FreeBSD 11.3。无法启动 freeradius

FreeBSD 11.3。无法启动 freeradius

我正在尝试在 FreeBSD 11.3 上启动 freeradius

FreeRADIUS Version 3.0.19
    Copyright (C) 1999-2019 The FreeRADIUS server project and contributors
    There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
    PARTICULAR PURPOSE
    You may redistribute copies of FreeRADIUS under the terms of the
    GNU General Public License
    For more information about these matters, see the file named COPYRIGHT
    Starting - reading configuration files ...
    including dictionary file /usr/local/share/freeradius/dictionary
    including dictionary file /usr/local/share/freeradius/dictionary.dhcp
    including dictionary file /usr/local/share/freeradius/dictionary.vqp
    including dictionary file /usr/local/etc/raddb/dictionary
    including configuration file /usr/local/etc/raddb/radiusd.conf
    including files in directory /usr/local/etc/raddb/mods-enabled/
    including configuration file /usr/local/etc/raddb/sql.conf
    including configuration file /usr/local/etc/raddb/mods-config/sql/main/mysql/queries.conf
    including files in directory /usr/local/etc/raddb/policy.d/
    including files in directory /usr/local/etc/raddb/sites-enabled/
    including configuration file /usr/local/etc/raddb/sites-enabled/default
    including configuration file /usr/local/etc/raddb/sites-enabled/inner-tunnel
    including configuration file /usr/local/etc/raddb/sites-enabled/control-socket
    main {
     security {
            allow_core_dumps = no
     }
            name = "radiusd"
            prefix = "/usr/local"
            localstatedir = "/var"
            logdir = "/var/log"
            run_dir = "/var/run/radiusd"
    }
    main {
            name = "radiusd"
            prefix = "/usr/local"
            localstatedir = "/var"
            sbindir = "/usr/local/sbin"
            logdir = "/var/log"
            run_dir = "/var/run/radiusd"
            libdir = "/usr/local/lib/freeradius-3.0.19"
            radacctdir = "/var/log/radacct"
            hostname_lookups = no
            max_request_time = 30
            cleanup_delay = 5
            max_requests = 16384
            pidfile = "/var/run/radiusd/radiusd.pid"
            checkrad = "/usr/local/sbin/checkrad"
            debug_level = 0
            proxy_requests = yes
     log {
            stripped_names = no
            auth = yes
            auth_badpass = no
            auth_goodpass = no
            colourise = yes
            msg_denied = "You are already logged in - access denied"
     }
     resources {
     }
     security {
            max_attributes = 200
            reject_delay = 1.000000
            status_server = yes
     }
    }
    radiusd: #### Loading Realms and Home Servers ####
    radiusd: #### Loading Clients ####
    Debugger not attached
     # Creating Auth-Type = mschap
     # Creating Auth-Type = digest
     # Creating Auth-Type = eap
     # Creating Auth-Type = PAP
     # Creating Auth-Type = CHAP
     # Creating Auth-Type = MS-CHAP
    radiusd: #### Instantiating modules ####
     modules {
      # Loaded module rlm_sql
      # Loading module "sql" from file /usr/local/etc/raddb/sql.conf
      sql {
            driver = "rlm_sql_mysql"
            server = "localhost"
            port = 3306
            login = "root"
            password = <<< secret >>>
            radius_db = "stg"
            read_groups = yes
            read_profiles = yes
            read_clients = yes
            delete_stale_sessions = yes
            sql_user_name = "%{User-Name}"
            default_user_profile = ""
            client_query = "SELECT (@cnt := @cnt + 1) AS `id`, `nasname`, `shortname`, `type`, `secret`, `server`   FROM `mlg_clients`                                                                                                          CROSS JOIN (SELECT @cnt := 0) AS `dummy`         ORDER BY `id`"
            authorize_check_query = "SELECT id, username, attribute, value, op FROM mlg_check WHERE username = '%{SQL-User-Name}' ORDER BY id"
            authorize_reply_query = "SELECT id, username, attribute, value, op FROM mlg_reply WHERE username = '%{SQL-User-Name}' ORDER BY id"
            authorize_group_check_query = "SELECT id, groupname, attribute, Value, op FROM mlg_groupcheck WHERE groupname = '%{SQL-Group}' ORDER BY id"
            authorize_group_reply_query = "SELECT id, username, attribute, value, op FROM mlg_groupreply WHERE `username` = '%{SQL-User-Name}' ORDER BY id"
            group_membership_query = "SELECT username FROM mlg_groupreply WHERE username = '%{SQL-User-Name}' "
            simul_verify_query = "SELECT radacctid, acctsessionid, username, nasipaddress, nasportid, framedipaddress, callingstationid, framedprotocol FROM mlg_acct WHERE username = '%{SQL-User-Name}' AND acctstoptime IS NULL"
            safe_characters = "@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /"
            auto_escape = no
       accounting {
            reference = "%{tolower:type.%{Acct-Status-Type}.query}"
        type {
         accounting-on {
            query = "UPDATE mlg_acct SET acctstoptime = FROM_UNIXTIME(%{integer:Event-Timestamp}), acctsessiontime  = '%{integer:Event-Timestamp}' - UNIX_TIMESTAMP(acctstarttime), acctterminatecause = '%{%{Acct-Terminate-Cause}:-NAS-Reboot}' WHERE acctstoptime IS NULL AND nasipaddress   = '%{NAS-IP-Address}' AND acctstarttime <= FROM_UNIXTIME(%{integer:Event-Timestamp})"
         }
         accounting-off {
            query = "UPDATE mlg_acct SET acctstoptime = FROM_UNIXTIME(%{integer:Event-Timestamp}), acctsessiontime  = '%{integer:Event-Timestamp}' - UNIX_TIMESTAMP(acctstarttime), acctterminatecause = '%{%{Acct-Terminate-Cause}:-NAS-Reboot}' WHERE acctstoptime IS NULL AND nasipaddress   = '%{NAS-IP-Address}' AND acctstarttime <= FROM_UNIXTIME(%{integer:Event-Timestamp})"
         }
         start {
            query = "INSERT INTO mlg_acct (acctsessionid,           acctuniqueid,           username, realm,                                                                                                                                    nasipaddress,            nasportid, nasporttype,         acctstarttime,          acctupdatetime, acctstoptime,          acctsessiontime,                                                                                                     acctauthentic, connectinfo_start,        connectinfo_stop,       acctinputoctets, acctoutputoctets,      calledstationid,                                                                                                                    callingstationid, acctterminatecause,    servicetype,            framedprotocol, framedipaddress) VALUES ('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}', '%{SQL-User-Name}', '%{Realm}', '%{NAS-IP-Address}', '%{%{NAS-Port-ID}:-%{NAS-Port}}', '%{NAS-Port-Type}', FROM_UNIXTIME(%{integer:Event-Timestamp}), FROM_UNIXTIME(%{integer:Event-Timestamp}), NULL, '0', '%{Acct-Authentic}', '%{Connect-Info}', '', '0', '0', '%{Called-Station-Id}', '%{Calling-Station-Id}', '', '%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}')"
         }
         interim-update {
            query = "UPDATE mlg_acct SET acctupdatetime  = (@acctupdatetime_old:=acctupdatetime), acctupdatetime  = FROM_UNIXTIME(%{integer:Event-Timestamp}), acctinterval    = %{integer:Event-Timestamp} - UNIX_TIMESTAMP(@acctupdatetime_old), framedipaddress = '%{Framed-IP-Address}', acctsessiontime = %{%{Acct-Session-Time}:-NULL}, acctinputoctets = '%{%{Acct-Input-Gigawords}:-0}' << 32 | '%{%{Acct-Input-Octets}:-0}', acctoutputoctets = '%{%{Acct-Output-Gigawords}:-0}' << 32 | '%{%{Acct-Output-Octets}:-0}' WHERE AcctUniqueId = '%{Acct-Unique-Session-Id}'"
         }
         stop {
            query = "UPDATE mlg_acct SET acctstoptime       = FROM_UNIXTIME(%{integer:Event-Timestamp}), acctsessiontime   = %{%{Acct-Session-Time}:-NULL}, acctinputoctets                                                                     = '%{%{Acct-Input-Gigawords}:-0}' << 32 | '%{%{Acct-Input-Octets}:-0}', acctoutputoctets = '%{%{Acct-Output-Gigawords}:-0}' << 32 | '%{%{Acct-Output-Octets}:-0}', acctterminatecause = '%{Acct-Terminate-Cause}', connectinfo_stop = '%{Connect-Info}' WHERE AcctUniqueId = '%{Acct-Unique-Session-Id}'"
         }
        }
       }
       post-auth {
            reference = ".query"
            query = "INSERT INTO mlg_postauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S')"
       }
      }
    rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded and linked
    Creating attribute SQL-Group
      instantiate {
      }
    /usr/local/etc/raddb/mods-config/sql/main/mysql/queries.conf[197]: Failed parsing expanded string:
    /usr/local/etc/raddb/mods-config/sql/main/mysql/queries.conf[197]: %{tolower:type.%{Acct-Status-Type}.query}
    /usr/local/etc/raddb/mods-config/sql/main/mysql/queries.conf[197]:   ^ Unknown module

我已经尝试解决启动问题很长时间了,但仍然不想启动。应用debag来了解情况。使用MySQL 5.6;基础位于同一服务器上。

我需要做什么才能启动它以及如何修复错误?

答案1

我从未使用过 Freeradius,也不是 BSD 专家。这个答案只是根据输出中报告的错误说明了显而易见的情况。

输出末尾列出了一个错误:

    ...queries.conf[197]: Failed parsing expanded string:
    ...queries.conf[197]: %{tolower:type.%{Acct-Status-Type}.query}
    ...queries.conf[197]:   ^ Unknown module

在谷歌上快速搜索建议这tolower是“rlm_expr”模块的一部分(本页提到的)。

  • 检查 rlm_expr 是否已安装。找到raddb/mods-available/您系统上的位置并检查它包含expr. 看这里
  • 检查您的配置是否正在加载 rlm_expr。看来模块是从 加载的raddb/mods-enabled/。因此,找到位置并在 mods-avaiable 中 raddb/mods-enabled/创建一个链接:expr
    ln -s ../mods-available/expr raddb/mods-enabled
    

再说一遍,我不是 BSD 专家,这个答案只是为了根据问题中提供的信息为您指明正确的方向。

相关内容