Installing unxsRadius with yum for CentOS 5

1. Prepare your yum configuration for using our repository

   # wget http://unixservice.com/rpm/i386/unxsyum-1.0-1.i386.rpm
   # rpm -i unxsyum-1.0-1.i386.rpm
   

2. Also, prepare your yum repo for rpmforge. It will be used for installing rrdtool.

   # wget http://dag.wieers.com/rpm/packages/rpmforge-release/rpmforge-release-0.3.6-1.el5.rf.i386.rpm
   # rpm -i rpmforge-release-0.3.6-1.el5.rf.i386.rpm
   

3. Install unxsRadius, it will also install all the required dependencies if they are not present in your system.

   # yum install unxsradius
   

4. If you can't get the latest update run yum clean all. Then repeat the above step again.
5. Restart your Apache server:

   # /etc/init.d/httpd restart
   

6. If everything went out OK, you should see that the port 9333 is open and listening, that port will be used for accessing the unxsBind backend and interfaces via HTTPs:

   # netstat -tnl
   Active Internet connections (only servers)
   Proto Recv-Q Send-Q Local Address               Foreign Address             State
   tcp        0      0 :::80                       :::*                        LISTEN
   tcp        0      0 :::9333                     :::*                        LISTEN
   tcp        0      0 :::22                       :::*                        LISTEN
   tcp        0      0 :::443                      :::*                        LISTEN
   

7. Don't forget to open 9333, 1812 and 1813 ports in your firewall, edit /etc/sysconfig/iptables and add the following line before the last lines in the file

   -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 9333 -j ACCEPT
   -A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 1812 -j ACCEPT
   -A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 1813 -j ACCEPT
   

8. The bottom of your /etc/sysconfig/iptables file should look like this:

   -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 9333 -j ACCEPT
   -A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 1812 -j ACCEPT
   -A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 1813 -j ACCEPT
   -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
   COMMIT
   

9. Then restart iptables:

   # /etc/init.d/iptables restart
   

10. Start your MySQL server:

    # /etc/init.d/mysqld start
    

11. Set your MySQL root user password:

    # /usr/bin/mysqladmin -u root password 'ultrasecret'
    

12. Optionally, You may want to clean up your mysql database via mysql CLI mysql -pultrasecret by dropping any test databases and deleting user entries with no passwords.
13. Optionally, you may want to edit /etc/my.cnf and restart mysqld. For example to disable networking for security via skip-networking config line.
14. Initialize both unxsRadius and unxsRadacct databases:

    # export ISMROOT=/usr/local/share
    # /var/www/unxs/cgi-bin/unxsRadius.cgi Initialize ultrasecret
    # /var/www/unxs/cgi-bin/unxsRadacct.cgi Initialize ultrasecret
    

15. Update FreeRADIUS configuration for using unxsRadacct database:

    # mv /etc/raddb /etc/raddb.rpm
    # cp -R /usr/local/share/unxsRadius/setupradius/* /etc
    

16. Start your RADIUS server with:

    # /etc/init.d/unxsradius start
    

17. Make sure it will start the next time your server boots:

    # chkconfig unxsradius on
    

18. Setup your root crontab

    # crontab -e
    

19. Then place this in your crontab:

    #
    #unxsRadius job queue processing
    #
    * * * * * /var/www/unxs/cgi-bin/unxsRadius.cgi ProcessJobQueue unxsrad0 >> /var/log/idns-cron.log 2>&1
    

---

Back