CentOS7源码编译安装FreeRadius3.17

泰山神

　　（一）环境简介
1.OS:Centos7.4
2.软件：Freeradiusd3.17（ftp://ftp.freeradius.org/pub/freeradius/freeradius-server-3.0.17.tar.gz）
3.网站：https://freeradius.org/
　　（二）安装
1.yum安装所需的依赖包

[root@localhost raddb]#yum install  openssl openssl-devel libtalloc-devel libtalloc*  -y
[root@localhost raddb]#yum install openldap-devel python-devel  -y
　　2.解压和编译安装。由于编译安装默认的路径是/usr/local/etc/raddb/下

[root@localhost opt]#wget ftp://ftp.freeradius.org/pub/freeradius/freeradius-server-3.0.17.tar.gz
[root@localhost opt]# tar xf freeradius-server-3.0.17.tar.gz
[root@localhost opt]#cd freeradius-server-3.0.17
[root@localhost freeradius-server-3.0.17]#./configure
[root@localhost freeradius-server-3.0.17]#make && make install
[root@localhost freeradius-server-3.0.17]# cd /usr/local/etc/raddb/
[root@localhost raddb]# ls
certs         experimental.conf  mods-available  panic.gdb   radiusd.conf     sites-enabled   users
clients.conf  hints              mods-config     policy.d    README.rst       templates.conf
dictionary    huntgroups         mods-enabled    proxy.conf  sites-available  trigger.conf
　　3.配置radiusd启动服务文件

[root@localhost ~]# groupadd radiusd
[root@localhost ~]# useradd -g radiusd radiusd -s /sbin/nologin
[root@localhost ~]# vim /usr/lib/systemd/system/radiusd.service
[Unit]
Description=FreeRADIUS high performance RADIUS server.
After=syslog.target network.target ipa.service dirsrv.target krb5kdc.service
[Service]
Type=forking
PIDFile=/usr/local/var/run/radiusd/radiusd.pid
ExecStartPre=-/bin/chown -R radiusd.radiusd /usr/local/var/run/radiusd
ExecStartPre=/usr/local/sbin/radiusd -C
ExecStart=/usr/local/sbin/radiusd -d /usr/local/etc/raddb
ExecReload=/usr/local/sbin/radiusd -C
ExecReload=/bin/kill -HUP $MAINPID
[Install]
WantedBy=multi-user.target
　　4.创建启动服务

[root@localhost opt]# systemctl enable radiusd
[root@localhost opt]# systemctl start radiusd
[root@localhost opt]# systemctl status radiusd
● radiusd.service - FreeRADIUS high performance RADIUS server.
Loaded: loaded (/usr/lib/systemd/system/radiusd.service; enabled; vendor preset: disabled)
Active: active (running) since Tue 2018-08-14 14:11:51 CST; 13min ago
Main PID: 26259 (radiusd)
CGroup: /system.slice/radiusd.service
└─26259 /usr/local/sbin/radiusd -d /usr/local/etc/raddb
Aug 14 14:11:51 localhost.localdomain systemd[1]: Starting FreeRADIUS high performance RADIUS server....
Aug 14 14:11:51 localhost.localdomain systemd[1]: Started FreeRADIUS high performance RADIUS server..
[root@localhost opt]# systemctl restart radiusd
[root@localhost opt]# systemctl status radiusd
● radiusd.service - FreeRADIUS high performance RADIUS server.
Loaded: loaded (/usr/lib/systemd/system/radiusd.service; enabled; vendor preset: disabled)
Active: active (running) since Tue 2018-08-14 14:25:31 CST; 1s ago
Process: 29267 ExecStart=/usr/local/sbin/radiusd -d /usr/local/etc/raddb (code=exited, status=0/SUCCESS)
Process: 29263 ExecStartPre=/usr/local/sbin/radiusd -C (code=exited, status=0/SUCCESS)
Process: 29261 ExecStartPre=/bin/chown -R radiusd.radiusd /usr/local/var/run/radiusd (code=exited, status=0/SUCCESS)
Main PID: 29270 (radiusd)
CGroup: /system.slice/radiusd.service
└─29270 /usr/local/sbin/radiusd -d /usr/local/etc/raddb
Aug 14 14:25:31 localhost.localdomain systemd[1]: Starting FreeRADIUS high performance RADIUS server....
Aug 14 14:25:31 localhost.localdomain systemd[1]: Started FreeRADIUS high performance RADIUS server..
　　备注：如果系统是centos6.x以下的版本，具体配置如下

[root@FreeRadius2 raddb]# cp /usr/local/sbin/rc.radiusd /etc/init.d/radiused
[root@FreeRadius2 raddb]# /etc/init.d/radiused start
　　当出现报错的时候“/usr/local/etc/raddb/mods-enabled/ldap[1]: Failed to link to module 'rlm_ldap': /usr/local/lib/rlm_ldap.so: cannot open shared object file: No such file or directory
”
造成服务起不来是由于编译的时候出现warning时编译rlm_ldap失败造成的。需要libldap2-dev 库文件

=== configuring in src/modules/rlm_ldap (/opt/freeradius-server-3.0.17/src/modules/rlm_ldap)
configure: running /bin/sh ./configure --disable-option-checking '--prefix=/usr/local'  --cache-file=../../../config.cache --srcdir=.
configure: loading cache ../../../config.cache
checking for gcc... (cached) gcc
checking for C compiler default output file name... a.out
> checking whether the C compiler works... yes
> checking whether we are cross compiling... no
> checking for suffix of executables...
> checking for suffix of object files... o
> checking whether we are using the GNU C compiler... yes
> checking whether gcc accepts -g... yes
> checking for gcc option to accept ISO C89... none needed
> checking for pthread_create in -lpthread... yes
> checking for ldap_init in -lldap_r... no
> checking for ldap.h... no
> configure: WARNING: silently not building rlm_ldap.
> configure: WARNING: FAILURE: rlm_ldap requires:  libldap_r ldap.h.
> configure: creating ./config.status
> config.status: creating Makefile
　　解决办法是
[root@localhost mods-available]# yum install openldap-devel python-devel  -y
既可以解决。