Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Fetching contributors…

Octocat-spinner-32-eaf2f5

Cannot retrieve contributors at this time

file 135 lines (97 sloc) 5.73 kb
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134
1. INSTALLATION

  Ignore this file if you have a pre-installed binary package.


1a. SIMPLE INSTALLATION

  If you do not need to modify the default configuration, then take
the following steps to build and install the server:


$ ./configure
$ make
$ make install

  Note that in this release, the location of the dictionary files has
changed, to /usr/local/share/freeradius/dictionary. Please ensure
that /etc/raddb/dictionary is THE SAME as ./raddb/dictionary. If not,
you will have to copy it over by hand;

$ cp ./raddb/dictionary /etc/raddb/dictionary

  If you see errors like 'invalid keyword "ATTRIB_NMC"', then you
should update the main dictionary file as described above.

  Once the main dictionary file has been updated, and the server has
been verified to work, all of the other (old) dictionary files in
/etc/raddb may be deleted.


1b. CUSTOM INSTALLATION

  FreeRADIUS has autoconf support. This means you have to run
./configure, and then run make. To see which configuration options
are supported, run './configure --help', and read it's output. The
following list is a selection from the available flags:

  --enable-shared[=PKGS] build shared libraries [default=yes]
  --enable-static[=PKGS] build static libraries [default=yes]
  --enable-fast-install[=PKGS] optimize for fast installation [default=yes]
  --with-logdir=DIR Directory for logfiles [LOCALSTATEDIR/log]
  --with-radacctdir=PATH Directory for detail files [LOGDIR/radacct]
  --with-raddbdir=DIR Directory for config files [SYSCONFDIR/raddb]
  --with-threads Use threads, if available. (default=yes)
  --with-snmp Compile in SNMP support. (default=yes)
  --disable-ltdl-install Do not install libltdl
  --with-experimental-modules Use experimental and unstable modules. (default=no)
  --enable-developer Turns on super-duper-extra-compile-warnings
                              when using gcc.

  To get the defaults that Cistron Radius used up to 1.5.4.3-beta18, use:

./configure --localstatedir=/var --sysconfdir=/etc

  That means binaries will get installed in /usr/local/{bin,sbin},
manpages in /usr/local/man, configuration files in /etc/raddb, and
logfiles in /var/log and /var/log/radacct.

  Now type "make". The binaries will be compiled.

  Then do "make install". That will install the binaries, the 'man'
pages, and MAY install the configuration files. If you have not
installed a RADIUS server before, then the configuration files for
FreeRADIUS will be installed. If you already have a RADIUS server
installed, then FreeRADIUS WILL NOT over-write your current
configuration. It will warn you about the files it could not install.

  If you DO see a warning message about files that could not be
installed, then you should manually 'diff' the files. There MAY be
changes in the dictionary files which are REQUIRED for a new version
of the software. These files will NOT be installed over your current
configuration, so you MUST verify and install any problem files by
hand.

  It is EXTREMELY helpful to read the output of both 'configure',
'make', and 'make install'. If a particular module you expected to be
installed was NOT installed, then the output of the
'configure;make;make install' sequence will tell you why that module
was not installed. Please do NOT post questions to the FreeRADIUS
users list without carefully reading the output of this process.


2. RUNNING THE SERVER

  If the server builds and installs, but doesn't run correctly, then
you may use debugging mode to figure out the problem.

  This is your BEST HOPE for understanding the problem. Read ALL of
the messages which are printed to the screen, the answer to your
problem will often be in a warning or error message.

  We really can't emphasize that last sentence enough. Configuring a
RADIUS server for complex local authentication isn't a trivial task.
Your ONLY method for debugging it is to read the debug messages, where
the server will tell you exactly what it's doing, and why. You should
then compare its behaviour to what you intended, and edit the
configuration files as appropriate.

  If you don't use debugging mode, then you will look dumb when you
ask questions on the 'freeradius-users' list, and the answer to your
question was contained in the debug messages you posted to the list.

   Since the main developers of FreeRADIUS use debugging mode to track
down their configuration problems with the server, it's a good idea
for you to use it, too. If you don't, there is little hope for you to
solve ANY configuration problem related to the server.

  To start the server in debugging mode, do:

$ radiusd -X

  You should see a lot of text printed on the screen as it starts up.
If you don't, or if you see error messages, please read the FAQ:

http://www.freeradius.org/faq/

  If the server says "Ready to process requests.", then it is running
properly. From another shell (or another window), type:

$ radtest test test localhost 0 testing123

  You should see the server print out more messages as it receives the
request, and responds to it. The 'radtest' program should receive the
response within a few seconds. It doesn't matter if the
authentication request is accepted or rejected, what matters is that
the server received the request, and responded to it.

  You can now edit the 'radiusd.conf' file for your local system.
Please read the ENTIRE file carefully, as many configuration options
are only documented in comments in the file.

  Configuring and running the server MAY be complicated. Please read
the documentation in the doc/ directory for further information. If
you have any issues, the FAQ is also a good place to check.
Something went wrong with that request. Please try again.