我有过去在Ubuntu 12上安装和configurationfreeradius 3.0.0的厨师收据。 我修改了它,以便在Ubuntu 16.04上安装和configurationfreeradius 3.0.15。 Freeradius从选项安装源
--prefix="/" --exec-prefix="/usr" --with-logdir="/var/log/freeradius" --with-raddbdir="/etc/freeradius" --datarootdir="/usr/share" --with-experimental-modules --with-openssl --with-openssl-includes=/usr/include/openssl --with-openssl-libraries=/usr/bin python 2.7和pymongo被安装(脚本连接到mongodb)
服务始于没有错误。
systemctl status freeradius ● freeradius.service - LSB: Radius Daemon Loaded: loaded (/etc/init.d/freeradius; bad; vendor preset: enabled) Active: active (running) since Wed 2017-08-09 07:36:54 EDT; 2s ago Docs: man:systemd-sysv-generator(8) Process: 16481 ExecStop=/etc/init.d/freeradius stop (code=exited, status=0/SUCCESS) Process: 17524 ExecStart=/etc/init.d/freeradius start (code=exited, status=0/SUCCESS) Tasks: 9 Memory: 18.5M CPU: 155ms CGroup: /system.slice/freeradius.service └─17531 /usr/sbin/radiusd Aug 09 07:36:54 test3 systemd[1]: Starting LSB: Radius Daemon... Aug 09 07:36:54 test3 freeradius[17524]: * Starting FreeRADIUS daemon freeradius Aug 09 07:36:54 test3 freeradius[17524]: ...done. Aug 09 07:36:54 test3 systemd[1]: Started LSB: Radius Daemon.
Python模块似乎没问题。
# Instantiating module "python" from file /etc/freeradius/mods-enabled/python Python version: 2.7.12 (default, Nov 19 2016, 06:48:10) [GCC 5.4.0 20160609]
猫/ etc / freeradius / mods-enabled / python
python { module = org-freeradius python_path = "${modconfdir}/${.:name}:/usr/lib/python2.7:/usr/local/lib/python2.7/dist-packages" mod_instantiate = ${.module} func_instantiate = instantiate mod_detach = ${.module} func_detach = instantiate mod_authorize = ${.module} func_authorize = authorize mod_authenticate = ${.module} # func_authenticate = authenticate mod_preacct = ${.module} # func_preacct = preacct mod_accounting = ${.module} func_accounting = accounting mod_checksimul = ${.module} # func_checksimul = checksimul mod_pre_proxy = ${.module} # func_pre_proxy = pre_proxy mod_post_proxy = ${.module} # func_post_proxy = post_proxy mod_post_auth = ${.module} # func_post_auth = post_auth mod_recv_coa = ${.module} # func_recv_coa = recv_coa mod_send_coa = ${.module} # func_send_coa = send_coa }
但是当客户端(外部强大的服务器)发送授权请求时,我得到的是radius-X模式
(2) Received Access-Request Id 47 from 1.1.1.1:59626 to 2.2.2.2:1812 length 184 (2) User-Name = "58f9ad1729827239168b456c" (2) NAS-Port-Type = Virtual (2) Service-Type = Framed-User (2) NAS-Port = 1 (2) NAS-Port-Id = "ikev2-cert" (2) NAS-IP-Address = 1.1.1.1 (2) Called-Station-Id = "1.1.1.1[4500]" (2) Calling-Station-Id = "3.3.3.3[48691]" (2) EAP-Message = 0x0200001d01353866396164313732393832373233393136386234353663 (2) NAS-Identifier = "strongSwan" (2) Message-Authenticator = 0x9bcf5d6bba3958bf76de39130f400af8 (2) # Executing section authorize from file /etc/freeradius/sites-enabled/org (2) authorize { (2) [preprocess] = ok (2) [python] = fail (2) } # authorize = fail (2) Invalid user: [58f9ad1729827239168b456c] (from client qa1.orgcom.com port 1 cli 3.3.3.3[48691]) (2) Using Post-Auth-Type Reject
这是python脚本本身的问题吗? 生产半径使用2.7.3版本,新服务器有2.7.12