Setting Up A FreeRadius Based AAA Server With MySQL & Management With Daloradius

This tutorial explains how you can set up a FreeRadius (1.1.7) server with Wifi authentication and accounting in conjunction with MySQL & web management with Daloradius on Ubuntu 8.04 LTS Server Edition This howto should work for a novice. Production deployment is also possible with minor tweaking. But as usual I do not guarantee anything & take no responsibilities if something goes wrong.

(For a basic how-to refer to the doc https://www.howtoforge.com/wifi-authentication-accounting-with-freeradius-on-centos5.)

And of-course if you feel your are not cut-out for all this, you can always use this turn-key solution https://www.howtoforge.com/how-to-set-up-an-aaa-server-with-ciitix-wifi )

Following steps are involved:

Building Ubuntu 8.04 .debs (for eap/ttls support)
Installing the binary packages
Configuring the FR with MySQL
Setting up web management with Daloradius

Step 1- Building Ubuntu 8.04. packages

Note: Those who don't need openssl/tls/ttls (certificates etc..) just fetch the FR packages from ubuntu repos with apt-get & skip to step 3.

Before building the FreeRadius Ubuntu 8.04 package we have to apt-get some packages, necessary for the build process.

sudo su -

apt-get install debhelper libltdl3-dev libpam0g-dev \
libmysqlclient15-dev build-essential libgdbm-dev \
libldap2-dev libsasl2-dev libiodbc2-dev libkrb5-dev snmp \
autotools-dev dpatch libperl-dev libtool dpkg-dev libpq-dev \
libsnmp-dev libssl-dev

Get hold of the FreeRadius sources and start building the package like given below.

cd ~
apt-get source freeradius

Note: It is recommended that you carry this building process on a non-production server & move the final binary packages over to the production server. But it isn't mandatory if you know what you're doing.

cd  freeradius-1.1.7/

Edit rule file (debian/rules):

vi debian/rules

Now search for these lines:

        --without-rlm_eap_tls \
                --without-rlm_eap_ttls \
                --without-rlm_eap_peap \

and change them to look like this.

 --with-rlm_eap_tls \
                   --with-rlm_eap_ttls \
                   --with-rlm_eap_peap \

Also in the same file replace the text " --without-openssl " with " --with-openssl "

Now search for these lines and delete them.

for pkg in $(shell grep ^Package debian/control | awk '{print $$2}') ; d
   o \
     if dh_shlibdeps -p $$pkg -- -O | grep -q libssl; then \
       echo "$$pkg links to openssl" ;\
       exit 1 ;\
     fi ;\
   done

Save changes and quit vi. Now edit the control file (debian/control):

vi debian/control

Search for the line:

Build-Depends: debhelper (>= 5), libltdl3-dev, libpam0g-dev, libmysqlclient15-dev | libmysqlclient-dev, libgdbm-dev, libldap2-dev, libsasl2-dev, libiodbc2-dev, libkrb5-dev, snmp, autotools-dev, dpatch (>= 2), libperl-dev, libtool, dpkg-dev (>= 1.13.19), libpq-dev, libsnmp-dev

and append libssl-dev to the end of this line so that it looks like this.

Build-Depends: debhelper (>= 5), libltdl3-dev, libpam0g-dev, libmysqlclient15-dev | libmysqlclient-dev, libgdbm-dev, libldap2-dev, libsasl2-dev, libiodbc2-dev, libkrb5-dev, snmp, autotools-dev, dpatch (>= 2), libperl-dev, libtool, dpkg-dev (>= 1.13.19), libpq-dev, libsnmp-dev, libssl-dev

Save the changes and quit vi.

Assuming you are here ~/freeradius-1.1.7. Start building packages:

dpkg-buildpackage -rfakeroot

Note: You still might require some packages for these. apt-get/aptitiude them & rerun the rebuild process.

After a while (depending on your system) you should have some .deb files in the home directory.

freeradius_1.1.7-1build4_i386.deb
freeradius-dbg_1.1.7-1build4_i386.deb
freeradius-dialupadmin_1.1.7-1build4_all.deb
freeradius-iodbc_1.1.7-1build4_i386.deb
freeradius-krb5_1.1.7-1build4_i386.deb
freeradius-ldap_1.1.7-1build4_i386.deb
freeradius-mysql_1.1.7-1build4_i386.deb
freeradius-postgresql_1.1.7-1build4_i386.deb

Move these to a production server if this is your development workstation. (In this setup you won't be needing the postgresql , ldap, krb5 , iodbc , dbg, dialupadmin binaries.)

Step 2- Installing the binary packages

dpkg -i  freeradius_1.1.7-1build4_i386.deb

dpkg -i freeradius-mysql_1.1.7-1build4_i386.deb

After running with the out of the box configuration validate against a local user.

E.g: run radius in debug mode:

freeradius -X

From another shell run this while the freeradius -X is running:

radtest abc 123 localhost 1812 testing123

Make sure the user abc with password 123 is set in the /etc/freeradius/users file.

Setp 3- Configuring the FR with MySQL

First the MySQL bits (creating the db & its admin user). Do the following from your shell.

mysqladmin -u root password 123456

mysql -u root -p

On the MySQL shell type the following:

CREATE DATABASE radius;

GRANT ALL ON radius.* TO [email protected] IDENTIFIED BY "radpass";

exit;

Import the the FreeRadius schema. The sample schema resides at this location: /usr/share/doc/freeradius/examples/mysql.sql.gz.

Gunzip it there:

gunzip -d /usr/share/doc/freeradius/examples/mysql.sql.gz

Do the following:

mysql -u root -p radius < /usr/share/doc/freeradius/examples/mysql.sql

To have a look at the db schema do the following:

mysql -u root -p

use database radius;

show tables;

quit;

Now edit your /etc/freeradius/sql.conf.

Reset the user/password/database parameters to reflect the changes (eg. radius/radpass/radius); to turn the NAS management from MySQL, search for the line

readclients = no

and change it to

readclients = yes

Edit the file /etc/freeradius/radius.conf and add a line saying 'sql' to the authorize{} section (which is towards the end of the file). Also add a line saying 'sql' to the accounting{} section to tell FreeRadius to store accounting records in SQL as well. Optionally add 'sql' to the session{} section if you want to do Simultaneous-Use detection. Optionally add 'sql' to the post-auth{} section if you want to log all authentication attempts to SQL.

Here is the authorize section:

  authorize {
          preprocess
          chap
          mschap
          suffix
          eap
          sql
          pap
}

And the accounting section:

  accounting {
          detail
          sql
 }

To insert a test user in the database, go to the MySQL shell and run this:

mysql -u root -p

mysql> use database radius;

mysql> INSERT INTO radcheck (UserName, Attribute, Value) VALUES ('sqltest', 'Password', 'testpwd');

mysql> select * from radcheck where UserName='sqltest';

mysql> exit

Fire up radius in debug mode:

freeradius -X

Go to another shell and run the test:

radtest sqltest testpwd localhost 1812 testing123

At this moment you should see a message containing something like ... Accept-Accept ... which is an indication that your user is getting authenticated just fine.

Congratulations! Your FreeRadius + MySQL setup is working.

4- Setting up web management with Daloradius

The latest stable release is version 0.9-7.

Get hold of the it from http://sourceforge.net/projects/daloradius.

tar -zxvf daloradius-0.9-7.tar.gz

cp daloradius-0.9-7/ /var/www -R

Download the following prerequisites packages:

apt-get install apache2

apt-get install php php-mysql php-pear php-gd php-pear-DB

Change permissions and ownership:

chown www-data:www-data /var/www/daloradius-0.9-7 -R

chmod 644 /var/www/daloradius-0.9-7/library/daloradius.conf

Daloradius needs to add a few more tables to the radius database we already created earlier.

mysql -u root -p radius < /var/www/daloradius-0.9-7/contrib/db/mysql-daloradius.sql

Now, simply adjust the MySQL database information in the DaloRadius config file.

vi /var/www/daloradius-0.9-7/library/daloradius.conf

Fill in the database details, a few important parameters are listed below:

    ...........
       ......................
       CONFIG_DB_ENGINE = mysql
       CONFIG_DB_HOST = 127.0.0.1
       CONFIG_DB_USER = radius
       CONFIG_DB_PASS = radpass
       CONFIG_DB_NAME = radius
       .......................
     ............

Save the file and exit.

Set up the apache server.

Edit the /etc/apache2/apache2.conf file and append this to the end of the file (customize to your likings):

  Alias /myradius "/var/www/daloradius-0.9-7/"
   <Directory /var/www/daloradius-0.9-7/>
      Options None
      order deny,allow
      deny from all
      allow from 127.0.0.1 
      allow from <my management system's ip which has a web-browser>
 </Directory>

Save and exit.

Restart the httpd server:

/etc/init.d/apache2 restart

Fire up Firefox (or any other borowser) and go to the URL http://<localhost or the managemet system's ip>/myradius.

username: administrator
password: radius

Change this information first for the sake of security (info is located in the operator table).

Take Daloradius for a spin. You should have created an sqltest user earlier. You can also try adding new users and testing the connectivity from within the Daloradius frontend.

Congratulations you are done.

Developers of FreeRadius, MySQL and Daloradius, do accept my humble appreciation for all your efforts. Open source community, you also rock, thanx.

(Note: I haven't mentioned anything regarding setting up eap/ttls in this article. For that, just follow the section of setting up certificates and eap.conf from the below mentioned HowtoForge link.)

References:

http://freeradius.org/

http://wiki.freeradius.org/SQL_HOWTO

http://sourceforge.net/projects/daloradius

https://www.howtoforge.com/wifi-authentication-accounting-with-freeradius-on-centos5

http://www.linuxinsight.com/building-debian-freeradius-package-with-eap-tls-ttls-peap-support.html

view as pdf | print

Share this page:

29 Comment(s)

Add comment

Comments

By: diego

Hi,

sorry to bother again...I tried other ways to install...but Daloradius didn't see the radius server on...

Anyway...I stick to the same problem.

When I run the dpkg-buildpackage it says:

Unmet dependencies: libgdbm-dev/ Build dependencies/coonflicts unsatisfied: aborting.

What shall I do?

Thanks

By:

Hey Diego,
At the risk of inviting the wrath of falko, I responding to ur query again, since it more appropriately belongs to the discussion forums.

Anyway couple things that I need to remind the users of this how-to is that try to replicate the exact environment of the articles. i.e. Ubuntu 8.04 LTS (Server Edition), freeradius 1.7 .

The package libgdbm-dev is already being apt-get in the first step. It should automatically resolve the dependencies. See if u could check if it is still installed on not. if not re apt-get this package.
Furthermore if ur still having issues building the packages check out the link in references section.

One more thing the problems can be isolated by just skipping the package-building step & using the default freeradius packages from the server (which is without ssl support).

Good luck.

Note: if ur still having issues drop me an email or better yet open up a thread in the forums sections.

By: Anonymous

I also am getting an error like this:

[email protected]:/freeradius-1.1.7# dpkg-buildpackage
dpkg-buildpackage: set CPPFLAGS to default value:
dpkg-buildpackage: set CFLAGS to default value: -g -O2
dpkg-buildpackage: set CXXFLAGS to default value: -g -O2
dpkg-buildpackage: set FFLAGS to default value: -g -O2
dpkg-buildpackage: set LDFLAGS to default value: -Wl,-Bsymbolic-functions
dpkg-buildpackage: source package freeradius
dpkg-buildpackage: source version 1.1.7-1build4
dpkg-buildpackage: source changed by Chuck Short <[email protected]>
dpkg-buildpackage: host architecture i386
dpkg-checkbuilddeps: warning: can't parse dependency libsnmp-dev libssl-dev
dpkg-checkbuilddeps: error: error occurred while parsing Build-Depends
dpkg-buildpackage: warning: Build dependencies/conflicts unsatisfied; aborting.
dpkg-buildpackage: warning: (Use -d flag to override.)

only libsnmp-dev and libssl-dev are quite clearly installed. I purged and reinstalled them to be sure, and rebooted. tried with -d, but still fails with the same problem later. this openssl license crap is beginning to seriously frustrate me...

By:

Yes, this openssl crap has been source of frustration for lot many others.
Anyway may I inquire what distribution ur using cuz Im beginning to think that ppl dont realize the difference between ubuntu LTS server & ubuntu desktop thingy.

Im assuming (a big assumption I know) that apart from support duration and all, the server distro is a bit conservate in nature. i.e. not bleeding edge, not using the latest packages, i.e one step back from the latest packages due to issues related to stability/security etc..

If this is not the issue then u might want to check the references section which has the link to the package building of freeradius. If there is any mistake do let me know, so that I can fix it over here.

And if ur a bit of a faint heart then I can alway email u the packages that I've built.

let me know. Cheers
--
Oz

By: Anonymous

I've installed freeradius-2.1.0 on Ubuntu-8.10 by this tutorial. But some error occured:

[email protected]:~/freeradius-2.1.0+dfsg# dpkg-buildpackage -rfakeroot -d

checking for sys/stat.h... (cached) yes
checking for stdlib.h... (cached) yes
checking for string.h... (cached) yes
checking for memory.h... (cached) yes
checking for strings.h... (cached) yes
checking for inttypes.h... (cached) yes
checking for stdint.h... (cached) yes
checking for unistd.h... (cached) yes
checking for stdio.h... (cached) yes
configure: creating ./config.status
config.status: creating Makefile
=== configuring in src/modules/rlm_attr_rewrite (/root/freeradius-2.1.0+dfsg/src/modules/rlm_attr_rewrite)
configure: running /bin/bash ./configure '--prefix=/usr' '--build' 'i486-linux-gnu' '--exec-prefix=/usr' '--mandir=/usr/share/man' '--sysconfdir=/etc' '--libdir=/usr/lib/freeradius' '--datadir=/usr/share' '--localstatedir=/var' '--with-raddbdir=/etc/freeradius' '--with-logdir=/var/log/freeradius' '--enable-ltdl-install=no' '--enable-strict-dependencies' '--with-large-files' '--with-udpfromto' '--with-edir' '--enable-developer' '--with-rlm_eap_tls' '--with-rlm_eap_ttls' '--with-rlm_eap_peap' '--without-rlm_eap_tnc' '--without-rlm_otp' '--with-rlm_sql_postgresql_lib_dir=/usr/lib' '--with-rlm_sql_postgresql_include_dir=/usr/include/postgresql' '--with-openssl' '--without-rlm_eap_ikev2' '--without-rlm_sql_oracle' '--without-rlm_sql_unixodbc' '--with-system-libtool' 'build_alias=i486-linux-gnu' 'CFLAGS=-g -O2 -O2' 'LDFLAGS=-Wl,-Bsymbolic-functions' 'CPPFLAGS=' 'CXXFLAGS=-g -O2' 'FFLAGS=-g -O2' '--enable-ltdl-install=no' --cache-file=../../../config.cache --srcdir=.
configure: loading cache ../../../config.cache
checking for gcc... (cached) gcc
checking for C compiler default output file name... a.out
checking whether the C compiler works... yes
checking whether we are cross compiling... no
checking for suffix of executables...
checking for suffix of object files... (cached) o
checking whether we are using the GNU C compiler... (cached) yes
checking whether gcc accepts -g... (cached) yes
checking for gcc option to accept ISO C89... (cached) none needed
checking how to run the C preprocessor... (cached) gcc -E
checking for grep that handles long lines and -e... (cached) /bin/grep
checking for egrep... (cached) /bin/grep -E
checking for ANSI C header files... (cached) yes
checking for sys/types.h... (cached) yes
checking for sys/stat.h... (cached) yes
checking for stdlib.h... (cached) yes
checking for string.h... (cached) yes
checking for memory.h... (cached) yes
checking for strings.h... (cached) yes
checking for inttypes.h... (cached) yes
checking for stdint.h... (cached) yes
checking for unistd.h... (cached) yes
checking for regex.h... (cached) yes
configure: creating ./config.status
config.status: creating Makefile
=== configuring in src/modules/rlm_checkval (/root/freeradius-2.1.0+dfsg/src/modules/rlm_checkval)
configure: running /bin/bash ./configure '--prefix=/usr' '--build' 'i486-linux-gnu' '--exec-prefix=/usr' '--mandir=/usr/share/man' '--sysconfdir=/etc' '--libdir=/usr/lib/freeradius' '--datadir=/usr/share' '--localstatedir=/var' '--with-raddbdir=/etc/freeradius' '--with-logdir=/var/log/freeradius' '--enable-ltdl-install=no' '--enable-strict-dependencies' '--with-large-files' '--with-udpfromto' '--with-edir' '--enable-developer' '--with-rlm_eap_tls' '--with-rlm_eap_ttls' '--with-rlm_eap_peap' '--without-rlm_eap_tnc' '--without-rlm_otp' '--with-rlm_sql_postgresql_lib_dir=/usr/lib' '--with-rlm_sql_postgresql_include_dir=/usr/include/postgresql' '--with-openssl' '--without-rlm_eap_ikev2' '--without-rlm_sql_oracle' '--without-rlm_sql_unixodbc' '--with-system-libtool' 'build_alias=i486-linux-gnu' 'CFLAGS=-g -O2 -O2' 'LDFLAGS=-Wl,-Bsymbolic-functions' 'CPPFLAGS=' 'CXXFLAGS=-g -O2' 'FFLAGS=-g -O2' '--enable-ltdl-install=no' --cache-file=../../../config.cache --srcdir=.
configure: loading cache ../../../config.cache
checking for gcc... (cached) gcc
checking for C compiler default output file name... a.out
checking whether the C compiler works... yes
checking whether we are cross compiling... no
checking for suffix of executables...
checking for suffix of object files... (cached) o
checking whether we are using the GNU C compiler... (cached) yes
checking whether gcc accepts -g... (cached) yes
checking for gcc option to accept ANSI C... none needed
checking how to run the C preprocessor... (cached) gcc -E
updating cache ../../../config.cache
configure: creating ./config.status
config.status: creating Makefile
=== configuring in src/modules/rlm_counter (/root/freeradius-2.1.0+dfsg/src/modules/rlm_counter)
configure: running /bin/bash ./configure '--prefix=/usr' '--build' 'i486-linux-gnu' '--exec-prefix=/usr' '--mandir=/usr/share/man' '--sysconfdir=/etc' '--libdir=/usr/lib/freeradius' '--datadir=/usr/share' '--localstatedir=/var' '--with-raddbdir=/etc/freeradius' '--with-logdir=/var/log/freeradius' '--enable-ltdl-install=no' '--enable-strict-dependencies' '--with-large-files' '--with-udpfromto' '--with-edir' '--enable-developer' '--with-rlm_eap_tls' '--with-rlm_eap_ttls' '--with-rlm_eap_peap' '--without-rlm_eap_tnc' '--without-rlm_otp' '--with-rlm_sql_postgresql_lib_dir=/usr/lib' '--with-rlm_sql_postgresql_include_dir=/usr/include/postgresql' '--with-openssl' '--without-rlm_eap_ikev2' '--without-rlm_sql_oracle' '--without-rlm_sql_unixodbc' '--with-system-libtool' 'build_alias=i486-linux-gnu' 'CFLAGS=-g -O2 -O2' 'LDFLAGS=-Wl,-Bsymbolic-functions' 'CPPFLAGS=' 'CXXFLAGS=-g -O2' 'FFLAGS=-g -O2' '--enable-ltdl-install=no' --cache-file=../../../config.cache --srcdir=.
configure: loading cache ../../../config.cache
checking for gcc... (cached) gcc
checking for C compiler default output file name... a.out
checking whether the C compiler works... yes
checking whether we are cross compiling... no
checking for suffix of executables...
checking for suffix of object files... (cached) o
checking whether we are using the GNU C compiler... (cached) yes
checking whether gcc accepts -g... (cached) yes
checking for gcc option to accept ANSI C... (cached) none needed
checking how to run the C preprocessor... (cached) gcc -E
checking for gdbm.h... yes
checking for gdbm_open in -lgdbm... yes
checking to see GDBM_SYNC status... checking for egrep... grep -E
needs it.
checking for gdbm_fdesc... yes
updating cache ../../../config.cache
configure: creating ./config.status
config.status: creating Makefile
config.status: creating config.h
=== configuring in src/modules/rlm_dbm (/root/freeradius-2.1.0+dfsg/src/modules/rlm_dbm)
configure: running /bin/bash ./configure '--prefix=/usr' '--build' 'i486-linux-gnu' '--exec-prefix=/usr' '--mandir=/usr/share/man' '--sysconfdir=/etc' '--libdir=/usr/lib/freeradius' '--datadir=/usr/share' '--localstatedir=/var' '--with-raddbdir=/etc/freeradius' '--with-logdir=/var/log/freeradius' '--enable-ltdl-install=no' '--enable-strict-dependencies' '--with-large-files' '--with-udpfromto' '--with-edir' '--enable-developer' '--with-rlm_eap_tls' '--with-rlm_eap_ttls' '--with-rlm_eap_peap' '--without-rlm_eap_tnc' '--without-rlm_otp' '--with-rlm_sql_postgresql_lib_dir=/usr/lib' '--with-rlm_sql_postgresql_include_dir=/usr/include/postgresql' '--with-openssl' '--without-rlm_eap_ikev2' '--without-rlm_sql_oracle' '--without-rlm_sql_unixodbc' '--with-system-libtool' 'build_alias=i486-linux-gnu' 'CFLAGS=-g -O2 -O2' 'LDFLAGS=-Wl,-Bsymbolic-functions' 'CPPFLAGS=' 'CXXFLAGS=-g -O2' 'FFLAGS=-g -O2' '--enable-ltdl-install=no' --cache-file=../../../config.cache --srcdir=.
configure: loading cache ../../../config.cache
checking for gcc... (cached) gcc
checking for C compiler default output file name... a.out
checking whether the C compiler works... yes
checking whether we are cross compiling... no
checking for suffix of executables...
checking for suffix of object files... (cached) o
checking whether we are using the GNU C compiler... (cached) yes
checking whether gcc accepts -g... (cached) yes
checking for gcc option to accept ANSI C... (cached) none needed
checking how to run the C preprocessor... (cached) gcc -E
checking for ndbm.h... no
checking for gdbm/ndbm.h... no
checking for gdbm-ndbm.h... yes
checking for dbm in default lib... no
checking for dbm_open in -lndbm... no
checking for dbm_open in -lgdbm... no
checking for dbm_open in -lgdbm_compat... yes
updating cache ../../../config.cache
configure: creating ./config.status
config.status: creating Makefile
=== configuring in src/modules/rlm_eap (/root/freeradius-2.1.0+dfsg/src/modules/rlm_eap)
configure: running /bin/bash ./configure '--prefix=/usr' '--build' 'i486-linux-gnu' '--exec-prefix=/usr' '--mandir=/usr/share/man' '--sysconfdir=/etc' '--libdir=/usr/lib/freeradius' '--datadir=/usr/share' '--localstatedir=/var' '--with-raddbdir=/etc/freeradius' '--with-logdir=/var/log/freeradius' '--enable-ltdl-install=no' '--enable-strict-dependencies' '--with-large-files' '--with-udpfromto' '--with-edir' '--enable-developer' '--with-rlm_eap_tls' '--with-rlm_eap_ttls' '--with-rlm_eap_peap' '--without-rlm_eap_tnc' '--without-rlm_otp' '--with-rlm_sql_postgresql_lib_dir=/usr/lib' '--with-rlm_sql_postgresql_include_dir=/usr/include/postgresql' '--with-openssl' '--without-rlm_eap_ikev2' '--without-rlm_sql_oracle' '--without-rlm_sql_unixodbc' '--with-system-libtool' 'build_alias=i486-linux-gnu' 'CFLAGS=-g -O2 -O2' 'LDFLAGS=-Wl,-Bsymbolic-functions' 'CPPFLAGS=' 'CXXFLAGS=-g -O2' 'FFLAGS=-g -O2' '--enable-ltdl-install=no' --cache-file=../../../config.cache --srcdir=.
configure: loading cache ../../../config.cache
checking for gcc... (cached) gcc
checking for C compiler default output file name... a.out
checking whether the C compiler works... yes
checking whether we are cross compiling... no
checking for suffix of executables...
checking for suffix of object files... (cached) o
checking whether we are using the GNU C compiler... (cached) yes
checking whether gcc accepts -g... (cached) yes
checking for gcc option to accept ANSI C... (cached) none needed
configure: creating ./config.status
config.status: creating Makefile
configure: configuring in ./types/rlm_eap_ikev2
configure: running /bin/bash './configure' --prefix=/usr '--prefix=/usr' '--build' 'i486-linux-gnu' '--exec-prefix=/usr' '--mandir=/usr/share/man' '--sysconfdir=/etc' '--libdir=/usr/lib/freeradius' '--datadir=/usr/share' '--localstatedir=/var' '--with-raddbdir=/etc/freeradius' '--with-logdir=/var/log/freeradius' '--enable-strict-dependencies' '--with-large-files' '--with-udpfromto' '--with-edir' '--enable-developer' '--with-rlm_eap_tls' '--with-rlm_eap_ttls' '--with-rlm_eap_peap' '--without-rlm_eap_tnc' '--without-rlm_otp' '--with-rlm_sql_postgresql_lib_dir=/usr/lib' '--with-rlm_sql_postgresql_include_dir=/usr/include/postgresql' '--with-openssl' '--without-rlm_eap_ikev2' '--without-rlm_sql_oracle' '--without-rlm_sql_unixodbc' '--with-system-libtool' 'build_alias=i486-linux-gnu' 'CFLAGS=-g -O2 -O2' 'LDFLAGS=-Wl,-Bsymbolic-functions' 'CPPFLAGS=' 'CXXFLAGS=-g -O2' 'FFLAGS=-g -O2' '--enable-ltdl-install=no' '--cache-file=../../../config.cache' '--srcdir=.' --cache-file=../../../../../config.cache --srcdir=.
configure: loading cache ../../../../../config.cache
*** module rlm_eap_ikev2 is disabled.
configure: creating ./config.status
config.status: creating Makefile
configure: configuring in ./types/rlm_eap_ttls
configure: running /bin/bash './configure' --prefix=/usr '--prefix=/usr' '--build' 'i486-linux-gnu' '--exec-prefix=/usr' '--mandir=/usr/share/man' '--sysconfdir=/etc' '--libdir=/usr/lib/freeradius' '--datadir=/usr/share' '--localstatedir=/var' '--with-raddbdir=/etc/freeradius' '--with-logdir=/var/log/freeradius' '--enable-strict-dependencies' '--with-large-files' '--with-udpfromto' '--with-edir' '--enable-developer' '--with-rlm_eap_tls' '--with-rlm_eap_ttls' '--with-rlm_eap_peap' '--without-rlm_eap_tnc' '--without-rlm_otp' '--with-rlm_sql_postgresql_lib_dir=/usr/lib' '--with-rlm_sql_postgresql_include_dir=/usr/include/postgresql' '--with-openssl' '--without-rlm_eap_ikev2' '--without-rlm_sql_oracle' '--without-rlm_sql_unixodbc' '--with-system-libtool' 'build_alias=i486-linux-gnu' 'CFLAGS=-g -O2 -O2' 'LDFLAGS=-Wl,-Bsymbolic-functions' 'CPPFLAGS=' 'CXXFLAGS=-g -O2' 'FFLAGS=-g -O2' '--enable-ltdl-install=no' '--cache-file=../../../config.cache' '--srcdir=.' --cache-file=../../../../../config.cache --srcdir=.
configure: loading cache ../../../../../config.cache
checking for OpenSSL support... yes
configure: creating ./config.status
config.status: creating Makefile
config.status: creating config.h
configure: configuring in ./types/rlm_eap_peap
configure: running /bin/bash './configure' --prefix=/usr '--prefix=/usr' '--build' 'i486-linux-gnu' '--exec-prefix=/usr' '--mandir=/usr/share/man' '--sysconfdir=/etc' '--libdir=/usr/lib/freeradius' '--datadir=/usr/share' '--localstatedir=/var' '--with-raddbdir=/etc/freeradius' '--with-logdir=/var/log/freeradius' '--enable-strict-dependencies' '--with-large-files' '--with-udpfromto' '--with-edir' '--enable-developer' '--with-rlm_eap_tls' '--with-rlm_eap_ttls' '--with-rlm_eap_peap' '--without-rlm_eap_tnc' '--without-rlm_otp' '--with-rlm_sql_postgresql_lib_dir=/usr/lib' '--with-rlm_sql_postgresql_include_dir=/usr/include/postgresql' '--with-openssl' '--without-rlm_eap_ikev2' '--without-rlm_sql_oracle' '--without-rlm_sql_unixodbc' '--with-system-libtool' 'build_alias=i486-linux-gnu' 'CFLAGS=-g -O2 -O2' 'LDFLAGS=-Wl,-Bsymbolic-functions' 'CPPFLAGS=' 'CXXFLAGS=-g -O2' 'FFLAGS=-g -O2' '--enable-ltdl-install=no' '--cache-file=../../../config.cache' '--srcdir=.' --cache-file=../../../../../config.cache --srcdir=.
configure: loading cache ../../../../../config.cache
checking for OpenSSL support... yes
configure: creating ./config.status
config.status: creating Makefile
config.status: creating config.h
configure: configuring in ./types/rlm_eap_tnc
configure: running /bin/bash './configure' --prefix=/usr '--prefix=/usr' '--build' 'i486-linux-gnu' '--exec-prefix=/usr' '--mandir=/usr/share/man' '--sysconfdir=/etc' '--libdir=/usr/lib/freeradius' '--datadir=/usr/share' '--localstatedir=/var' '--with-raddbdir=/etc/freeradius' '--with-logdir=/var/log/freeradius' '--enable-strict-dependencies' '--with-large-files' '--with-udpfromto' '--with-edir' '--enable-developer' '--with-rlm_eap_tls' '--with-rlm_eap_ttls' '--with-rlm_eap_peap' '--without-rlm_eap_tnc' '--without-rlm_otp' '--with-rlm_sql_postgresql_lib_dir=/usr/lib' '--with-rlm_sql_postgresql_include_dir=/usr/include/postgresql' '--with-openssl' '--without-rlm_eap_ikev2' '--without-rlm_sql_oracle' '--without-rlm_sql_unixodbc' '--with-system-libtool' 'build_alias=i486-linux-gnu' 'CFLAGS=-g -O2 -O2' 'LDFLAGS=-Wl,-Bsymbolic-functions' 'CPPFLAGS=' 'CXXFLAGS=-g -O2' 'FFLAGS=-g -O2' '--enable-ltdl-install=no' '--cache-file=../../../config.cache' '--srcdir=.' --cache-file=../../../../../config.cache --srcdir=.
configure: loading cache ../../../../../config.cache
*** module rlm_eap_tnc is disabled.
configure: creating ./config.status
config.status: creating Makefile
configure: configuring in ./types/rlm_eap_tls
configure: running /bin/bash './configure' --prefix=/usr '--prefix=/usr' '--build' 'i486-linux-gnu' '--exec-prefix=/usr' '--mandir=/usr/share/man' '--sysconfdir=/etc' '--libdir=/usr/lib/freeradius' '--datadir=/usr/share' '--localstatedir=/var' '--with-raddbdir=/etc/freeradius' '--with-logdir=/var/log/freeradius' '--enable-strict-dependencies' '--with-large-files' '--with-udpfromto' '--with-edir' '--enable-developer' '--with-rlm_eap_tls' '--with-rlm_eap_ttls' '--with-rlm_eap_peap' '--without-rlm_eap_tnc' '--without-rlm_otp' '--with-rlm_sql_postgresql_lib_dir=/usr/lib' '--with-rlm_sql_postgresql_include_dir=/usr/include/postgresql' '--with-openssl' '--without-rlm_eap_ikev2' '--without-rlm_sql_oracle' '--without-rlm_sql_unixodbc' '--with-system-libtool' 'build_alias=i486-linux-gnu' 'CFLAGS=-g -O2 -O2' 'LDFLAGS=-Wl,-Bsymbolic-functions' 'CPPFLAGS=' 'CXXFLAGS=-g -O2' 'FFLAGS=-g -O2' '--enable-ltdl-install=no' '--cache-file=../../../config.cache' '--srcdir=.' --cache-file=../../../../../config.cache --srcdir=.
configure: loading cache ../../../../../config.cache
checking for OpenSSL support... yes
configure: creating ./config.status
config.status: creating Makefile
config.status: creating config.h
=== configuring in src/modules/rlm_ippool (/root/freeradius-2.1.0+dfsg/src/modules/rlm_ippool)
configure: running /bin/bash ./configure '--prefix=/usr' '--build' 'i486-linux-gnu' '--exec-prefix=/usr' '--mandir=/usr/share/man' '--sysconfdir=/etc' '--libdir=/usr/lib/freeradius' '--datadir=/usr/share' '--localstatedir=/var' '--with-raddbdir=/etc/freeradius' '--with-logdir=/var/log/freeradius' '--enable-ltdl-install=no' '--enable-strict-dependencies' '--with-large-files' '--with-udpfromto' '--with-edir' '--enable-developer' '--with-rlm_eap_tls' '--with-rlm_eap_ttls' '--with-rlm_eap_peap' '--without-rlm_eap_tnc' '--without-rlm_otp' '--with-rlm_sql_postgresql_lib_dir=/usr/lib' '--with-rlm_sql_postgresql_include_dir=/usr/include/postgresql' '--with-openssl' '--without-rlm_eap_ikev2' '--without-rlm_sql_oracle' '--without-rlm_sql_unixodbc' '--with-system-libtool' 'build_alias=i486-linux-gnu' 'CFLAGS=-g -O2 -O2' 'LDFLAGS=-Wl,-Bsymbolic-functions' 'CPPFLAGS=' 'CXXFLAGS=-g -O2' 'FFLAGS=-g -O2' '--enable-ltdl-install=no' --cache-file=../../../config.cache --srcdir=.
configure: loading cache ../../../config.cache
checking for gcc... (cached) gcc
checking for C compiler default output file name... a.out
checking whether the C compiler works... yes
checking whether we are cross compiling... no
checking for suffix of executables...
checking for suffix of object files... (cached) o
checking whether we are using the GNU C compiler... (cached) yes
checking whether gcc accepts -g... (cached) yes
checking for gcc option to accept ANSI C... (cached) none needed
checking how to run the C preprocessor... (cached) gcc -E
checking for gdbm.h... yes
checking for gdbm_open in -lgdbm... yes
checking to see GDBM_SYNC status... checking for egrep... (cached) grep -E
needs it.
checking for gdbm_fdesc... (cached) yes
configure: creating ./config.status
config.status: creating Makefile
config.status: creating config.h
=== configuring in src/modules/rlm_krb5 (/root/freeradius-2.1.0+dfsg/src/modules/rlm_krb5)
configure: running /bin/bash ./configure '--prefix=/usr' '--build' 'i486-linux-gnu' '--exec-prefix=/usr' '--mandir=/usr/share/man' '--sysconfdir=/etc' '--libdir=/usr/lib/freeradius' '--datadir=/usr/share' '--localstatedir=/var' '--with-raddbdir=/etc/freeradius' '--with-logdir=/var/log/freeradius' '--enable-ltdl-install=no' '--enable-strict-dependencies' '--with-large-files' '--with-udpfromto' '--with-edir' '--enable-developer' '--with-rlm_eap_tls' '--with-rlm_eap_ttls' '--with-rlm_eap_peap' '--without-rlm_eap_tnc' '--without-rlm_otp' '--with-rlm_sql_postgresql_lib_dir=/usr/lib' '--with-rlm_sql_postgresql_include_dir=/usr/include/postgresql' '--with-openssl' '--without-rlm_eap_ikev2' '--without-rlm_sql_oracle' '--without-rlm_sql_unixodbc' '--with-system-libtool' 'build_alias=i486-linux-gnu' 'CFLAGS=-g -O2 -O2' 'LDFLAGS=-Wl,-Bsymbolic-functions' 'CPPFLAGS=' 'CXXFLAGS=-g -O2' 'FFLAGS=-g -O2' '--enable-ltdl-install=no' --cache-file=../../../config.cache --srcdir=.
configure: loading cache ../../../config.cache
checking for gcc... (cached) gcc
checking for C compiler default output file name... a.out
checking whether the C compiler works... yes
checking whether we are cross compiling... no
checking for suffix of executables...
checking for suffix of object files... (cached) o
checking whether we are using the GNU C compiler... (cached) yes
checking whether gcc accepts -g... (cached) yes
checking for gcc option to accept ISO C89... (cached) none needed
checking how to run the C preprocessor... (cached) gcc -E
checking for krb5.h... yes
checking for krb5_encrypt_data in -lk5crypto... yes
checking for set_com_err_hook in -lcom_err... yes
checking for krb5_init_context in -lkrb5... yes
configure: updating cache ../../../config.cache
configure: creating ./config.status
config.status: creating Makefile
=== configuring in src/modules/rlm_ldap (/root/freeradius-2.1.0+dfsg/src/modules/rlm_ldap)
configure: running /bin/bash ./configure '--prefix=/usr' '--build' 'i486-linux-gnu' '--exec-prefix=/usr' '--mandir=/usr/share/man' '--sysconfdir=/etc' '--libdir=/usr/lib/freeradius' '--datadir=/usr/share' '--localstatedir=/var' '--with-raddbdir=/etc/freeradius' '--with-logdir=/var/log/freeradius' '--enable-ltdl-install=no' '--enable-strict-dependencies' '--with-large-files' '--with-udpfromto' '--with-edir' '--enable-developer' '--with-rlm_eap_tls' '--with-rlm_eap_ttls' '--with-rlm_eap_peap' '--without-rlm_eap_tnc' '--without-rlm_otp' '--with-rlm_sql_postgresql_lib_dir=/usr/lib' '--with-rlm_sql_postgresql_include_dir=/usr/include/postgresql' '--with-openssl' '--without-rlm_eap_ikev2' '--without-rlm_sql_oracle' '--without-rlm_sql_unixodbc' '--with-system-libtool' 'build_alias=i486-linux-gnu' 'CFLAGS=-g -O2 -O2' 'LDFLAGS=-Wl,-Bsymbolic-functions' 'CPPFLAGS=' 'CXXFLAGS=-g -O2' 'FFLAGS=-g -O2' '--enable-ltdl-install=no' --cache-file=../../../config.cache --srcdir=.
configure: loading cache ../../../config.cache
checking for gcc... (cached) gcc
checking for C compiler default output file name... a.out
checking whether the C compiler works... yes
checking whether we are cross compiling... no
checking for suffix of executables...
checking for suffix of object files... (cached) o
checking whether we are using the GNU C compiler... (cached) yes
checking whether gcc accepts -g... (cached) yes
checking for gcc option to accept ISO C89... (cached) none needed
checking for pthread_create in -lpthread... (cached) yes
checking for ldap_init in -lldap_r... yes
checking for ldap.h... yes
checking for ldap_start_tls_s... yes
checking for ldap_initialize... yes
checking for ldap_int_tls_config... yes
configure: updating cache ../../../config.cache
configure: creating ./config.status
config.status: creating Makefile
=== configuring in src/modules/rlm_otp (/root/freeradius-2.1.0+dfsg/src/modules/rlm_otp)
configure: running /bin/bash ./configure '--prefix=/usr' '--build' 'i486-linux-gnu' '--exec-prefix=/usr' '--mandir=/usr/share/man' '--sysconfdir=/etc' '--libdir=/usr/lib/freeradius' '--datadir=/usr/share' '--localstatedir=/var' '--with-raddbdir=/etc/freeradius' '--with-logdir=/var/log/freeradius' '--enable-ltdl-install=no' '--enable-strict-dependencies' '--with-large-files' '--with-udpfromto' '--with-edir' '--enable-developer' '--with-rlm_eap_tls' '--with-rlm_eap_ttls' '--with-rlm_eap_peap' '--without-rlm_eap_tnc' '--without-rlm_otp' '--with-rlm_sql_postgresql_lib_dir=/usr/lib' '--with-rlm_sql_postgresql_include_dir=/usr/include/postgresql' '--with-openssl' '--without-rlm_eap_ikev2' '--without-rlm_sql_oracle' '--without-rlm_sql_unixodbc' '--with-system-libtool' 'build_alias=i486-linux-gnu' 'CFLAGS=-g -O2 -O2' 'LDFLAGS=-Wl,-Bsymbolic-functions' 'CPPFLAGS=' 'CXXFLAGS=-g -O2' 'FFLAGS=-g -O2' '--enable-ltdl-install=no' --cache-file=../../../config.cache --srcdir=.
configure: loading cache ../../../config.cache
*** module rlm_otp is disabled.
configure: creating ./config.status
config.status: creating Makefile
=== configuring in src/modules/rlm_pam (/root/freeradius-2.1.0+dfsg/src/modules/rlm_pam)
configure: running /bin/bash ./configure '--prefix=/usr' '--build' 'i486-linux-gnu' '--exec-prefix=/usr' '--mandir=/usr/share/man' '--sysconfdir=/etc' '--libdir=/usr/lib/freeradius' '--datadir=/usr/share' '--localstatedir=/var' '--with-raddbdir=/etc/freeradius' '--with-logdir=/var/log/freeradius' '--enable-ltdl-install=no' '--enable-strict-dependencies' '--with-large-files' '--with-udpfromto' '--with-edir' '--enable-developer' '--with-rlm_eap_tls' '--with-rlm_eap_ttls' '--with-rlm_eap_peap' '--without-rlm_eap_tnc' '--without-rlm_otp' '--with-rlm_sql_postgresql_lib_dir=/usr/lib' '--with-rlm_sql_postgresql_include_dir=/usr/include/postgresql' '--with-openssl' '--without-rlm_eap_ikev2' '--without-rlm_sql_oracle' '--without-rlm_sql_unixodbc' '--with-system-libtool' 'build_alias=i486-linux-gnu' 'CFLAGS=-g -O2 -O2' 'LDFLAGS=-Wl,-Bsymbolic-functions' 'CPPFLAGS=' 'CXXFLAGS=-g -O2' 'FFLAGS=-g -O2' '--enable-ltdl-install=no' --cache-file=../../../config.cache --srcdir=.
configure: loading cache ../../../config.cache
checking for gcc... (cached) gcc
checking for C compiler default output file name... a.out
checking whether the C compiler works... yes
checking whether we are cross compiling... no
checking for suffix of executables...
checking for suffix of object files... (cached) o
checking whether we are using the GNU C compiler... (cached) yes
checking whether gcc accepts -g... (cached) yes
checking for gcc option to accept ANSI C... (cached) none needed
checking how to run the C preprocessor... (cached) gcc -E
checking for dlopen in -ldl... (cached) yes
checking for pam_start in -lpam... yes
checking for egrep... (cached) grep -E
checking for ANSI C header files... (cached) yes
checking for sys/types.h... (cached) yes
checking for sys/stat.h... (cached) yes
checking for stdlib.h... (cached) yes
checking for string.h... (cached) yes
checking for memory.h... (cached) yes
checking for strings.h... (cached) yes
checking for inttypes.h... (cached) yes
checking for stdint.h... (cached) yes
checking for unistd.h... (cached) yes
checking security/pam_appl.h usability... yes
checking security/pam_appl.h presence... yes
checking for security/pam_appl.h... yes
checking pam/pam_appl.h usability... no
checking pam/pam_appl.h presence... no
checking for pam/pam_appl.h... no
updating cache ../../../config.cache
configure: creating ./config.status
config.status: creating Makefile
config.status: creating config.h
=== configuring in src/modules/rlm_perl (/root/freeradius-2.1.0+dfsg/src/modules/rlm_perl)
configure: running /bin/bash ./configure '--prefix=/usr' '--build' 'i486-linux-gnu' '--exec-prefix=/usr' '--mandir=/usr/share/man' '--sysconfdir=/etc' '--libdir=/usr/lib/freeradius' '--datadir=/usr/share' '--localstatedir=/var' '--with-raddbdir=/etc/freeradius' '--with-logdir=/var/log/freeradius' '--enable-ltdl-install=no' '--enable-strict-dependencies' '--with-large-files' '--with-udpfromto' '--with-edir' '--enable-developer' '--with-rlm_eap_tls' '--with-rlm_eap_ttls' '--with-rlm_eap_peap' '--without-rlm_eap_tnc' '--without-rlm_otp' '--with-rlm_sql_postgresql_lib_dir=/usr/lib' '--with-rlm_sql_postgresql_include_dir=/usr/include/postgresql' '--with-openssl' '--without-rlm_eap_ikev2' '--without-rlm_sql_oracle' '--without-rlm_sql_unixodbc' '--with-system-libtool' 'build_alias=i486-linux-gnu' 'CFLAGS=-g -O2 -O2' 'LDFLAGS=-Wl,-Bsymbolic-functions' 'CPPFLAGS=' 'CXXFLAGS=-g -O2' 'FFLAGS=-g -O2' '--enable-ltdl-install=no' --cache-file=../../../config.cache --srcdir=.
configure: loading cache ../../../config.cache
checking for gcc... (cached) gcc
checking for C compiler default output file name... a.out
checking whether the C compiler works... yes
checking whether we are cross compiling... no
checking for suffix of executables...
checking for suffix of object files... (cached) o
checking whether we are using the GNU C compiler... (cached) yes
checking whether gcc accepts -g... (cached) yes
checking for gcc option to accept ISO C89... (cached) none needed
checking how to run the C preprocessor... (cached) gcc -E
checking for perl... yes
checking for EXTERN.h... yes
checking for perl.h... yes
configure: updating cache ../../../config.cache
configure: creating ./config.status
config.status: creating Makefile
config.status: creating config.h
=== configuring in src/modules/rlm_python (/root/freeradius-2.1.0+dfsg/src/modules/rlm_python)
configure: running /bin/bash ./configure '--prefix=/usr' '--build' 'i486-linux-gnu' '--exec-prefix=/usr' '--mandir=/usr/share/man' '--sysconfdir=/etc' '--libdir=/usr/lib/freeradius' '--datadir=/usr/share' '--localstatedir=/var' '--with-raddbdir=/etc/freeradius' '--with-logdir=/var/log/freeradius' '--enable-ltdl-install=no' '--enable-strict-dependencies' '--with-large-files' '--with-udpfromto' '--with-edir' '--enable-developer' '--with-rlm_eap_tls' '--with-rlm_eap_ttls' '--with-rlm_eap_peap' '--without-rlm_eap_tnc' '--without-rlm_otp' '--with-rlm_sql_postgresql_lib_dir=/usr/lib' '--with-rlm_sql_postgresql_include_dir=/usr/include/postgresql' '--with-openssl' '--without-rlm_eap_ikev2' '--without-rlm_sql_oracle' '--without-rlm_sql_unixodbc' '--with-system-libtool' 'build_alias=i486-linux-gnu' 'CFLAGS=-g -O2 -O2' 'LDFLAGS=-Wl,-Bsymbolic-functions' 'CPPFLAGS=' 'CXXFLAGS=-g -O2' 'FFLAGS=-g -O2' '--enable-ltdl-install=no' --cache-file=../../../config.cache --srcdir=.
configure: loading cache ../../../config.cache
checking for gcc... (cached) gcc
checking for C compiler default output file name... a.out
checking whether the C compiler works... yes
checking whether we are cross compiling... no
checking for suffix of executables...
checking for suffix of object files... (cached) o
checking whether we are using the GNU C compiler... (cached) yes
checking whether gcc accepts -g... (cached) yes
checking for gcc option to accept ANSI C... (cached) none needed
checking how to run the C preprocessor... (cached) gcc -E
checking for python2.3... no
checking for python2.2... no
checking for python2.1... no
checking for python1.5... no
checking for python... python
checking for Python.h... no
checking for Py_Initialize in -lpython2.5... no
configure: error: set --without-rlm_python to disable it explicitly.
configure: error: ./configure failed for src/modules/rlm_python
make: *** [config.status] Error 1
dpkg-buildpackage: failure: debian/rules build gave error exit status 2

what i do now? HELP!!!

By: Anonymous

Try tu install python if you don't have already do

By:

u forget to put the "," after the libsnmp-devit show like this " libsnmp-dev, libssl-dev"

By:

The Apache process is restarted with "/etc/init.d/apache2 restart" on Ubuntu.

And reading the final note, I now know that it wouldn't have been necessary to build from source, since the only additional things these instructions enable in the source setup are not even used in this howto. It would have been nice to mention this at the beginning...

PS: While enabling EAP and TLS flags before compiling, you also need to enable openssl support in debian/rules, otherwise the compile process will fail.

By:

Thanx. Fixed the httpd thing & also added the openssl related stuff.

But the text regarding the need to compile the package with openssl or not, was present at the begining of the article. I just highlighted it now for the negligents (ref: centos thing ;)

Good luck

By: diego

Hi,

I tried

dpkg-buildpackage -rfakeroot

but it says that it cannot perform it...As you say in the tutorial you may need some more apt-get but what??

Thanks

By:

Hey diego,
This process was carried out on ubuntu 8.04 LTS version with minimal/base install. From there on apt-getting was done. Dependencies shouldn't be a problem. just hit "yes" whatever/whenever dependencies are prompted. Trying to stick with the theme/manifesto of howtoforge.com, this tutorial should work for even the dummies.

Make sure u have the exact same setup environment. Deviations are possible but only if u know what ur doing.

For further information on dpkg-buildpackage check out this link
http://ubuntuforums.org/showthread.php?t=686131 OR
or
man fakeroot

Let me know if u find out any errors.

Good luck

By:

Why did my first comment disappear? There I had listed most corrections, like missing packages, incorrect package names, invalid packages, config modifications etc.

I suppose this has never actually been done on Hardy? Too many things are wrong...

By:

Do you mean this one?

https://www.howtoforge.com/authentication-authorization-and-accounting-with-freeradius-and-mysql-backend-and-webbased-management-with-daloradius#comment-4561

You posted it under a different tutorial.

By:

Yes, that's the one, sorry. Must have gotten to the wrong place when I wrote it the second time. However, the comment still applies. This tutorial here can't work, there are too many problems. So for simplicity, I paste the comment in here:

###

I can't remember all my modifications, so good luck to everyone trying this, but some hints anyway:

- Packages

- more need to be installed, specifically build-essential, fakeroot, mysql-client-5.0, mysql-server.These are not installed by default on Hardy server.

- libmysqlclient-dev has no installation candidate.

- Instead of "apt-get install php php-mysql php-pear php-gd php-pear-DB" it should be "apt-get install php5 php5-mysql php-pear php5-gd php5-db".

- MySQL

- Instead of "use database radius" it should be "use radius".

- Freeradius

- In /etc/freeradius/users, comment out the line "DEFAULT Auth-Type = System" and the following one if you do not plan to go mad.

- misc

- When copying daloradius to /var/www, omit the trailing slash! It should be "cp -R daloradius-0.9-7 /var/www".

By:

hi,

Not php5-db. must be php-db. If php-db not install. Cant open opendb.php.

thanx

By:

See if this does the trick for u

apt-get install build-essential -y

By:

See if the iptables are flushed or not ?

By: Anonymous

installed but testing Access-Reject

[email protected]:/var/log/freeradius# more radius.log
Mon Mar 23 14:23:44 2009 : Info: Using deprecated naslist file. Support for this will go away soon.
Mon Mar 23 14:23:44 2009 : Info: rlm_exec: Wait=yes but no output defined. Did you mean output=none?
Mon Mar 23 14:23:44 2009 : Info: Ready to process requests.
Mon Mar 23 15:12:18 2009 : Info: Using deprecated naslist file. Support for this will go away soon.
Mon Mar 23 15:12:18 2009 : Info: rlm_exec: Wait=yes but no output defined. Did you mean output=none?
Mon Mar 23 15:12:19 2009 : Info: rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded and linked
Mon Mar 23 15:12:19 2009 : Info: rlm_sql (sql): Attempting to connect to [email protected]:/radius
Mon Mar 23 15:12:19 2009 : Info: rlm_sql_mysql: Starting connect to MySQL server for #0
Mon Mar 23 15:12:19 2009 : Info: rlm_sql_mysql: Starting connect to MySQL server for #1
Mon Mar 23 15:12:19 2009 : Info: rlm_sql_mysql: Starting connect to MySQL server for #2
Mon Mar 23 15:12:19 2009 : Info: rlm_sql_mysql: Starting connect to MySQL server for #3
Mon Mar 23 15:12:19 2009 : Info: rlm_sql_mysql: Starting connect to MySQL server for #4
Mon Mar 23 15:12:19 2009 : Info: Ready to process requests.
Mon Mar 23 15:14:40 2009 : Info: Using deprecated naslist file. Support for this will go away soon.
Mon Mar 23 15:14:40 2009 : Info: rlm_exec: Wait=yes but no output defined. Did you mean output=none?
Mon Mar 23 15:14:40 2009 : Info: rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded and linked
Mon Mar 23 15:14:40 2009 : Info: rlm_sql (sql): Attempting to connect to [email protected]:/radius
Mon Mar 23 15:14:40 2009 : Info: rlm_sql_mysql: Starting connect to MySQL server for #0
Mon Mar 23 15:14:40 2009 : Info: rlm_sql_mysql: Starting connect to MySQL server for #1
Mon Mar 23 15:14:40 2009 : Info: rlm_sql_mysql: Starting connect to MySQL server for #2
Mon Mar 23 15:14:40 2009 : Info: rlm_sql_mysql: Starting connect to MySQL server for #3
Mon Mar 23 15:14:40 2009 : Info: rlm_sql_mysql: Starting connect to MySQL server for #4
Mon Mar 23 15:14:41 2009 : Info: Ready to process requests.
Mon Mar 23 15:23:29 2009 : Info: Using deprecated naslist file. Support for this will go away soon.
Mon Mar 23 15:23:29 2009 : Info: rlm_exec: Wait=yes but no output defined. Did you mean output=none?
Mon Mar 23 15:23:29 2009 : Info: rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded and linked
Mon Mar 23 15:23:29 2009 : Info: rlm_sql (sql): Attempting to connect to [email protected]:/radius
Mon Mar 23 15:23:29 2009 : Info: rlm_sql_mysql: Starting connect to MySQL server for #0
Mon Mar 23 15:23:29 2009 : Info: rlm_sql_mysql: Starting connect to MySQL server for #1
Mon Mar 23 15:23:29 2009 : Info: rlm_sql_mysql: Starting connect to MySQL server for #2
Mon Mar 23 15:23:29 2009 : Info: rlm_sql_mysql: Starting connect to MySQL server for #3
Mon Mar 23 15:23:29 2009 : Info: rlm_sql_mysql: Starting connect to MySQL server for #4
Mon Mar 23 15:23:29 2009 : Info: Ready to process requests.
[email protected]:/var/log/freeradius# radtest sqltest testpwd localhost 1812 testing123
Sending Access-Request of id 50 to 127.0.0.1 port 1812
        User-Name = "sqltest"
        User-Password = "testpwd"
        NAS-IP-Address = 255.255.255.255
        NAS-Port = 1812
Re-sending Access-Request of id 50 to 127.0.0.1 port 1812
        User-Name = "sqltest"
        User-Password = "testpwd"
        NAS-IP-Address = 255.255.255.255
        NAS-Port = 1812
rad_recv: Access-Reject packet from host 127.0.0.1:1812, id=50, length=20
[email protected]:/var/log/freeradius#

[email protected]:/var/log/freeradius# mysql -u radius -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 15
Server version: 5.0.51a-3ubuntu5.4 (Ubuntu)

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql> use radius;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

Database changed
mysql> select * from radcheck;
+----+----------+-----------+----+---------+
| id | UserName | Attribute | op | Value |
+----+----------+-----------+----+---------+
| 1 | sqltest | password | == | testpwd |
+----+----------+-----------+----+---------+
1 row in set (0.00 sec)

mysql>

By: michaelo

mysql> select * from radcheck;
+----+----------+-----------+----+---------+
| id | UserName | Attribute | op | Value |
+----+----------+-----------+----+---------+
| 1 | sqltest | password | == | testpwd |
+----+----------+-----------+----+---------+

change attribute

Database changed
mysql> select * from radcheck;
+----+------------+---------------------+----+---------+
| id | UserName | Attribute | op | Value |
+----+------------+---------------------+----+---------+
| 1 | sqltest | Cleartext-Password | := | testpwd |
+----+------------+---------------------+----+---------+

and

[email protected]:/var/log/freeradius# radtest sqltest testpwd localhost 1812 testing123
Sending Access-Request of id 50 to 127.0.0.1 port 1812
        User-Name = "sqltest"
        User-Password = "testpwd"
        NAS-IP-Address = 255.255.255.255
        NAS-Port = 1812
Re-sending Access-Request of id 50 to 127.0.0.1 port 1812
        User-Name = "sqltest"
        User-Password = "testpwd"
        NAS-IP-Address = 255.255.255.255
        NAS-Port = 1812
rad_recv: Access-Acept packet from host 127.0.0.1:1812, id=50, length=20

By: Anonymous

hi I have the same problem, but with your solve, i can not make it work:

[[email protected] src]# more /var/log/radius/radius.log
Wed Jul 28 18:50:30 2010 : Info: rlm_exec: Wait=yes but no output defined. Did you mean output=none?
Wed Jul 28 18:50:30 2010 : Info: Ready to process requests.

mysql> INSERT INTO radcheck (UserName, Attribute, Value) VALUES ('1234', 'Cleartext-Password', '1234');
Query OK, 1 row affected (0.00 sec)

mysql> select * from radcheck;
+----+----------+--------------------+----+---------+
| id | UserName | Attribute          | op | Value   |
+----+----------+--------------------+----+---------+
| 1 | sqltest | Password           | == | testpwd |
| 2 | 1234     | Cleartext-Password | == | 1234    |
+----+----------+--------------------+----+---------+
2 rows in set (0.00 sec)

[[email protected] src]# radtest 1234 1234 localhost 1812 testing123
Sending Access-Request of id 214 to 127.0.0.1 port 1812
        User-Name = "1234"
        User-Password = "1234"
        NAS-IP-Address = 255.255.255.255
        NAS-Port = 1812
rad_recv: Access-Reject packet from host 127.0.0.1:1812, id=214, length=20

[[email protected] src]# radtest 1234 1234 127.0.0.1 1812 testing123
Sending Access-Request of id 218 to 127.0.0.1 port 1812
        User-Name = "1234"
        User-Password = "1234"
        NAS-IP-Address = 255.255.255.255
        NAS-Port = 1812
rad_recv: Access-Reject packet from host 127.0.0.1:1812, id=218, length=20

please help me to solve it

thanks and regards.

Thanh Truong

By: coniptor

I just ran into this. Say your in ~/freeradiustmp/freeradius-2.0.4+dfsg/ Copy control and rules from the debian directory back to ~/freeradiustmp cd to ~/freeradiustmp rm -rf freeradius-2.0.4+dfsg apt-get source freeradius copy control and rules back into freeradius-2.0.4+dfsg/debian and say yes to overwrite the files. Now edit the debian/rules copy and locate the line: --with-rlm_otp Right below this line add: --without-rlm_python Now run dpkg-buildpackage -rfakeroot as you did before and it should work. I'd avoid removing freeradius and pulling it down again if I knew how to get dpkg-buildpackage/debuild to regenerate anew but don't know how to do that just yet.

By:

Try recompiling after install fakeroot

# sudo aptitude install fakeroot

cheers

By: failed

Error on running dpkg-buildpackage -rfakeroot

[email protected]:~/freeradius-1.1.7# ls
acconfig.h    config.h.in configure.in debian        INSTALL     libtool.m4 ltmain.sh    man      raddb   scripts suse
aclocal.m4    config.sub   COPYRIGHT     dialup_admin install-sh LICENSE     Makefile     mibs     README share    todo
config.guess configure    CREDITS       doc           libltdl     ltconfig    Make.inc.in missing redhat src
[email protected]:~/freeradius-1.1.7# dpkg-buildpackage -rfakeroot
dpkg-buildpackage: warning: using a gain-root-command while being root
dpkg-buildpackage: set CPPFLAGS to default value:
dpkg-buildpackage: set CFLAGS to default value: -g -O2
dpkg-buildpackage: set CXXFLAGS to default value: -g -O2
dpkg-buildpackage: set FFLAGS to default value: -g -O2
dpkg-buildpackage: set LDFLAGS to default value: -Wl,-Bsymbolic-functions
dpkg-buildpackage: source package freeradius
dpkg-buildpackage: source version 1.1.7-1build4
dpkg-buildpackage: source changed by Chuck Short <[email protected]>
dpkg-buildpackage: host architecture i386
fakeroot debian/rules clean
Can't exec "fakeroot": No such file or directory at /usr/bin/dpkg-buildpackage line 477.
dpkg-buildpackage: failure: fakeroot debian/rules clean failed with unknown exit code -1
[email protected]:~/freeradius-1.1.7#

By:

Your welcome.
Comments such as this do make it worth while writing the howto.
Have a blast with FR. You make my day.

Ozzy

(falko does deserve a credit as well)

By: KrisH

I was assigned a project in UNIX class of getting a RADIUS server working for one of the colleges at U of H. Have scoured the internet for tips and tricks on how to do so and have found a few pages that hit in the major points but your HowTo blows them out of the water.

I'm an old school Windows guy and have just barely dabbled in *nix so my understanding of building packages and installing libraries is limited. Unfortunately those are the steps that all the other HowTos overlook. Your explanations and code snippets did wonders and for someone who had to just figure out how to logon to a Linux console, I had Ubuntu 8.04 installed with FreeRadius running and responding to requests in a little over an hour.

Great Job.

By: Luca

Thank you very much!!!!
It worked almost smoothly.

At first I couldn't get past the test connection that kept failing.

I tryed to commentet EVERY method of authentication apart from sql (the only one I actually need) in /etc/freeradius/radiusd.conf and it went fine....

Luca

By: Sunish

Great how to!!

Completed everything as stated, and radtest is working fine. Now, how to connect to this server from another Windows / Ubuntu machine?

By: Sam

If there is error when you try to launch freeRADIUS with sudo freeradius -X

/etc/freeradius/sql.conf[22]: Instantiation failed for module "sql"

Then You have altered your mySQL tables from daloRADIUS but with wrong version.

For freerad Version 2.x.x use mysql -u root -p -h localhost radiusdb < fr2-mysql-daloradius-and-freeradius.sql

As for freerad Version 1.x.x use mysql -u root -p -h localhost radiusdb < fr1-mysql-daloradius-and-freeradius.sql

If you have just altered the Version1 or 2 sql schema to work with the other version your dalioRADIUS will not work and will not give error except Premission Denied when u click side menu items.

To fix it drop all the tables and import from /var/www/dalioradius.z-.x.c/contrib/db/your-version-and-schema.sql

By: apry

hallo. please help me

why = radclient: no response from server for ID 124 socket 3

thank you

Log in or Sign up

On this page