/etc/raddb/hints"
    	with_ascend_hack = no
    	ascend_channels_per_line = 23
    	with_ntdomain_hack = no
    	with_specialix_jetstream_hack = no
    	with_cisco_vsa_hack = no
    	with_alvarion_vsa_hack = no
      }
     Module: Linked to module rlm_sql
     Module: Instantiating sql
      sql {
    	driver = "rlm_sql_mysql"
    	server = "localhost"
    	port = ""
    	login = "root"
    	password = "Blink182"
    	radius_db = "radiusdb"
    	read_groups = yes
    	sqltrace = no
    	sqltracefile = "/var/log/radius/sqltrace.sql"
    	readclients = yes
    	deletestalesessions = yes
    	num_sql_socks = 5
    	lifetime = 0
    	max_queries = 0
    	sql_user_name = "%{User-Name}"
    	default_user_profile = ""
    	nas_query = "SELECT id, nasname, shortname, type, secret FROM nas"
    	authorize_check_query = "SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id"
    	authorize_reply_query = "SELECT id, username, attribute, value, op           FROM radreply           WHERE username = '%{SQL-User-Name}'           ORDER BY id"
    	authorize_group_check_query = "SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id"
    	authorize_group_reply_query = "SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id"
    	accounting_onoff_query = "          UPDATE radacct           SET              acctstoptime       =  '%S',              acctsessiontime    =  unix_timestamp('%S') -                                    unix_timestamp(acctstarttime),              acctterminatecause =  '%{Acct-Terminate-Cause}',              acctstopdelay      =  %{%{Acct-Delay-Time}:-0}           WHERE acctstoptime IS NULL           AND nasipaddress      =  '%{NAS-IP-Address}'           AND acctstarttime     <= '%S'"
    	accounting_update_query = "           UPDATE radacct           SET              framedipaddress = '%{Framed-IP-Address}',              acctsessiontime     = '%{Acct-Session-Time}',              acctinputoctets     = '%{%{Acct-Input-Gigawords}:-0}'  << 32 |                                    '%{%{Acct-Input-Octets}:-0}',              acctoutputoctets    = '%{%{Acct-Output-Gigawords}:-0}' << 32 |                                    '%{%{Acct-Output-Octets}:-0}'           WHERE acctsessionid = '%{Acct-Session-Id}'           AND username        = '%{SQL-User-Name}'           AND nasipaddress    = '%{NAS-IP-Address}'"
    	accounting_update_query_alt = "           INSERT INTO radacct             (acctsessionid,    acctuniqueid,      username,              realm,            nasipaddress,      nasportid,              nasporttype,      acctstarttime,     acctsessiontime,              acctauthentic,    connectinfo_start, acctinputoctets,              acctoutputoctets, calledstationid,   callingstationid,              servicetype,      framedprotocol,    framedipaddress,              acctstartdelay,   xascendsessionsvrkey)           VALUES             ('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}',              '%{SQL-User-Name}',              '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}',              '%{NAS-Port-Type}',              DATE_SUB('%S',                       INTERVAL (%{%{Acct-Session-Time}:-0} +                                 %{%{Acct-Delay-Time}:-0}) SECOND),                       '%{Acct-Session-Time}',              '%{Acct-Authentic}', '',              '%{%{Acct-Input-Gigawords}:-0}' << 32 |              '%{%{Acct-Input-Octets}:-0}',              '%{%{Acct-Output-Gigawords}:-0}' << 32 |              '%{%{Acct-Output-Octets}:-0}',              '%{Called-Station-Id}', '%{Calling-Station-Id}',              '%{Service-Type}', '%{Framed-Protocol}',              '%{Framed-IP-Address}',              '0', '%{X-Ascend-Session-Svr-Key}')"
    	accounting_start_query = "           INSERT INTO radacct             (acctsessionid,    acctuniqueid,     username,              realm,            nasipaddress,     nasportid,              nasporttype,      acctstarttime,    acctstoptime,              acctsessiontime,  acctauthentic,    connectinfo_start,              connectinfo_stop, acctinputoctets,  acctoutputoctets,              calledstationid,  callingstationid, acctterminatecause,              servicetype,      framedprotocol,   framedipaddress,              acctstartdelay,   acctstopdelay,    xascendsessionsvrkey)           VALUES             ('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}',              '%{SQL-User-Name}',              '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}',              '%{NAS-Port-Type}', '%S', NULL,              '0', '%{Acct-Authentic}', '%{Connect-Info}',              '', '0', '0',              '%{Called-Station-Id}', '%{Calling-Station-Id}', '',              '%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}',              '%{%{Acct-Delay-Time}:-0}', '0', '%{X-Ascend-Session-Svr-Key}')"
    	accounting_start_query_alt = "           UPDATE radacct SET              acctstarttime     = '%S',              acctstartdelay    = '%{%{Acct-Delay-Time}:-0}',              connectinfo_start = '%{Connect-Info}'           WHERE acctsessionid  = '%{Acct-Session-Id}'           AND username         = '%{SQL-User-Name}'           AND nasipaddress     = '%{NAS-IP-Address}'"
    	accounting_stop_query = "           UPDATE radacct SET              acctstoptime       = '%S',              acctsessiontime    = '%{Acct-Session-Time}',              acctinputoctets    = '%{%{Acct-Input-Gigawords}:-0}' << 32 |                                   '%{%{Acct-Input-Octets}:-0}',              acctoutputoctets   = '%{%{Acct-Output-Gigawords}:-0}' << 32 |                                   '%{%{Acct-Output-Octets}:-0}',              acctterminatecause = '%{Acct-Terminate-Cause}',              acctstopdelay      = '%{%{Acct-Delay-Time}:-0}',              connectinfo_stop   = '%{Connect-Info}'           WHERE acctsessionid   = '%{Acct-Session-Id}'           AND username          = '%{SQL-User-Name}'           AND nasipaddress      = '%{NAS-IP-Address}'"
    	accounting_stop_query_alt = "           INSERT INTO radacct             (acctsessionid, acctuniqueid, username,              realm, nasipaddress, nasportid,              nasporttype, acctstarttime, acctstoptime,              acctsessiontime, acctauthentic, connectinfo_start,              connectinfo_stop, acctinputoctets, acctoutputoctets,              calledstationid, callingstationid, acctterminatecause,              servicetype, framedprotocol, framedipaddress,              acctstartdelay, acctstopdelay)           VALUES             ('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}',              '%{SQL-User-Name}',              '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}',              '%{NAS-Port-Type}',              DATE_SUB('%S',                  INTERVAL (%{%{Acct-Session-Time}:-0} +                  %{%{Acct-Delay-Time}:-0}) SECOND),              '%S', '%{Acct-Session-Time}', '%{Acct-Authentic}', '',              '%{Connect-Info}',              '%{%{Acct-Input-Gigawords}:-0}' << 32 |              '%{%{Acct-Input-Octets}:-0}',              '%{%{Acct-Output-Gigawords}:-0}' << 32 |              '%{%{Acct-Output-Octets}:-0}',              '%{Called-Station-Id}', '%{Calling-Station-Id}',              '%{Acct-Terminate-Cause}',              '%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}',              '0', '%{%{Acct-Delay-Time}:-0}')"
    	group_membership_query = "SELECT groupname           FROM radusergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority"
    	connect_failure_retry_delay = 60
    	simul_count_query = ""
    	simul_verify_query = "SELECT radacctid, acctsessionid, username,                                nasipaddress, nasportid, framedipaddress,                                callingstationid, framedprotocol                                FROM radacct                                WHERE username = '%{SQL-User-Name}'                                AND acctstoptime IS NULL"
    	postauth_query = "INSERT INTO radpostauth                           (username, pass, reply, authdate)                           VALUES (                           '%{User-Name}',                           '%{%{User-Password}:-%{Chap-Password}}',                           '%{reply:Packet-Type}', '%S')"
    	safe-characters = "@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /"
      }
    rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded and linked
    rlm_sql (sql): Attempting to connect to root@localhost:/radiusdb
    rlm_sql (sql): starting 0
    rlm_sql (sql): Attempting to connect rlm_sql_mysql #0
    rlm_sql_mysql: Starting connect to MySQL server for #0
    rlm_sql (sql): Connected new DB handle, #0
    rlm_sql (sql): starting 1
    rlm_sql (sql): Attempting to connect rlm_sql_mysql #1
    rlm_sql_mysql: Starting connect to MySQL server for #1
    rlm_sql (sql): Connected new DB handle, #1
    rlm_sql (sql): starting 2
    rlm_sql (sql): Attempting to connect rlm_sql_mysql #2
    rlm_sql_mysql: Starting connect to MySQL server for #2
    rlm_sql (sql): Connected new DB handle, #2
    rlm_sql (sql): starting 3
    rlm_sql (sql): Attempting to connect rlm_sql_mysql #3
    rlm_sql_mysql: Starting connect to MySQL server for #3
    rlm_sql (sql): Connected new DB handle, #3
    rlm_sql (sql): starting 4
    rlm_sql (sql): Attempting to connect rlm_sql_mysql #4
    rlm_sql_mysql: Starting connect to MySQL server for #4
    rlm_sql (sql): Connected new DB handle, #4
    rlm_sql (sql): Processing generate_sql_clients
    rlm_sql (sql) in generate_sql_clients: query is SELECT id, nasname, shortname, type, secret FROM nas
    rlm_sql (sql): Reserving sql socket id: 4
    rlm_sql (sql): Released sql socket id: 4
     Module: Checking preacct {...} for more modules to load
     Module: Linked to module rlm_acct_unique
     Module: Instantiating acct_unique
      acct_unique {
    	key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port"
      }
     Module: Checking accounting {...} for more modules to load
     Module: Linked to module rlm_detail
     Module: Instantiating detail
      detail {
    	detailfile = "/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d"
    	header = "%t"
    	detailperm = 384
    	dirperm = 493
    	locking = no
    	log_packet_header = no
      }
     Module: Instantiating attr_filter.accounting_response
      attr_filter attr_filter.accounting_response {
    	attrsfile = "/etc/raddb/attrs.accounting_response"
    	key = "%{User-Name}"
      }
     Module: Checking session {...} for more modules to load
     Module: Checking post-proxy {...} for more modules to load
     Module: Checking post-auth {...} for more modules to load
     } # modules
    } # server
    radiusd: #### Opening IP addresses and Ports ####
    listen {
    	type = "auth"
    	ipaddr = *
    	port = 0
    Failed binding to authentication address * port 1812: Address already in use 
    /etc/raddb/radiusd.conf[240]: Error binding to port for 0.0.0.0 port 1812
    
     
  2. topdog

    topdog HowtoForge Supporter

    Some other service is already using the port.
     
  3. enkgih

    enkgih New Member

    i have the same problem, so i can't add my hotspot user.
    my yfi hotspot manager keep said error occured when i click add user

    please someone help
    sorry my english is poor
     
  4. dhisus

    dhisus New Member

    maybe freeradius has already started
    you are trying to running in verbose mode but the normal mode has already started. try to kill the normal mode first, find the pid of the normal mode process
    type "pidof radiusd"
    youll find the pid number then
    type "kill -9 [pid number]"
    after that u can start command "radiusd -X"
     
  5. mincreng

    mincreng New Member

    Freeradius is already running. you can try this code "killall radiusd" or "killall radiusd" and try again. You should stop the debug with Ctrl-C. If you just close the ssh session radiusd will
    continue running.
     

Share This Page