首頁>技術>

FreeRadius安裝

⼀、環境準備[root@localhost library]# cat /etc/redhat-release //檢視核心版本CentOS Linux release 7.3.1611 (Core)[root@localhost library]#

1 在開始安裝前建議關閉SELinux或將其設定為disabled,最好建議永久關閉SELinux

# sed -i 's/^SELINUX=.*/SELINUX=disabled/g' /etc/selinux/config

2 重啟系統:reboot ,重啟完成後檢視SELinux

[root@localhost library]# /usr/sbin/sestatus -vSELinux status: disabled[root@localhost library]#

3 檢視防⽕牆狀態,以及關閉防⽕牆

# firewall-cmd —-state

關閉防⽕牆及關閉開機啟動防⽕牆:直接關閉防⽕牆# systemctl stop firewalld.service禁⽌firewall開機啟動# systemctl disable firewalld.service

⼆、安裝Apache伺服器 1 安裝

# yum -y install httpd httpd-devel

2 設定開機啟動並且啟動Apache服務

# systemctl enable httpd# systemctl start httpd

3 啟動後瀏覽器輸⼊本機ip,可以看到Apache主⻚

三 、 安裝MariaDB1 安裝

# yum install -y mariadb-server mariadb

2 設定MariaDB開機啟動和啟動MariaDB服務

# systemctl start mariadb

# systemctl enable mariadb

3 檢視MariaDB狀態,running已經運⾏

# systemctl status mariadb

4 初始設定MariaDB,設定root密碼

[root@localhost ~]# mysql_secure_installation

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!

In order to log into MariaDB to secure it, we'll need the currentpassword for the root user. If you've just installed MariaDB, andyou haven't set the root password yet, the password will be blank,so you should just press enter here.

Enter current password for root (enter for none):OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MariaDBroot user without the proper authorisation.

Set root password? [Y/n] yNew password:Re-enter new password:Password updated successfully!Reloading privilege tables..... Success!

By default, a MariaDB installation has an anonymous user, allowing anyoneto log into MariaDB without having to have a user account created forthem. This is intended only for testing, and to make the installationgo a bit smoother. You should remove them before moving into aproduction environment.

Remove anonymous users? [Y/n] y... Success!

Normally, root should only be allowed to connect from 'localhost'. Thisensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] y... Success!

By default, MariaDB comes with a database named 'test' that anyone canaccess. This is also intended only for testing, and should be removedbefore moving into a production environment.

Remove test database and access to it? [Y/n] y- Dropping test database...... Success!- Removing privileges on test database...... Success!

Reloading the privilege tables will ensure that all changes made so farwill take effect immediately.

Reload privilege tables now? [Y/n] y... Success!

Cleaning up...

All done! If you've completed all of the above steps, your MariaDBinstallation should now be secure.

Thanks for using MariaDB!

5 建立Radius資料庫和⽤戶名密碼

[root@localhost ~]# mysql -u root -pEnter password:Welcome to the MariaDB monitor. Commands end with ; or \g.Your MariaDB connection id is 11Server version: 5.5.68-MariaDB MariaDB Server

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> CREATE DATABASE radius;Query OK, 1 row affected (0.00 sec)

MariaDB [(none)]> GRANT ALL ON radius.* TO radius@localhost IDENTIFIED BY "radius";Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> FLUSH PRIVILEGES;Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> exitBye[root@localhost ~]#

四 、 安裝php

1 修改yum源

# yum install epel-release -y# rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm

2 清除歷史版本為了防⽌衝突

# yum -y remove php*

3 安裝拓展包

# yum -y install php72w php72w-cli php72w-fpm php72w-common php72w-devel php72w-embedded php72w-gd php72w-mbstring php72w-mysqlnd php72w-opcache php72w-pdo php72w-xml

如果出現卡的請求ctrl+c 推出後重新執⾏命令

4 檢視php的版本

# php -v

5 測試php

Apache⽹站跟⽬錄下新建info.php⽹⻚,按Ins輸⼊內容後按esc,:wq 儲存退出

# vi /var/www/html/info.php

填⼊以下測試內容:<?php phpinfo(); ?>

6 重啟Apache伺服器,瀏覽器輸⼊php測試⻚

# systemctl restart httpd.service

瀏覽器輸⼊:http://192.168.0.107/info.php

五、安裝FreeRadius

1 安裝

# yum -y install freeradius freeradius-utils freeradius-mysql

2 啟動且設定為開機⾃啟

3 配置Freeradius連線MariaDB資料

#mysql -u root -p radius < /etc/raddb/mods-config/sql/main/mysql/schema.sql

1

4 修改FreeRadius配置⽂件

# vi /etc/raddb/mods-available/sql 修改為如下圖所示

# chgrp -h radiusd /etc/raddb/mods-available/sql //配置⽂件許可權,將所屬組更改為radiusd# systemctl restart radiusd.service //重啟radius服務

5 新增客戶端連線設定,新增允許所以⽤戶接⼊

# vi /etc/raddb/clients.conf

新增如下內容

client all_client {ipaddr = 0.0.0.0/0secret = testing123require_message_authenticator = no}

七、安裝FreeRadius管理界⾯Daloradius1 進⼊Apache⽹站根⽬錄,下載源⽂件

# cd /var/www/html/# wget https://github.com/lirantal/daloradius/archive/master.zip 如出現 -bash: wget: command not found 等就安裝相應軟體,沒出現忽略這步。# yum -y install wget# unzip master.zip //解壓# rm -f master.zip # mv daloradius-master/ /var/www/html/daloradius //移動⽂件夾

2 設定DaloRadius⽬錄許可權及屬主資訊

# chown -R apache:apache /var/www/html/daloradius# mv /var/www/html/daloradius/library/daloradius.conf.php.sample /var/www/html/daloradius/library/daloradius.conf.php. //修改php.sample為php(這個好像跟版本有關係)# chmod -R 664 /var/www/html/daloradius/library/daloradius.conf.php

3 在MariaDB中建立DaloRadius資料物件

[root@localhost html]# mysql -u root -p radius < /var/www/html/daloradius/contrib/db/fr2-mysql-daloradius-and-freeradius.sql Enter password:[root@localhost html]# mysql -u root -p radius < /var/www/html/daloradius/contrib/db/mysql-daloradius.sql Enter password:[root@localhost html]#

4 修改DaloRadius配置⽂件

# vi /var/www/html/daloradius/library/daloradius.conf.php //使⽤VI編輯器修改DaloRadius配置⽂件

5 重啟服務

# systemctl restart radiusd.service# systemctl restart mariadb.service# systemctl restart httpd

如果提示:Warning: radiusd.service changed on disk. Run 'systemctl daemon-reload' to reload units

沒有上⾯提示就忽略此步

# systemctl daemon-reload

# systemctl restart radiusd.service

⼋ 、 安裝php-pear# yum install -y php-pear-DB --skip-broken

九、登陸web⻚⾯預設⽤戶名: administrator 密碼: radius

http://192.168.0.107/daloradius/login.php新增⽤戶

windows端測試

其它事項:在其安裝過程中碰到,dologin.php 500 後查詢發現為 php-pear-DB沒有安裝,安裝後問題解決。

後檢視php錯誤資訊發現為

[root@localhost daloradius]# php dologin.phpPHP Notice: Undefined index: REMOTE_ADDR in /var/www/html/daloradius/dologin.php on line 27PHP Notice: Undefined index: location in /var/www/html/daloradius/dologin.php on line 45PHP Warning: include_once(DB.php): failed to open stream: No such file or directory in /var/www/html/daloradius/library/opendb.php on line 84PHP Warning: include_once(): Failed opening 'DB.php' for inclusion (include_path='.:/usr/share/pear:/usr/share/php') in /var/www/html/daloradius/library/opendb.php on line 84PHP Fatal error: Uncaught Error: Class 'DB' not found in /var/www/html/daloradius/library/opendb.php:86Stack trace:#0 /var/www/html/daloradius/dologin.php(49): include()#1 {main} thrown in /var/www/html/daloradius/library/opendb.php on line 86[root@localhost daloradius]#

cat /etc/httpd/logs/error_log # 檢視 http 服務的⽇志,發現有以下錯誤:PHP Fatal error: Uncaught Error: Class 'DB' not found in /var/www/html/daloradius/library/opendb.php:86\nStack trace:\n#0 /var/www/html/daloradius/dologin.php(49): include()\n#1 {main}\n thrown in /var/www/html/daloradius/library/opendb.php on line 86解決⽅法:安裝php-pear-DByum install -y php-pear-DB現在開啟瀏覽器訪問 http://your ip address//daloradius 就可以看到daloradius的界⾯了,預設登入的⽤戶名和密碼分別為 username: administrator password: radius

在其安裝過程中碰到⽤戶名密碼正確被拒:解決三部曲

1 建立軟連線

# ln -s /etc/raddb/mods-available/sql /etc/raddb/mods-enabled/ 為/etc/raddb/mods-enabled //建立軟連線

2 將raad_clients開啟 將client_table 開啟

3 重讀配置⽂件,重啟radius服務

# systemctl daemon-reload# systemctl restart radiusd.service

參考資料:

https://www.cnblogs.com/opsprobe/p/9769555.html (解決了DB沒裝報錯)

https://www.cnblogs.com/lamp01/p/10101659.html (解決php安裝)

https://www.cnblogs.com/travis-li/p/12711355.html(解決Daloradius,以及FreeRadius安裝)

22
最新評論
  • BSA-TRITC(10mg/ml) TRITC-BSA 牛血清白蛋白改性標記羅丹明
  • Python 入門系列——2. 快速入門