Freeradius startet nicht LSB: Radius Daemon konnte nicht gestartet werden


0

Ich versuche, einen Freeradius-Server einzurichten, aber wenn ich versuche, ihn zu starten

# service freeradius start
Job for freeradius.service failed because the control process exited with error code. See "systemctl status freeradius.service" and "journalctl -xe" for details.

wenn ich journalctl schreibe, bekomme ich das

-- The start-up result is done.
Dec 30 16:03:05 pppie sudo[19994]:   dilian : TTY=pts/0 ; PWD=/home/dilian ; USER=root ; COMMAND=/bin/su
Dec 30 16:03:05 pppie sudo[19994]: pam_unix(sudo:session): session opened for user root by dilian(uid=0)
Dec 30 16:03:06 pppie su[19995]: Successful su for root by root
Dec 30 16:03:06 pppie su[19995]: + /dev/pts/0 root:root
Dec 30 16:03:06 pppie su[19995]: pam_unix(su:session): session opened for user root by dilian(uid=0)
Dec 30 16:03:06 pppie su[19995]: pam_systemd(su:session): Cannot create session: Already running in a session
Dec 30 16:03:28 pppie systemd[1]: Starting LSB: Radius Daemon...
-- Subject: Unit freeradius.service has begun start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit freeradius.service has begun starting up.
Dec 30 16:03:28 pppie freeradius[20039]:  * Starting FreeRADIUS daemon freeradius
Dec 30 16:03:28 pppie freeradius[20039]:    ...fail!
Dec 30 16:03:28 pppie systemd[1]: freeradius.service: Control process exited, code=exited status=1
Dec 30 16:03:28 pppie systemd[1]: Failed to start LSB: Radius Daemon.
-- Subject: Unit freeradius.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit freeradius.service has failed.
--
-- The result is failed.
Dec 30 16:03:28 pppie systemd[1]: freeradius.service: Unit entered failed state.
Dec 30 16:03:28 pppie systemd[1]: freeradius.service: Failed with result 'exit-code'.

Und wenn ich "freeradius -X" ausprobiere, komme ich zum letzten Holzstück und es bleibt dort und macht nichts.

> # freeradius -X freeradius: FreeRADIUS Version 2.2.8, for host x86_64-pc-linux-gnu, built on Apr                                     
> 5 2016 at 13:40:43 Copyright (C) 1999-2015 The FreeRADIUS server
> project and contributors. There is NO warranty; not even for
> MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. You may
> redistribute copies of FreeRADIUS under the terms of the GNU General
> Public License. For more information about these matters, see the file
> named COPYRIGHT. Starting - reading configuration files ... including
> configuration file /etc/freeradius/radiusd.conf including
> configuration file /etc/freeradius/proxy.conf including configuration
> file /etc/freeradius/clients.conf including configuration file
> /etc/freeradius/snmp.conf including configuration file
> /etc/freeradius/nibs.conf main {
>         user = "nobody"
>         group = "nobody"
>         allow_core_dumps = no } including dictionary file /etc/freeradius/dictionary main {
>         name = "radiusd"
>         prefix = "/usr/local"
>         localstatedir = "/var"
>         sbindir = "/usr/local/sbin"
>         logdir = "/var/log"
>         run_dir = "/var/run/radiusd"
>         libdir = "/usr/local/lib"
>         radacctdir = "/var/log/radacct"
>         hostname_lookups = no
>         max_request_time = 30
>         cleanup_delay = 5
>         max_requests = 1024
>         pidfile = "/var/run/radiusd/radiusd.pid"
>         checkrad = "/usr/local/sbin/checkrad"
>         debug_level = 0
>         proxy_requests = no
>         log_auth = no
>         log_auth_badpass = yes
>         log_auth_goodpass = yes
>         log_stripped_names = no  security {
>         max_attributes = 200
>         reject_delay = 1
>         status_server = no
>         allow_vulnerable_openssl = no  } } radiusd: #### Loading Realms and Home Servers ####  proxy server {
>         retry_delay = 5
>         retry_count = 3
>         default_fallback = no
>         dead_time = 120
>         wake_all_if_all_dead = no  }  home_server localhost {
>         ipaddr = 127.0.0.1
>         port = 1812
>         type = "auth"
>         secret = "testing123"
>         response_window = 20
>         max_outstanding = 65536
>         require_message_authenticator = yes
>         zombie_period = 40
>         status_check = "status-server"
>         ping_interval = 30
>         check_interval = 30
>         num_answers_to_alive = 3
>         num_pings_to_alive = 3
>         revive_interval = 120
>         status_check_timeout = 4   coa {
>         irt = 2
>         mrt = 16
>         mrc = 5
>         mrd = 30   }  }  home_server_pool my_auth_failover {
>         type = fail-over
>         home_server = localhost  }  realm example.com {
>         auth_pool = my_auth_failover  }  realm LOCAL {  } radiusd: #### Loading Clients ####  client localhost {
>         ipaddr = 127.0.0.1
>         require_message_authenticator = no
>         secret = "testing123"
>         nastype = "other"  } radiusd: #### Instantiating modules ####  instantiate {  Module: Linked to module rlm_exec  Module:
> Instantiating module "exec" from file /etc/freeradius/radiusd.conf  
> exec {
>         wait = yes
>         input_pairs = "request"
>         shell_escape = yes   }  Module: Linked to module rlm_expr  Module: Instantiating module "expr" from file
> /etc/freeradius/radiusd.conf  } radiusd: #### Loading Virtual Servers
> #### server { # from file /etc/freeradius/radiusd.conf  modules {  } # modules } # server radiusd: #### Opening IP addresses and Ports ####
>         bind_address = * WARNING: The directive 'bind_address' is deprecated, and will be removed in futu                               
> re versions of FreeRADIUS. Please edit the configuration files to use
> the direct                                                            
> ive 'listen'. Listening on authentication address * port 1812
> Listening on accounting address * port 1813 Ready to process requests.

Es gibt keine Fehlermeldung und ich weiß nicht, was ich tun soll, um das Problem zu beheben. Ich benutze Ubuntu Server 16.04

wenn jemand eine idee hat was ist falsch? 10x für deine Zeit.


Wenn ich es versuche

root@pppie:/home/dilian# freeradius -f -lstdout -XXX
Fri Jan  6 14:05:36 2017 : Info: freeradius: FreeRADIUS Version 2.2.8, for host x86_64-pc-linux-gnu, built on Apr  5 2016 at 13:40:43
Fri Jan  6 14:05:36 2017 : Debug: Server was built with:
Fri Jan  6 14:05:36 2017 : Debug:   accounting
Fri Jan  6 14:05:36 2017 : Debug:   authentication
Fri Jan  6 14:05:36 2017 : Debug:  WITH_DHCP
Fri Jan  6 14:05:36 2017 : Debug:  WITH_VMPS
Fri Jan  6 14:05:36 2017 : Debug: Server core libs:
Fri Jan  6 14:05:36 2017 : Debug:   ssl: OpenSSL 1.0.2g  1 Mar 2016
Fri Jan  6 14:05:36 2017 : Info: Copyright (C) 1999-2015 The FreeRADIUS server project and contributors.
Fri Jan  6 14:05:36 2017 : Info: There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
Fri Jan  6 14:05:36 2017 : Info: PARTICULAR PURPOSE.
Fri Jan  6 14:05:36 2017 : Info: You may redistribute copies of FreeRADIUS under the terms of the
Fri Jan  6 14:05:36 2017 : Info: GNU General Public License.
Fri Jan  6 14:05:36 2017 : Info: For more information about these matters, see the file named COPYRIGHT.
Fri Jan  6 14:05:36 2017 : Info: Starting - reading configuration files ...
Fri Jan  6 14:05:36 2017 : Debug: including configuration file /etc/freeradius/radiusd.conf
Fri Jan  6 14:05:36 2017 : Debug: including configuration file /etc/freeradius/proxy.conf
Fri Jan  6 14:05:36 2017 : Debug: including configuration file /etc/freeradius/clients.conf
Fri Jan  6 14:05:36 2017 : Debug: including configuration file /etc/freeradius/snmp.conf
Fri Jan  6 14:05:36 2017 : Debug: including configuration file /etc/freeradius/nibs.conf
Fri Jan  6 14:05:36 2017 : Debug: main {
Fri Jan  6 14:05:36 2017 : Debug:       user = "nobody"
Fri Jan  6 14:05:36 2017 : Debug:       group = "nobody"
Fri Jan  6 14:05:36 2017 : Debug:       allow_core_dumps = no
Fri Jan  6 14:05:36 2017 : Debug: }
Fri Jan  6 14:05:36 2017 : Debug: including dictionary file /etc/freeradius/dictionary
Fri Jan  6 14:05:36 2017 : Debug: main {
Fri Jan  6 14:05:36 2017 : Debug:       name = "radiusd"
Fri Jan  6 14:05:36 2017 : Debug:       prefix = "/usr/local"
Fri Jan  6 14:05:36 2017 : Debug:       localstatedir = "/var"
Fri Jan  6 14:05:36 2017 : Debug:       sbindir = "/usr/local/sbin"
Fri Jan  6 14:05:36 2017 : Debug:       logdir = "/var/log"
Fri Jan  6 14:05:36 2017 : Debug:       run_dir = "/var/run/radiusd"
Fri Jan  6 14:05:36 2017 : Debug:       libdir = "/usr/local/lib"
Fri Jan  6 14:05:36 2017 : Debug:       radacctdir = "/var/log/radacct"
Fri Jan  6 14:05:36 2017 : Debug:       hostname_lookups = no
Fri Jan  6 14:05:36 2017 : Debug:       max_request_time = 30
Fri Jan  6 14:05:36 2017 : Debug:       cleanup_delay = 5
Fri Jan  6 14:05:36 2017 : Debug:       max_requests = 1024
Fri Jan  6 14:05:36 2017 : Debug:       pidfile = "/var/run/radiusd/radiusd.pid"
Fri Jan  6 14:05:36 2017 : Debug:       checkrad = "/usr/local/sbin/checkrad"
Fri Jan  6 14:05:36 2017 : Debug:       debug_level = 0
Fri Jan  6 14:05:36 2017 : Debug:       proxy_requests = no
Fri Jan  6 14:05:36 2017 : Debug:       log_auth = no
Fri Jan  6 14:05:36 2017 : Debug:       log_auth_badpass = yes
Fri Jan  6 14:05:36 2017 : Debug:       log_auth_goodpass = yes
Fri Jan  6 14:05:36 2017 : Debug:       log_stripped_names = no
Fri Jan  6 14:05:36 2017 : Debug:  security {
Fri Jan  6 14:05:36 2017 : Debug:       max_attributes = 200
Fri Jan  6 14:05:36 2017 : Debug:       reject_delay = 1
Fri Jan  6 14:05:36 2017 : Debug:       status_server = no
Fri Jan  6 14:05:36 2017 : Debug:       allow_vulnerable_openssl = no
Fri Jan  6 14:05:36 2017 : Debug:  }
Fri Jan  6 14:05:36 2017 : Debug: }
Fri Jan  6 14:05:36 2017 : Debug: radiusd: #### Loading Realms and Home Servers ####
Fri Jan  6 14:05:36 2017 : Debug:  proxy server {
Fri Jan  6 14:05:36 2017 : Debug:       retry_delay = 5
Fri Jan  6 14:05:36 2017 : Debug:       retry_count = 3
Fri Jan  6 14:05:36 2017 : Debug:       default_fallback = no
Fri Jan  6 14:05:36 2017 : Debug:       dead_time = 120
Fri Jan  6 14:05:36 2017 : Debug:       wake_all_if_all_dead = no
Fri Jan  6 14:05:36 2017 : Debug:  }
Fri Jan  6 14:05:36 2017 : Debug:  home_server localhost {
Fri Jan  6 14:05:36 2017 : Debug:       ipaddr = 127.0.0.1
Fri Jan  6 14:05:36 2017 : Debug:       port = 1812
Fri Jan  6 14:05:36 2017 : Debug:       type = "auth"
Fri Jan  6 14:05:36 2017 : Debug:       secret = "testing123"
Fri Jan  6 14:05:36 2017 : Debug:       response_window = 20
Fri Jan  6 14:05:36 2017 : Debug:       max_outstanding = 65536
Fri Jan  6 14:05:36 2017 : Debug:       require_message_authenticator = yes
Fri Jan  6 14:05:36 2017 : Debug:       zombie_period = 40
Fri Jan  6 14:05:36 2017 : Debug:       status_check = "status-server"
Fri Jan  6 14:05:36 2017 : Debug:       ping_interval = 30
Fri Jan  6 14:05:36 2017 : Debug:       check_interval = 30
Fri Jan  6 14:05:36 2017 : Debug:       num_answers_to_alive = 3
Fri Jan  6 14:05:36 2017 : Debug:       num_pings_to_alive = 3
Fri Jan  6 14:05:36 2017 : Debug:       revive_interval = 120
Fri Jan  6 14:05:36 2017 : Debug:       status_check_timeout = 4
Fri Jan  6 14:05:36 2017 : Debug:   coa {
Fri Jan  6 14:05:36 2017 : Debug:       irt = 2
Fri Jan  6 14:05:36 2017 : Debug:       mrt = 16
Fri Jan  6 14:05:36 2017 : Debug:       mrc = 5
Fri Jan  6 14:05:36 2017 : Debug:       mrd = 30
Fri Jan  6 14:05:36 2017 : Debug:   }
Fri Jan  6 14:05:36 2017 : Debug:  }
Fri Jan  6 14:05:36 2017 : Debug:  home_server_pool my_auth_failover {
Fri Jan  6 14:05:36 2017 : Debug:       type = fail-over
Fri Jan  6 14:05:36 2017 : Debug:       home_server = localhost
Fri Jan  6 14:05:36 2017 : Debug:  }
Fri Jan  6 14:05:36 2017 : Debug:  realm example.com {
Fri Jan  6 14:05:36 2017 : Debug:       auth_pool = my_auth_failover
Fri Jan  6 14:05:36 2017 : Debug:  }
Fri Jan  6 14:05:36 2017 : Debug:  realm LOCAL {
Fri Jan  6 14:05:36 2017 : Debug:  }
Fri Jan  6 14:05:36 2017 : Debug: radiusd: #### Loading Clients ####
Fri Jan  6 14:05:36 2017 : Debug:  client localhost {
Fri Jan  6 14:05:36 2017 : Debug:       ipaddr = 127.0.0.1
Fri Jan  6 14:05:36 2017 : Debug:       require_message_authenticator = no
Fri Jan  6 14:05:36 2017 : Debug:       secret = "testing123"
Fri Jan  6 14:05:36 2017 : Debug:       nastype = "other"
Fri Jan  6 14:05:36 2017 : Debug:  }
Fri Jan  6 14:05:36 2017 : Debug: radiusd: #### Instantiating modules ####
Fri Jan  6 14:05:36 2017 : Debug:  instantiate {
Fri Jan  6 14:05:36 2017 : Debug:     (Loaded rlm_exec, checking if it's valid)
Fri Jan  6 14:05:36 2017 : Debug:  Module: Linked to module rlm_exec
Fri Jan  6 14:05:36 2017 : Debug:  Module: Instantiating module "exec" from file /etc/freeradius/radiusd.conf
Fri Jan  6 14:05:36 2017 : Debug:   exec {
Fri Jan  6 14:05:36 2017 : Debug:       wait = yes
Fri Jan  6 14:05:36 2017 : Debug:       input_pairs = "request"
Fri Jan  6 14:05:36 2017 : Debug:       shell_escape = yes
Fri Jan  6 14:05:36 2017 : Debug:   }
Fri Jan  6 14:05:36 2017 : Debug:     (Loaded rlm_expr, checking if it's valid)
Fri Jan  6 14:05:36 2017 : Debug:  Module: Linked to module rlm_expr
Fri Jan  6 14:05:36 2017 : Debug:  Module: Instantiating module "expr" from file /etc/freeradius/radiusd.conf
Fri Jan  6 14:05:36 2017 : Debug:  }
Fri Jan  6 14:05:36 2017 : Debug: radiusd: #### Loading Virtual Servers ####
Fri Jan  6 14:05:36 2017 : Debug: server { # from file /etc/freeradius/radiusd.conf
Fri Jan  6 14:05:36 2017 : Debug:  modules {
Fri Jan  6 14:05:36 2017 : Debug:  } # modules
Fri Jan  6 14:05:36 2017 : Debug: } # server
Fri Jan  6 14:05:36 2017 : Debug: radiusd: #### Opening IP addresses and Ports ####
Fri Jan  6 14:05:36 2017 : Debug:       bind_address = *
Fri Jan  6 14:05:36 2017 : Info: WARNING: The directive 'bind_address' is deprecated, and will be removed in future versions of FreeRADIUS. Please edit the configuration files to use the directive 'listen'.
Fri Jan  6 14:05:36 2017 : Debug: Listening on authentication address * port 1812
Fri Jan  6 14:05:36 2017 : Debug: Listening on accounting address * port 1813
Fri Jan  6 14:05:36 2017 : Info: Ready to process requests.

und wieder bleibt es in der Zeile Bereit, um Anforderungen zu verarbeiten.

Wenn ich versuche, es mit zu beginnen:

root@pppie:/home/dilian# /etc/init.d/freeradius start
[....] Starting freeradius (via systemctl): freeradius.serviceJob for freeradius.service failed because the control process exited with error code. See "systemctl status freeradius.service" and "journalctl -xe" for details.
 failed!

Ich laufe als root

Antworten:


0

Sehr wahrscheinlich ein Berechtigungsproblem.

Mit -X wechselt der FreeRADIUS-Prozess nicht den Benutzer, sondern läuft wie derjenige, der ihn ausgeführt hat.

Freeradius starten mit:

-f -lstdout -xxx
  • -f Im Vordergrund laufen
  • -lstdout logge dich in stdout ein
  • -xxx Setzen Sie die Ausführlichkeit der Protokollierung auf den gleichen Wert wie -X

Es wird dann mit der konfigurierten UID / GID ausgeführt.


0

Mein erster Versuch war, den lokalen Host zu verwenden. Die Kundendaten, die ich für den localhost verwendet habe, waren die Quelle meines Problems.

Als ich Folgendes für den Test-Client eingegeben habe:

client 127.0.0.1 {secret = mysecret short name = localhost nastype = other}

Der Dienst wurde gestartet und ich konnte die Installation unter Ubuntu 16.04 abschließen

Durch die Nutzung unserer Website bestätigen Sie, dass Sie unsere Cookie-Richtlinie und Datenschutzrichtlinie gelesen und verstanden haben.
Licensed under cc by-sa 3.0 with attribution required.