Freeradius 无法启动 无法启动 LSB:Radius Daemon

Freeradius 无法启动 无法启动 LSB:Radius Daemon

我尝试设置 Freeradius 服务器,但当我尝试使用以下方式启动它时

# service freeradius start
Job for freeradius.service failed because the control process exited with error code. See "systemctl status freeradius.service" and "journalctl -xe" for details.

当我写 journalctl 时我得到了这个

-- The start-up result is done.
Dec 30 16:03:05 pppie sudo[19994]:   dilian : TTY=pts/0 ; PWD=/home/dilian ; USER=root ; COMMAND=/bin/su
Dec 30 16:03:05 pppie sudo[19994]: pam_unix(sudo:session): session opened for user root by dilian(uid=0)
Dec 30 16:03:06 pppie su[19995]: Successful su for root by root
Dec 30 16:03:06 pppie su[19995]: + /dev/pts/0 root:root
Dec 30 16:03:06 pppie su[19995]: pam_unix(su:session): session opened for user root by dilian(uid=0)
Dec 30 16:03:06 pppie su[19995]: pam_systemd(su:session): Cannot create session: Already running in a session
Dec 30 16:03:28 pppie systemd[1]: Starting LSB: Radius Daemon...
-- Subject: Unit freeradius.service has begun start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit freeradius.service has begun starting up.
Dec 30 16:03:28 pppie freeradius[20039]:  * Starting FreeRADIUS daemon freeradius
Dec 30 16:03:28 pppie freeradius[20039]:    ...fail!
Dec 30 16:03:28 pppie systemd[1]: freeradius.service: Control process exited, code=exited status=1
Dec 30 16:03:28 pppie systemd[1]: Failed to start LSB: Radius Daemon.
-- Subject: Unit freeradius.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit freeradius.service has failed.
--
-- The result is failed.
Dec 30 16:03:28 pppie systemd[1]: freeradius.service: Unit entered failed state.
Dec 30 16:03:28 pppie systemd[1]: freeradius.service: Failed with result 'exit-code'.

当我尝试“freeradius -X”时,我到达最后一个线并且它停留在那里什么也不做。

> # freeradius -X freeradius: FreeRADIUS Version 2.2.8, for host x86_64-pc-linux-gnu, built on Apr                                     
> 5 2016 at 13:40:43 Copyright (C) 1999-2015 The FreeRADIUS server
> project and contributors. There is NO warranty; not even for
> MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. You may
> redistribute copies of FreeRADIUS under the terms of the GNU General
> Public License. For more information about these matters, see the file
> named COPYRIGHT. Starting - reading configuration files ... including
> configuration file /etc/freeradius/radiusd.conf including
> configuration file /etc/freeradius/proxy.conf including configuration
> file /etc/freeradius/clients.conf including configuration file
> /etc/freeradius/snmp.conf including configuration file
> /etc/freeradius/nibs.conf main {
>         user = "nobody"
>         group = "nobody"
>         allow_core_dumps = no } including dictionary file /etc/freeradius/dictionary main {
>         name = "radiusd"
>         prefix = "/usr/local"
>         localstatedir = "/var"
>         sbindir = "/usr/local/sbin"
>         logdir = "/var/log"
>         run_dir = "/var/run/radiusd"
>         libdir = "/usr/local/lib"
>         radacctdir = "/var/log/radacct"
>         hostname_lookups = no
>         max_request_time = 30
>         cleanup_delay = 5
>         max_requests = 1024
>         pidfile = "/var/run/radiusd/radiusd.pid"
>         checkrad = "/usr/local/sbin/checkrad"
>         debug_level = 0
>         proxy_requests = no
>         log_auth = no
>         log_auth_badpass = yes
>         log_auth_goodpass = yes
>         log_stripped_names = no  security {
>         max_attributes = 200
>         reject_delay = 1
>         status_server = no
>         allow_vulnerable_openssl = no  } } radiusd: #### Loading Realms and Home Servers ####  proxy server {
>         retry_delay = 5
>         retry_count = 3
>         default_fallback = no
>         dead_time = 120
>         wake_all_if_all_dead = no  }  home_server localhost {
>         ipaddr = 127.0.0.1
>         port = 1812
>         type = "auth"
>         secret = "testing123"
>         response_window = 20
>         max_outstanding = 65536
>         require_message_authenticator = yes
>         zombie_period = 40
>         status_check = "status-server"
>         ping_interval = 30
>         check_interval = 30
>         num_answers_to_alive = 3
>         num_pings_to_alive = 3
>         revive_interval = 120
>         status_check_timeout = 4   coa {
>         irt = 2
>         mrt = 16
>         mrc = 5
>         mrd = 30   }  }  home_server_pool my_auth_failover {
>         type = fail-over
>         home_server = localhost  }  realm example.com {
>         auth_pool = my_auth_failover  }  realm LOCAL {  } radiusd: #### Loading Clients ####  client localhost {
>         ipaddr = 127.0.0.1
>         require_message_authenticator = no
>         secret = "testing123"
>         nastype = "other"  } radiusd: #### Instantiating modules ####  instantiate {  Module: Linked to module rlm_exec  Module:
> Instantiating module "exec" from file /etc/freeradius/radiusd.conf  
> exec {
>         wait = yes
>         input_pairs = "request"
>         shell_escape = yes   }  Module: Linked to module rlm_expr  Module: Instantiating module "expr" from file
> /etc/freeradius/radiusd.conf  } radiusd: #### Loading Virtual Servers
> #### server { # from file /etc/freeradius/radiusd.conf  modules {  } # modules } # server radiusd: #### Opening IP addresses and Ports ####
>         bind_address = * WARNING: The directive 'bind_address' is deprecated, and will be removed in futu                               
> re versions of FreeRADIUS. Please edit the configuration files to use
> the direct                                                            
> ive 'listen'. Listening on authentication address * port 1812
> Listening on accounting address * port 1813 Ready to process requests.

没有错误消息,我不知道该怎么做才能修复它...我使用的是 Ubuntu 服务器 16.04

如果有人知道哪里出了问题?那将是您宝贵的时间。


当我尝试

root@pppie:/home/dilian# freeradius -f -lstdout -XXX
Fri Jan  6 14:05:36 2017 : Info: freeradius: FreeRADIUS Version 2.2.8, for host x86_64-pc-linux-gnu, built on Apr  5 2016 at 13:40:43
Fri Jan  6 14:05:36 2017 : Debug: Server was built with:
Fri Jan  6 14:05:36 2017 : Debug:   accounting
Fri Jan  6 14:05:36 2017 : Debug:   authentication
Fri Jan  6 14:05:36 2017 : Debug:  WITH_DHCP
Fri Jan  6 14:05:36 2017 : Debug:  WITH_VMPS
Fri Jan  6 14:05:36 2017 : Debug: Server core libs:
Fri Jan  6 14:05:36 2017 : Debug:   ssl: OpenSSL 1.0.2g  1 Mar 2016
Fri Jan  6 14:05:36 2017 : Info: Copyright (C) 1999-2015 The FreeRADIUS server project and contributors.
Fri Jan  6 14:05:36 2017 : Info: There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
Fri Jan  6 14:05:36 2017 : Info: PARTICULAR PURPOSE.
Fri Jan  6 14:05:36 2017 : Info: You may redistribute copies of FreeRADIUS under the terms of the
Fri Jan  6 14:05:36 2017 : Info: GNU General Public License.
Fri Jan  6 14:05:36 2017 : Info: For more information about these matters, see the file named COPYRIGHT.
Fri Jan  6 14:05:36 2017 : Info: Starting - reading configuration files ...
Fri Jan  6 14:05:36 2017 : Debug: including configuration file /etc/freeradius/radiusd.conf
Fri Jan  6 14:05:36 2017 : Debug: including configuration file /etc/freeradius/proxy.conf
Fri Jan  6 14:05:36 2017 : Debug: including configuration file /etc/freeradius/clients.conf
Fri Jan  6 14:05:36 2017 : Debug: including configuration file /etc/freeradius/snmp.conf
Fri Jan  6 14:05:36 2017 : Debug: including configuration file /etc/freeradius/nibs.conf
Fri Jan  6 14:05:36 2017 : Debug: main {
Fri Jan  6 14:05:36 2017 : Debug:       user = "nobody"
Fri Jan  6 14:05:36 2017 : Debug:       group = "nobody"
Fri Jan  6 14:05:36 2017 : Debug:       allow_core_dumps = no
Fri Jan  6 14:05:36 2017 : Debug: }
Fri Jan  6 14:05:36 2017 : Debug: including dictionary file /etc/freeradius/dictionary
Fri Jan  6 14:05:36 2017 : Debug: main {
Fri Jan  6 14:05:36 2017 : Debug:       name = "radiusd"
Fri Jan  6 14:05:36 2017 : Debug:       prefix = "/usr/local"
Fri Jan  6 14:05:36 2017 : Debug:       localstatedir = "/var"
Fri Jan  6 14:05:36 2017 : Debug:       sbindir = "/usr/local/sbin"
Fri Jan  6 14:05:36 2017 : Debug:       logdir = "/var/log"
Fri Jan  6 14:05:36 2017 : Debug:       run_dir = "/var/run/radiusd"
Fri Jan  6 14:05:36 2017 : Debug:       libdir = "/usr/local/lib"
Fri Jan  6 14:05:36 2017 : Debug:       radacctdir = "/var/log/radacct"
Fri Jan  6 14:05:36 2017 : Debug:       hostname_lookups = no
Fri Jan  6 14:05:36 2017 : Debug:       max_request_time = 30
Fri Jan  6 14:05:36 2017 : Debug:       cleanup_delay = 5
Fri Jan  6 14:05:36 2017 : Debug:       max_requests = 1024
Fri Jan  6 14:05:36 2017 : Debug:       pidfile = "/var/run/radiusd/radiusd.pid"
Fri Jan  6 14:05:36 2017 : Debug:       checkrad = "/usr/local/sbin/checkrad"
Fri Jan  6 14:05:36 2017 : Debug:       debug_level = 0
Fri Jan  6 14:05:36 2017 : Debug:       proxy_requests = no
Fri Jan  6 14:05:36 2017 : Debug:       log_auth = no
Fri Jan  6 14:05:36 2017 : Debug:       log_auth_badpass = yes
Fri Jan  6 14:05:36 2017 : Debug:       log_auth_goodpass = yes
Fri Jan  6 14:05:36 2017 : Debug:       log_stripped_names = no
Fri Jan  6 14:05:36 2017 : Debug:  security {
Fri Jan  6 14:05:36 2017 : Debug:       max_attributes = 200
Fri Jan  6 14:05:36 2017 : Debug:       reject_delay = 1
Fri Jan  6 14:05:36 2017 : Debug:       status_server = no
Fri Jan  6 14:05:36 2017 : Debug:       allow_vulnerable_openssl = no
Fri Jan  6 14:05:36 2017 : Debug:  }
Fri Jan  6 14:05:36 2017 : Debug: }
Fri Jan  6 14:05:36 2017 : Debug: radiusd: #### Loading Realms and Home Servers ####
Fri Jan  6 14:05:36 2017 : Debug:  proxy server {
Fri Jan  6 14:05:36 2017 : Debug:       retry_delay = 5
Fri Jan  6 14:05:36 2017 : Debug:       retry_count = 3
Fri Jan  6 14:05:36 2017 : Debug:       default_fallback = no
Fri Jan  6 14:05:36 2017 : Debug:       dead_time = 120
Fri Jan  6 14:05:36 2017 : Debug:       wake_all_if_all_dead = no
Fri Jan  6 14:05:36 2017 : Debug:  }
Fri Jan  6 14:05:36 2017 : Debug:  home_server localhost {
Fri Jan  6 14:05:36 2017 : Debug:       ipaddr = 127.0.0.1
Fri Jan  6 14:05:36 2017 : Debug:       port = 1812
Fri Jan  6 14:05:36 2017 : Debug:       type = "auth"
Fri Jan  6 14:05:36 2017 : Debug:       secret = "testing123"
Fri Jan  6 14:05:36 2017 : Debug:       response_window = 20
Fri Jan  6 14:05:36 2017 : Debug:       max_outstanding = 65536
Fri Jan  6 14:05:36 2017 : Debug:       require_message_authenticator = yes
Fri Jan  6 14:05:36 2017 : Debug:       zombie_period = 40
Fri Jan  6 14:05:36 2017 : Debug:       status_check = "status-server"
Fri Jan  6 14:05:36 2017 : Debug:       ping_interval = 30
Fri Jan  6 14:05:36 2017 : Debug:       check_interval = 30
Fri Jan  6 14:05:36 2017 : Debug:       num_answers_to_alive = 3
Fri Jan  6 14:05:36 2017 : Debug:       num_pings_to_alive = 3
Fri Jan  6 14:05:36 2017 : Debug:       revive_interval = 120
Fri Jan  6 14:05:36 2017 : Debug:       status_check_timeout = 4
Fri Jan  6 14:05:36 2017 : Debug:   coa {
Fri Jan  6 14:05:36 2017 : Debug:       irt = 2
Fri Jan  6 14:05:36 2017 : Debug:       mrt = 16
Fri Jan  6 14:05:36 2017 : Debug:       mrc = 5
Fri Jan  6 14:05:36 2017 : Debug:       mrd = 30
Fri Jan  6 14:05:36 2017 : Debug:   }
Fri Jan  6 14:05:36 2017 : Debug:  }
Fri Jan  6 14:05:36 2017 : Debug:  home_server_pool my_auth_failover {
Fri Jan  6 14:05:36 2017 : Debug:       type = fail-over
Fri Jan  6 14:05:36 2017 : Debug:       home_server = localhost
Fri Jan  6 14:05:36 2017 : Debug:  }
Fri Jan  6 14:05:36 2017 : Debug:  realm example.com {
Fri Jan  6 14:05:36 2017 : Debug:       auth_pool = my_auth_failover
Fri Jan  6 14:05:36 2017 : Debug:  }
Fri Jan  6 14:05:36 2017 : Debug:  realm LOCAL {
Fri Jan  6 14:05:36 2017 : Debug:  }
Fri Jan  6 14:05:36 2017 : Debug: radiusd: #### Loading Clients ####
Fri Jan  6 14:05:36 2017 : Debug:  client localhost {
Fri Jan  6 14:05:36 2017 : Debug:       ipaddr = 127.0.0.1
Fri Jan  6 14:05:36 2017 : Debug:       require_message_authenticator = no
Fri Jan  6 14:05:36 2017 : Debug:       secret = "testing123"
Fri Jan  6 14:05:36 2017 : Debug:       nastype = "other"
Fri Jan  6 14:05:36 2017 : Debug:  }
Fri Jan  6 14:05:36 2017 : Debug: radiusd: #### Instantiating modules ####
Fri Jan  6 14:05:36 2017 : Debug:  instantiate {
Fri Jan  6 14:05:36 2017 : Debug:     (Loaded rlm_exec, checking if it's valid)
Fri Jan  6 14:05:36 2017 : Debug:  Module: Linked to module rlm_exec
Fri Jan  6 14:05:36 2017 : Debug:  Module: Instantiating module "exec" from file /etc/freeradius/radiusd.conf
Fri Jan  6 14:05:36 2017 : Debug:   exec {
Fri Jan  6 14:05:36 2017 : Debug:       wait = yes
Fri Jan  6 14:05:36 2017 : Debug:       input_pairs = "request"
Fri Jan  6 14:05:36 2017 : Debug:       shell_escape = yes
Fri Jan  6 14:05:36 2017 : Debug:   }
Fri Jan  6 14:05:36 2017 : Debug:     (Loaded rlm_expr, checking if it's valid)
Fri Jan  6 14:05:36 2017 : Debug:  Module: Linked to module rlm_expr
Fri Jan  6 14:05:36 2017 : Debug:  Module: Instantiating module "expr" from file /etc/freeradius/radiusd.conf
Fri Jan  6 14:05:36 2017 : Debug:  }
Fri Jan  6 14:05:36 2017 : Debug: radiusd: #### Loading Virtual Servers ####
Fri Jan  6 14:05:36 2017 : Debug: server { # from file /etc/freeradius/radiusd.conf
Fri Jan  6 14:05:36 2017 : Debug:  modules {
Fri Jan  6 14:05:36 2017 : Debug:  } # modules
Fri Jan  6 14:05:36 2017 : Debug: } # server
Fri Jan  6 14:05:36 2017 : Debug: radiusd: #### Opening IP addresses and Ports ####
Fri Jan  6 14:05:36 2017 : Debug:       bind_address = *
Fri Jan  6 14:05:36 2017 : Info: WARNING: The directive 'bind_address' is deprecated, and will be removed in future versions of FreeRADIUS. Please edit the configuration files to use the directive 'listen'.
Fri Jan  6 14:05:36 2017 : Debug: Listening on authentication address * port 1812
Fri Jan  6 14:05:36 2017 : Debug: Listening on accounting address * port 1813
Fri Jan  6 14:05:36 2017 : Info: Ready to process requests.

并且它再次停留在“准备处理请求”行。

当我尝试用以下命令启动它时:

root@pppie:/home/dilian# /etc/init.d/freeradius start
[....] Starting freeradius (via systemctl): freeradius.serviceJob for freeradius.service failed because the control process exited with error code. See "systemctl status freeradius.service" and "journalctl -xe" for details.
 failed!

我以 root 身份运行

答案1

很可能是权限问题。

使用 -X 后,FreeRADIUS 进程不会切换用户,而是保持以执行者的身份运行。

使用以下命令启动 freeradius:

-f -lstdout -xxx
  • -f在前台运行
  • -lstdout记录到标准输出
  • -xxx将日志记录详细程度设置为-X

然后它将使用配置的 UID/GID 运行。

答案2

我首先尝试使用本地主机。我为本地主机使用的客户端详细信息是问题的根源。

当我在测试客户端输入以下内容时:

客户端 127.0.0.1{ secret = mysecret 短名称 = localhost nastype = other }

服务已启动,我能够在 Ubuntu 16.04 上完成安装

相关内容