[Installation] FreeRadius Ubuntu / Debian

Fermé
twentycent - 20 mai 2009 à 12:16
rahmaiyed123 Messages postés 82 Date d'inscription mercredi 11 février 2015 Statut Membre Dernière intervention 4 décembre 2015 - 24 avril 2015 à 13:02
Bonjour à tous, dans le cadre de ma formation je dois monter un serveur radius sur une machine virtuel avec virtualbox.
Le tout servirai au futur réseau Wifi que je devrais metre en place.
Les serveurs et autres postes utilisateurs de mon entreprise sont sur Windows (Serv. 2003 et XP).
Alors j'ai cherché dans pas mal de tutorial, mais à chaque fois je bloque à différent endroit, sur ma Ubuntu, j'ai fait ceci :


apt-get install make gcc g++ wget openssl

Téléchargement de la dernière version stable de openssl
www.openssl.org

tar zxvf openssl-0.9.8k.tar.gz
cd openssl-0.9.8k
./config --prefix=/usr/local/openssl-certgen shared
make && make install


Configuration de OpenSSL

gedit /usr/local/openssl-certgen/ssl/openssl.cnf

Voici ce que j'ai modifié:

countryName_default = FR
localityName_default = Ma Ville
0.organizationName_default = NOM de mon entreprise
emailAddress_default = adresse@entreprise.com


Génération des certificats

mkdir /root/certs
cd /root/certs


Lancement de la génération du certificat

./CA.root

A chaque question j'ai tappé "Entrée"

./CA.svr serveur

A chaque question j'ai tappé "Entrée" sauf pour

Common Name (eg, YOUR name) []:serveur

./CA.clt client


A chaque question j'ai tappé "Entrée" sauf pour

Common Name (eg, YOUR name) []:client

Installation de FreeRadius

apt-get install libssl-dev snmp libltdl3-dev

Téléchargement de la dernière version stable de freeradius
https://freeradius.org/

tar zxvf freeradius-2.1.4.tar.gz
cd freeradius-2.1.4


Configuration de la compilation

./configure --sysconfdir=/etc/ --without-rlm_sql_iodbc --withoutrlm_
eap_sim --without-rlm_eap_gtc --without-rlm_x99_token --withoutrlm_
sql_unixodbc --without-rlm_sql_oracle --without-rlm_ldap --
without-rlm_sql_postgresql --without-rlm_ippool --without-rlm_dbm --
without-rlm_counter --without-rlm_attr_rewrite --without-rlm_pam --
without-rlm_eap_ttls --without-rlm_radump --without-rlm_dbm --withoutrlm_
eap_peap --without-rlm_krb5 --silent --disable-shared


Et la j'ai pas mal d'erreur :

appending configuration tag "CXX" to libtool
appending configuration tag "F77" to libtool
configure: WARNING: pcap library not found, silently disabling the RADIUS sniffer.
config.status: WARNING: ./Make.inc.in seems to ignore the --datarootdir setting
config.status: WARNING: ./src/include/build-radpaths-h.in seems to ignore the --datarootdir setting
*** module rlm_attr_rewrite is disabled.
*** module rlm_counter is disabled.
*** module rlm_dbm is disabled.
*** module rlm_eap_ttls is disabled.
configure: creating ./config.status
config.status: creating Makefile
config.status: creating config.h
config.status: config.h is unchanged
checking for gcc... gcc
checking for C compiler default output file name... a.out
checking whether the C compiler works... yes
checking whether we are cross compiling... no
checking for suffix of executables...
checking for suffix of object files... o
checking whether we are using the GNU C compiler... yes
checking whether gcc accepts -g... yes
checking for gcc option to accept ISO C89... none needed
checking for exchangeTNCCSMessages in -lTNCS... no
configure: WARNING: the TNCS library isn't found!
configure: WARNING: silently not building rlm_eap_tnc.
configure: WARNING: FAILURE: rlm_eap_tnc requires: -lTNCS.
configure: creating ./config.status
config.status: creating Makefile
checking for gcc... gcc
checking for C compiler default output file name... a.out
checking whether the C compiler works... yes
checking whether we are cross compiling... no
checking for suffix of executables...
checking for suffix of object files... o
checking whether we are using the GNU C compiler... yes
checking whether gcc accepts -g... yes
checking for gcc option to accept ISO C89... none needed
checking how to run the C preprocessor... gcc -E
checking for grep that handles long lines and -e... /bin/grep
checking for egrep... /bin/grep -E
checking for ANSI C header files... yes
checking for sys/types.h... yes
checking for sys/stat.h... yes
checking for stdlib.h... yes
checking for string.h... yes
checking for memory.h... yes
checking for strings.h... yes
checking for inttypes.h... yes
checking for stdint.h... yes
checking for unistd.h... yes
checking malloc.h usability... yes
checking malloc.h presence... yes
checking for malloc.h... yes
checking for ikev2_set_log_callback in -leap-ikev2... no
checking EAPIKEv2/connector.h usability... no
checking EAPIKEv2/connector.h presence... no
checking for EAPIKEv2/connector.h... no
configure: WARNING: silently not building rlm_eap_ikev2.
configure: WARNING: FAILURE: rlm_eap_ikev2 requires: libeap-ikev2 EAPIKEv2/connector.h.
configure: creating ./config.status
config.status: creating Makefile
*** module rlm_eap_peap is disabled.
configure: creating ./config.status
config.status: creating Makefile
config.status: creating config.h
config.status: config.h is unchanged
checking for OpenSSL support... yes
checking for gcc... gcc
checking for C compiler default output file name... a.out
checking whether the C compiler works... yes
checking whether we are cross compiling... no
checking for suffix of executables...
checking for suffix of object files... o
checking whether we are using the GNU C compiler... yes
checking whether gcc accepts -g... yes
checking for gcc option to accept ISO C89... none needed
checking for EVP_sha256 in -lc -lcrypto -lssl -lcrypto... yes
configure: creating ./config.status
config.status: creating Makefile
config.status: creating config.h
config.status: config.h is unchanged
*** module rlm_ippool is disabled.
*** module rlm_krb5 is disabled.
*** module rlm_ldap is disabled.
*** module rlm_pam is disabled.
*** module rlm_sql_iodbc is disabled.
*** module rlm_sql_postgresql is disabled.
*** module rlm_sql_oracle is disabled.
*** module rlm_sql_unixodbc is disabled.


J'ai déja réussis à en enlever quelque une, en installant des paquets avec apt-get, mais il y en a plein que je ne trouve pas.

Ensuite si je fais un :


make && make install

voici la fin où il y a aussi des erreurs :

(cd .libs && gcc -g -O2 -c -fno-builtin "radiusdS.c")
rm -f .libs/radiusdS.c .libs/radiusd.nm .libs/radiusd.nmS .libs/radiusd.nmT
gcc .libs/radiusdS.o -static -o radiusd acct.o auth.o client.o conffile.o crypt.o exec.o files.o listen.o log.o mainconfig.o modules.o modcall.o radiusd.o stats.o session.o threads.o util.o valuepair.o version.o xlat.o event.o realms.o evaluate.o vmps.o detail.o -Wl,--export-dynamic ../modules/rlm_acctlog/.libs/rlm_acctlog.a ../modules/rlm_acct_unique/.libs/rlm_acct_unique.a ../modules/rlm_always/.libs/rlm_always.a ../modules/rlm_attr_filter/.libs/rlm_attr_filter.a ../modules/rlm_chap/.libs/rlm_chap.a ../modules/rlm_checkval/.libs/rlm_checkval.a ../modules/rlm_copy_packet/.libs/rlm_copy_packet.a ../modules/rlm_detail/.libs/rlm_detail.a ../modules/rlm_digest/.libs/rlm_digest.a ../modules/rlm_eap/.libs/rlm_eap.a ../modules/rlm_exec/.libs/rlm_exec.a ../modules/rlm_expiration/.libs/rlm_expiration.a ../modules/rlm_expr/.libs/rlm_expr.a ../modules/rlm_fastusers/.libs/rlm_fastusers.a ../modules/rlm_files/.libs/rlm_files.a ../modules/rlm_linelog/.libs/rlm_linelog.a ../modules/rlm_logintime/.libs/rlm_logintime.a ../modules/rlm_mschap/.libs/rlm_mschap.a ../modules/rlm_otp/.libs/rlm_otp.a ../modules/rlm_pap/.libs/rlm_pap.a ../modules/rlm_passwd/.libs/rlm_passwd.a ../modules/rlm_perl/.libs/rlm_perl.a -L/usr/local/lib -L/usr/lib/perl/5.10/CORE -lperl -lc ../modules/rlm_preprocess/.libs/rlm_preprocess.a ../modules/rlm_python/.libs/rlm_python.a -L/usr/lib/python2.6/config -lutil -lpython2.6 ../modules/rlm_radutmp/.libs/rlm_radutmp.a ../modules/rlm_realm/.libs/rlm_realm.a ../modules/rlm_sql/.libs/rlm_sql.a ../modules/rlm_sqlcounter/.libs/rlm_sqlcounter.a ../modules/rlm_sqlippool/.libs/rlm_sqlippool.a ../modules/rlm_sql_log/.libs/rlm_sql_log.a ../modules/rlm_unix/.libs/rlm_unix.a ../modules/rlm_policy/.libs/rlm_policy.a ../modules/rlm_dynamic_clients/.libs/rlm_dynamic_clients.a ../modules/rlm_eap/types/rlm_eap_md5/.libs/rlm_eap_md5.a ../modules/rlm_eap/types/rlm_eap_leap/.libs/rlm_eap_leap.a ../modules/rlm_eap/types/rlm_eap_tls/.libs/rlm_eap_tls.a ../modules/rlm_eap/types/rlm_eap_sim/.libs/rlm_eap_sim.a /home/user/Bureau/freeradius-server-2.1.4/src/modules/rlm_eap/libeap/.libs/libfreeradius-eap.a ../modules/rlm_eap/types/rlm_eap_mschapv2/.libs/rlm_eap_mschapv2.a ../modules/rlm_eap/types/rlm_eap_gtc/.libs/rlm_eap_gtc.a ../modules/rlm_sql/drivers/rlm_sql_mysql/.libs/rlm_sql_mysql.a -L/usr/lib/mysql /usr/lib/libmysqlclient_r.so -lm -lz ../modules/rlm_eap/libeap/.libs/libfreeradius-eap.a /home/user/Bureau/freeradius-server-2.1.4/src/lib/.libs/libfreeradius-radius.a -lnsl -lresolv -lpthread -lcrypt /usr/lib/libltdl.so -ldl -lssl -lcrypto
mainconfig.o: In function `switch_users':
/home/user/Bureau/freeradius-server-2.1.4/src/main/mainconfig.c:554: warning: Using 'initgroups' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
listen.o: In function `command_socket_parse':
/home/user/Bureau/freeradius-server-2.1.4/src/main/command.c:1709: warning: Using 'getgrnam' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/lib/gcc/i486-linux-gnu/4.3.3/../../../../lib/libperl.a(pp_sys.o): In function `Perl_pp_sgrent':
/build/buildd/perl-5.10.0/pp_sys.c:5339: warning: Using 'setgrent' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/lib/gcc/i486-linux-gnu/4.3.3/../../../../lib/libperl.a(pp_sys.o): In function `Perl_pp_egrent':
/build/buildd/perl-5.10.0/pp_sys.c:5350: warning: Using 'endgrent' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/lib/gcc/i486-linux-gnu/4.3.3/../../../../lib/libperl.a(pp_sys.o): In function `Perl_pp_ggrent':
/build/buildd/perl-5.10.0/pp_sys.c:5286: warning: Using 'getgrent_r' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/build/buildd/perl-5.10.0/pp_sys.c:5282: warning: Using 'getgrgid_r' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/build/buildd/perl-5.10.0/pp_sys.c:5278: warning: Using 'getgrnam_r' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
listen.o: In function `command_socket_parse':
/home/user/Bureau/freeradius-server-2.1.4/src/main/command.c:1696: warning: Using 'getpwnam' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/lib/gcc/i486-linux-gnu/4.3.3/../../../../lib/libperl.a(pp_sys.o): In function `Perl_pp_spwent':
/build/buildd/perl-5.10.0/pp_sys.c:5251: warning: Using 'setpwent' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/lib/gcc/i486-linux-gnu/4.3.3/../../../../lib/libperl.a(pp_sys.o): In function `Perl_pp_epwent':
/build/buildd/perl-5.10.0/pp_sys.c:5262: warning: Using 'endpwent' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/lib/gcc/i486-linux-gnu/4.3.3/../../../../lib/libperl.a(pp_sys.o): In function `Perl_pp_gpwent':
/build/buildd/perl-5.10.0/pp_sys.c:5103: warning: Using 'getpwent_r' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/build/buildd/perl-5.10.0/pp_sys.c:5092: warning: Using 'getpwnam_r' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/build/buildd/perl-5.10.0/pp_sys.c:5098: warning: Using 'getpwuid_r' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/build/buildd/perl-5.10.0/pp_sys.c:5154: warning: Using 'getspnam_r' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/lib/gcc/i486-linux-gnu/4.3.3/../../../../lib/libperl.a(pp_sys.o): In function `Perl_pp_ghostent':
/build/buildd/perl-5.10.0/pp_sys.c:4656: warning: Using 'gethostbyaddr_r' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/build/buildd/perl-5.10.0/pp_sys.c:4644: warning: Using 'gethostbyname_r' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/lib/gcc/i486-linux-gnu/4.3.3/../../../../lib/libperl.a(pp_sys.o): In function `Perl_pp_shostent':
/build/buildd/perl-5.10.0/pp_sys.c:4927: warning: Using 'sethostent' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/lib/gcc/i486-linux-gnu/4.3.3/../../../../lib/libperl.a(pp_sys.o): In function `Perl_pp_ehostent':
/build/buildd/perl-5.10.0/pp_sys.c:4971: warning: Using 'endhostent' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/lib/gcc/i486-linux-gnu/4.3.3/../../../../lib/libperl.a(pp_sys.o): In function `Perl_pp_ghostent':
/build/buildd/perl-5.10.0/pp_sys.c:4663: warning: Using 'gethostent_r' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/lib/gcc/i486-linux-gnu/4.3.3/../../../../lib/libperl.a(pp_sys.o): In function `Perl_pp_gnetent':
/build/buildd/perl-5.10.0/pp_sys.c:4740: warning: Using 'getnetbyaddr_r' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/lib/gcc/i486-linux-gnu/4.3.3/../../../../lib/libperl.a(pp_sys.o): In function `Perl_pp_snetent':
/build/buildd/perl-5.10.0/pp_sys.c:4938: warning: Using 'setnetent' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/lib/gcc/i486-linux-gnu/4.3.3/../../../../lib/libperl.a(pp_sys.o): In function `Perl_pp_enetent':
/build/buildd/perl-5.10.0/pp_sys.c:4983: warning: Using 'endnetent' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/lib/gcc/i486-linux-gnu/4.3.3/../../../../lib/libperl.a(pp_sys.o): In function `Perl_pp_gnetent':
/build/buildd/perl-5.10.0/pp_sys.c:4747: warning: Using 'getnetent_r' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/build/buildd/perl-5.10.0/pp_sys.c:4731: warning: Using 'getnetbyname_r' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/lib/gcc/i486-linux-gnu/4.3.3/../../../../lib/libperl.a(pp_sys.o): In function `Perl_pp_gprotoent':
/build/buildd/perl-5.10.0/pp_sys.c:4812: warning: Using 'getprotobynumber_r' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/lib/gcc/i486-linux-gnu/4.3.3/../../../../lib/libperl.a(pp_sys.o): In function `Perl_pp_sprotoent':
/build/buildd/perl-5.10.0/pp_sys.c:4949: warning: Using 'setprotoent' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/lib/gcc/i486-linux-gnu/4.3.3/../../../../lib/libperl.a(pp_sys.o): In function `Perl_pp_eprotoent':
/build/buildd/perl-5.10.0/pp_sys.c:4995: warning: Using 'endprotoent' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/lib/gcc/i486-linux-gnu/4.3.3/../../../../lib/libperl.a(pp_sys.o): In function `Perl_pp_gprotoent':
/build/buildd/perl-5.10.0/pp_sys.c:4819: warning: Using 'getprotoent_r' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/build/buildd/perl-5.10.0/pp_sys.c:4804: warning: Using 'getprotobyname_r' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
listen.o: In function `listen_bind':
/home/user/Bureau/freeradius-server-2.1.4/src/main/listen.c:1137: warning: Using 'getservbyname' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/lib/gcc/i486-linux-gnu/4.3.3/../../../../lib/libperl.a(pp_sys.o): In function `Perl_pp_gservent':
/build/buildd/perl-5.10.0/pp_sys.c:4865: warning: Using 'getservbyname_r' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/build/buildd/perl-5.10.0/pp_sys.c:4877: warning: Using 'getservbyport_r' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/lib/gcc/i486-linux-gnu/4.3.3/../../../../lib/libperl.a(pp_sys.o): In function `Perl_pp_sservent':
/build/buildd/perl-5.10.0/pp_sys.c:4960: warning: Using 'setservent' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/lib/gcc/i486-linux-gnu/4.3.3/../../../../lib/libperl.a(pp_sys.o): In function `Perl_pp_eservent':
/build/buildd/perl-5.10.0/pp_sys.c:5007: warning: Using 'endservent' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/lib/gcc/i486-linux-gnu/4.3.3/../../../../lib/libperl.a(pp_sys.o): In function `Perl_pp_gservent':
/build/buildd/perl-5.10.0/pp_sys.c:4884: warning: Using 'getservent_r' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/bin/ld: attempted static link of dynamic object `/usr/lib/libmysqlclient_r.so'
collect2: ld returned 1 exit status
rm -f .libs/radiusdS.o
make[4]: *** [radiusd] Erreur 1
make[4]: quittant le répertoire « /home/user/Bureau/freeradius-server-2.1.4/src/main »
make[3]: *** [common] Erreur 2
make[3]: quittant le répertoire « /home/user/Bureau/freeradius-server-2.1.4/src »
make[2]: *** [all] Erreur 2
make[2]: quittant le répertoire « /home/user/Bureau/freeradius-server-2.1.4/src »
make[1]: *** [common] Erreur 2
make[1]: quittant le répertoire « /home/user/Bureau/freeradius-server-2.1.4 »
make: *** [all] Erreur 2


J'ai suivis le Tuto : Guide d'installation par La Goutte Alexis
nom du fichier : InstallationFreeradiusEAP-TLSmysqlv1.0.1.pdf
Lien : http://blog.igut.fr/public/InstallationFreeradiusEAP-TLSmysqlv1.0.1.pdf

Etant à la base que sur Windows j'avourai que linux ma bien troublé et dépayser, mais cela ma permis de m'initier et j'en susi fort content.

Voila, j'espère que quelqun pourrait m'aider par des réponses simples que je pourrai comprendre car je suis vraiment un débutant ^^

Merci d'avance et à bientôt

2 réponses

pyschopathe Messages postés 1974 Date d'inscription dimanche 2 mars 2008 Statut Membre Dernière intervention 22 mars 2010 135
20 mai 2009 à 12:31
Hello twentycent

Pour commencer, je n'ai pas l'impression que l'appel au script ./configure ait renvoyé des erreurs : il y a quelques warning qui ne semble pas très importants, pour le reste ce sont simplement des messages d'information sur le déroulement du script.

Par contre la compilation se termine bien avec une erreur :
/usr/bin/ld: attempted static link of dynamic object `/usr/lib/libmysqlclient_r.so'
je vais essayer de voir si j'en trouve l'origine.
0
Très bien merci pour ta réponse et tes futures a bientôt ;)
0
salut !!

J'aimerais savoir si tu as résolu ton probleme (usr/bin/ld: attempted static link of dynamic object '/usr/lib/libmysqlclient_r.so' ) j'ai le même. Si oui alors pourrais tu indiqué comment tu t'y es pris
?

Merci d'avance
0
bonjour, non désolé je ne l'ai pas résolu
0
dommage!!! ca fait une semaine que j'essaie de mettre en place une installation de sécurisation wifi (AP-RADIUS-Win2003server). et je bloque toujour au niveau de l'installation de freeradius. si t'a un tuto à me proposer je suis preneur. (PS: je sui sous debian 5.0).

Merci
0
bon si ca peut aider j'ai reussis à résoudre le probleme. Il faut rajouter le chemin des librairies dynamique (a savoir /usr/local/lib) dans le fichier /etc/ld.so.conf. c'est dans ce fichier que le système lit le chemin vers les différentes librairies dont il a besoin pour faire tourner les programmes.

Bien sur, une fois le fichier mis à jour, il faut executer la commande ldconfig. Ca à marché pour moi.

A la prochaine
0
rahmaiyed123 Messages postés 82 Date d'inscription mercredi 11 février 2015 Statut Membre Dernière intervention 4 décembre 2015
24 avril 2015 à 13:02
comment tu fais la génération de certificat je télécharge les fichiers et je tape .CA.root il détourne aucun fichier j'ai pas compris comment se fait
0