#---------------------------------------------------------------------------------------------------------
#安裝freeradius-mysql
yum -y install freeradius-mysql
#---------------------------------------------------------------------------------------------------------
#建立radiusdb資料庫跟帳號
mysql -u root -p
mysql> CREATE DATABASE radiusdb;
mysql> GRANT ALL ON radiusdb.* TO radius@localhost IDENTIFIED BY "radpasswd";
mysql> flush privileges;
#匯入資料庫表格
mysql -u root -p radiusdb < /etc/raddb/mods-config/sql/main/mysql/schema.sql
#---------------------------------------------------------------------------------------------------------
#建立軟連結來啟用sql模組,並且修改擁有群組
ln -s /etc/raddb/mods-available/sql /etc/raddb/mods-enabled/
chgrp -h radiusd /etc/raddb/mods-enabled/sql
#---------------------------------------------------------------------------------------------------------
#編輯sql連線設定
vim /etc/raddb/mods-available/sql
driver = "rlm_sql_mysql"
dialect = "mysql"
server = "localhost"
port = 3306
login = "radius"
password = "radpasswd"
radius_db = "radiusdb"
#---------------------------------------------------------------------------------------------------------
#新增測試user資料到mysql的radcheck表格
use radiusdb;
INSERT INTO radcheck (id, username, attribute, op, value) VALUES (1,'testuser','Cleartext-Password',':=','testpassword');
INSERT INTO radcheck (id, username, attribute, op, value) VALUES (2,'jean','Cleartext-Password',':=','jeanww');
#進行測試
radtest testuser testpassword 127.0.0.1 0 testing123
radtest jean jeanww 127.0.0.1 0 testing123
#---------------------------------------------------------------------------------------------------------
#調整FreeRadius啟動順序
FreeRadius必須在資料庫啟動之後啟動,在[Unit]部分,增加After=mariadb.service,如下圖所示:
# vim /etc/systemd/system/multi-user.target.wants/radiusd.service
After=mysqld.service
[Unit]
Description=FreeRADIUS high performance RADIUS server.
After=syslog.target network.target ipa.service dirsrv.target krb5kdc.service mysqld.service