Saturday, 27 April 2019

Install freeRADIUS with daloRADIUS on CentOS 7

Install freeRADIUS with daloRADIUS on CentOS 7

RADIUS (Remote Authentication and Dial-In User Service) is network protocol and software that authenticate dial-in users and authorize their access to the requested service. RADIUS provides centralized Authentication, Authorization and Accounting (AAA) management for a user, who connect and use a network service. RADIUS allows an organization to maintain user profiles in a central database that all remote servers can share.

RADIUS servers are mostly used by ISPs (Internet Service Providers) to manage access to the Internet.

freeRADIUS is an free and open-source software to implement RADIUS services. freeRADIUS does not have any native web interface. But we have many third-party web interfaces are available to use with freeRADIUS.

daloRADIUS is a easy to use, but advanced RADIUS web interface, that aimed at managing hotspots and general-purpose ISP deployments. daloRADIUS is written in PHP and supports famous database systems.

In this article, we will install freeRADIUS and daloRADIUS on CentOS 7 without disabling SELinux.

This article emphasize on the installation and initial configuration of freeRADIUS and daloRADIUS on CentOS 7. If you want to know, how to use freeRADIUS or daloRADIUS, then we recommend you to read FreeRADIUS Beginner's Guide and daloRADIUS User Guide (Volume 1).

 

This Article Provides:

     

    System Specification:

    We are using a CentOS 7 virtual machine with following specifications:

    • Hostname - radius-01.example.com
    • IP Address - 192.168.116.158 /24
    • Operating System - CentOS 7.6
    • freeRADIUS version - 3.0
    • daloRADIUS version - 1.0

     

    Installing prerequisite packages:

    Connect with radius-01.example.com using ssh as root user.

    We will require some utiliies during installation of freeRADIUS and daloRADIUS, therefore, we are installing them now, using yum command.

    [root@radius-01 ~]# yum install -y wget unzip Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: centos.mirror.net.in * extras: centos.mirror.net.in * updates: centos.mirror.net.in Resolving Dependencies --> Running transaction check ---> Package unzip.x86_64 0:6.0-19.el7 will be installed ---> Package wget.x86_64 0:1.14-18.el7 will be installed --> Finished Dependency Resolution Dependencies Resolved ================================================================================ Package Arch Version Repository Size ================================================================================ Installing: unzip x86_64 6.0-19.el7 base 170 k wget x86_64 1.14-18.el7 base 547 k Transaction Summary ================================================================================ Install 2 Packages Total download size: 717 k Installed size: 2.3 M Downloading packages: (1/2): unzip-6.0-19.el7.x86_64.rpm | 170 kB 00:06 (2/2): wget-1.14-18.el7.x86_64.rpm | 547 kB 00:19 -------------------------------------------------------------------------------- Total 37 kB/s | 717 kB 00:19 Running transaction check Running transaction test Transaction test succeeded Running transaction Installing : wget-1.14-18.el7.x86_64 1/2 Installing : unzip-6.0-19.el7.x86_64 2/2 Verifying : unzip-6.0-19.el7.x86_64 1/2 Verifying : wget-1.14-18.el7.x86_64 2/2 Installed: unzip.x86_64 0:6.0-19.el7 wget.x86_64 0:1.14-18.el7 Complete!

    Some prereqiusite packages are available through extras yum repository, therefore, we are installing EPEL (Extra Packages for Enterprise Linux) yum repository.

    [root@radius-01 ~]# yum install -y epel-release Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: centos.mirror.net.in * extras: centos.mirror.net.in * updates: centos.mirror.net.in Resolving Dependencies --> Running transaction check ---> Package epel-release.noarch 0:7-11 will be installed --> Finished Dependency Resolution Dependencies Resolved ================================================================================ Package Arch Version Repository Size ================================================================================ Installing: epel-release noarch 7-11 extras 15 k Transaction Summary ================================================================================ Install 1 Package Total download size: 15 k Installed size: 24 k Downloading packages: epel-release-7-11.noarch.rpm | 15 kB 00:00 Running transaction check Running transaction test Transaction test succeeded Running transaction Installing : epel-release-7-11.noarch 1/1 Verifying : epel-release-7-11.noarch 1/1 Installed: epel-release.noarch 0:7-11 Complete!

    Build yum cache using following command.

    [root@radius-01 ~]# yum makecache fast Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile epel/x86_64/metalink | 4.6 kB 00:00 * base: centos.mirror.net.in * epel: mirror.horizon.vn * extras: centos.mirror.net.in * updates: centos.mirror.net.in base | 3.6 kB 00:02 extras | 3.4 kB 00:00 mariadb | 2.9 kB 00:00 updates | 3.4 kB 00:00 Metadata Cache Created

     

    Installing MariaDB on CentOS 7:

    Follow my previous article to install latest version of MariaDB.

    After installation, connect with MariaDB database as root user.

    [root@radius-01 ~]# mysql -u root -p Enter password: Welcome to the MariaDB monitor. Commands end with ; or \g. Your MariaDB connection id is 16 Server version: 10.3.14-MariaDB MariaDB Server Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. MariaDB [(none)]>

    Create a database, that serves as the repository for our RADIUS server.

    MariaDB [(none)]> create database radius; Query OK, 1 row affected (0.001 sec)

    Create a database owner for radius database.

    MariaDB [(none)]> grant all on radius.* to radius@localhost identified by '123'; Query OK, 0 rows affected (0.001 sec)

    Reload privileges tables.

    MariaDB [(none)]> flush privileges; Query OK, 0 rows affected (0.001 sec)

    Exit from MariaDB prompt.

    MariaDB [(none)]> exit Bye

     

    Installing Apache Web Server on CentOS 7:

    daloRADIUS is a web application developed in PHP. Therefore, we need Apache Web Server with PHP to deploy daloRADIUS.

    Install Apache Web Server using yum command.

    [root@radius-01 ~]# yum install -y httpd Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: centos.mirror.net.in * extras: centos.mirror.net.in * updates: centos.mirror.net.in Resolving Dependencies --> Running transaction check ---> Package httpd.x86_64 0:2.4.6-88.el7.centos will be installed --> Processing Dependency: httpd-tools = 2.4.6-88.el7.centos for package: httpd-2.4.6-88.el7.centos.x86_64 --> Processing Dependency: /etc/mime.types for package: httpd-2.4.6-88.el7.centos.x86_64 --> Running transaction check ---> Package httpd-tools.x86_64 0:2.4.6-88.el7.centos will be installed ---> Package mailcap.noarch 0:2.1.41-2.el7 will be installed --> Finished Dependency Resolution Dependencies Resolved ================================================================================ Package Arch Version Repository Size ================================================================================ Installing: httpd x86_64 2.4.6-88.el7.centos base 2.7 M Installing for dependencies: httpd-tools x86_64 2.4.6-88.el7.centos base 90 k mailcap noarch 2.1.41-2.el7 base 31 k Transaction Summary ================================================================================ Install 1 Package (+2 Dependent packages) Total download size: 2.8 M Installed size: 9.6 M Downloading packages: (1/3): mailcap-2.1.41-2.el7.noarch.rpm | 31 kB 00:00 (2/3): httpd-tools-2.4.6-88.el7.centos.x86_64.rpm | 90 kB 00:02 (3/3): httpd-2.4.6-88.el7.centos.x86_64.rpm | 2.7 MB 00:15 -------------------------------------------------------------------------------- Total 188 kB/s | 2.8 MB 00:15 Running transaction check Running transaction test Transaction test succeeded Running transaction Installing : mailcap-2.1.41-2.el7.noarch 1/3 Installing : httpd-tools-2.4.6-88.el7.centos.x86_64 2/3 Installing : httpd-2.4.6-88.el7.centos.x86_64 3/3 Verifying : httpd-tools-2.4.6-88.el7.centos.x86_64 1/3 Verifying : mailcap-2.1.41-2.el7.noarch 2/3 Verifying : httpd-2.4.6-88.el7.centos.x86_64 3/3 Installed: httpd.x86_64 0:2.4.6-88.el7.centos Dependency Installed: httpd-tools.x86_64 0:2.4.6-88.el7.centos mailcap.noarch 0:2.1.41-2.el7 Complete!

    Start and enable httpd.service.

    [root@radius-01 ~]# systemctl enable httpd.service Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service. [root@radius-01 ~]# systemctl start httpd.service

    Apache Webserver has been configured successfully. It is advised that, you should read our previous article Chroot Apache Web Server in CentOS 7 to increase the security.

     

    Installing PHP on CentOS 7:

    Install PHP (Hypertext Preprocessor) and related packages using yum command.

    [root@radius-01 ~]# yum install -y php php-mysql php-pear php-devel php-common php-gd php-mbstring php-mcrypt php-xml php-pear-DB Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: centos.mirror.net.in * epel: mirror.horizon.vn * extras: centos.mirror.net.in * updates: centos.mirror.net.in Resolving Dependencies --> Running transaction check ---> Package php.x86_64 0:5.4.16-46.el7 will be installed --> Processing Dependency: php-cli(x86-64) = 5.4.16-46.el7 for package: php-5.4.16-46.el7.x86_64 ---> Package php-common.x86_64 0:5.4.16-46.el7 will be installed ---> Package php-devel.x86_64 0:5.4.16-46.el7 will be installed ---> Package php-gd.x86_64 0:5.4.16-46.el7 will be installed ---> Package php-mbstring.x86_64 0:5.4.16-46.el7 will be installed ---> Package php-mcrypt.x86_64 0:5.4.16-7.el7 will be installed --> Processing Dependency: libmcrypt.so.4()(64bit) for package: php-mcrypt-5.4.16-7.el7.x86_64 ---> Package php-mysql.x86_64 0:5.4.16-46.el7 will be installed --> Processing Dependency: php-pdo(x86-64) = 5.4.16-46.el7 for package: php-mysql-5.4.16-46.el7.x86_64 ---> Package php-pear.noarch 1:1.9.4-21.el7 will be installed --> Processing Dependency: php-posix for package: 1:php-pear-1.9.4-21.el7.noarch ---> Package php-pear-DB.noarch 0:1.7.14-6.el7 will be installed ---> Package php-xml.x86_64 0:5.4.16-46.el7 will be installed --> Running transaction check ---> Package libmcrypt.x86_64 0:2.5.8-13.el7 will be installed ---> Package php-cli.x86_64 0:5.4.16-46.el7 will be installed ---> Package php-pdo.x86_64 0:5.4.16-46.el7 will be installed ---> Package php-process.x86_64 0:5.4.16-46.el7 will be installed --> Finished Dependency Resolution Dependencies Resolved ================================================================================ Package Arch Version Repository Size ================================================================================ Installing: php x86_64 5.4.16-46.el7 base 1.4 M php-common x86_64 5.4.16-46.el7 base 565 k php-devel x86_64 5.4.16-46.el7 base 602 k php-gd x86_64 5.4.16-46.el7 base 128 k php-mbstring x86_64 5.4.16-46.el7 base 505 k php-mcrypt x86_64 5.4.16-7.el7 epel 20 k php-mysql x86_64 5.4.16-46.el7 base 101 k php-pear noarch 1:1.9.4-21.el7 base 357 k php-pear-DB noarch 1.7.14-6.el7 epel 106 k php-xml x86_64 5.4.16-46.el7 base 126 k Installing for dependencies: libmcrypt x86_64 2.5.8-13.el7 epel 99 k php-cli x86_64 5.4.16-46.el7 base 2.7 M php-pdo x86_64 5.4.16-46.el7 base 99 k php-process x86_64 5.4.16-46.el7 base 56 k Transaction Summary ================================================================================ Install 10 Packages (+4 Dependent packages) Total download size: 6.8 M Installed size: 27 M Downloading packages: (1/14): libmcrypt-2.5.8-13.el7.x86_64.rpm | 99 kB 00:01 (2/14): php-5.4.16-46.el7.x86_64.rpm | 1.4 MB 01:00 (3/14): php-devel-5.4.16-46.el7.x86_64.rpm | 602 kB 00:03 (4/14): php-mcrypt-5.4.16-7.el7.x86_64.rpm | 20 kB 00:01 (5/14): php-gd-5.4.16-46.el7.x86_64.rpm | 128 kB 00:05 (6/14): php-mysql-5.4.16-46.el7.x86_64.rpm | 101 kB 00:00 (7/14): php-pdo-5.4.16-46.el7.x86_64.rpm | 99 kB 00:02 (8/14): php-pear-1.9.4-21.el7.noarch.rpm | 357 kB 00:02 (9/14): php-process-5.4.16-46.el7.x86_64.rpm | 56 kB 00:00 (10/14): php-pear-DB-1.7.14-6.el7.noarch.rpm | 106 kB 00:01 (11/14): php-mbstring-5.4.16-46.el7.x86_64.rpm | 505 kB 00:09 (12/14): php-xml-5.4.16-46.el7.x86_64.rpm | 126 kB 00:00 (13/14): php-common-5.4.16-46.el7.x86_64.rpm | 565 kB 00:21 (14/14): php-cli-5.4.16-46.el7.x86_64.rpm | 2.7 MB 01:38 -------------------------------------------------------------------------------- Total 70 kB/s | 6.8 MB 01:38 Running transaction check Running transaction test Transaction test succeeded Running transaction Installing : php-common-5.4.16-46.el7.x86_64 1/14 Installing : php-cli-5.4.16-46.el7.x86_64 2/14 Installing : php-process-5.4.16-46.el7.x86_64 3/14 Installing : php-pdo-5.4.16-46.el7.x86_64 4/14 Installing : php-xml-5.4.16-46.el7.x86_64 5/14 Installing : 1:php-pear-1.9.4-21.el7.noarch 6/14 Installing : libmcrypt-2.5.8-13.el7.x86_64 7/14 Installing : php-mcrypt-5.4.16-7.el7.x86_64 8/14 Installing : php-pear-DB-1.7.14-6.el7.noarch 9/14 Installing : php-mysql-5.4.16-46.el7.x86_64 10/14 Installing : php-5.4.16-46.el7.x86_64 11/14 Installing : php-devel-5.4.16-46.el7.x86_64 12/14 Installing : php-mbstring-5.4.16-46.el7.x86_64 13/14 Installing : php-gd-5.4.16-46.el7.x86_64 14/14 Verifying : php-pear-DB-1.7.14-6.el7.noarch 1/14 Verifying : php-mcrypt-5.4.16-7.el7.x86_64 2/14 Verifying : php-mysql-5.4.16-46.el7.x86_64 3/14 Verifying : php-mbstring-5.4.16-46.el7.x86_64 4/14 Verifying : php-gd-5.4.16-46.el7.x86_64 5/14 Verifying : php-process-5.4.16-46.el7.x86_64 6/14 Verifying : php-cli-5.4.16-46.el7.x86_64 7/14 Verifying : php-pdo-5.4.16-46.el7.x86_64 8/14 Verifying : php-5.4.16-46.el7.x86_64 9/14 Verifying : php-common-5.4.16-46.el7.x86_64 10/14 Verifying : libmcrypt-2.5.8-13.el7.x86_64 11/14 Verifying : php-devel-5.4.16-46.el7.x86_64 12/14 Verifying : php-xml-5.4.16-46.el7.x86_64 13/14 Verifying : 1:php-pear-1.9.4-21.el7.noarch 14/14 Installed: php.x86_64 0:5.4.16-46.el7 php-common.x86_64 0:5.4.16-46.el7 php-devel.x86_64 0:5.4.16-46.el7 php-gd.x86_64 0:5.4.16-46.el7 php-mbstring.x86_64 0:5.4.16-46.el7 php-mcrypt.x86_64 0:5.4.16-7.el7 php-mysql.x86_64 0:5.4.16-46.el7 php-pear.noarch 1:1.9.4-21.el7 php-pear-DB.noarch 0:1.7.14-6.el7 php-xml.x86_64 0:5.4.16-46.el7 Dependency Installed: libmcrypt.x86_64 0:2.5.8-13.el7 php-cli.x86_64 0:5.4.16-46.el7 php-pdo.x86_64 0:5.4.16-46.el7 php-process.x86_64 0:5.4.16-46.el7 Complete!

    Restart httpd.service to load changes, made by PHP installation.

    [root@radius-01 ~]# systemctl restart httpd.service

     

    Installing freeRADIUS on CentOS 7:

    freeRADIUS and relevant packages are available through CentOS base repository. Therefore, we can easily install it using yum command.

    [root@radius-01 ~]# yum install -y freeradius freeradius-utils freeradius-mysql Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: centos.excellmedia.net * extras: centos.excellmedia.net * updates: centos.excellmedia.net Resolving Dependencies --> Running transaction check ---> Package freeradius.x86_64 0:3.0.13-9.el7_5 will be installed --> Processing Dependency: libtalloc.so.2(TALLOC_2.0.2)(64bit) for package: freeradius-3.0.13-9.el7_5.x86_64 --> Processing Dependency: libtalloc.so.2()(64bit) for package: freeradius-3.0.13-9.el7_5.x86_64 --> Processing Dependency: libpcap.so.1()(64bit) for package: freeradius-3.0.13-9.el7_5.x86_64 --> Processing Dependency: libnaaeap.so.0()(64bit) for package: freeradius-3.0.13-9.el7_5.x86_64 ---> Package freeradius-mysql.x86_64 0:3.0.13-9.el7_5 will be installed ---> Package freeradius-utils.x86_64 0:3.0.13-9.el7_5 will be installed --> Running transaction check ---> Package libpcap.x86_64 14:1.5.3-11.el7 will be installed ---> Package libtalloc.x86_64 0:2.1.13-1.el7 will be installed ---> Package tncfhh-libs.x86_64 0:0.8.3-16.el7 will be installed --> Processing Dependency: tncfhh = 0.8.3 for package: tncfhh-libs-0.8.3-16.el7.x86_64 --> Processing Dependency: boost-thread for package: tncfhh-libs-0.8.3-16.el7.x86_64 --> Processing Dependency: boost-system for package: tncfhh-libs-0.8.3-16.el7.x86_64 --> Processing Dependency: libxerces-c-3.1.so()(64bit) for package: tncfhh-libs-0.8.3-16.el7.x86_64 --> Processing Dependency: libtncutil.so.0()(64bit) for package: tncfhh-libs-0.8.3-16.el7.x86_64 --> Processing Dependency: liblog4cxx.so.10()(64bit) for package: tncfhh-libs-0.8.3-16.el7.x86_64 --> Processing Dependency: libboost_thread-mt.so.1.53.0()(64bit) for package: tncfhh-libs-0.8.3-16.el7.x86_64 --> Processing Dependency: libboost_system-mt.so.1.53.0()(64bit) for package: tncfhh-libs-0.8.3-16.el7.x86_64 --> Running transaction check ---> Package boost-system.x86_64 0:1.53.0-27.el7 will be installed ---> Package boost-thread.x86_64 0:1.53.0-27.el7 will be installed ---> Package log4cxx.x86_64 0:0.10.0-16.el7 will be installed --> Processing Dependency: libaprutil-1.so.0()(64bit) for package: log4cxx-0.10.0-16.el7.x86_64 --> Processing Dependency: libapr-1.so.0()(64bit) for package: log4cxx-0.10.0-16.el7.x86_64 ---> Package tncfhh.x86_64 0:0.8.3-16.el7 will be installed ---> Package tncfhh-utils.x86_64 0:0.8.3-16.el7 will be installed ---> Package xerces-c.x86_64 0:3.1.1-9.el7 will be installed --> Running transaction check ---> Package apr.x86_64 0:1.4.8-3.el7_4.1 will be installed ---> Package apr-util.x86_64 0:1.5.2-6.el7 will be installed --> Finished Dependency Resolution Dependencies Resolved ================================================================================ Package Arch Version Repository Size ================================================================================ Installing: freeradius x86_64 3.0.13-9.el7_5 base 1.1 M freeradius-mysql x86_64 3.0.13-9.el7_5 base 90 k freeradius-utils x86_64 3.0.13-9.el7_5 base 221 k Installing for dependencies: apr x86_64 1.4.8-3.el7_4.1 base 103 k apr-util x86_64 1.5.2-6.el7 base 92 k boost-system x86_64 1.53.0-27.el7 base 40 k boost-thread x86_64 1.53.0-27.el7 base 57 k libpcap x86_64 14:1.5.3-11.el7 base 138 k libtalloc x86_64 2.1.13-1.el7 base 32 k log4cxx x86_64 0.10.0-16.el7 base 452 k tncfhh x86_64 0.8.3-16.el7 base 680 k tncfhh-libs x86_64 0.8.3-16.el7 base 160 k tncfhh-utils x86_64 0.8.3-16.el7 base 33 k xerces-c x86_64 3.1.1-9.el7 base 878 k Transaction Summary ================================================================================ Install 3 Packages (+11 Dependent packages) Total download size: 4.0 M Installed size: 12 M Downloading packages: (1/14): boost-thread-1.53.0-27.el7.x86_64.rpm | 57 kB 00:00 (2/14): freeradius-mysql-3.0.13-9.el7_5.x86_64.rpm | 90 kB 00:00 (3/14): apr-1.4.8-3.el7_4.1.x86_64.rpm | 103 kB 00:01 (4/14): freeradius-utils-3.0.13-9.el7_5.x86_64.rpm | 221 kB 00:00 (5/14): libtalloc-2.1.13-1.el7.x86_64.rpm | 32 kB 00:00 (6/14): apr-util-1.5.2-6.el7.x86_64.rpm | 92 kB 00:02 (7/14): libpcap-1.5.3-11.el7.x86_64.rpm | 138 kB 00:01 (8/14): log4cxx-0.10.0-16.el7.x86_64.rpm | 452 kB 00:01 (9/14): tncfhh-utils-0.8.3-16.el7.x86_64.rpm | 33 kB 00:00 (10/14): boost-system-1.53.0-27.el7.x86_64.rpm | 40 kB 00:00 (11/14): tncfhh-libs-0.8.3-16.el7.x86_64.rpm | 160 kB 00:02 (12/14): xerces-c-3.1.1-9.el7.x86_64.rpm | 878 kB 00:03 (13/14): tncfhh-0.8.3-16.el7.x86_64.rpm | 680 kB 00:06 (14/14): freeradius-3.0.13-9.el7_5.x86_64.rpm | 1.1 MB 00:09 -------------------------------------------------------------------------------- Total 406 kB/s | 4.0 MB 00:10 Running transaction check Running transaction test Transaction test succeeded Running transaction Installing : boost-system-1.53.0-27.el7.x86_64 1/14 Installing : boost-thread-1.53.0-27.el7.x86_64 2/14 Installing : 14:libpcap-1.5.3-11.el7.x86_64 3/14 Installing : apr-1.4.8-3.el7_4.1.x86_64 4/14 Installing : xerces-c-3.1.1-9.el7.x86_64 5/14 Installing : libtalloc-2.1.13-1.el7.x86_64 6/14 Installing : apr-util-1.5.2-6.el7.x86_64 7/14 Installing : log4cxx-0.10.0-16.el7.x86_64 8/14 Installing : tncfhh-utils-0.8.3-16.el7.x86_64 9/14 Installing : tncfhh-0.8.3-16.el7.x86_64 10/14 Installing : tncfhh-libs-0.8.3-16.el7.x86_64 11/14 Installing : freeradius-3.0.13-9.el7_5.x86_64 12/14 Installing : freeradius-mysql-3.0.13-9.el7_5.x86_64 13/14 Installing : freeradius-utils-3.0.13-9.el7_5.x86_64 14/14 Verifying : freeradius-mysql-3.0.13-9.el7_5.x86_64 1/14 Verifying : boost-system-1.53.0-27.el7.x86_64 2/14 Verifying : freeradius-utils-3.0.13-9.el7_5.x86_64 3/14 Verifying : libtalloc-2.1.13-1.el7.x86_64 4/14 Verifying : tncfhh-utils-0.8.3-16.el7.x86_64 5/14 Verifying : tncfhh-0.8.3-16.el7.x86_64 6/14 Verifying : freeradius-3.0.13-9.el7_5.x86_64 7/14 Verifying : xerces-c-3.1.1-9.el7.x86_64 8/14 Verifying : apr-util-1.5.2-6.el7.x86_64 9/14 Verifying : apr-1.4.8-3.el7_4.1.x86_64 10/14 Verifying : tncfhh-libs-0.8.3-16.el7.x86_64 11/14 Verifying : 14:libpcap-1.5.3-11.el7.x86_64 12/14 Verifying : log4cxx-0.10.0-16.el7.x86_64 13/14 Verifying : boost-thread-1.53.0-27.el7.x86_64 14/14 Installed: freeradius.x86_64 0:3.0.13-9.el7_5 freeradius-mysql.x86_64 0:3.0.13-9.el7_5 freeradius-utils.x86_64 0:3.0.13-9.el7_5 Dependency Installed: apr.x86_64 0:1.4.8-3.el7_4.1 apr-util.x86_64 0:1.5.2-6.el7 boost-system.x86_64 0:1.53.0-27.el7 boost-thread.x86_64 0:1.53.0-27.el7 libpcap.x86_64 14:1.5.3-11.el7 libtalloc.x86_64 0:2.1.13-1.el7 log4cxx.x86_64 0:0.10.0-16.el7 tncfhh.x86_64 0:0.8.3-16.el7 tncfhh-libs.x86_64 0:0.8.3-16.el7 tncfhh-utils.x86_64 0:0.8.3-16.el7 xerces-c.x86_64 0:3.1.1-9.el7 Complete!

    Start and enable radiusd.service.

    [root@radius-01 ~]# systemctl start radiusd.service [root@radius-01 ~]# systemctl enable radiusd.service Created symlink from /etc/systemd/system/multi-user.target.wants/radiusd.service to /usr/lib/systemd/system/radiusd.service.

    Allow RADIUS service in Linux firewall.

    [root@radius-01 ~]# firewall-cmd --permanent --add-service=radius success [root@radius-01 ~]# firewall-cmd --reload success

     

    Configure freeRADIUS to use MariaDB database:

    By default, freeRADIUS uses flat-files to store data. Therefore, we have to configure it to use MariaDB database as its repository.

    Use the following script to create database objects.

    [root@radius-01 ~]# mysql -u root -p radius < /etc/raddb/mods-config/sql/main/mysql/schema.sql Enter password:

    You can either copy sql module from /etc/raddb/mods-available/sql or create using following script.

    [root@radius-01 ~]# vi /etc/raddb/mods-enabled/sql

    Add following lines therein:

    sql { driver = "rlm_sql_mysql" dialect = "mysql" # Connection info: server = "localhost" port = 3306 login = "radius" password = "123" # Database table configuration for everything except Oracle radius_db = "radius" } # Set to "yes" to read radius clients from the database ("nas" table) # Clients will ONLY be read on server startup. read_clients = yes # Table to keep radius client info client_table = "nas"

    Adjust file permissions.

    [root@radius-01 ~]# chgrp -h radiusd /etc/raddb/mods-enabled/sql

    Restart radiusd.service.

    [root@radius-01 ~]# systemctl restart radiusd.service

     

    Installing daloRADIUS on CentOS 7:

    daloRADIUS is open source and distributed under GPL 2.0 license. It’s complete source is available at GitHub.

    [root@radius-01 ~]# wget https://github.com/lirantal/daloradius/archive/master.zip --2019-04-25 19:37:58-- https://github.com/lirantal/daloradius/archive/master.zip Resolving github.com (github.com)... 192.30.253.112, 192.30.253.113 Connecting to github.com (github.com)|192.30.253.112|:443... connected. HTTP request sent, awaiting response... 302 Found Location: https://codeload.github.com/lirantal/daloradius/zip/master [following] --2019-04-25 19:37:59-- https://codeload.github.com/lirantal/daloradius/zip/master Resolving codeload.github.com (codeload.github.com)... 192.30.253.121, 192.30.253.120 Connecting to codeload.github.com (codeload.github.com)|192.30.253.121|:443... connected. HTTP request sent, awaiting response... 200 OK Length: unspecified [application/zip] Saving to: âmaster.zip.1â [ <=> ] 5,447,362 386KB/s in 14s 2019-04-25 19:38:14 (375 KB/s) - âmaster.zip.1â saved [5447362]

    Unzip downloaded file.

    [root@radius-01 ~]# unzip master.zip ... inflating: daloradius-master/rep-logs-system.php inflating: daloradius-master/rep-logs.php inflating: daloradius-master/rep-main.php inflating: daloradius-master/rep-newusers.php inflating: daloradius-master/rep-online.php inflating: daloradius-master/rep-stat-cron.php inflating: daloradius-master/rep-stat-raid.php inflating: daloradius-master/rep-stat-server.php inflating: daloradius-master/rep-stat-services.php inflating: daloradius-master/rep-stat-ups.php inflating: daloradius-master/rep-status.php inflating: daloradius-master/rep-topusers.php inflating: daloradius-master/rep-username.php inflating: daloradius-master/update.php

    Place the extracted directory at the document root of Apache Web server.

    [root@radius-01 ~]# rm -f master.zip [root@radius-01 ~]# mv daloradius-master/ /var/www/html/daloradius

    Restore SELinux security context as follows.

    [root@radius-01 ~]# restorecon -Rv /var/www/html/daloradius/ ... restorecon reset /var/www/html/daloradius/rep-stat-services.php context unconfined_u:object_r:admin_home_t:s0->unconfined_u:object_r:httpd_sys_content_t:s0 restorecon reset /var/www/html/daloradius/rep-stat-ups.php context unconfined_u:object_r:admin_home_t:s0->unconfined_u:object_r:httpd_sys_content_t:s0 restorecon reset /var/www/html/daloradius/rep-status.php context unconfined_u:object_r:admin_home_t:s0->unconfined_u:object_r:httpd_sys_content_t:s0 restorecon reset /var/www/html/daloradius/rep-topusers.php context unconfined_u:object_r:admin_home_t:s0->unconfined_u:object_r:httpd_sys_content_t:s0 restorecon reset /var/www/html/daloradius/rep-username.php context unconfined_u:object_r:admin_home_t:s0->unconfined_u:object_r:httpd_sys_content_t:s0 restorecon reset /var/www/html/daloradius/update.php context unconfined_u:object_r:admin_home_t:s0->unconfined_u:object_r:httpd_sys_content_t:s0

    Adjust permissions and ownership of daloRADIUS software.

    [root@radius-01 ~]# chown -R apache:apache /var/www/html/daloradius [root@radius-01 ~]# chmod -R 664 /var/www/html/daloradius/library/daloradius.conf.php

    Allow HTTP service in Linux firewall.

    [root@radius-01 ~]# firewall-cmd --permanent --add-service=http success [root@radius-01 ~]# firewall-cmd --reload success

    Create daloRADIUS objects in MariaDB database.

    [root@radius-01 ~]# mysql -u root -p radius < /var/www/html/daloradius/contrib/db/fr2-mysql-daloradius-and-freeradius.sql Enter password: [root@radius-01 ~]# mysql -u root -p radius < /var/www/html/daloradius/contrib/db/mysql-daloradius.sql Enter password:

    Edit daloRADIUS configuration file.

    [root@radius-01 ~]# vi /var/www/html/daloradius/library/daloradius.conf.php

    and define MariaDB database password in it.

    $configValues['CONFIG_DB_PASS'] = '123';

    Browse URL http://radius-01.example.com/daloradius using a client's browser.

    daloradius-login-page-01

    Login using default credentials i.e.

    Username: administrator
    Password: radius

    daloradius-homepage-01

    freeRADIUS and daloRADIUS has been installed on CentOS 7.

    Install freeRADIUS with daloRADIUS on CentOS 7


    YOU MIGHT ALSO LIKE:

    17 comments:

    1. Hi Dear
      Hope you are good
      when i apply the command below i got error :
      chgrp: cannot access '/etc/raddb/mods-enabled/sql': No such file or directoryhgrp -h radiusd /etc/raddb/mods-enabled/sql

      what is the solution for this

      ReplyDelete
      Replies
      1. Hi,
        Thanks for highlighting the problem.
        The above article has been corrected now.
        You can continue from the step "Configure freeRADIUS to use MariaDB database:".

        Delete
    2. Hi,
      Do you think you could explain how to get the logs working following installation as they show as unreadable in the gui and services show as disabled

      ReplyDelete
      Replies
      1. Check the user rights and SELinux file contexts on the log files.

        Delete
    3. please , how I change the password of daloradius ( OS: Centos 7) ?

      ReplyDelete
      Replies
      1. The login information is located in operator table in MariaDB. You can change the password here.

        Delete
    4. Hello, first thanks for this tutorial!

      I followed step by step, but i get this error after logging in the GUI :
      Database connection error
      Error Message: DB Error: connect failed

      Do you know what it could be ?
      Giacomo

      ReplyDelete
      Replies
      1. Please check daloradius username/password in /var/www/html/daloradius/library/daloradius.conf.php file . Try to connect with MariaDB instance using username/password directly with mysql command.

        Delete
      2. Thanks for your reply, i fixed it!
        Another question, when i add users or Nas from Daloradius GUI i see no changes to the files clients.conf and users (i see no error messages). i am running a Vps with centos 7
        Am i doing something wrong?

        Giacomo

        Delete
      3. Please discuss it on our Facebook Page.

        Delete
      4. Hello there. I am having the same problem. I have tried to look into the conf file you mentioned above and there is like root / 123 for user/pwd combo. but nothing is working and i am getting the same error. i have also tried checking which version of PHP I am using and the version is 5. What should be wrong? I have tried all the combos. I can login using radius/123 with mysql cmd line. But the GUI is not working.

        Delete
      5. I am sorry I just fixed the error by myself. The error was caused due to the bad configuration. I was putting the root as DB user whereas I have to put "radius" as the DB user.

        Delete
    5. Hi I really appreciate the easy apprehensive tutorial.

      I was able to get to the last step but i am getting the error for logging the Daloradius website.
      It comes up with the login page but after I put the cred, it comes up with error

      This page isn’t working 172.17.51.52 is currently unable to handle this request.
      HTTP ERROR 500

      Do you know what could be cause of this?

      Thanks,

      ReplyDelete
      Replies
      1. Hi, Thanks for appreciation.

        HTTP ERROR 500 is a generic error. Please look for actual error in /var/log/httpd/error_log and /var/log/radius.log

        Delete
    6. Hi,
      When I try to login with credentials created using daloRADIUS I get following error:
      (5) sql: ERROR: rlm_sql_mysql: ERROR 1054 (Unknown column 'acctupdatetime' in 'field list'): 42S22
      Do You know how I can fix this?

      Thanks,

      ReplyDelete
      Replies
      1. Hi,
        Please ensure that you are using compatible versions of MySQL, FreeRadius and DaloRadius.

        Delete