[ < ] [ > ]   [ << ] [ Up ] [ >> ]         [Top] [Contents] [Index] [ ? ]

3. How to Start the Daemon.

When started radiusd uses the configuration values from the following sources (in order of increasing precedence):

Whenever a command line options has its equivalent in config file the use of this equivalent should be preferred (see section Run-Time Configuration Options — ‘raddb/config).

The following command line options are accepted:


Enable detailed authentication logging. When this option is specified each authentication request is logged to the file ‘radacct/NASNAME/detail.auth’, where NASNAME is replaced by the short name of the NAS from ‘raddb/naslistNaming Conventions.

Config file equivalent: auth { detail yes; };.

-a DIR
--acct-directory DIR

Specify accounting directory.

Config file equivalent: option { acct-dir DIR; };.


Enable DBM support.

Config file equivalent: usedbm yes;.

-d DIR
--config-directory DIR
--directory D

Specify alternate configuration directory. Default is ‘/usr/local/etc/raddb’.


Stay in foreground. We recommend to use it for debugging purposes only.

-i IP

Specifies the IP address radiusd will listen on. If this option is not specified, the program will listen on all IP addresses, assigned to the machine it runs on.

Config file equivalent: option { source-ip IP; };.

Note that listen statement in ‘raddb/config’ provides a better control over IP addresses to listen on (see section auth statement, and see section acct statement).


Display GNU General Public License and exit.

-l DIR
--logging-directory DIR

Specify alternate logging directory.

Config file equivalent: option { log-dir DIR; };.

--mode b

“Builddbm” mode. Builds a DBM version of a plaintext users database. builddbm.

--mode c

Check configuration files and exit. All errors are reported via usual log channels.

--mode t

Test mode. In this mode radiusd starts an interactive interpreter which allows to test various aspects of its configuration.


Process only authentication requests.


Do not resolve IP addresses for diagnostic output. This can reduce the amount of network traffic and speed up the server.

Config file equivalent: option { resolve no };.

--port PORTNO

Listen the UDP port PORTNO. The accounting port is computed as PORTNO + 1.

--pid-file-dir DIR

Specifies the alternate path for the pidfile.


Log usernames stripped off any prefixes/suffixes.

Config file equivalent: auth { strip-names yes };.


Run in single process mode. This is for debugging purposes only. We strongly recommend against using this option. Use it only when absolutely necessary.


Display program version and compilation options.


Set debugging level. DEBUG_LEVEL is a comma-separated list of assignments in the forms


where MODULE is the module name or any non-ambiguous assignment thereof, LEVEL is the debugging level in the range 0-100. Debugging

Config file equivalent:

logging {
        category debug {
                level DEBUG_LEVEL;

Log authentications. With this option enabled, Radius will log any authentication attempt into its log file Logging.

Config file equivalent: logging { category auth { detail yes; }; }; .


Log passwords along with authentication information. Do not use this option. It is very insecure, since all users' passwords will be echoed in the logfile. This option is provided only for debugging purposes.

Config file equivalent:

logging {
        category auth {
                print-pass yes;

See section Run-Time Configuration Options — ‘raddb/config.

[ < ] [ > ]   [ << ] [ Up ] [ >> ]         [Top] [Contents] [Index] [ ? ]

This document was generated by Sergey Poznyakoff on December, 6 2008 using texi2html 1.78.