CentOS 7 FreeRadius + DaloRadius 安裝與配置
//安裝Apache和MariaDB數據庫
# yum -y update
# yum -y groupinstall "Development Tools"
# yum -y install httpd httpd-devel mariadb-server mariadb
//打開服務,設置開機運行
systemctl enable httpd
systemctl start httpd
systemctl start mariadb
systemctl enable mariadb
//初始化數據庫
#mysql_secure_installation
Set root password? [Y/n] Y
Disallow root login remotely? [Y/n] n (這裏我開啟了可以遠程訪問數據庫)
Remove test database and access to it? [Y/n] y
Reload privilege tables now? [Y/n] y
Thanks for using MariaDB!
//配置freeRADIUS的數據庫
# mysql -u root -p -e "CREATE DATABASE radius"
# mysql -u root -p -e "show databases"
MariaDB [(none)]> GRANT ALL ON radius.* To radius@localhost IDENTIFIED BY "radpass";
MariaDB [(none)]> FLUSH PRIVILEGES;
MariaDB [(none)]> \q
Bye
(2)安裝在CentOS 7的PHP 7
# cd ~
# curl '' -o setup-ius.sh
# sudo bash setup-ius.sh
# sudo yum remove php-cli mod_php php-common
# sudo apachectl restart
(3)安裝FreeRADIUS
# yum -y install freeradius freeradius-utils freeradius-mysql freeradius-sqlite
//打開Radius服務,開機自動啟動Radius服務
# systemctl start radiusd.service
# systemctl enable radiusd.service
//編輯radiusd服務文件內容
# vim /etc/systemd/system/multi-user.target.wants/radiusd.service
在Unit部分增加一條命令,其它內容保持不變
[Unit]
After=mariadb.service
//安全開啟防火墻
# systemctl enable firewalld
# systemctl start firewalld
# systemctl status firewalld
//增加永久性規則到默認區域允許http、https和RADIUS服務
# firewall-cmd --get-services | egrep 'http|https|radius'
# firewall-cmd --add-service={http,https,radius} --permanent
//更改的重新加載firewalld能生效。
# firewall-cmd --reload
(4)配置FreeRADIUS
//導入RADIUSdatabase方案填充RADIUS數據庫
# mysql -u root -p radius < /etc/raddb/mods-config/sql/main/mysql/schema.sql
//創建SQL的一條軟鏈在/etc/raddb/mods-enabled下
# ln -s /etc/raddb/mods-available/sql /etc/raddb/mods-enabled/
//配置SQL模塊/raddb/mods-available/sql並且更改數據庫連接參數到套件您的環境
# vim /etc/raddb/mods-available/sql
sql {
driver = "rlm_sql_mysql"
dialect = "mysql"
# Connection info:
server = "localhost"
port = 3306
login = "radius"
password = "radpass"
# Database table configuration for everything except Oracle
radius_db = "radius"
}
# Set to ‘yes’ to read radius clients from the database (‘nas’ table)
# Clients will ONLY be read on server startup.
read_clients = yes
# Table to keep radius client info
client_table = “nas”
//更改權限組 etc/raddb/mods-enabled/sql組對radiusd的
[root@tac-mxwireless ~]# chgrp -h radiusd /etc/raddb/mods-enabled/sql
(5)下載安裝DaloRadius
//下載DaloRadius
wget http://nchc.dl.sourceforge.net/project/daloradius/daloradius/daloradius0.9-9/daloradius-0.9-9.tar.gz
tar xf daloradius-0.9-9.tar.gz cd daloradius-0.9-9//遷移到Apache網站目錄
# mv -a daloradius-0.9-9 /var/www/html/daloradius
//導入DaloRadius 的數據庫腳本
cd /var/www/html/daloradius/contrib/dbmysql -uradius -pradpass radius < ./mysql-daloradius.sql(6)配置DaloRadius配置文件
vim /var/www/html/daloradius/library/daloradius.conf.php
#具體根據自己的參數設定
$configValues['CONFIG_DB_HOST'] = 'localhost';
$configValues['CONFIG_DB_PORT'] = '3306';
$configValues['CONFIG_DB_USER'] = 'radius';
$configValues['CONFIG_DB_PASS'] = 'radpass';
$configValues['CONFIG_DB_NAME'] = 'radius';
…………
#這個路徑和程序放置路徑有關系
$configValues['CONFIG_PATH_DALO_VARIABLE_DATA'] = '/var/www/html/daloradius/var';
(7)具體的主機配置我這裏不再介紹,啟動Web服務,找一個瀏覽器輸入:http://x.x.x.x/daloradius/login.php。從INSTALL文檔中可以看
到,第一次登錄的用戶是administrator,密碼是radius。如果生產環境使用的話一定要修改以下密碼,這個用戶的信息在表
operators裏面。
CentOS 7 FreeRadius + DaloRadius 安裝與配置