Freeradius não inicia Falha ao iniciar LSB: Radius Daemon

0

Eu tento configurar um servidor Freeradius, mas quando eu tento iniciá-lo com

# service freeradius start
Job for freeradius.service failed because the control process exited with error code. See "systemctl status freeradius.service" and "journalctl -xe" for details.

quando eu escrevo journalctl eu recebo isso

-- The start-up result is done.
Dec 30 16:03:05 pppie sudo[19994]:   dilian : TTY=pts/0 ; PWD=/home/dilian ; USER=root ; COMMAND=/bin/su
Dec 30 16:03:05 pppie sudo[19994]: pam_unix(sudo:session): session opened for user root by dilian(uid=0)
Dec 30 16:03:06 pppie su[19995]: Successful su for root by root
Dec 30 16:03:06 pppie su[19995]: + /dev/pts/0 root:root
Dec 30 16:03:06 pppie su[19995]: pam_unix(su:session): session opened for user root by dilian(uid=0)
Dec 30 16:03:06 pppie su[19995]: pam_systemd(su:session): Cannot create session: Already running in a session
Dec 30 16:03:28 pppie systemd[1]: Starting LSB: Radius Daemon...
-- Subject: Unit freeradius.service has begun start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit freeradius.service has begun starting up.
Dec 30 16:03:28 pppie freeradius[20039]:  * Starting FreeRADIUS daemon freeradius
Dec 30 16:03:28 pppie freeradius[20039]:    ...fail!
Dec 30 16:03:28 pppie systemd[1]: freeradius.service: Control process exited, code=exited status=1
Dec 30 16:03:28 pppie systemd[1]: Failed to start LSB: Radius Daemon.
-- Subject: Unit freeradius.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit freeradius.service has failed.
--
-- The result is failed.
Dec 30 16:03:28 pppie systemd[1]: freeradius.service: Unit entered failed state.
Dec 30 16:03:28 pppie systemd[1]: freeradius.service: Failed with result 'exit-code'.

E quando eu tento "freeradius -X" eu chego na última linha e ela fica lá sem fazer nada.

> # freeradius -X freeradius: FreeRADIUS Version 2.2.8, for host x86_64-pc-linux-gnu, built on Apr                                     
> 5 2016 at 13:40:43 Copyright (C) 1999-2015 The FreeRADIUS server
> project and contributors. There is NO warranty; not even for
> MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. You may
> redistribute copies of FreeRADIUS under the terms of the GNU General
> Public License. For more information about these matters, see the file
> named COPYRIGHT. Starting - reading configuration files ... including
> configuration file /etc/freeradius/radiusd.conf including
> configuration file /etc/freeradius/proxy.conf including configuration
> file /etc/freeradius/clients.conf including configuration file
> /etc/freeradius/snmp.conf including configuration file
> /etc/freeradius/nibs.conf main {
>         user = "nobody"
>         group = "nobody"
>         allow_core_dumps = no } including dictionary file /etc/freeradius/dictionary main {
>         name = "radiusd"
>         prefix = "/usr/local"
>         localstatedir = "/var"
>         sbindir = "/usr/local/sbin"
>         logdir = "/var/log"
>         run_dir = "/var/run/radiusd"
>         libdir = "/usr/local/lib"
>         radacctdir = "/var/log/radacct"
>         hostname_lookups = no
>         max_request_time = 30
>         cleanup_delay = 5
>         max_requests = 1024
>         pidfile = "/var/run/radiusd/radiusd.pid"
>         checkrad = "/usr/local/sbin/checkrad"
>         debug_level = 0
>         proxy_requests = no
>         log_auth = no
>         log_auth_badpass = yes
>         log_auth_goodpass = yes
>         log_stripped_names = no  security {
>         max_attributes = 200
>         reject_delay = 1
>         status_server = no
>         allow_vulnerable_openssl = no  } } radiusd: #### Loading Realms and Home Servers ####  proxy server {
>         retry_delay = 5
>         retry_count = 3
>         default_fallback = no
>         dead_time = 120
>         wake_all_if_all_dead = no  }  home_server localhost {
>         ipaddr = 127.0.0.1
>         port = 1812
>         type = "auth"
>         secret = "testing123"
>         response_window = 20
>         max_outstanding = 65536
>         require_message_authenticator = yes
>         zombie_period = 40
>         status_check = "status-server"
>         ping_interval = 30
>         check_interval = 30
>         num_answers_to_alive = 3
>         num_pings_to_alive = 3
>         revive_interval = 120
>         status_check_timeout = 4   coa {
>         irt = 2
>         mrt = 16
>         mrc = 5
>         mrd = 30   }  }  home_server_pool my_auth_failover {
>         type = fail-over
>         home_server = localhost  }  realm example.com {
>         auth_pool = my_auth_failover  }  realm LOCAL {  } radiusd: #### Loading Clients ####  client localhost {
>         ipaddr = 127.0.0.1
>         require_message_authenticator = no
>         secret = "testing123"
>         nastype = "other"  } radiusd: #### Instantiating modules ####  instantiate {  Module: Linked to module rlm_exec  Module:
> Instantiating module "exec" from file /etc/freeradius/radiusd.conf  
> exec {
>         wait = yes
>         input_pairs = "request"
>         shell_escape = yes   }  Module: Linked to module rlm_expr  Module: Instantiating module "expr" from file
> /etc/freeradius/radiusd.conf  } radiusd: #### Loading Virtual Servers
> #### server { # from file /etc/freeradius/radiusd.conf  modules {  } # modules } # server radiusd: #### Opening IP addresses and Ports ####
>         bind_address = * WARNING: The directive 'bind_address' is deprecated, and will be removed in futu                               
> re versions of FreeRADIUS. Please edit the configuration files to use
> the direct                                                            
> ive 'listen'. Listening on authentication address * port 1812
> Listening on accounting address * port 1813 Ready to process requests.

não há erro msg e não sei o que fazer para corrigir ... estou usando o servidor Ubuntu 16.04

se alguém tiver uma ideia do que está errado? 10x pelo seu tempo.

Quando eu tento

root@pppie:/home/dilian# freeradius -f -lstdout -XXX
Fri Jan  6 14:05:36 2017 : Info: freeradius: FreeRADIUS Version 2.2.8, for host x86_64-pc-linux-gnu, built on Apr  5 2016 at 13:40:43
Fri Jan  6 14:05:36 2017 : Debug: Server was built with:
Fri Jan  6 14:05:36 2017 : Debug:   accounting
Fri Jan  6 14:05:36 2017 : Debug:   authentication
Fri Jan  6 14:05:36 2017 : Debug:  WITH_DHCP
Fri Jan  6 14:05:36 2017 : Debug:  WITH_VMPS
Fri Jan  6 14:05:36 2017 : Debug: Server core libs:
Fri Jan  6 14:05:36 2017 : Debug:   ssl: OpenSSL 1.0.2g  1 Mar 2016
Fri Jan  6 14:05:36 2017 : Info: Copyright (C) 1999-2015 The FreeRADIUS server project and contributors.
Fri Jan  6 14:05:36 2017 : Info: There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
Fri Jan  6 14:05:36 2017 : Info: PARTICULAR PURPOSE.
Fri Jan  6 14:05:36 2017 : Info: You may redistribute copies of FreeRADIUS under the terms of the
Fri Jan  6 14:05:36 2017 : Info: GNU General Public License.
Fri Jan  6 14:05:36 2017 : Info: For more information about these matters, see the file named COPYRIGHT.
Fri Jan  6 14:05:36 2017 : Info: Starting - reading configuration files ...
Fri Jan  6 14:05:36 2017 : Debug: including configuration file /etc/freeradius/radiusd.conf
Fri Jan  6 14:05:36 2017 : Debug: including configuration file /etc/freeradius/proxy.conf
Fri Jan  6 14:05:36 2017 : Debug: including configuration file /etc/freeradius/clients.conf
Fri Jan  6 14:05:36 2017 : Debug: including configuration file /etc/freeradius/snmp.conf
Fri Jan  6 14:05:36 2017 : Debug: including configuration file /etc/freeradius/nibs.conf
Fri Jan  6 14:05:36 2017 : Debug: main {
Fri Jan  6 14:05:36 2017 : Debug:       user = "nobody"
Fri Jan  6 14:05:36 2017 : Debug:       group = "nobody"
Fri Jan  6 14:05:36 2017 : Debug:       allow_core_dumps = no
Fri Jan  6 14:05:36 2017 : Debug: }
Fri Jan  6 14:05:36 2017 : Debug: including dictionary file /etc/freeradius/dictionary
Fri Jan  6 14:05:36 2017 : Debug: main {
Fri Jan  6 14:05:36 2017 : Debug:       name = "radiusd"
Fri Jan  6 14:05:36 2017 : Debug:       prefix = "/usr/local"
Fri Jan  6 14:05:36 2017 : Debug:       localstatedir = "/var"
Fri Jan  6 14:05:36 2017 : Debug:       sbindir = "/usr/local/sbin"
Fri Jan  6 14:05:36 2017 : Debug:       logdir = "/var/log"
Fri Jan  6 14:05:36 2017 : Debug:       run_dir = "/var/run/radiusd"
Fri Jan  6 14:05:36 2017 : Debug:       libdir = "/usr/local/lib"
Fri Jan  6 14:05:36 2017 : Debug:       radacctdir = "/var/log/radacct"
Fri Jan  6 14:05:36 2017 : Debug:       hostname_lookups = no
Fri Jan  6 14:05:36 2017 : Debug:       max_request_time = 30
Fri Jan  6 14:05:36 2017 : Debug:       cleanup_delay = 5
Fri Jan  6 14:05:36 2017 : Debug:       max_requests = 1024
Fri Jan  6 14:05:36 2017 : Debug:       pidfile = "/var/run/radiusd/radiusd.pid"
Fri Jan  6 14:05:36 2017 : Debug:       checkrad = "/usr/local/sbin/checkrad"
Fri Jan  6 14:05:36 2017 : Debug:       debug_level = 0
Fri Jan  6 14:05:36 2017 : Debug:       proxy_requests = no
Fri Jan  6 14:05:36 2017 : Debug:       log_auth = no
Fri Jan  6 14:05:36 2017 : Debug:       log_auth_badpass = yes
Fri Jan  6 14:05:36 2017 : Debug:       log_auth_goodpass = yes
Fri Jan  6 14:05:36 2017 : Debug:       log_stripped_names = no
Fri Jan  6 14:05:36 2017 : Debug:  security {
Fri Jan  6 14:05:36 2017 : Debug:       max_attributes = 200
Fri Jan  6 14:05:36 2017 : Debug:       reject_delay = 1
Fri Jan  6 14:05:36 2017 : Debug:       status_server = no
Fri Jan  6 14:05:36 2017 : Debug:       allow_vulnerable_openssl = no
Fri Jan  6 14:05:36 2017 : Debug:  }
Fri Jan  6 14:05:36 2017 : Debug: }
Fri Jan  6 14:05:36 2017 : Debug: radiusd: #### Loading Realms and Home Servers ####
Fri Jan  6 14:05:36 2017 : Debug:  proxy server {
Fri Jan  6 14:05:36 2017 : Debug:       retry_delay = 5
Fri Jan  6 14:05:36 2017 : Debug:       retry_count = 3
Fri Jan  6 14:05:36 2017 : Debug:       default_fallback = no
Fri Jan  6 14:05:36 2017 : Debug:       dead_time = 120
Fri Jan  6 14:05:36 2017 : Debug:       wake_all_if_all_dead = no
Fri Jan  6 14:05:36 2017 : Debug:  }
Fri Jan  6 14:05:36 2017 : Debug:  home_server localhost {
Fri Jan  6 14:05:36 2017 : Debug:       ipaddr = 127.0.0.1
Fri Jan  6 14:05:36 2017 : Debug:       port = 1812
Fri Jan  6 14:05:36 2017 : Debug:       type = "auth"
Fri Jan  6 14:05:36 2017 : Debug:       secret = "testing123"
Fri Jan  6 14:05:36 2017 : Debug:       response_window = 20
Fri Jan  6 14:05:36 2017 : Debug:       max_outstanding = 65536
Fri Jan  6 14:05:36 2017 : Debug:       require_message_authenticator = yes
Fri Jan  6 14:05:36 2017 : Debug:       zombie_period = 40
Fri Jan  6 14:05:36 2017 : Debug:       status_check = "status-server"
Fri Jan  6 14:05:36 2017 : Debug:       ping_interval = 30
Fri Jan  6 14:05:36 2017 : Debug:       check_interval = 30
Fri Jan  6 14:05:36 2017 : Debug:       num_answers_to_alive = 3
Fri Jan  6 14:05:36 2017 : Debug:       num_pings_to_alive = 3
Fri Jan  6 14:05:36 2017 : Debug:       revive_interval = 120
Fri Jan  6 14:05:36 2017 : Debug:       status_check_timeout = 4
Fri Jan  6 14:05:36 2017 : Debug:   coa {
Fri Jan  6 14:05:36 2017 : Debug:       irt = 2
Fri Jan  6 14:05:36 2017 : Debug:       mrt = 16
Fri Jan  6 14:05:36 2017 : Debug:       mrc = 5
Fri Jan  6 14:05:36 2017 : Debug:       mrd = 30
Fri Jan  6 14:05:36 2017 : Debug:   }
Fri Jan  6 14:05:36 2017 : Debug:  }
Fri Jan  6 14:05:36 2017 : Debug:  home_server_pool my_auth_failover {
Fri Jan  6 14:05:36 2017 : Debug:       type = fail-over
Fri Jan  6 14:05:36 2017 : Debug:       home_server = localhost
Fri Jan  6 14:05:36 2017 : Debug:  }
Fri Jan  6 14:05:36 2017 : Debug:  realm example.com {
Fri Jan  6 14:05:36 2017 : Debug:       auth_pool = my_auth_failover
Fri Jan  6 14:05:36 2017 : Debug:  }
Fri Jan  6 14:05:36 2017 : Debug:  realm LOCAL {
Fri Jan  6 14:05:36 2017 : Debug:  }
Fri Jan  6 14:05:36 2017 : Debug: radiusd: #### Loading Clients ####
Fri Jan  6 14:05:36 2017 : Debug:  client localhost {
Fri Jan  6 14:05:36 2017 : Debug:       ipaddr = 127.0.0.1
Fri Jan  6 14:05:36 2017 : Debug:       require_message_authenticator = no
Fri Jan  6 14:05:36 2017 : Debug:       secret = "testing123"
Fri Jan  6 14:05:36 2017 : Debug:       nastype = "other"
Fri Jan  6 14:05:36 2017 : Debug:  }
Fri Jan  6 14:05:36 2017 : Debug: radiusd: #### Instantiating modules ####
Fri Jan  6 14:05:36 2017 : Debug:  instantiate {
Fri Jan  6 14:05:36 2017 : Debug:     (Loaded rlm_exec, checking if it's valid)
Fri Jan  6 14:05:36 2017 : Debug:  Module: Linked to module rlm_exec
Fri Jan  6 14:05:36 2017 : Debug:  Module: Instantiating module "exec" from file /etc/freeradius/radiusd.conf
Fri Jan  6 14:05:36 2017 : Debug:   exec {
Fri Jan  6 14:05:36 2017 : Debug:       wait = yes
Fri Jan  6 14:05:36 2017 : Debug:       input_pairs = "request"
Fri Jan  6 14:05:36 2017 : Debug:       shell_escape = yes
Fri Jan  6 14:05:36 2017 : Debug:   }
Fri Jan  6 14:05:36 2017 : Debug:     (Loaded rlm_expr, checking if it's valid)
Fri Jan  6 14:05:36 2017 : Debug:  Module: Linked to module rlm_expr
Fri Jan  6 14:05:36 2017 : Debug:  Module: Instantiating module "expr" from file /etc/freeradius/radiusd.conf
Fri Jan  6 14:05:36 2017 : Debug:  }
Fri Jan  6 14:05:36 2017 : Debug: radiusd: #### Loading Virtual Servers ####
Fri Jan  6 14:05:36 2017 : Debug: server { # from file /etc/freeradius/radiusd.conf
Fri Jan  6 14:05:36 2017 : Debug:  modules {
Fri Jan  6 14:05:36 2017 : Debug:  } # modules
Fri Jan  6 14:05:36 2017 : Debug: } # server
Fri Jan  6 14:05:36 2017 : Debug: radiusd: #### Opening IP addresses and Ports ####
Fri Jan  6 14:05:36 2017 : Debug:       bind_address = *
Fri Jan  6 14:05:36 2017 : Info: WARNING: The directive 'bind_address' is deprecated, and will be removed in future versions of FreeRADIUS. Please edit the configuration files to use the directive 'listen'.
Fri Jan  6 14:05:36 2017 : Debug: Listening on authentication address * port 1812
Fri Jan  6 14:05:36 2017 : Debug: Listening on accounting address * port 1813
Fri Jan  6 14:05:36 2017 : Info: Ready to process requests.

e novamente fica na linha Pronto para processar solicitações.

Quando tento iniciar com:

root@pppie:/home/dilian# /etc/init.d/freeradius start
[....] Starting freeradius (via systemctl): freeradius.serviceJob for freeradius.service failed because the control process exited with error code. See "systemctl status freeradius.service" and "journalctl -xe" for details.
 failed!

Estou correndo como root

    
por Gray Fox 30.12.2016 / 15:15

2 respostas

0

Muito provavelmente um problema de permissões.

Com -X o processo FreeRADIUS não alterna usuários, ele continua sendo executado como quem o executou.

Inicie o freeradius com:

-f -lstdout -xxx
  • -f Executar em primeiro plano
  • -lstdout log para stdout
  • -xxx definiu o detalhamento do registro como o mesmo que -X

Em seguida, ele será executado com o UID / GID configurado.

    
por 30.12.2016 / 15:32
0

Minha primeira tentativa foi usar o host local. Os detalhes do cliente que usei para o host local foram a origem do meu problema.

quando eu digitei o seguinte para o cliente de teste:

cliente 127.0.0.1 {                segredo = mysecret                nome abreviado = localhost                nastype = other }

o serviço começou e eu consegui terminar a instalação no Ubuntu 16.04

    
por 04.10.2017 / 12:47