我正在尝试使用 freeradius 并运行以下命令来安装它。但是在安装过程中,它在服务启动时出错。我在三台不同的 Ubuntu 机器上尝试了这个。
# apt install freeradius
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
freeradius-common freeradius-config freeradius-utils freetds-common libct4 libdbi-perl libfreeradius3 make
Suggested packages:
freeradius-ldap freeradius-postgresql freeradius-mysql freeradius-krb5 snmp libclone-perl libmldbm-perl libnet-daemon-perl libsql-statement-perl make-doc
The following NEW packages will be installed:
freeradius freeradius-common freeradius-config freeradius-utils freetds-common libct4 libdbi-perl libfreeradius3 make
0 upgraded, 9 newly installed, 0 to remove and 71 not upgraded.
Need to get 2,184 kB of archives.
After this operation, 7,925 kB of additional disk space will be used.
Do you want to continue? [Y/n] y
Get:1 http://archive.ubuntu.com/ubuntu bionic-updates/main amd64 freetds-common all 1.00.82-2ubuntu0.1 [24.7 kB]
Get:2 http://archive.ubuntu.com/ubuntu bionic-updates/main amd64 libct4 amd64 1.00.82-2ubuntu0.1 [147 kB]
Get:3 http://archive.ubuntu.com/ubuntu bionic-updates/main amd64 freeradius-common all 3.0.16+dfsg-1ubuntu3.1 [214 kB]
Get:4 http://archive.ubuntu.com/ubuntu bionic/main amd64 make amd64 4.1-9.1ubuntu1 [154 kB]
Get:5 http://archive.ubuntu.com/ubuntu bionic-updates/main amd64 freeradius-config amd64 3.0.16+dfsg-1ubuntu3.1 [150 kB]
Get:6 http://archive.ubuntu.com/ubuntu bionic-updates/main amd64 libfreeradius3 amd64 3.0.16+dfsg-1ubuntu3.1 [180 kB]
Get:7 http://archive.ubuntu.com/ubuntu bionic-updates/main amd64 freeradius amd64 3.0.16+dfsg-1ubuntu3.1 [502 kB]
Get:8 http://archive.ubuntu.com/ubuntu bionic-updates/main amd64 freeradius-utils amd64 3.0.16+dfsg-1ubuntu3.1 [88.3 kB]
Get:9 http://archive.ubuntu.com/ubuntu bionic-updates/main amd64 libdbi-perl amd64 1.640-1ubuntu0.2 [724 kB]
Fetched 2,184 kB in 0s (22.8 MB/s)
Selecting previously unselected package freetds-common.
(Reading database ... 160107 files and directories currently installed.)
Preparing to unpack .../0-freetds-common_1.00.82-2ubuntu0.1_all.deb ...
Unpacking freetds-common (1.00.82-2ubuntu0.1) ...
Selecting previously unselected package libct4:amd64.
Preparing to unpack .../1-libct4_1.00.82-2ubuntu0.1_amd64.deb ...
Unpacking libct4:amd64 (1.00.82-2ubuntu0.1) ...
Selecting previously unselected package freeradius-common.
Preparing to unpack .../2-freeradius-common_3.0.16+dfsg-1ubuntu3.1_all.deb ...
Unpacking freeradius-common (3.0.16+dfsg-1ubuntu3.1) ...
Selecting previously unselected package make.
Preparing to unpack .../3-make_4.1-9.1ubuntu1_amd64.deb ...
Unpacking make (4.1-9.1ubuntu1) ...
Selecting previously unselected package freeradius-config.
Preparing to unpack .../4-freeradius-config_3.0.16+dfsg-1ubuntu3.1_amd64.deb ...
Unpacking freeradius-config (3.0.16+dfsg-1ubuntu3.1) ...
Selecting previously unselected package libfreeradius3.
Preparing to unpack .../5-libfreeradius3_3.0.16+dfsg-1ubuntu3.1_amd64.deb ...
Unpacking libfreeradius3 (3.0.16+dfsg-1ubuntu3.1) ...
Selecting previously unselected package freeradius.
Preparing to unpack .../6-freeradius_3.0.16+dfsg-1ubuntu3.1_amd64.deb ...
Unpacking freeradius (3.0.16+dfsg-1ubuntu3.1) ...
Selecting previously unselected package freeradius-utils.
Preparing to unpack .../7-freeradius-utils_3.0.16+dfsg-1ubuntu3.1_amd64.deb ...
Unpacking freeradius-utils (3.0.16+dfsg-1ubuntu3.1) ...
Selecting previously unselected package libdbi-perl.
Preparing to unpack .../8-libdbi-perl_1.640-1ubuntu0.2_amd64.deb ...
Unpacking libdbi-perl (1.640-1ubuntu0.2) ...
Setting up make (4.1-9.1ubuntu1) ...
Setting up freeradius-common (3.0.16+dfsg-1ubuntu3.1) ...
Adding user freerad to group shadow
Setting up freetds-common (1.00.82-2ubuntu0.1) ...
Setting up libfreeradius3 (3.0.16+dfsg-1ubuntu3.1) ...
Setting up freeradius-config (3.0.16+dfsg-1ubuntu3.1) ...
Adding user freerad to group ssl-cert
Generating DH parameters, 1024 bit long safe prime, generator 2
This is going to take a long time
..................+................+....................................................................................................................................................................................++*++*++*++*++*
Setting up libdbi-perl (1.640-1ubuntu0.2) ...
Setting up libct4:amd64 (1.00.82-2ubuntu0.1) ...
Setting up freeradius-utils (3.0.16+dfsg-1ubuntu3.1) ...
Setting up freeradius (3.0.16+dfsg-1ubuntu3.1) ...
update-rc.d: warning: start and stop actions are no longer supported; falling back to defaults
Job for freeradius.service failed because the control process exited with error code.
See "systemctl status freeradius.service" and "journalctl -xe" for details.
invoke-rc.d: initscript freeradius, action "start" failed.
● freeradius.service - FreeRADIUS multi-protocol policy server
Loaded: loaded (/lib/systemd/system/freeradius.service; disabled; vendor preset: enabled)
Active: activating (auto-restart) (Result: exit-code) since Wed 2021-03-10 12:20:55 UTC; 15ms ago
Docs: man:radiusd(8)
man:radiusd.conf(5)
http://wiki.freeradius.org/
http://networkradius.com/doc/
Process: 32612 ExecStart=/usr/sbin/freeradius $FREERADIUS_OPTIONS (code=exited, status=1/FAILURE)
Process: 32594 ExecStartPre=/usr/sbin/freeradius $FREERADIUS_OPTIONS -Cxm -lstdout (code=exited, status=0/SUCCESS)
Tasks: 0 (limit: 1108)
CGroup: /system.slice/freeradius.service
Mar 10 12:21:00 nx4500-242-19-client freeradius[32624]: rlm_mschap (mschap): using internal authentication
Mar 10 12:21:00 nx4500-242-19-client freeradius[32624]: rlm_detail (auth_log): 'User-Password' suppressed, will not appear in detail output
Mar 10 12:21:00 nx4500-242-19-client freeradius[32624]: Ignoring "sql" (see raddb/mods-available/README.rst)
Mar 10 12:21:00 nx4500-242-19-client freeradius[32624]: Ignoring "ldap" (see raddb/mods-available/README.rst)
Mar 10 12:21:00 nx4500-242-19-client freeradius[32624]: # Skipping contents of 'if' as it is always 'false' -- /etc/freeradius/3.0/sites-enabled/inner-tunnel:331
Mar 10 12:21:00 nx4500-242-19-client freeradius[32624]: radiusd: #### Skipping IP addresses and Ports ####
Mar 10 12:21:00 nx4500-242-19-client freeradius[32624]: Configuration appears to be OK
Mar 10 12:21:00 nx4500-242-19-client systemd[1]: freeradius.service: Control process exited, code=exited status=1
Mar 10 12:21:00 nx4500-242-19-client systemd[1]: freeradius.service: Failed with result 'exit-code'.
Mar 10 12:21:00 nx4500-242-19-client systemd[1]: Failed to start FreeRADIUS multi-protocol policy server.
Mar 10 12:21:05 nx4500-242-19-client systemd[1]: freeradius.service: Service hold-off time over, scheduling restart.
Mar 10 12:21:05 nx4500-242-19-client systemd[1]: freeradius.service: Scheduled restart job, restart counter is at 2.
Mar 10 12:21:05 nx4500-242-19-client systemd[1]: Stopped FreeRADIUS multi-protocol policy server.
Mar 10 12:21:05 nx4500-242-19-client systemd[1]: Starting FreeRADIUS multi-protocol policy server...
Mar 10 12:21:05 nx4500-242-19-client freeradius[32645]: FreeRADIUS Version 3.0.16
Mar 10 12:21:05 nx4500-242-19-client freeradius[32645]: Copyright (C) 1999-2017 The FreeRADIUS server project and contributors
Mar 10 12:21:05 nx4500-242-19-client freeradius[32645]: There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
Mar 10 12:21:05 nx4500-242-19-client freeradius[32645]: PARTICULAR PURPOSE
Mar 10 12:21:05 nx4500-242-19-client freeradius[32645]: You may redistribute copies of FreeRADIUS under the terms of the
Mar 10 12:21:05 nx4500-242-19-client freeradius[32645]: GNU General Public License
Mar 10 12:21:05 nx4500-242-19-client freeradius[32645]: For more information about these matters, see the file named COPYRIGHT
Mar 10 12:21:05 nx4500-242-19-client freeradius[32645]: Starting - reading configuration files ...
Mar 10 12:21:06 nx4500-242-19-client freeradius[32645]: Debugger not attached
Mar 10 12:21:06 nx4500-242-19-client freeradius[32645]: Creating attribute Unix-Group
Mar 10 12:21:06 nx4500-242-19-client freeradius[32645]: tls: Using cached TLS configuration from previous invocation
Mar 10 12:21:06 nx4500-242-19-client freeradius[32645]: tls: Using cached TLS configuration from previous invocation
Mar 10 12:21:06 nx4500-242-19-client freeradius[32645]: [/etc/freeradius/3.0/mods-config/attr_filter/access_reject]:11 Check item "FreeRADIUS-Response-Delay" found in filter list for realm "DEFAULT".
Mar 10 12:21:06 nx4500-242-19-client freeradius[32645]: [/etc/freeradius/3.0/mods-config/attr_filter/access_reject]:11 Check item "FreeRADIUS-Response-Delay-USec" found in filter list for realm "DEFAULT".
Mar 10 12:21:06 nx4500-242-19-client freeradius[32645]: rlm_cache (cache_eap): Driver rlm_cache_rbtree (module rlm_cache_rbtree) loaded and linked
Mar 10 12:21:06 nx4500-242-19-client freeradius[32645]: rlm_mschap (mschap): using internal authentication
Mar 10 12:21:06 nx4500-242-19-client freeradius[32645]: rlm_detail (auth_log): 'User-Password' suppressed, will not appear in detail output
Mar 10 12:21:06 nx4500-242-19-client freeradius[32645]: Ignoring "sql" (see raddb/mods-available/README.rst)
Mar 10 12:21:06 nx4500-242-19-client freeradius[32645]: Ignoring "ldap" (see raddb/mods-available/README.rst)
Mar 10 12:21:06 nx4500-242-19-client freeradius[32645]: # Skipping contents of 'if' as it is always 'false' -- /etc/freeradius/3.0/sites-enabled/inner-tunnel:331
Mar 10 12:21:06 nx4500-242-19-client freeradius[32645]: radiusd: #### Skipping IP addresses and Ports ####
Mar 10 12:21:06 nx4500-242-19-client freeradius[32645]: Configuration appears to be OK
Mar 10 12:21:06 nx4500-242-19-client systemd[1]: freeradius.service: Control process exited, code=exited status=1
Mar 10 12:21:06 nx4500-242-19-client systemd[1]: freeradius.service: Failed with result 'exit-code'.
Mar 10 12:21:06 nx4500-242-19-client systemd[1]: Failed to start FreeRADIUS multi-protocol policy server.
Processing triggers for systemd (237-3ubuntu10.41) ...
Processing triggers for man-db (2.8.3-2ubuntu0.1) ...
Processing triggers for ureadahead (0.100.0-21) ...
Processing triggers for libc-bin (2.27-3ubuntu1.2) ...
我尝试手动重新启动它,下面是 journalctl -xe(与上面相同)。
Mar 10 12:29:25 nx4500-242-19-client systemd[1]: Failed to start FreeRADIUS multi-protocol policy server.
-- Subject: Unit freeradius.service has failed
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit freeradius.service has failed.
--
-- The result is RESULT.
Mar 10 12:29:30 nx4500-242-19-client systemd[1]: freeradius.service: Service hold-off time over, scheduling restart.
Mar 10 12:29:30 nx4500-242-19-client systemd[1]: freeradius.service: Scheduled restart job, restart counter is at 1.
-- Subject: Automatic restarting of a unit has been scheduled
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Automatic restarting of the unit freeradius.service has been scheduled, as the result for
-- the configured Restart= setting for the unit.
Mar 10 12:29:30 nx4500-242-19-client systemd[1]: Stopped FreeRADIUS multi-protocol policy server.
-- Subject: Unit freeradius.service has finished shutting down
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit freeradius.service has finished shutting down.
Mar 10 12:29:30 nx4500-242-19-client systemd[1]: Starting FreeRADIUS multi-protocol policy server...
-- Subject: Unit freeradius.service has begun start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit freeradius.service has begun starting up.
Mar 10 12:29:30 nx4500-242-19-client freeradius[2256]: FreeRADIUS Version 3.0.16
Mar 10 12:29:30 nx4500-242-19-client freeradius[2256]: Copyright (C) 1999-2017 The FreeRADIUS server project and contributors
Mar 10 12:29:30 nx4500-242-19-client freeradius[2256]: There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
Mar 10 12:29:30 nx4500-242-19-client freeradius[2256]: PARTICULAR PURPOSE
Mar 10 12:29:30 nx4500-242-19-client freeradius[2256]: You may redistribute copies of FreeRADIUS under the terms of the
Mar 10 12:29:30 nx4500-242-19-client freeradius[2256]: GNU General Public License
Mar 10 12:29:30 nx4500-242-19-client freeradius[2256]: For more information about these matters, see the file named COPYRIGHT
Mar 10 12:29:30 nx4500-242-19-client freeradius[2256]: Starting - reading configuration files ...
Mar 10 12:29:30 nx4500-242-19-client freeradius[2256]: Debugger not attached
Mar 10 12:29:30 nx4500-242-19-client freeradius[2256]: Creating attribute Unix-Group
Mar 10 12:29:30 nx4500-242-19-client freeradius[2256]: tls: Using cached TLS configuration from previous invocation
Mar 10 12:29:30 nx4500-242-19-client freeradius[2256]: tls: Using cached TLS configuration from previous invocation
Mar 10 12:29:30 nx4500-242-19-client freeradius[2256]: [/etc/freeradius/3.0/mods-config/attr_filter/access_reject]:11 Check item "FreeRADIUS-Response-Delay" found in filter list for realm "DEFAULT".
Mar 10 12:29:30 nx4500-242-19-client freeradius[2256]: [/etc/freeradius/3.0/mods-config/attr_filter/access_reject]:11 Check item "FreeRADIUS-Response-Delay-USec" found in filter list for realm "DEFAULT".
Mar 10 12:29:30 nx4500-242-19-client freeradius[2256]: rlm_cache (cache_eap): Driver rlm_cache_rbtree (module rlm_cache_rbtree) loaded and linked
Mar 10 12:29:30 nx4500-242-19-client freeradius[2256]: rlm_mschap (mschap): using internal authentication
Mar 10 12:29:30 nx4500-242-19-client freeradius[2256]: rlm_detail (auth_log): 'User-Password' suppressed, will not appear in detail output
Mar 10 12:29:30 nx4500-242-19-client freeradius[2256]: Ignoring "sql" (see raddb/mods-available/README.rst)
Mar 10 12:29:30 nx4500-242-19-client freeradius[2256]: Ignoring "ldap" (see raddb/mods-available/README.rst)
Mar 10 12:29:30 nx4500-242-19-client freeradius[2256]: # Skipping contents of 'if' as it is always 'false' -- /etc/freeradius/3.0/sites-enabled/inner-tunnel:331
Mar 10 12:29:30 nx4500-242-19-client freeradius[2256]: radiusd: #### Skipping IP addresses and Ports ####
Mar 10 12:29:30 nx4500-242-19-client freeradius[2256]: Configuration appears to be OK
Mar 10 12:29:31 nx4500-242-19-client systemd[1]: freeradius.service: Control process exited, code=exited status=1
Mar 10 12:29:31 nx4500-242-19-client systemd[1]: freeradius.service: Failed with result 'exit-code'.
Mar 10 12:29:31 nx4500-242-19-client systemd[1]: Failed to start FreeRADIUS multi-protocol policy server.
-- Subject: Unit freeradius.service has failed
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit freeradius.service has failed.
--
-- The result is RESULT.
我是 root。
# whoami
root
Ubuntu 详细信息 -
# cat /etc/*release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=18.04
DISTRIB_CODENAME=bionic
DISTRIB_DESCRIPTION="Ubuntu 18.04.4 LTS"
NAME="Ubuntu"
VERSION="18.04.4 LTS (Bionic Beaver)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 18.04.4 LTS"
VERSION_ID="18.04"
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
VERSION_CODENAME=bionic
UBUNTU_CODENAME=bionic
我从头开始在三台不同的 Ubuntu 机器上做了这个,没有配置。完毕。另外,它说“配置似乎没问题”。
请提出建议。
答案 0 :(得分:1)
我正在寻找一条线,它可以给我任何失败的线索。寻求我认为以不同的方式捕获日志,而不仅仅是依赖于 journalctl 或 systemctl。 所以我使用 freeradius 开关 -l 创建了日志文件。并尝试启动服务,我得到了答案。
# freeradius -l free.log
# service freeradius start
Job for freeradius.service failed because the control process exited with error code.
See "systemctl status freeradius.service" and "journalctl -xe" for details.
# cat free.log
Wed Mar 10 17:48:58 2021 : Info: Starting - reading configuration files ...
Wed Mar 10 17:48:58 2021 : Info: Debugger not attached
Wed Mar 10 17:48:58 2021 : Warning: [/etc/freeradius/3.0/mods-config/attr_filter/access_reject]:11 Check item "FreeRADIUS-Response-Delay" found in filter list for realm "DEFAULT".
Wed Mar 10 17:48:58 2021 : Warning: [/etc/freeradius/3.0/mods-config/attr_filter/access_reject]:11 Check item "FreeRADIUS-Response-Delay-USec" found in filter list for realm "DEFAULT".
Wed Mar 10 17:48:58 2021 : Info: Loaded virtual server <default>
Wed Mar 10 17:48:58 2021 : Warning: Ignoring "sql" (see raddb/mods-available/README.rst)
Wed Mar 10 17:48:58 2021 : Warning: Ignoring "ldap" (see raddb/mods-available/README.rst)
Wed Mar 10 17:48:58 2021 : Info: Loaded virtual server default
Wed Mar 10 17:48:58 2021 : Info: # Skipping contents of 'if' as it is always 'false' -- /etc/freeradius/3.0/sites-enabled/inner-tunnel:331
Wed Mar 10 17:48:58 2021 : Info: Loaded virtual server inner-tunnel
Wed Mar 10 17:48:58 2021 : Error: Failed opening auth address :: port 1812 bound to server default: Address family not supported by protocol
Wed Mar 10 17:48:58 2021 : Error: /etc/freeradius/3.0/sites-enabled/default[234]: Error binding to port for :: port 1812
# cat -n /etc/freeradius/3.0/sites-enabled/default
233 # IPv6 versions of the above - read their full config to understand options
234 listen {
235 type = auth
236 ipv6addr = :: # any. ::1 == localhost
237 port = 0
238 # interface = eth0
239 # clients = per_socket_clients
240 limit {
241 max_connections = 16
242 lifetime = 0
243 idle_timeout = 30
244 }
245 }
246
247 listen {
248 ipv6addr = ::
249 port = 0
250 type = acct
251 # interface = eth0
252 # clients = per_socket_clients
253
254 limit {
255 # max_pps = 0
256 # idle_timeout = 0
257 # lifetime = 0
258 # max_connections = 0
259 }
260 }
罪魁祸首是ipv6。我启用了它,现在很好。
# service freeradius start
#