General :: Configure Radius To Run Script Under Different User
Oct 12, 2010
My startup script for Radius now works so it starts at boot time, the script is in /etc/init.d and looks like this
#!/bin/sh
/usr/local/sbin/radiusd -d /usr/local/var/log/radius/radacct/ -d /usr/local/etc/raddb/
After rebooting radius starts up automatically which is what I want.
However for security I dont want this to run under root, but I want to it run under a user and group called support
I have edited the radius.conf file and added
# for some finer-grained access controls.
#
user = support
group = support
[Code]....
View 5 Replies
ADVERTISEMENT
Sep 25, 2009
i want to authenticate user (client) via switch to the radius server(CentOS)Can anyone tell me the authentication/authorization configuration that should be made in the switch (huawei) and the radius server(centos).Esp. the main files under /etc/raddb/ in the Server& the configuration to be made under the radius server template "test"( as of my case)...
View 1 Replies
View Related
Sep 30, 2010
I have installed FreeRadius to a Debian Linux server.
I have configured an account called Support to run the Radius as I didnt want Root to be the user to run this.
I want Radius to start up automatically after the system is rebooted but I don�t know how to do this. I am new to Linux so please bare with me. If the system is rebooted, is it possible for the Support account to be logged in automatically? Is there a script I can create to automatically login the Support account? This may not be secure but it has been requested. Also the main question is after a reboot can the Radius be configured to automatically start without the need for someone to login? So if the system is rebooted and then goes back to login prompt, can the Radius then be running?
I have had a good search about scripts but with my limited knowledge it isnt too easy.
So far Ive read it says to create a script in /etc/init.d which Ive done and named start-my-radius.sh I think Ive made It execuatable by chmod 777, if thats right?
The script looks like this:
But I dont know if thats even right? The radiusd is located in the /usr/local/sbin/ and the radacct and radius.log is located in / usr/local/var/log/radius
Some stuff I have read says it needs to link into /etc/rc.d but there isnt a rc.d directory, I have other rc directories which are rc1.d rc6.d.
After reading it also said something about using rc.radiusd which will automatically start Radius after a reboot, but again I cannot understand exactly what I need to do.
Let me know if I am on the right track? Will the start-my-radius.sh script work after the system is rebooted without someone actually login and how do I get it to work?
View 1 Replies
View Related
May 12, 2011
How do you configure a Windows (preferably latest version) machine for a Linux power user, so that s/he can get most out of it?if all you have to add is a one-liner, your answer will be converted to a comment.
View 7 Replies
View Related
Oct 3, 2010
i want to use squid with free radius and mysql. i am able to authenticate user if i am changing client browser. but i want to do authetication authorization and accounting without doing any change in client browser( transparent mode).
View 5 Replies
View Related
Jun 18, 2010
I configured FTP server on Fedora 7.0 . I create different users with different password. I also create seprate directory for each FTP user. All are working . When I use filezilla for connecting that FTP site I can access all the directory on that server.
Now I want to configure that no any FTP user can access other FTP users directory or any other directory in server machine . What I do for this .
View 1 Replies
View Related
Sep 24, 2010
I am running Ubuntu 10.04 with current updates. I installed MS Office 2007 suite using WINE - the other users are not comfortable with OpenOffice. There are no issues with the installation, but it is in my user home path so it doesn't appear in the WINE config when I log in as another user. Should I start over with a generic user account and re-install Office/ WINE under that user?
View 2 Replies
View Related
Oct 11, 2010
I have created a Radius startup script in /etc/init.d for Debian which looks like this:
Now this works but when I boot my server it shows as ready to process requests and it doesnt login. I cant get a login prompt. If I do a CTRL C to try close this it doesnt work and just shows CTRL C on the screen, I can type in kill radius but nothing happens.
I guess its because my script is in debugging mode, most of the suggestions for a script said I should use:
However the radiusd a doesnt work and if I try to run using command radiusd in it comes up and says invalid command and I dont have the option to use
So if this script runs on my server, I could connect to the server through a putty session via port 22 and log on fine and do what I need too, but if I try to connect to the server directly after boot its just sitting on ready to process requests and I cannot do anything when directly at the server. On one particular server I didnt have the network confg right so I couldnt putty to it and now Im a bit stuck. Will I need to rebuild my server? As I canït break out of this ready to process requests and I cannot login as its just sitting there, I have tried connecting through serial management via my laptop but I cant do anything this way either the only way I could do anything was if I could get through to the server on putty.
There must be a way when directly at the server to cancel the radius and get logged in? As Ive mentioned CTRL C doesnt work. I can get to the ok prompt but not sure what command to use and if I could change the network config at the ok prompt or if I could somehow cancel the startup script at the ok prompt? I thought I could use the init commands to start the server without the script starting but the init commands don�t work and the server just sits there.
Also I guess I shouldnt be using radius X in my startup script, to prevent this problem is there something else I should be using? I tried using radius x (the small x) and I hit enter and then no process for radius starts .
View 1 Replies
View Related
Dec 27, 2010
I need to set up a Radius server for use in an ISP which will be wireless internet only.
I had thought to use Centos maybe and install and somehow configure Freeradius.
I have little experience with Linux, but am a Windows Admin, and use Linux a little.
My questions would be: Is there a best distro that i should use?? I have used Ubuntu the most, but not sure if it is best to use for this project.
Freeradius website has documentation but it doesnt tell me much about how to get it all up and running, What we want is Authentication and Accounting and from what i can see Freeradius is a good option? Is there anything better that i can use? We will be eventually having approximately 5000 clients.
View 3 Replies
View Related
Jul 19, 2010
Now i am setting up wifi hot spot with this guide. During this set up i got this error, after i type command #sudo radtest "John Doe" hello 127.0.0.1 0 radiussecret "radclient: no response from server for ID 47 socket 3"
View 5 Replies
View Related
Jul 19, 2010
Now i am setting up wifi hot spot with this guide. During this set up i got this error,after i type command #sudo radtest "John Doe" hello 127.0.0.1 0 radiussecret"radclient: no response from server for ID 47 socket 3"
View 1 Replies
View Related
Jul 1, 2011
This sounds like an old topic. I have an active user account in my system that I don't want it to be listed in GDM greeter. In the past (prior to Gnome 3), it can be achieved by configuring the "Exclude" option of the "greeter" section in the Custom.conf or by creating the user account with UID smaller than MinimalUID. But it seems the same old trick does not work for me in Gnome 3. I have tried the "Exclude" option with no effect at all. Using the UID approach only solves my problem partially, as it only exclude it in the GDM greeter during "switch user" but it still being shown in the list in the initial greeter after a cold boot.
Anyone know how to do this in Gnome 3?
View 4 Replies
View Related
Aug 7, 2011
I'd like to try to sell my old laptop. Although it's unlikely that somebody would like to buy and even more unlikely that this person would like to have Xubuntu on it I still want to do a clean install. The only question is how should I configure the user name. I mean if a buyer would like to keep Xubuntu but change the name how it is done? What do you have when you for example buying a Dell laptop with Ubuntu pre-installed?
View 3 Replies
View Related
Jun 10, 2009
i installed freeradius 2.1.3 on fedora 10 and want to use it with ieee802.1x using peap.when i run command to start radius service in debug mode the following output come
[root@Fedora ~]# radiusd -X FreeRADIUS Version 2.1.3, for host i386-redhat-linux-gnu, built on Dec 8 2008 at 15:31:31 Copyright (C) 1999-2008 The FreeRADIUS server project and contributors. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE. You may redistribute copies of FreeRADIUS under the terms of the
GNU General Public License v2.
[Code]...
View 1 Replies
View Related
Jul 16, 2010
i have a project from my boss to make radius server on fedora 13 i 686. can u tell the step by step how to build radius server on fedora 13???? thx u for sharing
View 3 Replies
View Related
May 20, 2011
I just wanted to share something with you all. If this belongs somewhere else let me know.I got the idea from this thread.I wanted the show mouse effect to not rotate around my mouse (just a preference)and have the emitters directly under my cursor. So by editing two files it gave me the desired effect to an extent.
1. Just in case back up your compiz settings.
2. Open a terminal and type - sudo nautilus . It'll ask for your admin password.
3. The file manager should now be open, go to /usr/share/compiz/showmouse.xml copy the file and rename the copy to showmouse.xml.bak.
4. Open showmouse.xml with the text editor.
5. Scroll down to the bottom and look for the "radius" section. Go to the <min>10</min> entry and change it to 2. Save.
6. Go to /usr/lib/compiz/libshowmouse.so copy the file and rename the copy to libshowmouse.so.bak.
7. Open the file with Ghex and search for the string radius on the right side of the search box.
8. It'll look like a jumble of words, but look after the word radius and find <min>10</min> change to 2. Save.
9.Compiz should now disable itself.
10. Reboot and re-enable Compiz and try out the show mouse plugin, it should now allow you to use a smaller radius.
View 1 Replies
View Related
Sep 12, 2010
creating a radius server. i need info regarding books or webpages.
View 4 Replies
View Related
Jan 26, 2011
I have intalled RADIUS server on one machine which has fedora 10. I have installed freeradius-server-2.1.10 on it(server machine IP 10.150.110.42).
I have one more machine with redhat linux on which i have installed pam_radius-1.3.17(client machine IP 10.150.113.4).
I have done the follwoing configuration at both sides
SERVER SIDE.
users file
"vijay" Auth-Type := Local, Cleartext-Password == "123qwe", NAS-IP-Address == "10.150.113.4"
Reply-Message = "Hello, %u"
[Code]....
Above mentioned is my configuration. when i try to connect client with SSH it is not sending a request for authenticating user to RADIUS server. what else configuration i have to do, or if there are any mistakes in my configuration
View 2 Replies
View Related
Sep 30, 2010
I have installed FreeRadius to a Debian Linux server.I have configured an account called Support to run the Radius as I didn't want Root to be the user to run this.I want Radius to start up automatically after the system is rebooted but I don't know how to do this. I am new to Linux so please bare with me. If the system is rebooted, is it possible for the Support account to be logged in automatically? Is there a script I can create to automatically login the Support account? This may not be secure but it has been requested. Also the main question is after a reboot can the Radius be configured to automatically start without the need for someone to login? So if the system is rebooted and then goes back to login prompt, can the Radius then be running?
I have had a good search about scripts but with my limited knowledge it isn't too easy.
After reading it also said something about using rc.radiusd which will automatically start Radius after a reboot, but again I cannot understand exactly what I need to do.Please can someone help out with this and let me know if I am on the right track? Will the start-my-radius.sh script work after the system is rebooted without someone actually login and how do I get it to work?Please explain clearly as this is all a bit technical for my liking and not understanding it well!
View 2 Replies
View Related
May 9, 2010
Are there any tools (gui?) that make the xkb configuration easier? I know xev, but that sadly only displays the keycode and the character, but not the shortcuts like <LSGT> that xkb is using internally. I am stuck with the old problem of improperly mapped keys on my German Apple Aluminium Keyboard. My old workarounds that worked with Hardy and Karmic (modified "de" files in /usr/share/X11/xkb/symbols) do not work anymore in Lucid.
View 1 Replies
View Related
Apr 27, 2011
I am novice user of linux. I need to know how to configure firewall so my system cant be compromised...In windows my system was greatly compromised. keyloggers were installed without my approval and my desktop was taken on remote. What should I do so without my knowledge no software can be installed and i can close all ports and only open which ever port is required to open. What should i do so my desktop cant be taken on remote?How do I configure user rights ? So except me no one can install any software. I will have another general user id for internet surfing
View 3 Replies
View Related
Jul 6, 2011
Can some one help me to configure vsftpd with Virtual and System user
View 37 Replies
View Related
Mar 22, 2016
How to configure Web authentication against RADIUS server on Debian Jessie, because the package libapache2-mod-auth-radius is not available on debian mirrors.
I would like to know what happened to this package and what is the newest way to configure radius auth. Some people have told me to compile this package, but is there not an easier way to do that?
View 1 Replies
View Related
Apr 5, 2010
I was asked to setup 802.1x Port Based Authentication for users connecting to a Managed Cisco Switch. From what I was told, it should work like this:
- User plugs workstation into switch.
- Workstation asks user for radius credentials.
- Workstation is then able to authenticate to the Radius server.
- After workstation is authenticated, the switchport then becomes unrestricted and allows the workstation to communicate on the network.
View 1 Replies
View Related
Jun 25, 2010
this is all I need simple VPN with authentication to external Radius server. Here is what I have done to try and get this goal accomplished. 1st try using PPTPD and Radius plugin No matter what I have tried (long explanation here [URL].. I can't get PPTPD to talk to my Radius server, even though I can authenticate using the same server and radius server using pam radius. PPTPD just won't, and so far the POTOP mail list has been quiet since my post to them and no replies/ideas in my other post, see forum link above.
2nd try using OpenVPN and their pam auth plugin. I give up on this one! I have the server working great BUT! As soon as I enable the plugin /usr/lib/openvpn/openvpn-auth-pam.so in the config I get this when trying to start the VPN server. kernel: [3725586.167177] openvpn[28364]: segfault at 0 ip 00007fd6e5e38fb4 sp 00007fff434f18f0 error 4 in openvpn-auth-pam.so[7fd6e5e38000+3000] Google turns up nothing on Segfaults on the openvpn-auth-pam.so Ug at my wits end, anybody have any other suggestions? I'm at a total loss ATM.
View 1 Replies
View Related
Apr 27, 2011
I am novice user of linux. I need to know how to configure firewall so my system cant be compromised...In windows my system was greatly compromised. keyloggers were installed without my approval and my desktop was taken on remote.What should I do so without my knowledge no software can be installed and i can close all ports and only open which ever port is required to open. What should i do so my desktop cant be taken on remote?How do I configure user rights? So only root and one admin can install softwares and no one else.
View 5 Replies
View Related
Sep 16, 2010
I am using Mandriva 8 as my local server, i want to configure sftp sever by which particular user can access particular directory of our local server by using ftp client, can anyone tell me how can i do it?
View 1 Replies
View Related
Jun 21, 2011
how to configure redhat squid in graphical user interface and uses of squid
View 2 Replies
View Related
Jun 10, 2009
i installed freeradius 2.1.3 on fedora 10 and want to use it with ieee802.1x using peap. when i run command to start radius service in debug mode the following output come
[Code]....
View 4 Replies
View Related
Nov 30, 2010
I'm trying to recompile racoon with libradius support however I'm having issues getting it to play nicely. It appears racoon uses the following implementation of tacacs+libradius [URL] however I'm having trouble compiling it:With a base configure and make I'm receiving the following:
[code]....
View 3 Replies
View Related
