|
ru.unix.bsd
- RU.UNIX.BSD ------------------------------------------------------------------
From : Alexander Lunyov 2:50/551.3 17 Jul 2003 16:06:19
To : Andrew Lutov
Subject : FreeRadius 0.8.1
--------------------------------------------------------------------------------
* hi
** Andrew Lutov => Alexander Lunyov
> Вот такое вот имеется. Я конфиг не полный приводил.
> radutmp {
> filename = ${logdir}/radutmp
> username = %{User-Name}
> case_sensitive = yes
> check_with_nas = yes
> perm = 0600
> callerid = "yes"
> }
У меня все работает. Вот конфиг:
prefix = /usr/local
exec_prefix = ${prefix}
sysconfdir = ${prefix}/etc
localstatedir = /var
sbindir = ${exec_prefix}/sbin
logdir = ${localstatedir}/log/radius
raddbdir = ${sysconfdir}/raddb
radacctdir = ${logdir}/radacct
confdir = ${raddbdir}
run_dir = ${localstatedir}/run/radiusd
log_file = ${logdir}/radius.log
libdir = ${exec_prefix}/lib
pidfile = ${run_dir}/radiusd.pid
max_request_time = 30
delete_blocked_requests = no
cleanup_delay = 5
max_requests = 1024
bind_address = *
port = 0
hostname_lookups = no
allow_core_dumps = no
regular_expressions = yes
extended_expressions = yes
log_stripped_names = no
log_auth = yes
log_auth_badpass = yes
log_auth_goodpass = no
usercollide = yes
lower_user = before
lower_pass = no
nospace_user = no
nospace_pass = no
checkrad = ${sbindir}/checkrad
security {
max_attributes = 200
reject_delay = 1
status_server = no
}
proxy_requests = no
$INCLUDE ${confdir}/proxy.conf
$INCLUDE ${confdir}/clients.conf
$INCLUDE ${confdir}/snmp.conf
thread pool {
start_servers = 5
max_servers = 32
min_spare_servers = 3
max_spare_servers = 10
max_requests_per_server = 0
}
modules {
pap {
encryption_scheme = crypt
}
chap {
authtype = CHAP
}
pam {
pam_auth = radiusd
}
unix {
cache = no
cache_reload = 600
radwtmp = ${localstatedir}/log/wtmp
}
eap {
md5 {
}
}
mschap {
authtype = MS-CHAP
}
ldap {
server = "ldap.domain.ru"
identity = "cn=admin,dc=domain,dc=ru"
password = secret
basedn = "ou=users,dc=domain,dc=ru"
filter = "(uid=%u)"
start_tls = no
tls_mode = no
default_profile = "cn=radprofile,dc=domain,dc=ru"
access_group = "cn=dialup-group,dc=domain,dc=ru"
access_attr = "dialupAccess"
dictionary_mapping = ${raddbdir}/ldap.attrmap
ldap_connections_number = 5
timeout = 4
timelimit = 3
net_timeout = 1
}
realm suffix {
format = suffix
delimiter = "@"
}
realm realmslash {
format = prefix
delimiter = "/"
}
realm realmpercent {
format = suffix
delimiter = "%"
}
preprocess {
huntgroups = ${confdir}/huntgroups
hints = ${confdir}/hints
with_ascend_hack = no
ascend_channels_per_line = 23
with_ntdomain_hack = no
with_specialix_jetstream_hack = no
with_cisco_vsa_hack = no
}
files {
usersfile = ${confdir}/users
acctusersfile = ${confdir}/acct_users
compat = no
}
detail {
detailfile = ${radacctdir}/%{Client-IP-Address}/detail-%Y%m%d
detailperm = 0600
}
acct_unique {
key = "User-Name, Acct-Session-Id, NAS-IP-Address,Client-IP-Add
ress, NAS-Port-Id"
}
$INCLUDE ${confdir}/sql.conf
radutmp {
filename = ${logdir}/radutmp
perm = 0600
callerid = "yes"
}
radutmp sradutmp {
filename = ${logdir}/sradutmp
perm = 0644
callerid = "no"
}
attr_filter {
attrsfile = ${confdir}/attrs
}
counter {
filename = ${raddbdir}/db.counter
key = User-Name
count-attribute = Acct-Session-Time
reset = daily
counter-name = Daily-Session-Time
check-name = Max-Daily-Session
allowed-servicetype = Framed-User
cache-size = 5000
}
always fail {
rcode = fail
}
always reject {
rcode = reject
}
always ok {
rcode = ok
simulcount = 0
mpp = no
}
expr {
}
}
instantiate {
expr
}
authorize {
preprocess
ldap
}
authenticate {
unix
authtype LDAP {
ldap
}
}
preacct {
preprocess
suffix
files
}
accounting {
detail
radutmp
sradutmp
sql
}
session {
radutmp
sql
}
post-auth {
}
Пермишны.
zeus@root [17:16:56] ~ # ls -l /var/log/ | grep radius
drwxr-x--- 3 root wheel 512 5 июн 02:02 radius
zeus@root [17:17:14] ~ # ls -l /var/log/radius/
total 14502
drwxr-xr-x 4 root wheel 512 4 дек 2002 radacct
-rw-r--r-- 1 root wheel 2147156 17 июл 16:41 radius.log
-rw------- 1 root wheel 1700 17 июл 17:01 radutmp
-rw-r--r-- 1 root wheel 12636029 17 июл 17:01 sqltrace.sql
-rw-r--r-- 1 root wheel 1700 17 июл 17:01 sradutmp
* bye
---
* Origin: no sex until marriage! (c) Front242 (2:50/551.3)
Вернуться к списку тем, сортированных по: возрастание даты уменьшение даты тема автор
|
