[ < ] [ > ]   [ << ] [ Up ] [ >> ]         [Top] [Contents] [Index] [ ? ]

4. Radius Configuration Files

At startup, GNU Radius obtains the information vital for its functioning from a number of configuration files. These are normally found in /usr/local/etc/raddb directory, which is defined at configuration time, although their location can be specified at runtime. In the discussion below we will refer to this directory by ‘raddb’. See section Naming Conventions.

Each configuration file is responsible for a certain part of the GNU Radius functionality. The following table lists all configuration files along with a brief description of their purposes.

config

Determines the runtime defaults for radiusd, such as the IP address and ports to listen on, the sizes of the request queues, configuration of the SNMP subsystem, fine-tuning of the extension languages, etc.

clients

Lists the shared secret belonging to each NAS. It is crucial for the normal request processing that each NAS have an entry in this file. The requests from NASes that are not listed in ‘clients’ will be ignored, as well as those from the NASes that have a wrong value for the shared secret configured in this file.

naslist

Defines the types for the known NASes. Its information is used mainly when performing multiple login checking (see section Multiple Login Checking).

nastypes

Declares the known NAS types. The symbolic type names, declared in this file can be used in ‘naslist’.

dictionary

Defines the symbolic names for radius attributes and attribute values. Only the names declared in this file may be used in the files ‘users’, ‘hints’ and ‘huntgroups’.

huntgroups

Contains special rules that process the incoming requests basing on the NAS IP and port number they come from. These can also be used as a kind of access control list.

hints

Defines the matching rules that modify the incoming request depending on the user name and its credentials.

users

Contains the individual users' profiles.

realms

Defines the Radius realms and the servers that are responsible for them.

access.deny

A list of usernames that should not be allowed access via Radius.

sqlserver

Contains the configuration for the SQL system. This includes the type of SQL interface used, the IP and port number of the server and the definition of the SQL requests used by radiusd.

rewrite

Contains the source code of functions in Rewrite extension language.

menus

A subdirectory containing the authentication menus.

The rest of this chapter describes each of these files in detail.


[ < ] [ > ]   [ << ] [ Up ] [ >> ]

This document was generated by Sergey Poznyakoff on December, 6 2008 using texi2html 1.78.