Next: , Previous: , Up: The GNU Radius   [Contents][Index]

3 How to Start the Daemon.

When started radiusd uses the configuration values from the following sources (in order of increasing precedence):

Whenever a command line options has its equivalent in config file the use of this equivalent should be preferred (see Run-Time Configuration Options — raddb/config).

The following command line options are accepted:

-A
--log-auth-detail

Enable detailed authentication logging. When this option is specified each authentication request is logged to the file radacct/NASNAME/detail.auth, where NASNAME is replaced by the short name of the NAS from raddb/naslist Naming Conventions.

Config file equivalent: auth { detail yes; };.

-a dir
--acct-directory=dir

Specify accounting directory.

Config file equivalent: option { acct-dir dir; };.

-b
--dbm

Enable DBM support.

Config file equivalent: usedbm yes;.

-d dir
--config-directory=dir
--directory D

Specify alternate configuration directory. Default is /usr/local/etc/raddb.

-f
--foreground

Stay in foreground. We recommend to use it for debugging purposes only.

-i ip
--ip-address=ip

Specifies the IP address radiusd will listen on. If this option is not specified, the program will listen on all IP addresses, assigned to the machine it runs on.

Config file equivalent: option { source-ip ip; };.

Note that listen statement in raddb/config provides a better control over IP addresses to listen on (see auth statement, and see acct statement).

-l dir
--logging-directory dir

Specify alternate logging directory.

Config file equivalent: option { log-dir dir; };.

-mb
--mode=b

“Builddbm” mode. Builds a DBM version of a plaintext users database. builddbm.

-mc
--mode=c

Check configuration files and exit. All errors are reported via usual log channels.

-mt
--mode=t

Test mode. In this mode radiusd starts an interactive interpreter which allows to test various aspects of its configuration.

-N
--auth-only

Process only authentication requests.

-n
--do-not-resolve

Do not resolve IP addresses for diagnostic output. This can reduce the amount of network traffic and speed up the server.

Config file equivalent: option { resolve no };.

-p portno
--port portno

Listen the UDP port portno. The accounting port is computed as portno + 1.

-P dir
--pid-file-dir=dir

Specifies the alternate path for the pidfile.

-S
--log-stripped-names

Log usernames stripped off any prefixes/suffixes.

Config file equivalent: auth { strip-names yes };.

-s
--single-process

Run in single process mode. This is for debugging purposes only. We strongly recommend against using this option. Use it only when absolutely necessary.

-v
--version

Display program version and compilation options.

-x debug_level
--debug debug_level

Set debugging level. Argument is a comma-separated list of assignments in the forms 

module
module = level

where module is the module name or any non-ambiguous assignment thereof, and level is the debugging level in the range 0-100. Debugging

Config file equivalent: 

logging {
        category debug {
                level debug_level;
        };
};
-y
--log-auth

Log authentications. With this option enabled, Radius will log any authentication attempt into its log file Logging.

Config file equivalent: logging { category auth { detail yes; }; }; .

-z
--log-auth-pass

Log passwords along with authentication information. Do not use this option. It is very insecure, since all users’ passwords will be echoed in the logfile. This option is provided only for debugging purposes.

Config file equivalent: 

logging {
        category auth {
                print-pass yes;
        };
};

See Run-Time Configuration Options — raddb/config.

Next: Radius Configuration Files, Previous: How Radius Operates, Up: The GNU Radius   [Contents][Index]