（一）环境简介

1.OS:Centos7.42.软件：Freeradiusd3.17（ftp://ftp.freeradius.org/pub/freeradius/freeradius-server-3.0.17.tar.gz）3.网站：

（二）安装

1.yum安装所需的依赖包

[root@localhost raddb]#yum install  openssl openssl-devel libtalloc-devel libtalloc*  -y [root@localhost raddb]#yum install openldap-devel python-devel  -y

2.解压和编译安装。由于编译安装默认的路径是/usr/local/etc/raddb/下

[root@localhost opt]#wget ftp://ftp.freeradius.org/pub/freeradius/freeradius-server-3.0.17.tar.gz[root@localhost opt]# tar xf freeradius-server-3.0.17.tar.gz[root@localhost opt]#cd freeradius-server-3.0.17[root@localhost freeradius-server-3.0.17]#./configure[root@localhost freeradius-server-3.0.17]#make && make install[root@localhost freeradius-server-3.0.17]# cd /usr/local/etc/raddb/[root@localhost raddb]# lscerts         experimental.conf  mods-available  panic.gdb   radiusd.conf     sites-enabled   usersclients.conf  hints              mods-config     policy.d    README.rst       templates.confdictionary    huntgroups         mods-enabled    proxy.conf  sites-available  trigger.conf

3.配置radiusd启动服务文件

[root@localhost ~]# groupadd radiusd[root@localhost ~]# useradd -g radiusd radiusd -s /sbin/nologin[root@localhost ~]# vim /usr/lib/systemd/system/radiusd.service [Unit]Description=FreeRADIUS high performance RADIUS server.After=syslog.target network.target ipa.service dirsrv.target krb5kdc.service[Service]Type=forkingPIDFile=/usr/local/var/run/radiusd/radiusd.pidExecStartPre=-/bin/chown -R radiusd.radiusd /usr/local/var/run/radiusdExecStartPre=/usr/local/sbin/radiusd -CExecStart=/usr/local/sbin/radiusd -d /usr/local/etc/raddbExecReload=/usr/local/sbin/radiusd -CExecReload=/bin/kill -HUP $MAINPID[Install]WantedBy=multi-user.target

4.创建启动服务

[root@localhost opt]# systemctl enable radiusd[root@localhost opt]# systemctl start radiusd[root@localhost opt]# systemctl status radiusd● radiusd.service - FreeRADIUS high performance RADIUS server.   Loaded: loaded (/usr/lib/systemd/system/radiusd.service; enabled; vendor preset: disabled)   Active: active (running) since Tue 2018-08-14 14:11:51 CST; 13min ago Main PID: 26259 (radiusd)   CGroup: /system.slice/radiusd.service           └─26259 /usr/local/sbin/radiusd -d /usr/local/etc/raddbAug 14 14:11:51 localhost.localdomain systemd[1]: Starting FreeRADIUS high performance RADIUS server....Aug 14 14:11:51 localhost.localdomain systemd[1]: Started FreeRADIUS high performance RADIUS server..[root@localhost opt]# systemctl restart radiusd[root@localhost opt]# systemctl status radiusd● radiusd.service - FreeRADIUS high performance RADIUS server.   Loaded: loaded (/usr/lib/systemd/system/radiusd.service; enabled; vendor preset: disabled)   Active: active (running) since Tue 2018-08-14 14:25:31 CST; 1s ago  Process: 29267 ExecStart=/usr/local/sbin/radiusd -d /usr/local/etc/raddb (code=exited, status=0/SUCCESS)  Process: 29263 ExecStartPre=/usr/local/sbin/radiusd -C (code=exited, status=0/SUCCESS)  Process: 29261 ExecStartPre=/bin/chown -R radiusd.radiusd /usr/local/var/run/radiusd (code=exited, status=0/SUCCESS) Main PID: 29270 (radiusd)   CGroup: /system.slice/radiusd.service           └─29270 /usr/local/sbin/radiusd -d /usr/local/etc/raddbAug 14 14:25:31 localhost.localdomain systemd[1]: Starting FreeRADIUS high performance RADIUS server....Aug 14 14:25:31 localhost.localdomain systemd[1]: Started FreeRADIUS high performance RADIUS server..

备注：如果系统是centos6.x以下的版本，具体配置如下

[root@FreeRadius2 raddb]# cp /usr/local/sbin/rc.radiusd /etc/init.d/radiused[root@FreeRadius2 raddb]# /etc/init.d/radiused start

当出现报错的时候“/usr/local/etc/raddb/mods-enabled/ldap[1]: Failed to link to module 'rlm_ldap': /usr/local/lib/rlm_ldap.so: cannot open shared object file: No such file or directory

”造成服务起不来是由于编译的时候出现warning时编译rlm_ldap失败造成的。需要libldap2-dev 库文件

=== configuring in src/modules/rlm_ldap (/opt/freeradius-server-3.0.17/src/modules/rlm_ldap)configure: running /bin/sh ./configure --disable-option-checking '--prefix=/usr/local'  --cache-file=../../../config.cache --srcdir=.configure: loading cache ../../../config.cachechecking for gcc... (cached) gcc checking for C compiler default output file name... a.out > checking whether the C compiler works... yes > checking whether we are cross compiling... no > checking for suffix of executables... > checking for suffix of object files... o > checking whether we are using the GNU C compiler... yes > checking whether gcc accepts -g... yes > checking for gcc option to accept ISO C89... none needed > checking for pthread_create in -lpthread... yes > checking for ldap_init in -lldap_r... no > checking for ldap.h... no > configure: WARNING: silently not building rlm_ldap. > configure: WARNING: FAILURE: rlm_ldap requires:  libldap_r ldap.h. > configure: creating ./config.status > config.status: creating Makefile

解决办法是

[root@localhost mods-available]# yum install openldap-devel python-devel -y

既可以解决。