ติดตั้ง Daloradius บน CentOS 7
set selinux ก่อน
————————————————————————————
setenforce 0 sed -i 's/^SELINUX=.*/SELINUX=disabled/g' /etc/selinux/config ----------------------------------------------------------- ติดตั้ง httpd และ on service ----------------------------------------------------------
yum -y update yum groupinstall "Development Tools" -y yum -y install httpd httpd-devel
systemctl enable httpd systemctl start httpd
systemctl status httpd
----------------------------------------------------------------- ติดตั้ง MariaDB และ on service ---------------------------------------------------------------
vim /etc/yum.repos.d/MariaDB.repo
[mariadb] name = MariaDB baseurl = http://yum.mariadb.org/10.1/centos7-amd64 gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB gpgcheck=1
yum -y update yum install -y mariadb-server mariadb
systemctl start mariadb systemctl enable mariadb
systemctl status mariadb
systemctl is-enabled mariadb.service
------------------------------------------------------------------- ตั้งค่า password ของ mariadb
------------------------------------------------------------------
[root@freeradius ~]# mysql_secure_installation NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY! In order to log into MariaDB to secure it, we'll need the current password for the root user. If you've just installed MariaDB, and you haven't set the root password yet, the password will be blank, so you should just press enter here. Enter current password for root (enter for none): OK, successfully used password, moving on... Setting the root password ensures that nobody can log into the MariaDB root user without the proper authorisation. Set root password? [Y/n] Y New password: Re-enter new password: Password updated successfully! Reloading privilege tables.. ... Success! By default, a MariaDB installation has an anonymous user, allowing anyone to log into MariaDB without having to have a user account created for them. This is intended only for testing, and to make the installation go a bit smoother. You should remove them before moving into a production environment. Remove anonymous users? [Y/n] y ... Success! Normally, root should only be allowed to connect from 'localhost'. This ensures that someone cannot guess at the root password from the network. Disallow root login remotely? [Y/n] y ... Success! By default, MariaDB comes with a database named 'test' that anyone can access. This is also intended only for testing, and should be removed before moving into a production environment. Remove test database and access to it? [Y/n] y - Dropping test database... ... Success! - Removing privileges on test database... ... Success! Reloading the privilege tables will ensure that all changes made so far will take effect immediately. Reload privilege tables now? [Y/n] y ... Success! Cleaning up... All done! If you've completed all of the above steps, your MariaDB installation should now be secure. Thanks for using MariaDB! --------------------------------------------------------------
ตึ้งค่า ip ใช้งาน MariaDB -----------------------------------------------------------
# vim /etc/my.cnf [mysqld] bind-address=127.0.0.1 --------------------------------------------------------- หากไม่มี ที่ /etc/my.cnf ให้ไปดูที่ /etc/my.cnf.d/ น่าจะมี server.cnf หรือดูที่น่าจะเป็น
Configure Database for freeradius ----------------------------------------------------------
# mysql -u root -p -e " CREATE DATABASE radius" # mysql -u root -p -e "show databases" # mysql -u root -p MariaDB [(none)]> GRANT ALL ON radius.* TO radius@localhost IDENTIFIED BY "radiuspassword"; MariaDB [(none)]> FLUSH PRIVILEGES; MariaDB [(none)]> \q Bye ---------------------------------------------------------- โดยตรง GRANT อาจจะแก้จาก radius เป็น root ทั้ง 2 ค่า และ IDENTIFIED BY ให้แก้เป็น password root ติดตั้ง php 7 ----------------------------------------------------------
sudo yum -y install mod_php70u php70u-cli php70u-mysqlnd php70u-devel php70u-gd php70u-mcrypt php70u-mbstring php70u-xml php70u-pear
php -v ---------------------------------------------------------- ติดตั้ง freeradius
และ on service
-----------------------------------------------------
yum -y install freeradius freeradius-utils freeradius-mysql
# systemctl start radiusd.service # systemctl enable radiusd.service
# systemctl status radiusd.service ----------------------------------------------------------- ปิด firewalld ---------------------------------------------------------=- systemctl disable firewalld systemctl stop firewalld -----------------------------------------------------------
Configure FreeRADIUS เข้ากับ MariaDB
-------------------------------------------------------
mysql -u root -p radius < /etc/raddb/mods-config/sql/main/mysql/schema.sql
ln -s /etc/raddb/mods-available/sql /etc/raddb/mods-enabled/
vim /etc/raddb/mods-available/sql
sql { driver = "rlm_sql_mysql" dialect = "mysql" # Connection info: server = "localhost" port = 3306 login = "radius" password = "radiuspassword" # Database table configuration for everything except Oracle radius_db = "radius" } # Set to ‘yes’ to read radius clients from the database (‘nas’ table) # Clients will ONLY be read on server startup. read_clients = yes # Table to keep radius client info client_table = “nas”
chgrp -h radiusd /etc/raddb/mods-enabled/sql ------------------------------------------------------------- ติดตั้งและ Configuring Daloradius Github method: --------------------------------------------------------------
# wget https://github.com/lirantal/daloradius/archive/master.zip # unzip master.zip # mv daloradius-master/ daloradius ------------------------------------------------------------- Sourceforge way: ---------------------------------------------------------------
# wget http://liquidtelecom.dl.sourceforge.net/project/daloradius/daloradius/daloradius0.9-9/daloradius-0.9-9.tar.gz # tar zxvf daloradius-0.9-9.tar.gz # mv daloradius-0.9-9 daloradius
cd daloradius
# mysql -u root -p radius < contrib/db/fr2-mysql-daloradius-and-freeradius.sql # mysql -u root -p radius < contrib/db/mysql-daloradius.sql
# cd .. # mv daloradius /var/www/html/
# chown -R apache:apache /var/www/html/daloradius/ # chmod 664 /var/www/html/daloradius/library/daloradius.conf.php ------------------------------------------------------------------------- ใส่ password และ user MariaDB
-----------------------------------------------------------------------
# vim /var/www/html/daloradius/library/daloradius.conf.php
CONFIG_DB_USER CONFIG_DB_PASS CONFIG_DB_NAME
--------------------------------------------------------------------- ติดตั้ง php-pear เพิ่ม เพื่อติดต่อ DB
------------------------------------------------------------------
yum install php-pear pear install DB ---------------------------------------------------------- restart service ต่างๆ ที่เราใช้งาน ------------------------------------------------
# systemctl restart radiusd.service # systemctl restart mariadb.service # systemctl restart httpd
----------------------------------------------- เข้าผ่านหน้าเว็บ http://ip-address/daloradius/login.php Default login details are: Username: administrator Password: radius หากต้องการทำการ debug radius --------------------------------------------------------
pkill radius
radiusd -X --------------------------------------------------------- ที่มา https://computingforgeeks.com/installing-freeradius-and-daloradius-centos-7/